- def test_new_issue_without_login
- # Test creation of a new issue and a new report without logging in
- get :new, :params => { :reportable_id => 1, :reportable_type => "User", :reported_user_id => 1 }
- assert_response :redirect
- assert_redirected_to login_path(:referer => new_issue_path(:reportable_id => 1, :reportable_type => "User", :reported_user_id => 1))
+ def test_show_moderator
+ target_user = create(:user)
+ issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "moderator")
+
+ # Access issue without login
+ get issue_path(:id => issue)
+ assert_redirected_to login_path(:referer => issue_path(issue))
+
+ # Access issue as normal user
+ session_for(create(:user))
+ get issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :forbidden
+
+ # Access issue as administrator
+ session_for(create(:administrator_user))
+ get issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :not_found
+
+ # Access issue as moderator
+ session_for(create(:moderator_user))
+ get issue_path(:id => issue)
+ assert_response :success