discourse/spec/requests/post_actions_controller_spec.rb
Robin Ward b58867b6e9 FEATURE: New 'Reviewable' model to make reviewable items generic
Includes support for flags, reviewable users and queued posts, with REST API
backwards compatibility.

Co-Authored-By: romanrizzi <romanalejandro@gmail.com>
Co-Authored-By: jjaffeux <j.jaffeux@gmail.com>
2019-03-28 12:45:10 -04:00

321 lines
9.5 KiB
Ruby

require 'rails_helper'
RSpec.describe PostActionsController do
describe '#destroy' do
let(:post) { Fabricate(:post, user: Fabricate(:coding_horror)) }
it 'requires you to be logged in' do
delete "/post_actions/#{post.id}.json"
expect(response.status).to eq(403)
end
context 'logged in' do
let(:user) { Fabricate(:user) }
before do
sign_in(user)
end
it 'raises an error when the post_action_type_id is missing' do
delete "/post_actions/#{post.id}.json"
expect(response.status).to eq(400)
end
it "returns 404 when the post action type doesn't exist for that user" do
delete "/post_actions/#{post.id}.json", params: { post_action_type_id: PostActionType.types[:bookmark] }
expect(response.status).to eq(404)
end
context 'with a post_action record ' do
let!(:post_action) do
PostAction.create!(
user_id: user.id,
post_id: post.id,
post_action_type_id: PostActionType.types[:bookmark]
)
end
it 'returns success' do
delete "/post_actions/#{post.id}.json", params: { post_action_type_id: PostActionType.types[:bookmark] }
expect(response.status).to eq(200)
end
it 'deletes the action' do
delete "/post_actions/#{post.id}.json", params: {
post_action_type_id: PostActionType.types[:bookmark]
}
expect(response.status).to eq(200)
expect(PostAction.exists?(
user_id: user.id,
post_id: post.id,
post_action_type_id: PostActionType.types[:bookmark],
deleted_at: nil
)).to eq(false)
end
it "isn't deleted when the user doesn't have permission" do
pa = PostAction.create!(
post: post,
user: user,
post_action_type_id: PostActionType.types[:like],
created_at: 1.day.ago
)
delete "/post_actions/#{post.id}.json", params: {
post_action_type_id: PostActionType.types[:like]
}
expect(response).to be_forbidden
end
end
end
end
describe '#create' do
it 'requires you to be logged in' do
post '/post_actions.json'
expect(response.status).to eq(403)
end
it 'fails when the user does not have permission to see the post' do
sign_in(Fabricate(:user))
pm = Fabricate(:private_message_post, user: Fabricate(:coding_horror))
post "/post_actions.json", params: {
id: pm.id,
post_action_type_id: PostActionType.types[:bookmark]
}
expect(response.status).to eq(403)
end
it 'fails when the user tries to notify user that has disabled PM' do
sign_in(Fabricate(:user))
user2 = Fabricate(:user)
post = Fabricate(:post, user: user2)
user2.user_option.update!(allow_private_messages: false)
post "/post_actions.json", params: {
id: post.id,
post_action_type_id: PostActionType.types[:notify_user],
message: 'testing',
flag_topic: false
}
expect(response.status).to eq(422)
expect(JSON.parse(response.body)["errors"].first).to eq(I18n.t(
:not_accepting_pms, username: user2.username
))
end
describe 'as a moderator' do
let(:user) { Fabricate(:moderator) }
let(:post_1) { Fabricate(:post, user: Fabricate(:coding_horror)) }
before do
sign_in(user)
end
it 'raises an error when the id is missing' do
post "/post_actions.json", params: {
post_action_type_id: PostActionType.types[:like]
}
expect(response.status).to eq(400)
end
it 'fails when the id is invalid' do
post "/post_actions.json", params: {
post_action_type_id: PostActionType.types[:like], id: -1
}
expect(response.status).to eq(404)
end
it 'raises an error when the post_action_type_id index is missing' do
post "/post_actions.json", params: { id: post_1.id }
expect(response.status).to eq(400)
end
it "fails when the user doesn't have permission to see the post" do
post_1 = Fabricate(:private_message_post, user: Fabricate(:user))
post "/post_actions.json", params: {
id: post_1.id, post_action_type_id: PostActionType.types[:like]
}
expect(response).to be_forbidden
end
it 'allows us to create an post action on a post' do
expect do
post "/post_actions.json", params: {
id: post_1.id, post_action_type_id: PostActionType.types[:like]
}
end.to change { PostAction.count }.by(1)
post_action = PostAction.last
expect(response.status).to eq(200)
expect(post_action.post_id).to eq(post_1.id)
expect(post_action.post_action_type_id).to eq(PostActionType.types[:like])
end
it "passes a list of taken actions through" do
PostAction.create!(
post_id: post_1.id,
user_id: user.id,
post_action_type_id: PostActionType.types[:inappropriate]
)
post "/post_actions.json", params: {
id: post_1.id, post_action_type_id: PostActionType.types[:off_topic]
}
expect(response).to be_forbidden
end
it 'passes the message through' do
message = 'action message goes here'
post "/post_actions.json", params: {
id: post_1.id,
post_action_type_id: PostActionType.types[:notify_user],
message: message
}
expect(response.status).to eq(200)
expect(PostAction.last.post_id).to eq(post_1.id)
expect(Post.last.raw).to include(message)
end
it 'passes the message through as warning' do
message = 'action message goes here'
post "/post_actions.json", params: {
id: post_1.id,
post_action_type_id: PostActionType.types[:notify_user],
message: message,
is_warning: true
}
expect(response.status).to eq(200)
expect(PostAction.last.post_id).to eq(post_1.id)
post = Post.last
expect(post.raw).to include(message)
expect(post.topic.is_official_warning?).to eq(true)
end
it "doesn't create message as a warning if the user isn't staff" do
sign_in(Fabricate(:user))
post "/post_actions.json", params: {
id: post_1.id,
post_action_type_id: PostActionType.types[:notify_user],
message: 'action message goes here',
is_warning: true
}
expect(response.status).to eq(403)
end
it 'passes take_action through' do
post "/post_actions.json", params: {
id: post_1.id,
post_action_type_id: PostActionType.types[:spam],
take_action: 'true'
}
expect(response.status).to eq(200)
post_action = PostAction.find_by(post: post_1)
expect(post_action.staff_took_action).to eq(true)
reviewable = ReviewableFlaggedPost.find_by(target: post_1)
score = reviewable.reviewable_scores.first
expect(score.took_action?).to eq(true)
end
it "doesn't pass take_action through if the user isn't staff" do
sign_in(Fabricate(:user))
post "/post_actions.json", params: {
id: post_1.id,
post_action_type_id: PostActionType.types[:inappropriate]
}
expect(response.status).to eq(200)
post_action = PostAction.find_by(post: post_1)
expect(post_action.staff_took_action).to eq(false)
reviewable = ReviewableFlaggedPost.find_by(target: post_1)
score = reviewable.reviewable_scores.first
expect(score.took_action?).to eq(false)
end
end
end
describe '#defer_flags' do
let(:flagged_post) { Fabricate(:post, user: Fabricate(:coding_horror)) }
let!(:reviewable) do
PostActionCreator.spam(Fabricate(:user), flagged_post).reviewable
end
context "not logged in" do
it "should not allow them to clear flags" do
post "/post_actions/defer_flags.json", params: { id: flagged_post.id }
expect(response.status).to eq(403)
expect(reviewable.reload).not_to be_ignored
end
end
context 'logged in' do
let!(:user) { sign_in(Fabricate(:moderator)) }
it "raises an error without a post_action_type_id" do
post "/post_actions/defer_flags.json", params: { id: flagged_post.id }
expect(response.status).to eq(400)
expect(reviewable.reload).not_to be_ignored
end
it "raises an error when the user doesn't have access" do
sign_in(Fabricate(:user))
post "/post_actions/defer_flags.json", params: {
id: flagged_post.id, post_action_type_id: PostActionType.types[:spam]
}
expect(response).to be_forbidden
expect(reviewable.reload).not_to be_ignored
end
context "success" do
it "performs the ignore" do
post "/post_actions/defer_flags.json", params: {
id: flagged_post.id, post_action_type_id: PostActionType.types[:spam]
}
expect(response.status).to eq(200)
expect(reviewable.reload).to be_ignored
end
it "works with a deleted post" do
flagged_post.trash!(user)
post "/post_actions/defer_flags.json", params: {
id: flagged_post.id, post_action_type_id: PostActionType.types[:spam]
}
expect(response.status).to eq(200)
expect(reviewable.reload).to be_ignored
end
end
end
end
end