mirror of
https://github.com/discourse/discourse.git
synced 2024-12-03 13:23:39 +08:00
41584ab40c
Currently in services, we don’t make a distinction between input
parameters, options and dependencies.
This can lead to user input modifying the service behavior, whereas it
was not the developer intention.
This patch addresses the issue by changing how data is provided to
services:
- `params` is now used to hold all data coming from outside (typically
user input from a controller) and a contract will take its values from
`params`.
- `options` is a new key to provide options to a service. This typically
allows changing a service behavior at runtime. It is, of course,
totally optional.
- `dependencies` is actually anything else provided to the service (like
`guardian`) and available directly from the context object.
The `service_params` helper in controllers has been updated to reflect
those changes, so most of the existing services didn’t need specific
changes.
The options block has the same DSL as contracts, as it’s also based on
`ActiveModel`. There aren’t any validations, though. Here’s an example:
```ruby
options do
attribute :allow_changing_hidden, :boolean, default: false
end
```
And here’s an example of how to call a service with the new keys:
```ruby
MyService.call(params: { key1: value1, … }, options: { my_option: true }, guardian:, …)
```
80 lines
2.3 KiB
Ruby
80 lines
2.3 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
RSpec.describe SiteSetting::Update do
|
|
describe described_class::Contract, type: :model do
|
|
it { is_expected.to validate_presence_of :setting_name }
|
|
end
|
|
|
|
describe ".call" do
|
|
subject(:result) { described_class.call(params:, options:, **dependencies) }
|
|
|
|
fab!(:admin)
|
|
let(:params) { { setting_name:, new_value: } }
|
|
let(:options) { { allow_changing_hidden: } }
|
|
let(:dependencies) { { guardian: } }
|
|
let(:setting_name) { :title }
|
|
let(:new_value) { "blah whatever" }
|
|
let(:guardian) { admin.guardian }
|
|
let(:allow_changing_hidden) { false }
|
|
|
|
context "when setting_name is blank" do
|
|
let(:setting_name) { nil }
|
|
|
|
it { is_expected.to fail_a_contract }
|
|
end
|
|
|
|
context "when a non-admin user tries to change a setting" do
|
|
let(:guardian) { Guardian.new }
|
|
|
|
it { is_expected.to fail_a_policy(:current_user_is_admin) }
|
|
end
|
|
|
|
context "when the user changes a hidden setting" do
|
|
let(:setting_name) { :max_category_nesting }
|
|
let(:new_value) { 3 }
|
|
|
|
context "when allow_changing_hidden is false" do
|
|
it { is_expected.to fail_a_policy(:setting_is_visible) }
|
|
end
|
|
|
|
context "when allow_changing_hidden is true" do
|
|
let(:allow_changing_hidden) { true }
|
|
|
|
it { is_expected.to run_successfully }
|
|
|
|
it "updates the specified setting" do
|
|
expect { result }.to change { SiteSetting.max_category_nesting }.to(3)
|
|
end
|
|
end
|
|
end
|
|
|
|
context "when the user changes a visible setting" do
|
|
let(:new_value) { "hello this is title" }
|
|
|
|
it { is_expected.to run_successfully }
|
|
|
|
it "updates the specified setting" do
|
|
expect { result }.to change { SiteSetting.title }.to(new_value)
|
|
end
|
|
|
|
it "creates an entry in the staff action logs" do
|
|
expect { result }.to change {
|
|
UserHistory.where(
|
|
action: UserHistory.actions[:change_site_setting],
|
|
subject: "title",
|
|
).count
|
|
}.by(1)
|
|
end
|
|
|
|
context "when value needs cleanup" do
|
|
let(:setting_name) { :max_image_size_kb }
|
|
let(:new_value) { "8zf843" }
|
|
|
|
it "cleans up the new setting value before using it" do
|
|
expect { result }.to change { SiteSetting.max_image_size_kb }.to(8843)
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|