mirror of
https://github.com/discourse/discourse.git
synced 2024-11-23 03:54:59 +08:00
ec7703e622
Dismissing admin notices is an admin-only action. This is enforced on the back-end both by a routing constraint and a policy in the relevant service. However, we still unconditionally display the "Dismiss" button to anyone with access to the admin dashboard. When clicked, it results in a 404 modal (due to the routing constraint.) With this change we only render the dismiss button for admins.
44 lines
1.2 KiB
Ruby
44 lines
1.2 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
describe "Admin Notices", type: :system do
|
|
let(:admin_dashboard) { PageObjects::Pages::AdminDashboard.new }
|
|
|
|
before do
|
|
Fabricate(:admin_notice)
|
|
|
|
I18n.backend.store_translations(:en, dashboard: { problem: { test_notice: "Houston" } })
|
|
end
|
|
|
|
context "when signed in as admin" do
|
|
fab!(:admin)
|
|
|
|
before { sign_in(admin) }
|
|
|
|
it "supports dismissing admin notices" do
|
|
admin_dashboard.visit
|
|
|
|
expect(admin_dashboard).to have_admin_notice(I18n.t("dashboard.problem.test_notice"))
|
|
|
|
admin_dashboard.dismiss_notice(I18n.t("dashboard.problem.test_notice"))
|
|
|
|
expect(admin_dashboard).to have_no_admin_notice(I18n.t("dashboard.problem.test_notice"))
|
|
end
|
|
end
|
|
|
|
context "when signed in as moderator" do
|
|
fab!(:moderator)
|
|
|
|
before { sign_in(moderator) }
|
|
|
|
it "doesn't render dismiss button on admin notices" do
|
|
admin_dashboard.visit
|
|
|
|
expect(admin_dashboard).to have_admin_notice(I18n.t("dashboard.problem.test_notice"))
|
|
expect(admin_dashboard).to have_no_css(
|
|
".dashboard-problem .btn",
|
|
text: I18n.t("admin_js.admin.dashboard.dismiss_notice"),
|
|
)
|
|
end
|
|
end
|
|
end
|