require "test_helper"
-class IssuesControllerTest < ActionController::TestCase
+class IssuesControllerTest < ActionDispatch::IntegrationTest
def test_index
# Access issues list without login
- get :index
- assert_response :redirect
+ get issues_path
assert_redirected_to login_path(:referer => issues_path)
# Access issues list as normal user
- session[:user] = create(:user).id
- get :index
- assert_response :redirect
+ session_for(create(:user))
+ get issues_path
assert_redirected_to :controller => :errors, :action => :forbidden
# Access issues list as administrator
- session[:user] = create(:administrator_user).id
- get :index
+ session_for(create(:administrator_user))
+ get issues_path
assert_response :success
# Access issues list as moderator
- session[:user] = create(:moderator_user).id
- get :index
+ session_for(create(:moderator_user))
+ get issues_path
assert_response :success
end
- def test_show
+ def test_show_moderator
target_user = create(:user)
- issue = create(:issue, :reportable => target_user, :reported_user => target_user)
+ issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "moderator")
# Access issue without login
- get :show, :params => { :id => issue.id }
- assert_response :redirect
+ get issue_path(:id => issue)
assert_redirected_to login_path(:referer => issue_path(issue))
# Access issue as normal user
- session[:user] = create(:user).id
- get :show, :params => { :id => issue.id }
- assert_response :redirect
+ session_for(create(:user))
+ get issue_path(:id => issue)
assert_redirected_to :controller => :errors, :action => :forbidden
# Access issue as administrator
- session[:user] = create(:administrator_user).id
- get :show, :params => { :id => issue.id }
+ session_for(create(:administrator_user))
+ get issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :not_found
+
+ # Access issue as moderator
+ session_for(create(:moderator_user))
+ get issue_path(:id => issue)
assert_response :success
+ end
+
+ def test_show_administrator
+ target_user = create(:user)
+ issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "administrator")
+
+ # Access issue without login
+ get issue_path(:id => issue)
+ assert_redirected_to login_path(:referer => issue_path(issue))
+
+ # Access issue as normal user
+ session_for(create(:user))
+ get issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :forbidden
# Access issue as moderator
- session[:user] = create(:moderator_user).id
- get :show, :params => { :id => issue.id }
+ session_for(create(:moderator_user))
+ get issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :not_found
+
+ # Access issue as administrator
+ session_for(create(:administrator_user))
+ get issue_path(:id => issue)
assert_response :success
end
- def test_resolve
+ def test_resolve_moderator
target_user = create(:user)
- issue = create(:issue, :reportable => target_user, :reported_user => target_user)
+ issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "moderator")
# Resolve issue without login
- get :resolve, :params => { :id => issue.id }
- assert_response :redirect
- assert_redirected_to login_path(:referer => resolve_issue_path(issue))
+ post resolve_issue_path(:id => issue)
+ assert_response :forbidden
# Resolve issue as normal user
- session[:user] = create(:user).id
- get :resolve, :params => { :id => issue.id }
- assert_response :redirect
+ session_for(create(:user))
+ post resolve_issue_path(:id => issue)
assert_redirected_to :controller => :errors, :action => :forbidden
# Resolve issue as administrator
- session[:user] = create(:administrator_user).id
- get :resolve, :params => { :id => issue.id }
+ session_for(create(:administrator_user))
+ post resolve_issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :not_found
+ assert_not_predicate issue.reload, :resolved?
+
+ # Resolve issue as moderator
+ session_for(create(:moderator_user))
+ post resolve_issue_path(:id => issue)
assert_response :redirect
- assert_equal true, issue.reload.resolved?
+ assert_predicate issue.reload, :resolved?
+ end
- issue.reopen!
+ def test_resolve_administrator
+ target_user = create(:user)
+ issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "administrator")
+
+ # Resolve issue without login
+ post resolve_issue_path(:id => issue)
+ assert_response :forbidden
+
+ # Resolve issue as normal user
+ session_for(create(:user))
+ post resolve_issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :forbidden
# Resolve issue as moderator
- session[:user] = create(:moderator_user).id
- get :resolve, :params => { :id => issue.id }
+ session_for(create(:moderator_user))
+ post resolve_issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :not_found
+ assert_not_predicate issue.reload, :resolved?
+
+ # Resolve issue as administrator
+ session_for(create(:administrator_user))
+ post resolve_issue_path(:id => issue)
assert_response :redirect
- assert_equal true, issue.reload.resolved?
+ assert_predicate issue.reload, :resolved?
end
- def test_ignore
+ def test_ignore_moderator
target_user = create(:user)
- issue = create(:issue, :reportable => target_user, :reported_user => target_user)
+ issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "moderator")
# Ignore issue without login
- get :ignore, :params => { :id => issue.id }
- assert_response :redirect
- assert_redirected_to login_path(:referer => ignore_issue_path(issue))
+ post ignore_issue_path(:id => issue)
+ assert_response :forbidden
# Ignore issue as normal user
- session[:user] = create(:user).id
- get :ignore, :params => { :id => issue.id }
- assert_response :redirect
+ session_for(create(:user))
+ post ignore_issue_path(:id => issue)
assert_redirected_to :controller => :errors, :action => :forbidden
# Ignore issue as administrator
- session[:user] = create(:administrator_user).id
- get :ignore, :params => { :id => issue.id }
+ session_for(create(:administrator_user))
+ post ignore_issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :not_found
+ assert_not_predicate issue.reload, :ignored?
+
+ # Ignore issue as moderator
+ session_for(create(:moderator_user))
+ post ignore_issue_path(:id => issue)
assert_response :redirect
- assert_equal true, issue.reload.ignored?
+ assert_predicate issue.reload, :ignored?
+ end
+
+ def test_ignore_administrator
+ target_user = create(:user)
+ issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "administrator")
- issue.reopen!
+ # Ignore issue without login
+ post ignore_issue_path(:id => issue)
+ assert_response :forbidden
+
+ # Ignore issue as normal user
+ session_for(create(:user))
+ post ignore_issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :forbidden
# Ignore issue as moderator
- session[:user] = create(:moderator_user).id
- get :ignore, :params => { :id => issue.id }
+ session_for(create(:moderator_user))
+ post ignore_issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :not_found
+ assert_not_predicate issue.reload, :ignored?
+
+ # Ignore issue as administrator
+ session_for(create(:administrator_user))
+ post ignore_issue_path(:id => issue)
assert_response :redirect
- assert_equal true, issue.reload.ignored?
+ assert_predicate issue.reload, :ignored?
end
- def test_reopen
+ def test_reopen_moderator
target_user = create(:user)
- issue = create(:issue, :reportable => target_user, :reported_user => target_user)
+ issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "moderator")
issue.resolve!
# Reopen issue without login
- get :reopen, :params => { :id => issue.id }
- assert_response :redirect
- assert_redirected_to login_path(:referer => reopen_issue_path(issue))
+ post reopen_issue_path(:id => issue)
+ assert_response :forbidden
# Reopen issue as normal user
- session[:user] = create(:user).id
- get :reopen, :params => { :id => issue.id }
- assert_response :redirect
+ session_for(create(:user))
+ post reopen_issue_path(:id => issue)
assert_redirected_to :controller => :errors, :action => :forbidden
# Reopen issue as administrator
- session[:user] = create(:administrator_user).id
- get :reopen, :params => { :id => issue.id }
+ session_for(create(:administrator_user))
+ post reopen_issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :not_found
+ assert_not_predicate issue.reload, :open?
+
+ # Reopen issue as moderator
+ session_for(create(:moderator_user))
+ post reopen_issue_path(:id => issue)
assert_response :redirect
- assert_equal true, issue.reload.open?
+ assert_predicate issue.reload, :open?
+ end
+
+ def test_reopen_administrator
+ target_user = create(:user)
+ issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "administrator")
issue.resolve!
+ # Reopen issue without login
+ post reopen_issue_path(:id => issue)
+ assert_response :forbidden
+
+ # Reopen issue as normal user
+ session_for(create(:user))
+ post reopen_issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :forbidden
+
# Reopen issue as moderator
- session[:user] = create(:moderator_user).id
- get :reopen, :params => { :id => issue.id }
+ session_for(create(:moderator_user))
+ post reopen_issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :not_found
+ assert_not_predicate issue.reload, :open?
+
+ # Reopen issue as administrator
+ session_for(create(:administrator_user))
+ post reopen_issue_path(:id => issue)
assert_response :redirect
- assert_equal true, issue.reload.open?
+ assert_predicate issue.reload, :open?
end
end