3 class DiaryEntriesControllerTest < ActionDispatch::IntegrationTest
4 include ActionView::Helpers::NumberHelper
8 # Create the default language for diary entries
9 create(:language, :code => "en")
10 # Stub nominatim response for diary entry locations
11 stub_request(:get, %r{^https://nominatim\.openstreetmap\.org/reverse\?})
12 .to_return(:status => 404)
16 # test all routes which lead to this controller
19 { :path => "/diary", :method => :get },
20 { :controller => "diary_entries", :action => "index" }
23 { :path => "/diary/language", :method => :get },
24 { :controller => "diary_entries", :action => "index", :language => "language" }
27 { :path => "/user/username/diary", :method => :get },
28 { :controller => "diary_entries", :action => "index", :display_name => "username" }
31 { :path => "/diary/friends", :method => :get },
32 { :controller => "diary_entries", :action => "index", :friends => true }
35 { :path => "/diary/nearby", :method => :get },
36 { :controller => "diary_entries", :action => "index", :nearby => true }
40 { :path => "/diary/rss", :method => :get },
41 { :controller => "diary_entries", :action => "rss", :format => :rss }
44 { :path => "/diary/language/rss", :method => :get },
45 { :controller => "diary_entries", :action => "rss", :language => "language", :format => :rss }
48 { :path => "/user/username/diary/rss", :method => :get },
49 { :controller => "diary_entries", :action => "rss", :display_name => "username", :format => :rss }
53 { :path => "/user/username/diary/comments", :method => :get },
54 { :controller => "diary_entries", :action => "comments", :display_name => "username" }
57 { :path => "/user/username/diary/comments/1", :method => :get },
58 { :controller => "diary_entries", :action => "comments", :display_name => "username", :page => "1" }
62 { :path => "/diary/new", :method => :get },
63 { :controller => "diary_entries", :action => "new" }
66 { :path => "/diary", :method => :post },
67 { :controller => "diary_entries", :action => "create" }
70 { :path => "/user/username/diary/1", :method => :get },
71 { :controller => "diary_entries", :action => "show", :display_name => "username", :id => "1" }
74 { :path => "/user/username/diary/1/edit", :method => :get },
75 { :controller => "diary_entries", :action => "edit", :display_name => "username", :id => "1" }
78 { :path => "/user/username/diary/1", :method => :put },
79 { :controller => "diary_entries", :action => "update", :display_name => "username", :id => "1" }
82 { :path => "/user/username/diary/1/newcomment", :method => :post },
83 { :controller => "diary_entries", :action => "comment", :display_name => "username", :id => "1" }
86 { :path => "/user/username/diary/1/hide", :method => :post },
87 { :controller => "diary_entries", :action => "hide", :display_name => "username", :id => "1" }
90 { :path => "/user/username/diary/1/unhide", :method => :post },
91 { :controller => "diary_entries", :action => "unhide", :display_name => "username", :id => "1" }
94 { :path => "/user/username/diary/1/hidecomment/2", :method => :post },
95 { :controller => "diary_entries", :action => "hidecomment", :display_name => "username", :id => "1", :comment => "2" }
98 { :path => "/user/username/diary/1/unhidecomment/2", :method => :post },
99 { :controller => "diary_entries", :action => "unhidecomment", :display_name => "username", :id => "1", :comment => "2" }
102 { :path => "/user/username/diary/1/subscribe", :method => :get },
103 { :controller => "diary_entries", :action => "subscribe", :display_name => "username", :id => "1" }
106 { :path => "/user/username/diary/1/subscribe", :method => :post },
107 { :controller => "diary_entries", :action => "subscribe", :display_name => "username", :id => "1" }
110 { :path => "/user/username/diary/1/unsubscribe", :method => :get },
111 { :controller => "diary_entries", :action => "unsubscribe", :display_name => "username", :id => "1" }
114 { :path => "/user/username/diary/1/unsubscribe", :method => :post },
115 { :controller => "diary_entries", :action => "unsubscribe", :display_name => "username", :id => "1" }
119 def test_new_no_login
120 # Make sure that you are redirected to the login page when you
122 get new_diary_entry_path
123 assert_redirected_to login_path(:referer => "/diary/new")
127 # Now try again when logged in
128 session_for(create(:user))
129 get new_diary_entry_path
130 assert_response :success
131 assert_select "title", :text => /New Diary Entry/, :count => 1
132 assert_select "div.content-heading", :count => 1 do
133 assert_select "h1", :text => /New Diary Entry/, :count => 1
135 assert_select "div#content", :count => 1 do
136 assert_select "form[action='/diary'][method=post]", :count => 1 do
137 assert_select "input#diary_entry_title[name='diary_entry[title]']", :count => 1
138 assert_select "textarea#diary_entry_body[name='diary_entry[body]']", :text => "", :count => 1
139 assert_select "select#diary_entry_language_code", :count => 1
140 assert_select "input#latitude[name='diary_entry[latitude]']", :count => 1
141 assert_select "input#longitude[name='diary_entry[longitude]']", :count => 1
142 assert_select "input[name=commit][type=submit][value=Publish]", :count => 1
143 assert_select "input[name=commit][type=submit][value=Edit]", :count => 1
144 assert_select "input[name=commit][type=submit][value=Preview]", :count => 1
145 assert_select "input", :count => 6
150 def test_new_get_with_params
151 # Now try creating a diary entry using get
152 session_for(create(:user))
153 assert_difference "DiaryEntry.count", 0 do
154 get new_diary_entry_path(:commit => "save",
155 :diary_entry => { :title => "New Title", :body => "This is a new body for the diary entry", :latitude => "1.1",
156 :longitude => "2.2", :language_code => "en" })
158 assert_response :success
162 def test_create_no_body
163 # Now try creating a invalid diary entry with an empty body
166 assert_no_difference "DiaryEntry.count" do
167 post diary_entries_path(:commit => "save",
168 :diary_entry => { :title => "New Title", :body => "", :latitude => "1.1",
169 :longitude => "2.2", :language_code => "en" })
171 assert_response :success
174 assert_nil UserPreference.find_by(:user => user, :k => "diary.default_language")
178 # Now try creating a diary entry
181 assert_difference "DiaryEntry.count", 1 do
182 post diary_entries_path(:commit => "save",
183 :diary_entry => { :title => "New Title", :body => "This is a new body for the diary entry", :latitude => "1.1",
184 :longitude => "2.2", :language_code => "en" })
186 assert_redirected_to :action => :index, :display_name => user.display_name
187 entry = DiaryEntry.order(:id).last
188 assert_equal user.id, entry.user_id
189 assert_equal "New Title", entry.title
190 assert_equal "This is a new body for the diary entry", entry.body
191 assert_equal "1.1".to_f, entry.latitude
192 assert_equal "2.2".to_f, entry.longitude
193 assert_equal "en", entry.language_code
195 # checks if user was subscribed
196 assert_equal 1, entry.subscribers.length
198 assert_equal "en", UserPreference.find_by(:user => user, :k => "diary.default_language").v
201 def test_create_german
202 create(:language, :code => "de")
206 # Now try creating a diary entry in a different language
207 assert_difference "DiaryEntry.count", 1 do
208 post diary_entries_path(:commit => "save",
209 :diary_entry => { :title => "New Title", :body => "This is a new body for the diary entry", :latitude => "1.1",
210 :longitude => "2.2", :language_code => "de" })
212 assert_redirected_to :action => :index, :display_name => user.display_name
213 entry = DiaryEntry.order(:id).last
214 assert_equal user.id, entry.user_id
215 assert_equal "New Title", entry.title
216 assert_equal "This is a new body for the diary entry", entry.body
217 assert_equal "1.1".to_f, entry.latitude
218 assert_equal "2.2".to_f, entry.longitude
219 assert_equal "de", entry.language_code
221 # checks if user was subscribed
222 assert_equal 1, entry.subscribers.length
224 assert_equal "de", UserPreference.find_by(:user => user, :k => "diary.default_language").v
231 # Generate some spammy content
232 spammy_title = "Spam Spam Spam Spam Spam"
233 spammy_body = 1.upto(50).map { |n| "http://example.com/spam#{n}" }.join(" ")
235 # Try creating a spammy diary entry
236 assert_difference "DiaryEntry.count", 1 do
237 post diary_entries_path(:commit => "save",
238 :diary_entry => { :title => spammy_title, :body => spammy_body, :language_code => "en" })
240 assert_redirected_to :action => :index, :display_name => user.display_name
241 entry = DiaryEntry.order(:id).last
242 assert_equal user.id, entry.user_id
243 assert_equal spammy_title, entry.title
244 assert_equal spammy_body, entry.body
245 assert_equal "en", entry.language_code
246 assert_equal "suspended", User.find(user.id).status
248 # Follow the redirect
249 get diary_entries_path(:display_name => user.display_name)
250 assert_redirected_to :controller => :users, :action => :suspended
255 other_user = create(:user)
257 entry = create(:diary_entry, :user => user)
259 # Make sure that you are redirected to the login page when you are
260 # not logged in, without and with the id of the entry you want to edit
261 get edit_diary_entry_path(:display_name => entry.user.display_name, :id => entry)
262 assert_redirected_to login_path(:referer => "/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}/edit")
264 session_for(other_user)
266 # Verify that you get redirected to show if you are not the user
267 # that created the entry
268 get edit_diary_entry_path(:display_name => entry.user.display_name, :id => entry)
269 assert_redirected_to :action => :show, :display_name => entry.user.display_name, :id => entry.id
271 session_for(entry.user)
273 # Verify that you get a not found error, when you pass a bogus id
274 get edit_diary_entry_path(:display_name => entry.user.display_name, :id => 9999)
275 assert_response :not_found
276 assert_select "div.content-heading", :count => 1 do
277 assert_select "h1", :text => "No entry with the id: 9999", :count => 1
280 # Now pass the id, and check that you can edit it, when using the same
281 # user as the person who created the entry
282 get edit_diary_entry_path(:display_name => entry.user.display_name, :id => entry)
283 assert_response :success
284 assert_select "title", :text => /Edit Diary Entry/, :count => 1
285 assert_select "div.content-heading", :count => 1 do
286 assert_select "h1", :text => /Edit Diary Entry/, :count => 1
288 assert_select "div#content", :count => 1 do
289 assert_select "form[action='/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}'][method=post]", :count => 1 do
290 assert_select "input#diary_entry_title[name='diary_entry[title]'][value='#{entry.title}']", :count => 1
291 assert_select "textarea#diary_entry_body[name='diary_entry[body]']", :text => entry.body, :count => 1
292 assert_select "select#diary_entry_language_code", :count => 1
293 assert_select "input#latitude[name='diary_entry[latitude]']", :count => 1
294 assert_select "input#longitude[name='diary_entry[longitude]']", :count => 1
295 assert_select "input[name=commit][type=submit][value=Update]", :count => 1
296 assert_select "input[name=commit][type=submit][value=Edit]", :count => 1
297 assert_select "input[name=commit][type=submit][value=Preview]", :count => 1
298 assert_select "input", :count => 7
302 # Now lets see if you can edit the diary entry
303 new_title = "New Title"
304 new_body = "This is a new body for the diary entry"
306 new_longitude = "2.2"
307 new_language_code = "en"
308 put diary_entry_path(:display_name => entry.user.display_name, :id => entry, :commit => "save",
309 :diary_entry => { :title => new_title, :body => new_body, :latitude => new_latitude,
310 :longitude => new_longitude, :language_code => new_language_code })
311 assert_redirected_to :action => :show, :display_name => entry.user.display_name, :id => entry.id
313 # Now check that the new data is rendered, when logged in
314 get diary_entry_path(:display_name => entry.user.display_name, :id => entry)
315 assert_response :success
316 assert_template "show"
317 assert_select "title", :text => /Users' Diaries | /, :count => 1
318 assert_select "div.content-heading", :count => 1 do
319 assert_select "h1", :text => /#{entry.user.display_name}'s Diary/, :count => 1
321 assert_select "div#content", :count => 1 do
322 assert_select "h2", :text => /#{new_title}/, :count => 1
323 # This next line won't work if the text has been run through the htmlize function
324 # due to formatting that could be introduced
325 assert_select "p", :text => /#{new_body}/, :count => 1
326 assert_select "abbr[class='geo'][title='#{number_with_precision(new_latitude, :precision => 4)}; #{number_with_precision(new_longitude, :precision => 4)}']", :count => 1
327 # As we're not logged in, check that you cannot edit
328 assert_select "a[href='/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}/edit']", :text => "Edit this entry", :count => 1
331 # and when not logged in as the user who wrote the entry
332 session_for(create(:user))
333 get diary_entry_path(:display_name => entry.user.display_name, :id => entry)
334 assert_response :success
335 assert_template "show"
336 assert_select "title", :text => /Users' Diaries | /, :count => 1
337 assert_select "div.content-heading", :count => 1 do
338 assert_select "h1", :text => /#{entry.user.display_name}'s Diary/, :count => 1
340 assert_select "div#content", :count => 1 do
341 assert_select "h2", :text => /#{new_title}/, :count => 1
342 # This next line won't work if the text has been run through the htmlize function
343 # due to formatting that could be introduced
344 assert_select "p", :text => /#{new_body}/, :count => 1
345 assert_select "abbr[class=geo][title='#{number_with_precision(new_latitude, :precision => 4)}; #{number_with_precision(new_longitude, :precision => 4)}']", :count => 1
346 # As we're not logged in, check that you cannot edit
347 assert_select "a[href='/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}/edit']", false
353 diary_entry = create(:diary_entry, :language_code => "en", :user => user)
355 get edit_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
356 assert_response :success
357 assert_select "span[class=translation_missing]", false, "Missing translation in edit diary entry"
362 other_user = create(:user)
363 entry = create(:diary_entry, :user => user)
364 create(:diary_entry_subscription, :diary_entry => entry, :user => user)
366 # Make sure that you are denied when you are not logged in
367 post comment_diary_entry_path(:display_name => entry.user.display_name, :id => entry)
368 assert_response :forbidden
370 session_for(other_user)
372 # Verify that you get a not found error, when you pass a bogus id
373 post comment_diary_entry_path(:display_name => entry.user.display_name, :id => 9999)
374 assert_response :not_found
375 assert_select "div.content-heading", :count => 1 do
376 assert_select "h1", :text => "No entry with the id: 9999", :count => 1
379 # Now try an invalid comment with an empty body
380 assert_no_difference "ActionMailer::Base.deliveries.size" do
381 assert_no_difference "DiaryComment.count" do
382 assert_no_difference "entry.subscribers.count" do
383 perform_enqueued_jobs do
384 post comment_diary_entry_path(:display_name => entry.user.display_name, :id => entry, :diary_comment => { :body => "" })
389 assert_response :success
390 assert_template :show
392 # Now try again with the right id
393 assert_difference "ActionMailer::Base.deliveries.size", entry.subscribers.count do
394 assert_difference "DiaryComment.count", 1 do
395 assert_difference "entry.subscribers.count", 1 do
396 perform_enqueued_jobs do
397 post comment_diary_entry_path(:display_name => entry.user.display_name, :id => entry, :diary_comment => { :body => "New comment" })
402 assert_redirected_to :action => :show, :display_name => entry.user.display_name, :id => entry.id
403 email = ActionMailer::Base.deliveries.first
404 assert_equal [user.email], email.to
405 assert_equal "[OpenStreetMap] #{other_user.display_name} commented on a diary entry", email.subject
406 assert_match(/New comment/, email.text_part.decoded)
407 assert_match(/New comment/, email.html_part.decoded)
408 ActionMailer::Base.deliveries.clear
409 comment = DiaryComment.order(:id).last
410 assert_equal entry.id, comment.diary_entry_id
411 assert_equal other_user.id, comment.user_id
412 assert_equal "New comment", comment.body
414 # Now show the diary entry, and check the new comment is present
415 get diary_entry_path(:display_name => entry.user.display_name, :id => entry)
416 assert_response :success
417 assert_select ".diary-comment", :count => 1 do
418 assert_select "#comment#{comment.id}", :count => 1 do
419 assert_select "a[href='/user/#{ERB::Util.u(other_user.display_name)}']", :text => other_user.display_name, :count => 1
421 assert_select ".richtext", :text => /New comment/, :count => 1
425 def test_comment_spammy
427 other_user = create(:user)
428 entry = create(:diary_entry, :user => user)
429 create(:diary_entry_subscription, :diary_entry => entry, :user => user)
431 session_for(other_user)
433 # Generate some spammy content
434 spammy_text = 1.upto(50).map { |n| "http://example.com/spam#{n}" }.join(" ")
436 # Try creating a spammy comment
437 assert_difference "ActionMailer::Base.deliveries.size", 1 do
438 assert_difference "DiaryComment.count", 1 do
439 perform_enqueued_jobs do
440 post comment_diary_entry_path(:display_name => entry.user.display_name, :id => entry, :diary_comment => { :body => spammy_text })
444 assert_redirected_to :action => :show, :display_name => entry.user.display_name, :id => entry.id
445 email = ActionMailer::Base.deliveries.first
446 assert_equal [user.email], email.to
447 assert_equal "[OpenStreetMap] #{other_user.display_name} commented on a diary entry", email.subject
448 assert_match %r{http://example.com/spam}, email.text_part.decoded
449 assert_match %r{http://example.com/spam}, email.html_part.decoded
450 ActionMailer::Base.deliveries.clear
451 comment = DiaryComment.order(:id).last
452 assert_equal entry.id, comment.diary_entry_id
453 assert_equal other_user.id, comment.user_id
454 assert_equal spammy_text, comment.body
455 assert_equal "suspended", User.find(other_user.id).status
457 # Follow the redirect
458 get diary_entries_path(:display_name => user.display_name)
459 assert_redirected_to :controller => :users, :action => :suspended
461 # Now show the diary entry, and check the new comment is not present
462 get diary_entry_path(:display_name => entry.user.display_name, :id => entry)
463 assert_response :success
464 assert_select ".diary-comment", :count => 0
468 diary_entry = create(:diary_entry)
469 geo_entry = create(:diary_entry, :latitude => 51.50763, :longitude => -0.10781)
470 public_entry = create(:diary_entry, :user => create(:user))
472 # Try a list of all diary entries
473 get diary_entries_path
474 check_diary_index diary_entry, geo_entry, public_entry
479 other_user = create(:user)
481 diary_entry = create(:diary_entry, :user => user)
482 geo_entry = create(:diary_entry, :user => user, :latitude => 51.50763, :longitude => -0.10781)
483 _other_entry = create(:diary_entry, :user => other_user)
485 # Try a list of diary entries for a valid user
486 get diary_entries_path(:display_name => user.display_name)
487 check_diary_index diary_entry, geo_entry
489 # Try a list of diary entries for an invalid user
490 get diary_entries_path(:display_name => "No Such User")
491 assert_response :not_found
492 assert_template "users/no_such_user"
495 def test_index_friends
497 other_user = create(:user)
498 friendship = create(:friendship, :befriender => user)
499 diary_entry = create(:diary_entry, :user => friendship.befriendee)
500 _other_entry = create(:diary_entry, :user => other_user)
502 # Try a list of diary entries for your friends when not logged in
503 get friends_diary_entries_path
504 assert_redirected_to login_path(:referer => "/diary/friends")
506 # Try a list of diary entries for your friends when logged in
508 get friends_diary_entries_path
509 check_diary_index diary_entry
510 session_for(other_user)
511 get friends_diary_entries_path
515 def test_index_nearby
516 user = create(:user, :home_lat => 12, :home_lon => 12)
517 nearby_user = create(:user, :home_lat => 11.9, :home_lon => 12.1)
519 diary_entry = create(:diary_entry, :user => user)
521 # Try a list of diary entries for nearby users when not logged in
522 get nearby_diary_entries_path
523 assert_redirected_to login_path(:referer => "/diary/nearby")
525 # Try a list of diary entries for nearby users when logged in
526 session_for(nearby_user)
527 get nearby_diary_entries_path
528 check_diary_index diary_entry
530 get nearby_diary_entries_path
534 def test_index_language
535 create(:language, :code => "de")
536 create(:language, :code => "sl")
537 diary_entry_en = create(:diary_entry, :language_code => "en")
538 diary_entry_en2 = create(:diary_entry, :language_code => "en")
539 diary_entry_de = create(:diary_entry, :language_code => "de")
541 # Try a list of diary entries in english
542 get diary_entries_path(:language => "en")
543 check_diary_index diary_entry_en, diary_entry_en2
545 # Try a list of diary entries in german
546 get diary_entries_path(:language => "de")
547 check_diary_index diary_entry_de
549 # Try a list of diary entries in slovenian
550 get diary_entries_path(:language => "sl")
555 # Create several pages worth of diary entries
556 create_list(:diary_entry, 50)
558 # Try and get the index
559 get diary_entries_path
560 assert_response :success
561 assert_select "article.diary_post", :count => 20
562 assert_select "li.page-item a.page-link", :text => "Older Entries", :count => 1
563 assert_select "li.page-item.disabled span.page-link", :text => "Newer Entries", :count => 1
565 # Try and get the second page
566 get css_select("li.page-item .page-link").last["href"]
567 assert_response :success
568 assert_select "article.diary_post", :count => 20
569 assert_select "li.page-item a.page-link", :text => "Older Entries", :count => 1
570 assert_select "li.page-item a.page-link", :text => "Newer Entries", :count => 1
572 # Try and get the third page
573 get css_select("li.page-item .page-link").last["href"]
574 assert_response :success
575 assert_select "article.diary_post", :count => 10
576 assert_select "li.page-item.disabled span.page-link", :text => "Older Entries", :count => 1
577 assert_select "li.page-item a.page-link", :text => "Newer Entries", :count => 1
579 # Go back to the second page
580 get css_select("li.page-item .page-link").first["href"]
581 assert_response :success
582 assert_select "article.diary_post", :count => 20
583 assert_select "li.page-item a.page-link", :text => "Older Entries", :count => 1
584 assert_select "li.page-item a.page-link", :text => "Newer Entries", :count => 1
586 # Go back to the first page
587 get css_select("li.page-item .page-link").first["href"]
588 assert_response :success
589 assert_select "article.diary_post", :count => 20
590 assert_select "li.page-item a.page-link", :text => "Older Entries", :count => 1
591 assert_select "li.page-item.disabled span.page-link", :text => "Newer Entries", :count => 1
595 create(:language, :code => "de")
596 create(:diary_entry, :language_code => "en")
597 create(:diary_entry, :language_code => "en")
598 create(:diary_entry, :language_code => "de")
601 assert_response :success, "Should be able to get a diary RSS"
602 assert_select "rss", :count => 1 do
603 assert_select "channel", :count => 1 do
604 assert_select "channel>title", :count => 1
605 assert_select "image", :count => 1
606 assert_select "channel>item", :count => 3
611 def test_rss_language
612 create(:language, :code => "de")
613 create(:diary_entry, :language_code => "en")
614 create(:diary_entry, :language_code => "en")
615 create(:diary_entry, :language_code => "de")
617 get diary_rss_path(:language => "en")
618 assert_response :success, "Should be able to get a specific language diary RSS"
619 assert_select "rss>channel>item", :count => 2 # , "Diary entries should be filtered by language"
622 # def test_rss_nonexisting_language
623 # get :rss, :params => { :language => 'xx', :format => :rss }
624 # assert_response :not_found, "Should not be able to get a nonexisting language diary RSS"
627 def test_rss_language_with_no_entries
628 create(:language, :code => "sl")
629 create(:diary_entry, :language_code => "en")
631 get diary_rss_path(:language => "sl")
632 assert_response :success, "Should be able to get a specific language diary RSS"
633 assert_select "rss>channel>item", :count => 0 # , "Diary entries should be filtered by language"
638 other_user = create(:user)
639 create(:diary_entry, :user => user)
640 create(:diary_entry, :user => user)
641 create(:diary_entry, :user => other_user)
643 get diary_rss_path(:display_name => user.display_name)
644 assert_response :success, "Should be able to get a specific users diary RSS"
645 assert_select "rss>channel>item", :count => 2 # , "Diary entries should be filtered by user"
648 def test_rss_nonexisting_user
649 # Try a user that has never existed
650 get diary_rss_path(:display_name => "fakeUsername76543")
651 assert_response :not_found, "Should not be able to get a nonexisting users diary RSS"
653 # Try a suspended user
654 get diary_rss_path(:display_name => create(:user, :suspended).display_name)
655 assert_response :not_found, "Should not be able to get a suspended users diary RSS"
658 get diary_rss_path(:display_name => create(:user, :deleted).display_name)
659 assert_response :not_found, "Should not be able to get a deleted users diary RSS"
662 def test_rss_character_escaping
663 create(:diary_entry, :title => "<script>")
666 assert_match "<title><script></title>", response.body
670 create(:diary_entry, :created_at => 7.hours.ago)
671 create(:diary_entry, :created_at => 5.hours.ago)
673 assert_select "rss>channel>item", :count => 2
675 with_settings(:diary_feed_delay => 6) do
677 assert_select "rss>channel>item", :count => 1
683 suspended_user = create(:user, :suspended)
684 deleted_user = create(:user, :deleted)
686 # Try a normal entry that should work
687 diary_entry = create(:diary_entry, :user => user)
688 get diary_entry_path(:display_name => user.display_name, :id => diary_entry)
689 assert_response :success
690 assert_template :show
692 # Try a non-integer ID
693 get "/user/#{CGI.escape(user.display_name)}/diary/#{diary_entry.id})"
694 assert_response :not_found
695 assert_template "rescues/routing_error"
697 # Try a deleted entry
698 diary_entry_deleted = create(:diary_entry, :user => user, :visible => false)
699 get diary_entry_path(:display_name => user.display_name, :id => diary_entry_deleted)
700 assert_response :not_found
702 # Try an entry by a suspended user
703 diary_entry_suspended_user = create(:diary_entry, :user => suspended_user)
704 get diary_entry_path(:display_name => suspended_user.display_name, :id => diary_entry_suspended_user)
705 assert_response :not_found
707 # Try an entry by a deleted user
708 diary_entry_deleted_user = create(:diary_entry, :user => deleted_user)
709 get diary_entry_path(:display_name => deleted_user.display_name, :id => diary_entry_deleted_user)
710 assert_response :not_found
712 # Now try as a moderator
713 session_for(create(:moderator_user))
714 get diary_entry_path(:display_name => user.display_name, :id => diary_entry_deleted)
715 assert_response :success
716 assert_template :show
718 # Finally try as an administrator
719 session_for(create(:administrator_user))
720 get diary_entry_path(:display_name => user.display_name, :id => diary_entry_deleted)
721 assert_response :success
722 assert_template :show
725 def test_show_hidden_comments
726 # Get a diary entry that has hidden comments
728 diary_entry = create(:diary_entry, :user => user)
729 visible_comment = create(:diary_comment, :diary_entry => diary_entry)
730 suspended_user_comment = create(:diary_comment, :diary_entry => diary_entry, :user => create(:user, :suspended))
731 deleted_user_comment = create(:diary_comment, :diary_entry => diary_entry, :user => create(:user, :deleted))
732 hidden_comment = create(:diary_comment, :diary_entry => diary_entry, :visible => false)
734 get diary_entry_path(:display_name => user.display_name, :id => diary_entry)
735 assert_response :success
736 assert_template :show
737 assert_select "div.comments" do
738 assert_select "p#comment#{visible_comment.id}", :count => 1
739 assert_select "p#comment#{suspended_user_comment.id}", :count => 0
740 assert_select "p#comment#{deleted_user_comment.id}", :count => 0
741 assert_select "p#comment#{hidden_comment.id}", :count => 0
747 diary_entry = create(:diary_entry, :user => user)
749 # Try without logging in
750 post hide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
751 assert_response :forbidden
752 assert DiaryEntry.find(diary_entry.id).visible
754 # Now try as a normal user
756 post hide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
757 assert_redirected_to :controller => :errors, :action => :forbidden
758 assert DiaryEntry.find(diary_entry.id).visible
760 # Now try as a moderator
761 session_for(create(:moderator_user))
762 post hide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
763 assert_redirected_to :action => :index, :display_name => user.display_name
764 assert_not DiaryEntry.find(diary_entry.id).visible
767 diary_entry.reload.update(:visible => true)
769 # Finally try as an administrator
770 session_for(create(:administrator_user))
771 post hide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
772 assert_redirected_to :action => :index, :display_name => user.display_name
773 assert_not DiaryEntry.find(diary_entry.id).visible
779 # Try without logging in
780 diary_entry = create(:diary_entry, :user => user, :visible => false)
781 post unhide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
782 assert_response :forbidden
783 assert_not DiaryEntry.find(diary_entry.id).visible
785 # Now try as a normal user
787 post unhide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
788 assert_redirected_to :controller => :errors, :action => :forbidden
789 assert_not DiaryEntry.find(diary_entry.id).visible
791 # Now try as a moderator
792 session_for(create(:moderator_user))
793 post unhide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
794 assert_redirected_to :action => :index, :display_name => user.display_name
795 assert DiaryEntry.find(diary_entry.id).visible
798 diary_entry.reload.update(:visible => true)
800 # Finally try as an administrator
801 session_for(create(:administrator_user))
802 post unhide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
803 assert_redirected_to :action => :index, :display_name => user.display_name
804 assert DiaryEntry.find(diary_entry.id).visible
809 diary_entry = create(:diary_entry, :user => user)
810 diary_comment = create(:diary_comment, :diary_entry => diary_entry)
812 # Try without logging in
813 post hide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
814 assert_response :forbidden
815 assert DiaryComment.find(diary_comment.id).visible
817 # Now try as a normal user
819 post hide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
820 assert_redirected_to :controller => :errors, :action => :forbidden
821 assert DiaryComment.find(diary_comment.id).visible
824 session_for(create(:moderator_user))
825 post hide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
826 assert_redirected_to :action => :show, :display_name => user.display_name, :id => diary_entry.id
827 assert_not DiaryComment.find(diary_comment.id).visible
830 diary_comment.reload.update(:visible => true)
832 # Finally try as an administrator
833 session_for(create(:administrator_user))
834 post hide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
835 assert_redirected_to :action => :show, :display_name => user.display_name, :id => diary_entry.id
836 assert_not DiaryComment.find(diary_comment.id).visible
839 def test_unhidecomment
841 diary_entry = create(:diary_entry, :user => user)
842 diary_comment = create(:diary_comment, :diary_entry => diary_entry, :visible => false)
844 # Try without logging in
845 post unhide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
846 assert_response :forbidden
847 assert_not DiaryComment.find(diary_comment.id).visible
849 # Now try as a normal user
851 post unhide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
852 assert_redirected_to :controller => :errors, :action => :forbidden
853 assert_not DiaryComment.find(diary_comment.id).visible
855 # Now try as a moderator
856 session_for(create(:moderator_user))
857 post unhide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
858 assert_redirected_to :action => :show, :display_name => user.display_name, :id => diary_entry.id
859 assert DiaryComment.find(diary_comment.id).visible
862 diary_comment.reload.update(:visible => true)
864 # Finally try as an administrator
865 session_for(create(:administrator_user))
866 post unhide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
867 assert_redirected_to :action => :show, :display_name => user.display_name, :id => diary_entry.id
868 assert DiaryComment.find(diary_comment.id).visible
873 other_user = create(:user)
874 suspended_user = create(:user, :suspended)
875 deleted_user = create(:user, :deleted)
877 # Test a user with no comments
878 get diary_comments_path(:display_name => user.display_name)
879 assert_response :success
880 assert_template :comments
881 assert_select "h4", :html => "No diary comments"
883 # Test a user with a comment
884 create(:diary_comment, :user => other_user)
886 get diary_comments_path(:display_name => other_user.display_name)
887 assert_response :success
888 assert_template :comments
889 assert_select "table.table-striped" do
890 assert_select "tr", :count => 2 # header and one comment
893 # Test a suspended user
894 get diary_comments_path(:display_name => suspended_user.display_name)
895 assert_response :not_found
897 # Test a deleted user
898 get diary_comments_path(:display_name => deleted_user.display_name)
899 assert_response :not_found
902 def test_subscribe_page
904 other_user = create(:user)
905 diary_entry = create(:diary_entry, :user => user)
906 path = diary_entry_subscribe_path(:id => diary_entry, :display_name => user.display_name)
909 assert_redirected_to login_path(:referer => path)
911 session_for(other_user)
913 assert_response :success
914 assert_dom ".content-body" do
915 assert_dom "a[href='#{diary_entry_path(:id => diary_entry, :display_name => user.display_name)}']", :text => diary_entry.title
916 assert_dom "a[href='#{user_path(user)}']", :text => user.display_name
920 def test_subscribe_success
922 other_user = create(:user)
923 diary_entry = create(:diary_entry, :user => user)
925 session_for(other_user)
926 assert_difference "diary_entry.subscribers.count", 1 do
927 post diary_entry_subscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
929 assert_response :redirect
932 def test_subscribe_fail
934 other_user = create(:user)
936 diary_entry = create(:diary_entry, :user => user)
939 assert_no_difference "diary_entry.subscribers.count" do
940 post diary_entry_subscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
942 assert_response :forbidden
944 session_for(other_user)
947 post diary_entry_subscribe_path(:id => 999111, :display_name => "username")
948 assert_response :not_found
950 # trying to subscribe when already subscribed
951 post diary_entry_subscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
952 assert_no_difference "diary_entry.subscribers.count" do
953 post diary_entry_subscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
957 def test_unsubscribe_page
959 other_user = create(:user)
960 diary_entry = create(:diary_entry, :user => user)
961 path = diary_entry_unsubscribe_path(:id => diary_entry, :display_name => user.display_name)
964 assert_redirected_to login_path(:referer => path)
966 session_for(other_user)
968 assert_response :success
969 assert_dom ".content-body" do
970 assert_dom "a[href='#{diary_entry_path(:id => diary_entry, :display_name => user.display_name)}']", :text => diary_entry.title
971 assert_dom "a[href='#{user_path(user)}']", :text => user.display_name
975 def test_unsubscribe_success
977 other_user = create(:user)
979 diary_entry = create(:diary_entry, :user => user)
980 create(:diary_entry_subscription, :diary_entry => diary_entry, :user => other_user)
982 session_for(other_user)
983 assert_difference "diary_entry.subscribers.count", -1 do
984 post diary_entry_unsubscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
986 assert_response :redirect
989 def test_unsubscribe_fail
991 other_user = create(:user)
993 diary_entry = create(:diary_entry, :user => user)
996 assert_no_difference "diary_entry.subscribers.count" do
997 post diary_entry_unsubscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
999 assert_response :forbidden
1001 session_for(other_user)
1004 post diary_entry_unsubscribe_path(:id => 999111, :display_name => "username")
1005 assert_response :not_found
1007 # trying to unsubscribe when not subscribed
1008 assert_no_difference "diary_entry.subscribers.count" do
1009 post diary_entry_unsubscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
1015 def check_diary_index(*entries)
1016 assert_response :success
1017 assert_template "index"
1018 assert_no_missing_translations
1019 assert_select "article.diary_post", entries.count
1021 entries.each do |entry|
1022 assert_select "a[href=?]", "/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}"