3 class DiaryEntriesControllerTest < ActionDispatch::IntegrationTest
4 include ActionView::Helpers::NumberHelper
8 # Create the default language for diary entries
9 create(:language, :code => "en")
10 # Stub nominatim response for diary entry locations
11 stub_request(:get, %r{^https://nominatim\.openstreetmap\.org/reverse\?})
12 .to_return(:status => 404)
16 # test all routes which lead to this controller
19 { :path => "/diary", :method => :get },
20 { :controller => "diary_entries", :action => "index" }
23 { :path => "/diary/language", :method => :get },
24 { :controller => "diary_entries", :action => "index", :language => "language" }
27 { :path => "/user/username/diary", :method => :get },
28 { :controller => "diary_entries", :action => "index", :display_name => "username" }
31 { :path => "/diary/friends", :method => :get },
32 { :controller => "diary_entries", :action => "index", :friends => true }
35 { :path => "/diary/nearby", :method => :get },
36 { :controller => "diary_entries", :action => "index", :nearby => true }
40 { :path => "/diary/rss", :method => :get },
41 { :controller => "diary_entries", :action => "rss", :format => :rss }
44 { :path => "/diary/language/rss", :method => :get },
45 { :controller => "diary_entries", :action => "rss", :language => "language", :format => :rss }
48 { :path => "/user/username/diary/rss", :method => :get },
49 { :controller => "diary_entries", :action => "rss", :display_name => "username", :format => :rss }
53 { :path => "/user/username/diary/comments", :method => :get },
54 { :controller => "diary_entries", :action => "comments", :display_name => "username" }
57 { :path => "/user/username/diary/comments/1", :method => :get },
58 { :controller => "diary_entries", :action => "comments", :display_name => "username", :page => "1" }
62 { :path => "/diary/new", :method => :get },
63 { :controller => "diary_entries", :action => "new" }
66 { :path => "/diary", :method => :post },
67 { :controller => "diary_entries", :action => "create" }
70 { :path => "/user/username/diary/1", :method => :get },
71 { :controller => "diary_entries", :action => "show", :display_name => "username", :id => "1" }
74 { :path => "/user/username/diary/1/edit", :method => :get },
75 { :controller => "diary_entries", :action => "edit", :display_name => "username", :id => "1" }
78 { :path => "/user/username/diary/1", :method => :put },
79 { :controller => "diary_entries", :action => "update", :display_name => "username", :id => "1" }
82 { :path => "/user/username/diary/1/newcomment", :method => :post },
83 { :controller => "diary_entries", :action => "comment", :display_name => "username", :id => "1" }
86 { :path => "/user/username/diary/1/hide", :method => :post },
87 { :controller => "diary_entries", :action => "hide", :display_name => "username", :id => "1" }
90 { :path => "/user/username/diary/1/unhide", :method => :post },
91 { :controller => "diary_entries", :action => "unhide", :display_name => "username", :id => "1" }
94 { :path => "/user/username/diary/1/hidecomment/2", :method => :post },
95 { :controller => "diary_entries", :action => "hidecomment", :display_name => "username", :id => "1", :comment => "2" }
98 { :path => "/user/username/diary/1/unhidecomment/2", :method => :post },
99 { :controller => "diary_entries", :action => "unhidecomment", :display_name => "username", :id => "1", :comment => "2" }
102 { :path => "/user/username/diary/1/subscribe", :method => :post },
103 { :controller => "diary_entries", :action => "subscribe", :display_name => "username", :id => "1" }
106 { :path => "/user/username/diary/1/unsubscribe", :method => :post },
107 { :controller => "diary_entries", :action => "unsubscribe", :display_name => "username", :id => "1" }
111 def test_new_no_login
112 # Make sure that you are redirected to the login page when you
114 get new_diary_entry_path
115 assert_response :redirect
116 assert_redirected_to login_path(:referer => "/diary/new")
120 # Now try again when logged in
121 session_for(create(:user))
122 get new_diary_entry_path
123 assert_response :success
124 assert_select "title", :text => /New Diary Entry/, :count => 1
125 assert_select "div.content-heading", :count => 1 do
126 assert_select "h1", :text => /New Diary Entry/, :count => 1
128 assert_select "div#content", :count => 1 do
129 assert_select "form[action='/diary'][method=post]", :count => 1 do
130 assert_select "input#diary_entry_title[name='diary_entry[title]']", :count => 1
131 assert_select "textarea#diary_entry_body[name='diary_entry[body]']", :text => "", :count => 1
132 assert_select "select#diary_entry_language_code", :count => 1
133 assert_select "input#latitude[name='diary_entry[latitude]']", :count => 1
134 assert_select "input#longitude[name='diary_entry[longitude]']", :count => 1
135 assert_select "input[name=commit][type=submit][value=Publish]", :count => 1
136 assert_select "input[name=commit][type=submit][value=Edit]", :count => 1
137 assert_select "input[name=commit][type=submit][value=Preview]", :count => 1
138 assert_select "input", :count => 7
143 def test_new_get_with_params
144 # Now try creating a diary entry using get
145 session_for(create(:user))
146 assert_difference "DiaryEntry.count", 0 do
147 get new_diary_entry_path(:commit => "save",
148 :diary_entry => { :title => "New Title", :body => "This is a new body for the diary entry", :latitude => "1.1",
149 :longitude => "2.2", :language_code => "en" })
151 assert_response :success
155 def test_create_no_body
156 # Now try creating a invalid diary entry with an empty body
159 assert_no_difference "DiaryEntry.count" do
160 post diary_entries_path(:commit => "save",
161 :diary_entry => { :title => "New Title", :body => "", :latitude => "1.1",
162 :longitude => "2.2", :language_code => "en" })
164 assert_response :success
167 assert_nil UserPreference.where(:user => user, :k => "diary.default_language").first
171 # Now try creating a diary entry
174 assert_difference "DiaryEntry.count", 1 do
175 post diary_entries_path(:commit => "save",
176 :diary_entry => { :title => "New Title", :body => "This is a new body for the diary entry", :latitude => "1.1",
177 :longitude => "2.2", :language_code => "en" })
179 assert_response :redirect
180 assert_redirected_to :action => :index, :display_name => user.display_name
181 entry = DiaryEntry.order(:id).last
182 assert_equal user.id, entry.user_id
183 assert_equal "New Title", entry.title
184 assert_equal "This is a new body for the diary entry", entry.body
185 assert_equal "1.1".to_f, entry.latitude
186 assert_equal "2.2".to_f, entry.longitude
187 assert_equal "en", entry.language_code
189 # checks if user was subscribed
190 assert_equal 1, entry.subscribers.length
192 assert_equal "en", UserPreference.where(:user => user, :k => "diary.default_language").first.v
195 def test_create_german
196 create(:language, :code => "de")
200 # Now try creating a diary entry in a different language
201 assert_difference "DiaryEntry.count", 1 do
202 post diary_entries_path(:commit => "save",
203 :diary_entry => { :title => "New Title", :body => "This is a new body for the diary entry", :latitude => "1.1",
204 :longitude => "2.2", :language_code => "de" })
206 assert_response :redirect
207 assert_redirected_to :action => :index, :display_name => user.display_name
208 entry = DiaryEntry.order(:id).last
209 assert_equal user.id, entry.user_id
210 assert_equal "New Title", entry.title
211 assert_equal "This is a new body for the diary entry", entry.body
212 assert_equal "1.1".to_f, entry.latitude
213 assert_equal "2.2".to_f, entry.longitude
214 assert_equal "de", entry.language_code
216 # checks if user was subscribed
217 assert_equal 1, entry.subscribers.length
219 assert_equal "de", UserPreference.where(:user => user, :k => "diary.default_language").first.v
226 # Generate some spammy content
227 spammy_title = "Spam Spam Spam Spam Spam"
228 spammy_body = 1.upto(50).map { |n| "http://example.com/spam#{n}" }.join(" ")
230 # Try creating a spammy diary entry
231 assert_difference "DiaryEntry.count", 1 do
232 post diary_entries_path(:commit => "save",
233 :diary_entry => { :title => spammy_title, :body => spammy_body, :language_code => "en" })
235 assert_response :redirect
236 assert_redirected_to :action => :index, :display_name => user.display_name
237 entry = DiaryEntry.order(:id).last
238 assert_equal user.id, entry.user_id
239 assert_equal spammy_title, entry.title
240 assert_equal spammy_body, entry.body
241 assert_equal "en", entry.language_code
242 assert_equal "suspended", User.find(user.id).status
244 # Follow the redirect
245 get diary_entries_path(:display_name => user.display_name)
246 assert_response :redirect
247 assert_redirected_to :controller => :users, :action => :suspended
252 other_user = create(:user)
254 entry = create(:diary_entry, :user => user)
256 # Make sure that you are redirected to the login page when you are
257 # not logged in, without and with the id of the entry you want to edit
258 get edit_diary_entry_path(:display_name => entry.user.display_name, :id => entry)
259 assert_response :redirect
260 assert_redirected_to login_path(:referer => "/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}/edit")
262 session_for(other_user)
264 # Verify that you get redirected to show if you are not the user
265 # that created the entry
266 get edit_diary_entry_path(:display_name => entry.user.display_name, :id => entry)
267 assert_response :redirect
268 assert_redirected_to :action => :show, :display_name => entry.user.display_name, :id => entry.id
270 session_for(entry.user)
272 # Verify that you get a not found error, when you pass a bogus id
273 get edit_diary_entry_path(:display_name => entry.user.display_name, :id => 9999)
274 assert_response :not_found
275 assert_select "div.content-heading", :count => 1 do
276 assert_select "h1", :text => "No entry with the id: 9999", :count => 1
279 # Now pass the id, and check that you can edit it, when using the same
280 # user as the person who created the entry
281 get edit_diary_entry_path(:display_name => entry.user.display_name, :id => entry)
282 assert_response :success
283 assert_select "title", :text => /Edit Diary Entry/, :count => 1
284 assert_select "div.content-heading", :count => 1 do
285 assert_select "h1", :text => /Edit Diary Entry/, :count => 1
287 assert_select "div#content", :count => 1 do
288 assert_select "form[action='/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}'][method=post]", :count => 1 do
289 assert_select "input#diary_entry_title[name='diary_entry[title]'][value='#{entry.title}']", :count => 1
290 assert_select "textarea#diary_entry_body[name='diary_entry[body]']", :text => entry.body, :count => 1
291 assert_select "select#diary_entry_language_code", :count => 1
292 assert_select "input#latitude[name='diary_entry[latitude]']", :count => 1
293 assert_select "input#longitude[name='diary_entry[longitude]']", :count => 1
294 assert_select "input[name=commit][type=submit][value=Update]", :count => 1
295 assert_select "input[name=commit][type=submit][value=Edit]", :count => 1
296 assert_select "input[name=commit][type=submit][value=Preview]", :count => 1
297 assert_select "input", :count => 8
301 # Now lets see if you can edit the diary entry
302 new_title = "New Title"
303 new_body = "This is a new body for the diary entry"
305 new_longitude = "2.2"
306 new_language_code = "en"
307 put diary_entry_path(:display_name => entry.user.display_name, :id => entry, :commit => "save",
308 :diary_entry => { :title => new_title, :body => new_body, :latitude => new_latitude,
309 :longitude => new_longitude, :language_code => new_language_code })
310 assert_response :redirect
311 assert_redirected_to :action => :show, :display_name => entry.user.display_name, :id => entry.id
313 # Now check that the new data is rendered, when logged in
314 get diary_entry_path(:display_name => entry.user.display_name, :id => entry)
315 assert_response :success
316 assert_template "show"
317 assert_select "title", :text => /Users' Diaries | /, :count => 1
318 assert_select "div.content-heading", :count => 1 do
319 assert_select "h1", :text => /#{entry.user.display_name}'s Diary/, :count => 1
321 assert_select "div#content", :count => 1 do
322 assert_select "h2", :text => /#{new_title}/, :count => 1
323 # This next line won't work if the text has been run through the htmlize function
324 # due to formatting that could be introduced
325 assert_select "p", :text => /#{new_body}/, :count => 1
326 assert_select "abbr[class='geo'][title='#{number_with_precision(new_latitude, :precision => 4)}; #{number_with_precision(new_longitude, :precision => 4)}']", :count => 1
327 # As we're not logged in, check that you cannot edit
328 assert_select "a[href='/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}/edit']", :text => "Edit this entry", :count => 1
331 # and when not logged in as the user who wrote the entry
332 session_for(create(:user))
333 get diary_entry_path(:display_name => entry.user.display_name, :id => entry)
334 assert_response :success
335 assert_template "show"
336 assert_select "title", :text => /Users' Diaries | /, :count => 1
337 assert_select "div.content-heading", :count => 1 do
338 assert_select "h1", :text => /#{entry.user.display_name}'s Diary/, :count => 1
340 assert_select "div#content", :count => 1 do
341 assert_select "h2", :text => /#{new_title}/, :count => 1
342 # This next line won't work if the text has been run through the htmlize function
343 # due to formatting that could be introduced
344 assert_select "p", :text => /#{new_body}/, :count => 1
345 assert_select "abbr[class=geo][title='#{number_with_precision(new_latitude, :precision => 4)}; #{number_with_precision(new_longitude, :precision => 4)}']", :count => 1
346 # As we're not logged in, check that you cannot edit
347 assert_select "a[href='/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}/edit']", false
353 diary_entry = create(:diary_entry, :language_code => "en", :user => user)
355 get edit_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
356 assert_response :success
357 assert_select "span[class=translation_missing]", false, "Missing translation in edit diary entry"
362 other_user = create(:user)
363 entry = create(:diary_entry, :user => user)
364 create(:diary_entry_subscription, :diary_entry => entry, :user => user)
366 # Make sure that you are denied when you are not logged in
367 post comment_diary_entry_path(:display_name => entry.user.display_name, :id => entry)
368 assert_response :forbidden
370 session_for(other_user)
372 # Verify that you get a not found error, when you pass a bogus id
373 post comment_diary_entry_path(:display_name => entry.user.display_name, :id => 9999)
374 assert_response :not_found
375 assert_select "div.content-heading", :count => 1 do
376 assert_select "h1", :text => "No entry with the id: 9999", :count => 1
379 # Now try an invalid comment with an empty body
380 assert_no_difference "ActionMailer::Base.deliveries.size" do
381 assert_no_difference "DiaryComment.count" do
382 assert_no_difference "entry.subscribers.count" do
383 perform_enqueued_jobs do
384 post comment_diary_entry_path(:display_name => entry.user.display_name, :id => entry, :diary_comment => { :body => "" })
389 assert_response :success
390 assert_template :show
392 # Now try again with the right id
393 assert_difference "ActionMailer::Base.deliveries.size", entry.subscribers.count do
394 assert_difference "DiaryComment.count", 1 do
395 assert_difference "entry.subscribers.count", 1 do
396 perform_enqueued_jobs do
397 post comment_diary_entry_path(:display_name => entry.user.display_name, :id => entry, :diary_comment => { :body => "New comment" })
402 assert_response :redirect
403 assert_redirected_to :action => :show, :display_name => entry.user.display_name, :id => entry.id
404 email = ActionMailer::Base.deliveries.first
405 assert_equal [user.email], email.to
406 assert_equal "[OpenStreetMap] #{other_user.display_name} commented on a diary entry", email.subject
407 assert_match(/New comment/, email.text_part.decoded)
408 assert_match(/New comment/, email.html_part.decoded)
409 ActionMailer::Base.deliveries.clear
410 comment = DiaryComment.order(:id).last
411 assert_equal entry.id, comment.diary_entry_id
412 assert_equal other_user.id, comment.user_id
413 assert_equal "New comment", comment.body
415 # Now show the diary entry, and check the new comment is present
416 get diary_entry_path(:display_name => entry.user.display_name, :id => entry)
417 assert_response :success
418 assert_select ".diary-comment", :count => 1 do
419 assert_select "#comment#{comment.id}", :count => 1 do
420 assert_select "a[href='/user/#{ERB::Util.u(other_user.display_name)}']", :text => other_user.display_name, :count => 1
422 assert_select ".richtext", :text => /New comment/, :count => 1
426 def test_comment_spammy
428 other_user = create(:user)
429 entry = create(:diary_entry, :user => user)
430 create(:diary_entry_subscription, :diary_entry => entry, :user => user)
432 session_for(other_user)
434 # Generate some spammy content
435 spammy_text = 1.upto(50).map { |n| "http://example.com/spam#{n}" }.join(" ")
437 # Try creating a spammy comment
438 assert_difference "ActionMailer::Base.deliveries.size", 1 do
439 assert_difference "DiaryComment.count", 1 do
440 perform_enqueued_jobs do
441 post comment_diary_entry_path(:display_name => entry.user.display_name, :id => entry, :diary_comment => { :body => spammy_text })
445 assert_response :redirect
446 assert_redirected_to :action => :show, :display_name => entry.user.display_name, :id => entry.id
447 email = ActionMailer::Base.deliveries.first
448 assert_equal [user.email], email.to
449 assert_equal "[OpenStreetMap] #{other_user.display_name} commented on a diary entry", email.subject
450 assert_match %r{http://example.com/spam}, email.text_part.decoded
451 assert_match %r{http://example.com/spam}, email.html_part.decoded
452 ActionMailer::Base.deliveries.clear
453 comment = DiaryComment.order(:id).last
454 assert_equal entry.id, comment.diary_entry_id
455 assert_equal other_user.id, comment.user_id
456 assert_equal spammy_text, comment.body
457 assert_equal "suspended", User.find(other_user.id).status
459 # Follow the redirect
460 get diary_entries_path(:display_name => user.display_name)
461 assert_response :redirect
462 assert_redirected_to :controller => :users, :action => :suspended
464 # Now show the diary entry, and check the new comment is not present
465 get diary_entry_path(:display_name => entry.user.display_name, :id => entry)
466 assert_response :success
467 assert_select ".diary-comment", :count => 0
471 diary_entry = create(:diary_entry)
472 geo_entry = create(:diary_entry, :latitude => 51.50763, :longitude => -0.10781)
473 public_entry = create(:diary_entry, :user => create(:user))
475 # Try a list of all diary entries
476 get diary_entries_path
477 check_diary_index diary_entry, geo_entry, public_entry
482 other_user = create(:user)
484 diary_entry = create(:diary_entry, :user => user)
485 geo_entry = create(:diary_entry, :user => user, :latitude => 51.50763, :longitude => -0.10781)
486 _other_entry = create(:diary_entry, :user => other_user)
488 # Try a list of diary entries for a valid user
489 get diary_entries_path(:display_name => user.display_name)
490 check_diary_index diary_entry, geo_entry
492 # Try a list of diary entries for an invalid user
493 get diary_entries_path(:display_name => "No Such User")
494 assert_response :not_found
495 assert_template "users/no_such_user"
498 def test_index_friends
500 other_user = create(:user)
501 friendship = create(:friendship, :befriender => user)
502 diary_entry = create(:diary_entry, :user => friendship.befriendee)
503 _other_entry = create(:diary_entry, :user => other_user)
505 # Try a list of diary entries for your friends when not logged in
506 get friends_diary_entries_path
507 assert_response :redirect
508 assert_redirected_to login_path(:referer => "/diary/friends")
510 # Try a list of diary entries for your friends when logged in
512 get friends_diary_entries_path
513 check_diary_index diary_entry
514 session_for(other_user)
515 get friends_diary_entries_path
519 def test_index_nearby
520 user = create(:user, :home_lat => 12, :home_lon => 12)
521 nearby_user = create(:user, :home_lat => 11.9, :home_lon => 12.1)
523 diary_entry = create(:diary_entry, :user => user)
525 # Try a list of diary entries for nearby users when not logged in
526 get nearby_diary_entries_path
527 assert_response :redirect
528 assert_redirected_to login_path(:referer => "/diary/nearby")
530 # Try a list of diary entries for nearby users when logged in
531 session_for(nearby_user)
532 get nearby_diary_entries_path
533 check_diary_index diary_entry
535 get nearby_diary_entries_path
539 def test_index_language
540 create(:language, :code => "de")
541 create(:language, :code => "sl")
542 diary_entry_en = create(:diary_entry, :language_code => "en")
543 diary_entry_en2 = create(:diary_entry, :language_code => "en")
544 diary_entry_de = create(:diary_entry, :language_code => "de")
546 # Try a list of diary entries in english
547 get diary_entries_path(:language => "en")
548 check_diary_index diary_entry_en, diary_entry_en2
550 # Try a list of diary entries in german
551 get diary_entries_path(:language => "de")
552 check_diary_index diary_entry_de
554 # Try a list of diary entries in slovenian
555 get diary_entries_path(:language => "sl")
560 # Create several pages worth of diary entries
561 create_list(:diary_entry, 50)
563 # Try and get the index
564 get diary_entries_path
565 assert_response :success
566 assert_select "article.diary_post", :count => 20
567 assert_select "li.page-item a.page-link", :text => "Older Entries", :count => 1
568 assert_select "li.page-item.disabled span.page-link", :text => "Newer Entries", :count => 1
570 # Try and get the second page
571 get css_select("li.page-item a.page-link").first["href"]
572 assert_response :success
573 assert_select "article.diary_post", :count => 20
574 assert_select "li.page-item a.page-link", :text => "Older Entries", :count => 1
575 assert_select "li.page-item a.page-link", :text => "Newer Entries", :count => 1
577 # Try and get the third page
578 get css_select("li.page-item a.page-link").first["href"]
579 assert_response :success
580 assert_select "article.diary_post", :count => 10
581 assert_select "li.page-item.disabled span.page-link", :text => "Older Entries", :count => 1
582 assert_select "li.page-item a.page-link", :text => "Newer Entries", :count => 1
584 # Go back to the second page
585 get css_select("li.page-item a.page-link").last["href"]
586 assert_response :success
587 assert_select "article.diary_post", :count => 20
588 assert_select "li.page-item a.page-link", :text => "Older Entries", :count => 1
589 assert_select "li.page-item a.page-link", :text => "Newer Entries", :count => 1
591 # Go back to the first page
592 get css_select("li.page-item a.page-link").last["href"]
593 assert_response :success
594 assert_select "article.diary_post", :count => 20
595 assert_select "li.page-item a.page-link", :text => "Older Entries", :count => 1
596 assert_select "li.page-item.disabled span.page-link", :text => "Newer Entries", :count => 1
600 create(:language, :code => "de")
601 create(:diary_entry, :language_code => "en")
602 create(:diary_entry, :language_code => "en")
603 create(:diary_entry, :language_code => "de")
606 assert_response :success, "Should be able to get a diary RSS"
607 assert_select "rss", :count => 1 do
608 assert_select "channel", :count => 1 do
609 assert_select "channel>title", :count => 1
610 assert_select "image", :count => 1
611 assert_select "channel>item", :count => 3
616 def test_rss_language
617 create(:language, :code => "de")
618 create(:diary_entry, :language_code => "en")
619 create(:diary_entry, :language_code => "en")
620 create(:diary_entry, :language_code => "de")
622 get diary_rss_path(:language => "en")
623 assert_response :success, "Should be able to get a specific language diary RSS"
624 assert_select "rss>channel>item", :count => 2 # , "Diary entries should be filtered by language"
627 # def test_rss_nonexisting_language
628 # get :rss, :params => { :language => 'xx', :format => :rss }
629 # assert_response :not_found, "Should not be able to get a nonexisting language diary RSS"
632 def test_rss_language_with_no_entries
633 create(:language, :code => "sl")
634 create(:diary_entry, :language_code => "en")
636 get diary_rss_path(:language => "sl")
637 assert_response :success, "Should be able to get a specific language diary RSS"
638 assert_select "rss>channel>item", :count => 0 # , "Diary entries should be filtered by language"
643 other_user = create(:user)
644 create(:diary_entry, :user => user)
645 create(:diary_entry, :user => user)
646 create(:diary_entry, :user => other_user)
648 get diary_rss_path(:display_name => user.display_name)
649 assert_response :success, "Should be able to get a specific users diary RSS"
650 assert_select "rss>channel>item", :count => 2 # , "Diary entries should be filtered by user"
653 def test_rss_nonexisting_user
654 # Try a user that has never existed
655 get diary_rss_path(:display_name => "fakeUsername76543")
656 assert_response :not_found, "Should not be able to get a nonexisting users diary RSS"
658 # Try a suspended user
659 get diary_rss_path(:display_name => create(:user, :suspended).display_name)
660 assert_response :not_found, "Should not be able to get a suspended users diary RSS"
663 get diary_rss_path(:display_name => create(:user, :deleted).display_name)
664 assert_response :not_found, "Should not be able to get a deleted users diary RSS"
667 def test_rss_character_escaping
668 create(:diary_entry, :title => "<script>")
671 assert_match "<title><script></title>", response.body
675 create(:diary_entry, :created_at => 7.hours.ago)
676 create(:diary_entry, :created_at => 5.hours.ago)
678 assert_select "rss>channel>item", :count => 2
680 with_diary_feed_delay(6) do
682 assert_select "rss>channel>item", :count => 1
688 suspended_user = create(:user, :suspended)
689 deleted_user = create(:user, :deleted)
691 # Try a normal entry that should work
692 diary_entry = create(:diary_entry, :user => user)
693 get diary_entry_path(:display_name => user.display_name, :id => diary_entry)
694 assert_response :success
695 assert_template :show
697 # Try a non-integer ID
698 assert_raise ActionController::RoutingError do
699 get "/user/#{CGI.escape(user.display_name)}/diary/#{diary_entry.id})"
702 # Try a deleted entry
703 diary_entry_deleted = create(:diary_entry, :user => user, :visible => false)
704 get diary_entry_path(:display_name => user.display_name, :id => diary_entry_deleted)
705 assert_response :not_found
707 # Try an entry by a suspended user
708 diary_entry_suspended_user = create(:diary_entry, :user => suspended_user)
709 get diary_entry_path(:display_name => suspended_user.display_name, :id => diary_entry_suspended_user)
710 assert_response :not_found
712 # Try an entry by a deleted user
713 diary_entry_deleted_user = create(:diary_entry, :user => deleted_user)
714 get diary_entry_path(:display_name => deleted_user.display_name, :id => diary_entry_deleted_user)
715 assert_response :not_found
717 # Now try as a moderator
718 session_for(create(:moderator_user))
719 get diary_entry_path(:display_name => user.display_name, :id => diary_entry_deleted)
720 assert_response :success
721 assert_template :show
723 # Finally try as an administrator
724 session_for(create(:administrator_user))
725 get diary_entry_path(:display_name => user.display_name, :id => diary_entry_deleted)
726 assert_response :success
727 assert_template :show
730 def test_show_hidden_comments
731 # Get a diary entry that has hidden comments
733 diary_entry = create(:diary_entry, :user => user)
734 visible_comment = create(:diary_comment, :diary_entry => diary_entry)
735 suspended_user_comment = create(:diary_comment, :diary_entry => diary_entry, :user => create(:user, :suspended))
736 deleted_user_comment = create(:diary_comment, :diary_entry => diary_entry, :user => create(:user, :deleted))
737 hidden_comment = create(:diary_comment, :diary_entry => diary_entry, :visible => false)
739 get diary_entry_path(:display_name => user.display_name, :id => diary_entry)
740 assert_response :success
741 assert_template :show
742 assert_select "div.comments" do
743 assert_select "p#comment#{visible_comment.id}", :count => 1
744 assert_select "p#comment#{suspended_user_comment.id}", :count => 0
745 assert_select "p#comment#{deleted_user_comment.id}", :count => 0
746 assert_select "p#comment#{hidden_comment.id}", :count => 0
752 diary_entry = create(:diary_entry, :user => user)
754 # Try without logging in
755 post hide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
756 assert_response :forbidden
757 assert DiaryEntry.find(diary_entry.id).visible
759 # Now try as a normal user
761 post hide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
762 assert_response :redirect
763 assert_redirected_to :controller => :errors, :action => :forbidden
764 assert DiaryEntry.find(diary_entry.id).visible
766 # Now try as a moderator
767 session_for(create(:moderator_user))
768 post hide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
769 assert_response :redirect
770 assert_redirected_to :action => :index, :display_name => user.display_name
771 assert_not DiaryEntry.find(diary_entry.id).visible
774 diary_entry.reload.update(:visible => true)
776 # Finally try as an administrator
777 session_for(create(:administrator_user))
778 post hide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
779 assert_response :redirect
780 assert_redirected_to :action => :index, :display_name => user.display_name
781 assert_not DiaryEntry.find(diary_entry.id).visible
787 # Try without logging in
788 diary_entry = create(:diary_entry, :user => user, :visible => false)
789 post unhide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
790 assert_response :forbidden
791 assert_not DiaryEntry.find(diary_entry.id).visible
793 # Now try as a normal user
795 post unhide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
796 assert_response :redirect
797 assert_redirected_to :controller => :errors, :action => :forbidden
798 assert_not DiaryEntry.find(diary_entry.id).visible
800 # Now try as a moderator
801 session_for(create(:moderator_user))
802 post unhide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
803 assert_response :redirect
804 assert_redirected_to :action => :index, :display_name => user.display_name
805 assert DiaryEntry.find(diary_entry.id).visible
808 diary_entry.reload.update(:visible => true)
810 # Finally try as an administrator
811 session_for(create(:administrator_user))
812 post unhide_diary_entry_path(:display_name => user.display_name, :id => diary_entry)
813 assert_response :redirect
814 assert_redirected_to :action => :index, :display_name => user.display_name
815 assert DiaryEntry.find(diary_entry.id).visible
820 diary_entry = create(:diary_entry, :user => user)
821 diary_comment = create(:diary_comment, :diary_entry => diary_entry)
823 # Try without logging in
824 post hide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
825 assert_response :forbidden
826 assert DiaryComment.find(diary_comment.id).visible
828 # Now try as a normal user
830 post hide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
831 assert_response :redirect
832 assert_redirected_to :controller => :errors, :action => :forbidden
833 assert DiaryComment.find(diary_comment.id).visible
836 session_for(create(:moderator_user))
837 post hide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
838 assert_response :redirect
839 assert_redirected_to :action => :show, :display_name => user.display_name, :id => diary_entry.id
840 assert_not DiaryComment.find(diary_comment.id).visible
843 diary_comment.reload.update(:visible => true)
845 # Finally try as an administrator
846 session_for(create(:administrator_user))
847 post hide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
848 assert_response :redirect
849 assert_redirected_to :action => :show, :display_name => user.display_name, :id => diary_entry.id
850 assert_not DiaryComment.find(diary_comment.id).visible
853 def test_unhidecomment
855 diary_entry = create(:diary_entry, :user => user)
856 diary_comment = create(:diary_comment, :diary_entry => diary_entry, :visible => false)
858 # Try without logging in
859 post unhide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
860 assert_response :forbidden
861 assert_not DiaryComment.find(diary_comment.id).visible
863 # Now try as a normal user
865 post unhide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
866 assert_response :redirect
867 assert_redirected_to :controller => :errors, :action => :forbidden
868 assert_not DiaryComment.find(diary_comment.id).visible
870 # Now try as a moderator
871 session_for(create(:moderator_user))
872 post unhide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
873 assert_response :redirect
874 assert_redirected_to :action => :show, :display_name => user.display_name, :id => diary_entry.id
875 assert DiaryComment.find(diary_comment.id).visible
878 diary_comment.reload.update(:visible => true)
880 # Finally try as an administrator
881 session_for(create(:administrator_user))
882 post unhide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment)
883 assert_response :redirect
884 assert_redirected_to :action => :show, :display_name => user.display_name, :id => diary_entry.id
885 assert DiaryComment.find(diary_comment.id).visible
890 other_user = create(:user)
891 suspended_user = create(:user, :suspended)
892 deleted_user = create(:user, :deleted)
894 # Test a user with no comments
895 get diary_comments_path(:display_name => user.display_name)
896 assert_response :success
897 assert_template :comments
898 assert_select "h4", :html => "No diary comments"
900 # Test a user with a comment
901 create(:diary_comment, :user => other_user)
903 get diary_comments_path(:display_name => other_user.display_name)
904 assert_response :success
905 assert_template :comments
906 assert_select "table.table-striped" do
907 assert_select "tr", :count => 2 # header and one comment
910 # Test a suspended user
911 get diary_comments_path(:display_name => suspended_user.display_name)
912 assert_response :not_found
914 # Test a deleted user
915 get diary_comments_path(:display_name => deleted_user.display_name)
916 assert_response :not_found
919 def test_subscribe_success
921 other_user = create(:user)
922 diary_entry = create(:diary_entry, :user => user)
924 session_for(other_user)
925 assert_difference "diary_entry.subscribers.count", 1 do
926 post diary_entry_subscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
928 assert_response :redirect
931 def test_subscribe_fail
933 other_user = create(:user)
935 diary_entry = create(:diary_entry, :user => user)
938 assert_no_difference "diary_entry.subscribers.count" do
939 post diary_entry_subscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
941 assert_response :forbidden
943 session_for(other_user)
946 post diary_entry_subscribe_path(:id => 999111, :display_name => "username")
947 assert_response :not_found
949 # trying to subscribe when already subscribed
950 post diary_entry_subscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
951 assert_no_difference "diary_entry.subscribers.count" do
952 post diary_entry_subscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
956 def test_unsubscribe_success
958 other_user = create(:user)
960 diary_entry = create(:diary_entry, :user => user)
961 create(:diary_entry_subscription, :diary_entry => diary_entry, :user => other_user)
963 session_for(other_user)
964 assert_difference "diary_entry.subscribers.count", -1 do
965 post diary_entry_unsubscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
967 assert_response :redirect
970 def test_unsubscribe_fail
972 other_user = create(:user)
974 diary_entry = create(:diary_entry, :user => user)
977 assert_no_difference "diary_entry.subscribers.count" do
978 post diary_entry_unsubscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
980 assert_response :forbidden
982 session_for(other_user)
985 post diary_entry_unsubscribe_path(:id => 999111, :display_name => "username")
986 assert_response :not_found
988 # trying to unsubscribe when not subscribed
989 assert_no_difference "diary_entry.subscribers.count" do
990 post diary_entry_unsubscribe_path(:id => diary_entry, :display_name => diary_entry.user.display_name)
996 def check_diary_index(*entries)
997 assert_response :success
998 assert_template "index"
999 assert_no_missing_translations
1000 assert_select "article.diary_post", entries.count
1002 entries.each do |entry|
1003 assert_select "a[href=?]", "/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}"
1007 def with_diary_feed_delay(value)
1008 diary_feed_delay = Settings.diary_feed_delay
1009 Settings.diary_feed_delay = value
1013 Settings.diary_feed_delay = diary_feed_delay