mirror of
https://github.com/discourse/discourse.git
synced 2024-11-26 10:40:39 +08:00
6e161d3e75
The most common thing that we do with fab! is: fab!(:thing) { Fabricate(:thing) } This commit adds a shorthand for this which is just simply: fab!(:thing) i.e. If you omit the block, then, by default, you'll get a `Fabricate`d object using the fabricator of the same name.
68 lines
1.8 KiB
Ruby
68 lines
1.8 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
RSpec.describe Admin::AdminController do
|
|
fab!(:admin)
|
|
fab!(:moderator)
|
|
|
|
describe "#index" do
|
|
context "when unauthenticated" do
|
|
it "denies access with a 404 response" do
|
|
get "/admin.json"
|
|
|
|
expect(response.status).to eq(404)
|
|
expect(response.parsed_body["errors"]).to include(I18n.t("not_found"))
|
|
end
|
|
end
|
|
|
|
context "when authenticated" do
|
|
context "as an admin" do
|
|
it "permits access with a 200 response" do
|
|
sign_in(admin)
|
|
get "/admin.json"
|
|
|
|
expect(response.status).to eq(200)
|
|
end
|
|
end
|
|
|
|
context "as a non-admin" do
|
|
it "denies access with a 403 response" do
|
|
sign_in(moderator)
|
|
get "/admin.json"
|
|
|
|
expect(response.status).to eq(403)
|
|
expect(response.parsed_body["errors"]).to include(I18n.t("invalid_access"))
|
|
end
|
|
end
|
|
|
|
context "when user is admin with api key" do
|
|
it "permits access with a 200 response" do
|
|
api_key = Fabricate(:api_key, user: admin)
|
|
|
|
get "/admin.json",
|
|
headers: {
|
|
HTTP_API_KEY: api_key.key,
|
|
HTTP_API_USERNAME: admin.username,
|
|
}
|
|
|
|
expect(response.status).to eq(200)
|
|
end
|
|
end
|
|
|
|
context "when user is a non-admin with api key" do
|
|
it "denies access with a 403 response" do
|
|
api_key = Fabricate(:api_key, user: moderator)
|
|
|
|
get "/admin.json",
|
|
headers: {
|
|
HTTP_API_KEY: api_key.key,
|
|
HTTP_API_USERNAME: moderator.username,
|
|
}
|
|
|
|
expect(response.status).to eq(403)
|
|
expect(response.parsed_body["errors"]).to include(I18n.t("invalid_access"))
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|