]> git.openstreetmap.org Git - rails.git/blob - test/integration/user_blocks_test.rb
Check if db is writable on oauth authorization pages
[rails.git] / test / integration / user_blocks_test.rb
1 require "test_helper"
2
3 class UserBlocksTest < ActionDispatch::IntegrationTest
4   def test_api_blocked
5     blocked_user = create(:user)
6
7     get "/api/#{Settings.api_version}/user/details"
8     assert_response :unauthorized
9
10     get "/api/#{Settings.api_version}/user/details", :headers => bearer_authorization_header(blocked_user)
11     assert_response :success
12
13     # now block the user
14     UserBlock.create(
15       :user_id => blocked_user.id,
16       :creator_id => create(:moderator_user).id,
17       :reason => "testing",
18       :ends_at => Time.now.utc + 5.minutes,
19       :deactivates_at => Time.now.utc + 5.minutes
20     )
21     get "/api/#{Settings.api_version}/user/details", :headers => bearer_authorization_header(blocked_user)
22     assert_response :forbidden
23   end
24
25   def test_api_revoke
26     blocked_user = create(:user)
27     moderator = create(:moderator_user)
28
29     block = UserBlock.create(
30       :user_id => blocked_user.id,
31       :creator_id => moderator.id,
32       :reason => "testing",
33       :ends_at => Time.now.utc + 5.minutes,
34       :deactivates_at => Time.now.utc + 5.minutes
35     )
36     get "/api/#{Settings.api_version}/user/details", :headers => bearer_authorization_header(blocked_user)
37     assert_response :forbidden
38
39     # revoke the ban
40     get "/login"
41     assert_response :success
42     post "/login", :params => { "username" => moderator.email, "password" => "test", :referer => "/user_blocks/#{block.id}/edit" }
43     assert_response :redirect
44     follow_redirect!
45     assert_response :success
46     assert_template "user_blocks/edit"
47     put "/user_blocks/#{block.id}", :params => { :user_block_period => "0",
48                                                  :user_block => { :needs_view => false, :reason => "Unblocked" } }
49     assert_response :redirect
50     follow_redirect!
51     assert_response :success
52     assert_template "user_blocks/show"
53     reset!
54
55     # access the API again. this time it should work
56     get "/api/#{Settings.api_version}/user/details", :headers => bearer_authorization_header(blocked_user)
57     assert_response :success
58   end
59 end