+ # Access issue as moderator
+ session_for(create(:moderator_user))
+ get issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :not_found
+
+ # Access issue as administrator
+ session_for(create(:administrator_user))
+ get issue_path(:id => issue)
+ assert_response :success
+ end
+
+ def test_resolve_moderator
+ target_user = create(:user)
+ issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "moderator")
+
+ # Resolve issue without login
+ post resolve_issue_path(:id => issue)
+ assert_response :forbidden
+
+ # Resolve issue as normal user
+ session_for(create(:user))
+ post resolve_issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :forbidden
+
+ # Resolve issue as administrator
+ session_for(create(:administrator_user))
+ post resolve_issue_path(:id => issue)
+ assert_redirected_to :controller => :errors, :action => :not_found
+ assert_not issue.reload.resolved?
+
+ # Resolve issue as moderator
+ session_for(create(:moderator_user))
+ post resolve_issue_path(:id => issue)