X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/043d29fd7eb72048cf5d07edfbc20ec5c25af708..045af66d438a7fa3567cb4a10ea2f6a255e742c8:/test/controllers/user_blocks_controller_test.rb?ds=sidebyside diff --git a/test/controllers/user_blocks_controller_test.rb b/test/controllers/user_blocks_controller_test.rb index b7dcf755b..2ab90364e 100644 --- a/test/controllers/user_blocks_controller_test.rb +++ b/test/controllers/user_blocks_controller_test.rb @@ -1,8 +1,6 @@ require "test_helper" -class UserBlocksControllerTest < ActionController::TestCase - fixtures :users, :user_roles - +class UserBlocksControllerTest < ActionDispatch::IntegrationTest ## # test all routes which lead to this controller def test_routes @@ -15,10 +13,6 @@ class UserBlocksControllerTest < ActionController::TestCase { :path => "/user_blocks", :method => :get }, { :controller => "user_blocks", :action => "index" } ) - assert_routing( - { :path => "/user_blocks/new", :method => :get }, - { :controller => "user_blocks", :action => "new" } - ) assert_routing( { :path => "/user_blocks", :method => :post }, { :controller => "user_blocks", :action => "create" } @@ -39,14 +33,6 @@ class UserBlocksControllerTest < ActionController::TestCase { :path => "/user_blocks/1", :method => :delete }, { :controller => "user_blocks", :action => "destroy", :id => "1" } ) - assert_routing( - { :path => "/blocks/1/revoke", :method => :get }, - { :controller => "user_blocks", :action => "revoke", :id => "1" } - ) - assert_routing( - { :path => "/blocks/1/revoke", :method => :post }, - { :controller => "user_blocks", :action => "revoke", :id => "1" } - ) assert_routing( { :path => "/user/username/blocks", :method => :get }, @@ -56,25 +42,79 @@ class UserBlocksControllerTest < ActionController::TestCase { :path => "/user/username/blocks_by", :method => :get }, { :controller => "user_blocks", :action => "blocks_by", :display_name => "username" } ) + assert_routing( + { :path => "/user/username/blocks/revoke_all", :method => :get }, + { :controller => "user_blocks", :action => "revoke_all", :display_name => "username" } + ) + assert_routing( + { :path => "/user/username/blocks/revoke_all", :method => :post }, + { :controller => "user_blocks", :action => "revoke_all", :display_name => "username" } + ) end ## # test the index action def test_index + revoked_block = create(:user_block, :revoked) + + get user_blocks_path + assert_response :success + assert_select "table#block_list tbody tr", :count => 1 do + assert_select "a[href='#{user_path revoked_block.user}']", :text => revoked_block.user.display_name + assert_select "a[href='#{user_path revoked_block.creator}']", :text => revoked_block.creator.display_name + assert_select "a[href='#{user_path revoked_block.revoker}']", :text => revoked_block.revoker.display_name + end + active_block = create(:user_block) expired_block = create(:user_block, :expired) - revoked_block = create(:user_block, :revoked) - get :index + get user_blocks_path assert_response :success - assert_select "table#block_list", :count => 1 do - assert_select "tr", 4 + assert_select "table#block_list tbody", :count => 1 do + assert_select "tr", 3 assert_select "a[href='#{user_block_path(active_block)}']", 1 assert_select "a[href='#{user_block_path(expired_block)}']", 1 assert_select "a[href='#{user_block_path(revoked_block)}']", 1 end end + ## + # test the index action with multiple pages + def test_index_paged + user_blocks = create_list(:user_block, 50).reverse + next_path = user_blocks_path + + get next_path + assert_response :success + check_user_blocks_table user_blocks[0...20] + check_no_page_link "Newer Blocks" + next_path = check_page_link "Older Blocks" + + get next_path + assert_response :success + check_user_blocks_table user_blocks[20...40] + check_page_link "Newer Blocks" + next_path = check_page_link "Older Blocks" + + get next_path + assert_response :success + check_user_blocks_table user_blocks[40...50] + check_page_link "Newer Blocks" + check_no_page_link "Older Blocks" + end + + ## + # test the index action with invalid pages + def test_index_invalid_paged + %w[-1 0 fred].each do |id| + get user_blocks_path(:before => id) + assert_redirected_to :controller => :errors, :action => :bad_request + + get user_blocks_path(:after => id) + assert_redirected_to :controller => :errors, :action => :bad_request + end + end + ## # test the show action def test_show @@ -82,60 +122,168 @@ class UserBlocksControllerTest < ActionController::TestCase expired_block = create(:user_block, :expired) revoked_block = create(:user_block, :revoked) - # Viewing a block should fail when no ID is given - assert_raise ActionController::UrlGenerationError do - get :show - end - # Viewing a block should fail when a bogus ID is given - get :show, :id => 99999 + get user_block_path(:id => 99999) assert_response :not_found assert_template "not_found" assert_select "p", "Sorry, the user block with ID 99999 could not be found." # Viewing an expired block should work - get :show, :id => expired_block.id + get user_block_path(:id => expired_block) assert_response :success + assert_select "h1 a[href='#{user_path expired_block.user}']", :text => expired_block.user.display_name + assert_select "h1 a[href='#{user_path expired_block.creator}']", :text => expired_block.creator.display_name # Viewing a revoked block should work - get :show, :id => revoked_block.id + get user_block_path(:id => revoked_block) assert_response :success + assert_select "h1 a[href='#{user_path revoked_block.user}']", :text => revoked_block.user.display_name + assert_select "h1 a[href='#{user_path revoked_block.creator}']", :text => revoked_block.creator.display_name + assert_select "a[href='#{user_path revoked_block.revoker}']", :text => revoked_block.revoker.display_name # Viewing an active block should work, but shouldn't mark it as seen - get :show, :id => active_block.id + get user_block_path(:id => active_block) assert_response :success - assert_equal true, UserBlock.find(active_block.id).needs_view + assert_select "h1 a[href='#{user_path active_block.user}']", :text => active_block.user.display_name + assert_select "h1 a[href='#{user_path active_block.creator}']", :text => active_block.creator.display_name + assert UserBlock.find(active_block.id).needs_view + end + + ## + # test clearing needs_view by showing a zero-hour block to the blocked user + def test_show_sets_deactivates_at_for_zero_hour_block + user = create(:user) + session_for(user) + + freeze_time do + block = create(:user_block, :needs_view, :zero_hour, :user => user) + assert block.needs_view + assert_nil block.deactivates_at + + travel 1.hour + + get user_block_path(block) + assert_response :success + block.reload + assert_not block.needs_view + assert_equal Time.now.utc, block.deactivates_at + + travel 1.hour + + get user_block_path(block) + assert_response :success + block.reload + assert_not block.needs_view + assert_equal Time.now.utc - 1.hour, block.deactivates_at + end + end - # Login as the blocked user - session[:user] = active_block.user.id + ## + # test clearing needs_view by showing a timed block to the blocked user + def test_show_sets_deactivates_at_for_timed_block + user = create(:user) + session_for(user) + + freeze_time do + block = create(:user_block, :needs_view, :created_at => Time.now.utc, :ends_at => Time.now.utc + 24.hours, :user => user) + assert block.needs_view + assert_nil block.deactivates_at + + travel 1.hour + + get user_block_path(block) + assert_response :success + block.reload + assert_not block.needs_view + assert_equal Time.now.utc + 23.hours, block.deactivates_at + + travel 1.hour + + get user_block_path(block) + assert_response :success + block.reload + assert_not block.needs_view + assert_equal Time.now.utc + 22.hours, block.deactivates_at + + travel 24.hours + + get user_block_path(block) + assert_response :success + block.reload + assert_not block.needs_view + assert_equal Time.now.utc - 2.hours, block.deactivates_at + end + end - # Now viewing it should mark it as seen - get :show, :id => active_block.id - assert_response :success - assert_equal false, UserBlock.find(active_block.id).needs_view + ## + # test edit/revoke link for active blocks + def test_active_block_buttons + creator_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + block = create(:user_block, :creator => creator_user) + + session_for(other_moderator_user) + check_block_buttons block, :edit => 1 + + session_for(creator_user) + check_block_buttons block, :edit => 1 + end + + ## + # test the edit link for expired blocks + def test_expired_block_buttons + creator_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + block = create(:user_block, :expired, :creator => creator_user) + + session_for(other_moderator_user) + check_block_buttons block + + session_for(creator_user) + check_block_buttons block, :edit => 1 + end + + ## + # test the edit link for revoked blocks + def test_revoked_block_buttons + creator_user = create(:moderator_user) + revoker_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + block = create(:user_block, :revoked, :creator => creator_user, :revoker => revoker_user) + + session_for(other_moderator_user) + check_block_buttons block + + session_for(creator_user) + check_block_buttons block, :edit => 1 + + session_for(revoker_user) + check_block_buttons block, :edit => 1 end ## # test the new action def test_new + target_user = create(:user) + # Check that the block creation page requires us to login - get :new, :display_name => users(:normal_user).display_name - assert_redirected_to login_path(:referer => new_user_block_path(:display_name => users(:normal_user).display_name)) + get new_user_block_path(target_user) + assert_redirected_to login_path(:referer => new_user_block_path(target_user)) # Login as a normal user - session[:user] = users(:public_user).id + session_for(create(:user)) # Check that normal users can't load the block creation page - get :new, :display_name => users(:normal_user).display_name - assert_redirected_to user_blocks_path - assert_equal "You need to be a moderator to perform that action.", flash[:error] + get new_user_block_path(target_user) + assert_redirected_to :controller => "errors", :action => "forbidden" # Login as a moderator - session[:user] = users(:moderator_user).id + session_for(create(:moderator_user)) # Check that the block creation page loads for moderators - get :new, :display_name => users(:normal_user).display_name + get new_user_block_path(target_user) assert_response :success + assert_select "h1 a[href='#{user_path target_user}']", :text => target_user.display_name assert_select "form#new_user_block", :count => 1 do assert_select "textarea#user_block_reason", :count => 1 assert_select "select#user_block_period", :count => 1 @@ -144,314 +292,756 @@ class UserBlocksControllerTest < ActionController::TestCase assert_select "input[type='submit'][value='Create block']", :count => 1 end - # We should get an error if no user is specified - get :new - assert_response :not_found - assert_template "user/no_such_user" - assert_select "h1", "The user does not exist" - # We should get an error if the user doesn't exist - get :new, :display_name => "non_existent_user" + get new_user_block_path(:display_name => "non_existent_user") assert_response :not_found - assert_template "user/no_such_user" + assert_template "users/no_such_user" assert_select "h1", "The user non_existent_user does not exist" end ## # test the edit action def test_edit - active_block = create(:user_block) + creator_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + active_block = create(:user_block, :creator => creator_user) # Check that the block edit page requires us to login - get :edit, :id => active_block.id - assert_redirected_to login_path(:referer => edit_user_block_path(:id => active_block.id)) + get edit_user_block_path(:id => active_block) + assert_redirected_to login_path(:referer => edit_user_block_path(active_block)) # Login as a normal user - session[:user] = users(:public_user).id + session_for(create(:user)) # Check that normal users can't load the block edit page - get :edit, :id => active_block.id - assert_redirected_to user_blocks_path - assert_equal "You need to be a moderator to perform that action.", flash[:error] + get edit_user_block_path(:id => active_block) + assert_redirected_to :controller => "errors", :action => "forbidden" # Login as a moderator - session[:user] = users(:moderator_user).id + session_for(other_moderator_user) # Check that the block edit page loads for moderators - get :edit, :id => active_block.id + get edit_user_block_path(:id => active_block) assert_response :success + assert_select "h1 a[href='#{user_path active_block.user}']", :text => active_block.user.display_name + assert_select "form#edit_user_block_#{active_block.id}", :count => 1 do + assert_select "textarea#user_block_reason", :count => 1 + assert_select "select#user_block_period", :count => 0 + assert_select "input#user_block_needs_view[type='checkbox']", :count => 0 + assert_select "input[type='submit'][value='Update block']", :count => 0 + assert_select "input#user_block_period[type='hidden']", :count => 1 + assert_select "input#user_block_needs_view[type='hidden']", :count => 1 + assert_select "input[type='submit'][value='Revoke block']", :count => 1 + end + + # Login as the block creator + session_for(creator_user) + + # Check that the block edit page loads for the creator + get edit_user_block_path(:id => active_block) + assert_response :success + assert_select "h1 a[href='#{user_path active_block.user}']", :text => active_block.user.display_name assert_select "form#edit_user_block_#{active_block.id}", :count => 1 do assert_select "textarea#user_block_reason", :count => 1 assert_select "select#user_block_period", :count => 1 assert_select "input#user_block_needs_view[type='checkbox']", :count => 1 assert_select "input[type='submit'][value='Update block']", :count => 1 - end - - # We should get an error if no user is specified - assert_raise ActionController::UrlGenerationError do - get :edit + assert_select "input#user_block_period[type='hidden']", :count => 0 + assert_select "input#user_block_needs_view[type='hidden']", :count => 0 + assert_select "input[type='submit'][value='Revoke block']", :count => 0 end # We should get an error if the user doesn't exist - get :edit, :id => 99999 + get edit_user_block_path(:id => 99999) assert_response :not_found assert_template "not_found" assert_select "p", "Sorry, the user block with ID 99999 could not be found." end + ## + # test the edit action when the remaining block duration doesn't match the available select options + def test_edit_duration + moderator_user = create(:moderator_user) + + freeze_time do + active_block = create(:user_block, :creator => moderator_user, :ends_at => Time.now.utc + 96.hours) + + session_for(moderator_user) + get edit_user_block_path(active_block) + + assert_select "form#edit_user_block_#{active_block.id}", :count => 1 do + assert_select "select#user_block_period", :count => 1 do + assert_select "option[value='96'][selected]", :count => 1 + end + end + + travel 2.hours + get edit_user_block_path(active_block) + + assert_select "form#edit_user_block_#{active_block.id}", :count => 1 do + assert_select "select#user_block_period", :count => 1 do + assert_select "option[value='96'][selected]", :count => 1 + end + end + end + end + ## # test the create action def test_create + target_user = create(:user) + moderator_user = create(:moderator_user) + # Not logged in yet, so creating a block should fail - post :create + post user_blocks_path assert_response :forbidden # Login as a normal user - session[:user] = users(:public_user).id + session_for(create(:user)) # Check that normal users can't create blocks - post :create - assert_response :forbidden + post user_blocks_path + assert_redirected_to :controller => "errors", :action => "forbidden" # Login as a moderator - session[:user] = users(:moderator_user).id + session_for(moderator_user) # A bogus block period should result in an error assert_no_difference "UserBlock.count" do - post :create, - :display_name => users(:unblocked_user).display_name, - :user_block_period => "99" + post user_blocks_path(:display_name => target_user.display_name, + :user_block_period => "99") end - assert_redirected_to new_user_block_path(:display_name => users(:unblocked_user).display_name) + assert_redirected_to new_user_block_path(target_user) assert_equal "The blocking period must be one of the values selectable in the drop-down list.", flash[:error] # Check that creating a block works assert_difference "UserBlock.count", 1 do - post :create, - :display_name => users(:unblocked_user).display_name, - :user_block_period => "12", - :user_block => { :needs_view => false, :reason => "Vandalism" } + post user_blocks_path(:display_name => target_user.display_name, + :user_block_period => "12", + :user_block => { :needs_view => false, :reason => "Vandalism" }) end - id = UserBlock.order(:id).ids.last - assert_redirected_to user_block_path(:id => id) - assert_equal "Created a block on user #{users(:unblocked_user).display_name}.", flash[:notice] - b = UserBlock.find(id) - assert_in_delta Time.now, b.created_at, 1 - assert_in_delta Time.now, b.updated_at, 1 - assert_in_delta Time.now + 12.hours, b.ends_at, 1 - assert_equal false, b.needs_view + b = UserBlock.last + assert_redirected_to user_block_path(:id => b.id) + assert_equal "Created a block on user #{target_user.display_name}.", flash[:notice] + assert_in_delta Time.now.utc, b.created_at, 1 + assert_in_delta Time.now.utc, b.updated_at, 1 + assert_in_delta Time.now.utc + 12.hours, b.ends_at, 1 + assert_not b.needs_view assert_equal "Vandalism", b.reason assert_equal "markdown", b.reason_format - assert_equal users(:moderator_user).id, b.creator_id + assert_equal moderator_user.id, b.creator_id # We should get an error if no user is specified - post :create + post user_blocks_path assert_response :not_found - assert_template "user/no_such_user" + assert_template "users/no_such_user" assert_select "h1", "The user does not exist" # We should get an error if the user doesn't exist - post :create, :display_name => "non_existent_user" + post user_blocks_path(:display_name => "non_existent_user") assert_response :not_found - assert_template "user/no_such_user" + assert_template "users/no_such_user" assert_select "h1", "The user non_existent_user does not exist" end + ## + # test the duration of a created block + def test_create_duration + target_user = create(:user) + moderator_user = create(:moderator_user) + + session_for(moderator_user) + post user_blocks_path(:display_name => target_user.display_name, + :user_block_period => "336", + :user_block => { :needs_view => false, :reason => "Vandalism" }) + + block = UserBlock.last + assert_equal 1209600, block.ends_at - block.created_at + end + ## # test the update action def test_update - active_block = create(:user_block, :creator => users(:moderator_user)) + moderator_user = create(:moderator_user) + active_block = create(:user_block, :creator => moderator_user) # Not logged in yet, so updating a block should fail - put :update, :id => active_block.id + put user_block_path(:id => active_block) assert_response :forbidden # Login as a normal user - session[:user] = users(:public_user).id + session_for(create(:user)) # Check that normal users can't update blocks - put :update, :id => active_block.id - assert_response :forbidden - - # Login as the wrong moderator - session[:user] = users(:second_moderator_user).id - - # Check that only the person who created a block can update it - assert_no_difference "UserBlock.count" do - put :update, - :id => active_block.id, - :user_block_period => "12", - :user_block => { :needs_view => true, :reason => "Vandalism" } - end - assert_redirected_to edit_user_block_path(:id => active_block.id) - assert_equal "Only the moderator who created this block can edit it.", flash[:error] + put user_block_path(:id => active_block) + assert_redirected_to :controller => "errors", :action => "forbidden" - # Login as the correct moderator - session[:user] = users(:moderator_user).id + # Login as the moderator + session_for(moderator_user) # A bogus block period should result in an error assert_no_difference "UserBlock.count" do - put :update, - :id => active_block.id, - :user_block_period => "99" + put user_block_path(:id => active_block, :user_block_period => "99") end - assert_redirected_to edit_user_block_path(:id => active_block.id) + assert_redirected_to edit_user_block_path(active_block) assert_equal "The blocking period must be one of the values selectable in the drop-down list.", flash[:error] # Check that updating a block works assert_no_difference "UserBlock.count" do - put :update, - :id => active_block.id, - :user_block_period => "12", - :user_block => { :needs_view => true, :reason => "Vandalism" } + put user_block_path(:id => active_block, + :user_block_period => "12", + :user_block => { :needs_view => true, :reason => "Vandalism" }) end - assert_redirected_to user_block_path(:id => active_block.id) + assert_redirected_to user_block_path(active_block) assert_equal "Block updated.", flash[:notice] b = UserBlock.find(active_block.id) - assert_in_delta Time.now, b.updated_at, 1 - assert_equal true, b.needs_view + assert_in_delta Time.now.utc, b.updated_at, 1 + assert b.needs_view assert_equal "Vandalism", b.reason - # We should get an error if no block ID is specified - assert_raise ActionController::UrlGenerationError do - put :update - end - # We should get an error if the block doesn't exist - put :update, :id => 99999 + put user_block_path(:id => 99999) assert_response :not_found assert_template "not_found" assert_select "p", "Sorry, the user block with ID 99999 could not be found." end ## - # test the revoke action - def test_revoke - active_block = create(:user_block) + # test the update action on expired blocks + def test_update_expired + creator_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + block = create(:user_block, :expired, :creator => creator_user, :reason => "Original Reason") + + session_for(other_moderator_user) + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to edit_user_block_path(block) + assert_equal "Only the moderator who created this block can edit it.", flash[:error] + block.reload + assert_not block.active? + assert_equal "Original Reason", block.reason + + session_for(creator_user) + check_inactive_block_updates(block) + end - # Check that the block revoke page requires us to login - get :revoke, :id => active_block.id - assert_redirected_to login_path(:referer => revoke_user_block_path(:id => active_block.id)) + ## + # test the update action on revoked blocks + def test_update_revoked + creator_user = create(:moderator_user) + revoker_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + block = create(:user_block, :revoked, :creator => creator_user, :revoker => revoker_user, :reason => "Original Reason") + + session_for(other_moderator_user) + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to edit_user_block_path(block) + assert_equal "Only the moderators who created or revoked this block can edit it.", flash[:error] + block.reload + assert_not_predicate block, :active? + assert_equal "Original Reason", block.reason + + session_for(creator_user) + check_inactive_block_updates(block) + + session_for(revoker_user) + check_inactive_block_updates(block) + end + + ## + # test the update action revoking the block + def test_revoke_using_update_by_creator + moderator_user = create(:moderator_user) + block = create(:user_block, :creator => moderator_user) + + session_for(moderator_user) + put user_block_path(block, + :user_block_period => "24", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to user_block_path(block) + assert_equal "Block updated.", flash[:notice] + block.reload + assert_predicate block, :active? + assert_nil block.revoker + + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to user_block_path(block) + assert_equal "Block updated.", flash[:notice] + block.reload + assert_not_predicate block, :active? + assert_equal moderator_user, block.revoker + end + + def test_revoke_using_update_by_other_moderator + creator_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + block = create(:user_block, :creator => creator_user) + + session_for(other_moderator_user) + put user_block_path(block, + :user_block_period => "24", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_response :success + assert_equal "Only the moderator who created this block can edit it without revoking.", flash[:error] + block.reload + assert_predicate block, :active? + assert_nil block.revoker + + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to user_block_path(block) + assert_equal "Block updated.", flash[:notice] + block.reload + assert_not_predicate block, :active? + assert_equal other_moderator_user, block.revoker + end + + ## + # test the revoke all page + def test_revoke_all_page + blocked_user = create(:user) + create(:user_block, :user => blocked_user) + + # Asking for the revoke all blocks page with a bogus user name should fail + get user_blocks_on_path("non_existent_user") + assert_response :not_found + + # Check that the revoke all blocks page requires us to login + get revoke_all_user_blocks_path(blocked_user) + assert_redirected_to login_path(:referer => revoke_all_user_blocks_path(blocked_user)) # Login as a normal user - session[:user] = users(:public_user).id + session_for(create(:user)) + + # Check that normal users can't load the revoke all blocks page + get revoke_all_user_blocks_path(blocked_user) + assert_redirected_to :controller => "errors", :action => "forbidden" + + # Login as a moderator + session_for(create(:moderator_user)) + + # Check that the revoke all blocks page loads for moderators + get revoke_all_user_blocks_path(blocked_user) + assert_response :success + assert_select "h1 a[href='#{user_path blocked_user}']", :text => blocked_user.display_name + end + + ## + # test the revoke all action + def test_revoke_all_action + blocked_user = create(:user) + active_block1 = create(:user_block, :user => blocked_user) + active_block2 = create(:user_block, :user => blocked_user) + expired_block1 = create(:user_block, :expired, :user => blocked_user) + blocks = [active_block1, active_block2, expired_block1] + moderator_user = create(:moderator_user) + + assert_predicate active_block1, :active? + assert_predicate active_block2, :active? + assert_not_predicate expired_block1, :active? + + # Login as a normal user + session_for(create(:user)) # Check that normal users can't load the block revoke page - get :revoke, :id => active_block.id - assert_redirected_to user_blocks_path - assert_equal "You need to be a moderator to perform that action.", flash[:error] + get revoke_all_user_blocks_path(:blocked_user) + assert_redirected_to :controller => "errors", :action => "forbidden" # Login as a moderator - session[:user] = users(:moderator_user).id + session_for(moderator_user) - # Check that the block revoke page loads for moderators - get :revoke, :id => active_block.id + # Check that revoking blocks using GET should fail + get revoke_all_user_blocks_path(blocked_user, :confirm => true) assert_response :success - assert_template "revoke" - assert_select "form", :count => 1 do - assert_select "input#confirm[type='checkbox']", :count => 1 - assert_select "input[type='submit'][value='Revoke!']", :count => 1 + assert_template "revoke_all" + + blocks.each(&:reload) + assert_predicate active_block1, :active? + assert_predicate active_block2, :active? + assert_not_predicate expired_block1, :active? + + # Check that revoking blocks works using POST + post revoke_all_user_blocks_path(blocked_user, :confirm => true) + assert_redirected_to user_blocks_on_path(blocked_user) + + blocks.each(&:reload) + assert_not_predicate active_block1, :active? + assert_not_predicate active_block2, :active? + assert_not_predicate expired_block1, :active? + assert_equal moderator_user, active_block1.revoker + assert_equal moderator_user, active_block2.revoker + assert_not_equal moderator_user, expired_block1.revoker + end + + ## + # test changes to end/deactivation dates + def test_dates_when_viewed_before_end + blocked_user = create(:user) + moderator_user = create(:moderator_user) + + freeze_time do + session_for(moderator_user) + assert_difference "UserBlock.count", 1 do + post user_blocks_path(:display_name => blocked_user.display_name, + :user_block_period => "48", + :user_block => { :needs_view => true, :reason => "Testing deactivates_at" }) + end + block = UserBlock.last + assert_equal Time.now.utc + 48.hours, block.ends_at + assert_nil block.deactivates_at + + travel 24.hours + session_for(blocked_user) + get user_block_path(block) + block.reload + assert_equal Time.now.utc + 24.hours, block.ends_at + assert_equal Time.now.utc + 24.hours, block.deactivates_at end + end - # Check that revoking a block works - post :revoke, :id => active_block.id, :confirm => true - assert_redirected_to user_block_path(:id => active_block.id) - b = UserBlock.find(active_block.id) - assert_in_delta Time.now, b.ends_at, 1 + def test_dates_when_viewed_after_end + blocked_user = create(:user) + moderator_user = create(:moderator_user) + + freeze_time do + session_for(moderator_user) + assert_difference "UserBlock.count", 1 do + post user_blocks_path(:display_name => blocked_user.display_name, + :user_block_period => "24", + :user_block => { :needs_view => true, :reason => "Testing deactivates_at" }) + end + block = UserBlock.last + assert_equal Time.now.utc + 24.hours, block.ends_at + assert_nil block.deactivates_at + + travel 48.hours + session_for(blocked_user) + get user_block_path(block) + block.reload + assert_equal Time.now.utc - 24.hours, block.ends_at + assert_equal Time.now.utc, block.deactivates_at + end + end - # We should get an error if no block ID is specified - assert_raise ActionController::UrlGenerationError do - get :revoke + def test_dates_when_edited_before_end + blocked_user = create(:user) + moderator_user = create(:moderator_user) + + freeze_time do + session_for(moderator_user) + assert_difference "UserBlock.count", 1 do + post user_blocks_path(:display_name => blocked_user.display_name, + :user_block_period => "48", + :user_block => { :needs_view => false, :reason => "Testing deactivates_at" }) + end + block = UserBlock.last + assert_equal Time.now.utc + 48.hours, block.ends_at + assert_equal Time.now.utc + 48.hours, block.deactivates_at + + travel 24.hours + put user_block_path(block, + :user_block_period => "48", + :user_block => { :needs_view => false, :reason => "Testing deactivates_at updated" }) + block.reload + assert_equal Time.now.utc + 48.hours, block.ends_at + assert_equal Time.now.utc + 48.hours, block.deactivates_at end + end - # We should get an error if the block doesn't exist - get :revoke, :id => 99999 - assert_response :not_found - assert_template "not_found" - assert_select "p", "Sorry, the user block with ID 99999 could not be found." + def test_dates_when_edited_after_end + blocked_user = create(:user) + moderator_user = create(:moderator_user) + + freeze_time do + session_for(moderator_user) + assert_difference "UserBlock.count", 1 do + post user_blocks_path(:display_name => blocked_user.display_name, + :user_block_period => "24", + :user_block => { :needs_view => false, :reason => "Testing deactivates_at" }) + end + block = UserBlock.last + assert_equal Time.now.utc + 24.hours, block.ends_at + assert_equal Time.now.utc + 24.hours, block.deactivates_at + + travel 48.hours + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Testing deactivates_at updated" }) + block.reload + assert_equal Time.now.utc - 24.hours, block.ends_at + assert_equal Time.now.utc - 24.hours, block.deactivates_at + end + end + + ## + # test updates on legacy records without correctly initialized deactivates_at + def test_update_legacy_deactivates_at + blocked_user = create(:user) + moderator_user = create(:moderator_user) + + freeze_time do + block = UserBlock.new :user => blocked_user, + :creator => moderator_user, + :reason => "because", + :ends_at => Time.now.utc + 24.hours, + :needs_view => false + + assert_difference "UserBlock.count", 1 do + block.save :validate => false + end + + travel 48.hours + session_for(moderator_user) + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Testing legacy block update" }) + block.reload + assert_equal Time.now.utc - 24.hours, block.ends_at + assert_equal Time.now.utc - 24.hours, block.deactivates_at + end end ## # test the blocks_on action def test_blocks_on - active_block = create(:user_block, :user => users(:blocked_user)) - revoked_block = create(:user_block, :revoked, :user => users(:blocked_user)) - expired_block = create(:user_block, :expired, :user => users(:unblocked_user)) - - # Asking for a list of blocks with no user name should fail - assert_raise ActionController::UrlGenerationError do - get :blocks_on - end + blocked_user = create(:user) + unblocked_user = create(:user) + normal_user = create(:user) + active_block = create(:user_block, :user => blocked_user) + revoked_block = create(:user_block, :revoked, :user => blocked_user) + expired_block = create(:user_block, :expired, :user => unblocked_user) # Asking for a list of blocks with a bogus user name should fail - get :blocks_on, :display_name => "non_existent_user" + get user_blocks_on_path("non_existent_user") assert_response :not_found - assert_template "user/no_such_user" + assert_template "users/no_such_user" assert_select "h1", "The user non_existent_user does not exist" # Check the list of blocks for a user that has never been blocked - get :blocks_on, :display_name => users(:normal_user).display_name + get user_blocks_on_path(normal_user) assert_response :success assert_select "table#block_list", false - assert_select "p", "#{users(:normal_user).display_name} has not been blocked yet." + assert_select "p", "#{normal_user.display_name} has not been blocked yet." # Check the list of blocks for a user that is currently blocked - get :blocks_on, :display_name => users(:blocked_user).display_name + get user_blocks_on_path(blocked_user) assert_response :success - assert_select "table#block_list", :count => 1 do - assert_select "tr", 3 + assert_select "h1 a[href='#{user_path blocked_user}']", :text => blocked_user.display_name + assert_select "table#block_list tbody", :count => 1 do + assert_select "tr", 2 assert_select "a[href='#{user_block_path(active_block)}']", 1 assert_select "a[href='#{user_block_path(revoked_block)}']", 1 end # Check the list of blocks for a user that has previously been blocked - get :blocks_on, :display_name => users(:unblocked_user).display_name + get user_blocks_on_path(unblocked_user) assert_response :success - assert_select "table#block_list", :count => 1 do - assert_select "tr", 2 + assert_select "h1 a[href='#{user_path unblocked_user}']", :text => unblocked_user.display_name + assert_select "table#block_list tbody", :count => 1 do + assert_select "tr", 1 assert_select "a[href='#{user_block_path(expired_block)}']", 1 end end ## - # test the blocks_by action - def test_blocks_by - active_block = create(:user_block, :creator => users(:moderator_user)) - expired_block = create(:user_block, :expired, :creator => users(:second_moderator_user)) - revoked_block = create(:user_block, :revoked, :creator => users(:second_moderator_user)) + # test the blocks_on action with multiple pages + def test_blocks_on_paged + user = create(:user) + user_blocks = create_list(:user_block, 50, :user => user).reverse + next_path = user_blocks_on_path(user) + + get next_path + assert_response :success + check_user_blocks_table user_blocks[0...20] + check_no_page_link "Newer Blocks" + next_path = check_page_link "Older Blocks" + + get next_path + assert_response :success + check_user_blocks_table user_blocks[20...40] + check_page_link "Newer Blocks" + next_path = check_page_link "Older Blocks" - # Asking for a list of blocks with no user name should fail - assert_raise ActionController::UrlGenerationError do - get :blocks_by + get next_path + assert_response :success + check_user_blocks_table user_blocks[40...50] + check_page_link "Newer Blocks" + check_no_page_link "Older Blocks" + end + + ## + # test the blocks_on action with invalid pages + def test_blocks_on_invalid_paged + user = create(:user) + + %w[-1 0 fred].each do |id| + get user_blocks_on_path(user, :before => id) + assert_redirected_to :controller => :errors, :action => :bad_request + + get user_blocks_on_path(user, :after => id) + assert_redirected_to :controller => :errors, :action => :bad_request end + end + + ## + # test the blocks_by action + def test_blocks_by + moderator_user = create(:moderator_user) + second_moderator_user = create(:moderator_user) + normal_user = create(:user) + active_block = create(:user_block, :creator => moderator_user) + expired_block = create(:user_block, :expired, :creator => second_moderator_user) + revoked_block = create(:user_block, :revoked, :creator => second_moderator_user) # Asking for a list of blocks with a bogus user name should fail - get :blocks_by, :display_name => "non_existent_user" + get user_blocks_by_path("non_existent_user") assert_response :not_found - assert_template "user/no_such_user" + assert_template "users/no_such_user" assert_select "h1", "The user non_existent_user does not exist" # Check the list of blocks given by one moderator - get :blocks_by, :display_name => users(:moderator_user).display_name + get user_blocks_by_path(moderator_user) assert_response :success - assert_select "table#block_list", :count => 1 do - assert_select "tr", 2 + assert_select "h1 a[href='#{user_path moderator_user}']", :text => moderator_user.display_name + assert_select "table#block_list tbody", :count => 1 do + assert_select "tr", 1 assert_select "a[href='#{user_block_path(active_block)}']", 1 end # Check the list of blocks given by a different moderator - get :blocks_by, :display_name => users(:second_moderator_user).display_name + get user_blocks_by_path(second_moderator_user) assert_response :success - assert_select "table#block_list", :count => 1 do - assert_select "tr", 3 + assert_select "h1 a[href='#{user_path second_moderator_user}']", :text => second_moderator_user.display_name + assert_select "table#block_list tbody", :count => 1 do + assert_select "tr", 2 assert_select "a[href='#{user_block_path(expired_block)}']", 1 assert_select "a[href='#{user_block_path(revoked_block)}']", 1 end # Check the list of blocks (not) given by a normal user - get :blocks_by, :display_name => users(:normal_user).display_name + get user_blocks_by_path(normal_user) assert_response :success assert_select "table#block_list", false - assert_select "p", "#{users(:normal_user).display_name} has not made any blocks yet." + assert_select "p", "#{normal_user.display_name} has not made any blocks yet." + end + + ## + # test the blocks_by action with multiple pages + def test_blocks_by_paged + user = create(:moderator_user) + user_blocks = create_list(:user_block, 50, :creator => user).reverse + next_path = user_blocks_by_path(user) + + get next_path + assert_response :success + check_user_blocks_table user_blocks[0...20] + check_no_page_link "Newer Blocks" + next_path = check_page_link "Older Blocks" + + get next_path + assert_response :success + check_user_blocks_table user_blocks[20...40] + check_page_link "Newer Blocks" + next_path = check_page_link "Older Blocks" + + get next_path + assert_response :success + check_user_blocks_table user_blocks[40...50] + check_page_link "Newer Blocks" + check_no_page_link "Older Blocks" + end + + ## + # test the blocks_by action with invalid pages + def test_blocks_by_invalid_paged + user = create(:moderator_user) + + %w[-1 0 fred].each do |id| + get user_blocks_by_path(user, :before => id) + assert_redirected_to :controller => :errors, :action => :bad_request + + get user_blocks_by_path(user, :after => id) + assert_redirected_to :controller => :errors, :action => :bad_request + end + end + + private + + def check_block_buttons(block, edit: 0) + [user_blocks_path, user_block_path(block)].each do |path| + get path + assert_response :success + assert_select "a[href='#{edit_user_block_path block}']", :count => edit + end + end + + def check_inactive_block_updates(block) + original_ends_at = block.ends_at + + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to user_block_path(block) + assert_equal "Block updated.", flash[:notice] + block.reload + assert_not_predicate block, :active? + assert_equal "Updated Reason", block.reason + assert_equal original_ends_at, block.ends_at + + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => true, :reason => "Updated Reason Needs View" }) + assert_response :success + assert_equal "This block is inactive and cannot be reactivated.", flash[:error] + block.reload + assert_not_predicate block, :active? + assert_equal "Updated Reason", block.reason + assert_equal original_ends_at, block.ends_at + + put user_block_path(block, + :user_block_period => "1", + :user_block => { :needs_view => false, :reason => "Updated Reason Duration Extended" }) + assert_response :success + assert_equal "This block is inactive and cannot be reactivated.", flash[:error] + block.reload + assert_not_predicate block, :active? + assert_equal "Updated Reason", block.reason + assert_equal original_ends_at, block.ends_at + + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Updated Reason Again" }) + assert_redirected_to user_block_path(block) + assert_equal "Block updated.", flash[:notice] + block.reload + assert_not_predicate block, :active? + assert_equal "Updated Reason Again", block.reason + assert_equal original_ends_at, block.ends_at + end + + def check_user_blocks_table(user_blocks) + assert_dom "table#block_list tbody tr" do |rows| + assert_equal user_blocks.count, rows.count, "unexpected number of rows in user blocks table" + rows.zip(user_blocks).map do |row, user_block| + assert_dom row, "a[href='#{user_block_path user_block}']", 1 + end + end + end + + def check_no_page_link(name) + assert_select "a.page-link", { :text => /#{Regexp.quote(name)}/, :count => 0 }, "unexpected #{name} page link" + end + + def check_page_link(name) + assert_select "a.page-link", { :text => /#{Regexp.quote(name)}/ }, "missing #{name} page link" do |buttons| + return buttons.first.attributes["href"].value + end end end