X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/5e407dfb34f47e6fbbbf3c11c1a8318256abb5cd..39b0d27bae7791b37498cfd4fa99a686a3bca525:/test/controllers/user_blocks_controller_test.rb?ds=sidebyside diff --git a/test/controllers/user_blocks_controller_test.rb b/test/controllers/user_blocks_controller_test.rb index 62eee71a6..0877fa39e 100644 --- a/test/controllers/user_blocks_controller_test.rb +++ b/test/controllers/user_blocks_controller_test.rb @@ -1,6 +1,6 @@ require "test_helper" -class UserBlocksControllerTest < ActionController::TestCase +class UserBlocksControllerTest < ActionDispatch::IntegrationTest ## # test all routes which lead to this controller def test_routes @@ -54,6 +54,14 @@ class UserBlocksControllerTest < ActionController::TestCase { :path => "/user/username/blocks_by", :method => :get }, { :controller => "user_blocks", :action => "blocks_by", :display_name => "username" } ) + assert_routing( + { :path => "/user/username/blocks/revoke_all", :method => :get }, + { :controller => "user_blocks", :action => "revoke_all", :display_name => "username" } + ) + assert_routing( + { :path => "/user/username/blocks/revoke_all", :method => :post }, + { :controller => "user_blocks", :action => "revoke_all", :display_name => "username" } + ) end ## @@ -63,7 +71,7 @@ class UserBlocksControllerTest < ActionController::TestCase expired_block = create(:user_block, :expired) revoked_block = create(:user_block, :revoked) - get :index + get user_blocks_path assert_response :success assert_select "table#block_list", :count => 1 do assert_select "tr", 4 @@ -78,13 +86,13 @@ class UserBlocksControllerTest < ActionController::TestCase def test_index_paged create_list(:user_block, 50) - get :index + get user_blocks_path assert_response :success assert_select "table#block_list", :count => 1 do assert_select "tr", :count => 21 end - get :index, :params => { :page => 2 } + get user_blocks_path(:page => 2) assert_response :success assert_select "table#block_list", :count => 1 do assert_select "tr", :count => 21 @@ -98,37 +106,32 @@ class UserBlocksControllerTest < ActionController::TestCase expired_block = create(:user_block, :expired) revoked_block = create(:user_block, :revoked) - # Viewing a block should fail when no ID is given - assert_raise ActionController::UrlGenerationError do - get :show - end - # Viewing a block should fail when a bogus ID is given - get :show, :params => { :id => 99999 } + get user_block_path(:id => 99999) assert_response :not_found assert_template "not_found" assert_select "p", "Sorry, the user block with ID 99999 could not be found." # Viewing an expired block should work - get :show, :params => { :id => expired_block.id } + get user_block_path(:id => expired_block) assert_response :success # Viewing a revoked block should work - get :show, :params => { :id => revoked_block.id } + get user_block_path(:id => revoked_block) assert_response :success # Viewing an active block should work, but shouldn't mark it as seen - get :show, :params => { :id => active_block.id } + get user_block_path(:id => active_block) assert_response :success - assert_equal true, UserBlock.find(active_block.id).needs_view + assert UserBlock.find(active_block.id).needs_view # Login as the blocked user - session[:user] = active_block.user.id + session_for(active_block.user) # Now viewing it should mark it as seen - get :show, :params => { :id => active_block.id } + get user_block_path(:id => active_block) assert_response :success - assert_equal false, UserBlock.find(active_block.id).needs_view + assert_not UserBlock.find(active_block.id).needs_view end ## @@ -137,22 +140,22 @@ class UserBlocksControllerTest < ActionController::TestCase target_user = create(:user) # Check that the block creation page requires us to login - get :new, :params => { :display_name => target_user.display_name } + get new_user_block_path(:display_name => target_user.display_name) assert_redirected_to login_path(:referer => new_user_block_path(:display_name => target_user.display_name)) # Login as a normal user - session[:user] = create(:user).id + session_for(create(:user)) # Check that normal users can't load the block creation page - get :new, :params => { :display_name => target_user.display_name } - assert_redirected_to user_blocks_path - assert_equal "You need to be a moderator to perform that action.", flash[:error] + get new_user_block_path(:display_name => target_user.display_name) + assert_response :redirect + assert_redirected_to :controller => "errors", :action => "forbidden" # Login as a moderator - session[:user] = create(:moderator_user).id + session_for(create(:moderator_user)) # Check that the block creation page loads for moderators - get :new, :params => { :display_name => target_user.display_name } + get new_user_block_path(:display_name => target_user.display_name) assert_response :success assert_select "form#new_user_block", :count => 1 do assert_select "textarea#user_block_reason", :count => 1 @@ -162,16 +165,10 @@ class UserBlocksControllerTest < ActionController::TestCase assert_select "input[type='submit'][value='Create block']", :count => 1 end - # We should get an error if no user is specified - get :new - assert_response :not_found - assert_template "user/no_such_user" - assert_select "h1", "The user does not exist" - # We should get an error if the user doesn't exist - get :new, :params => { :display_name => "non_existent_user" } + get new_user_block_path(:display_name => "non_existent_user") assert_response :not_found - assert_template "user/no_such_user" + assert_template "users/no_such_user" assert_select "h1", "The user non_existent_user does not exist" end @@ -181,22 +178,22 @@ class UserBlocksControllerTest < ActionController::TestCase active_block = create(:user_block) # Check that the block edit page requires us to login - get :edit, :params => { :id => active_block.id } + get edit_user_block_path(:id => active_block) assert_redirected_to login_path(:referer => edit_user_block_path(active_block)) # Login as a normal user - session[:user] = create(:user).id + session_for(create(:user)) # Check that normal users can't load the block edit page - get :edit, :params => { :id => active_block.id } - assert_redirected_to user_blocks_path - assert_equal "You need to be a moderator to perform that action.", flash[:error] + get edit_user_block_path(:id => active_block) + assert_response :redirect + assert_redirected_to :controller => "errors", :action => "forbidden" # Login as a moderator - session[:user] = create(:moderator_user).id + session_for(create(:moderator_user)) # Check that the block edit page loads for moderators - get :edit, :params => { :id => active_block.id } + get edit_user_block_path(:id => active_block) assert_response :success assert_select "form#edit_user_block_#{active_block.id}", :count => 1 do assert_select "textarea#user_block_reason", :count => 1 @@ -205,13 +202,8 @@ class UserBlocksControllerTest < ActionController::TestCase assert_select "input[type='submit'][value='Update block']", :count => 1 end - # We should get an error if no user is specified - assert_raise ActionController::UrlGenerationError do - get :edit - end - # We should get an error if the user doesn't exist - get :edit, :params => { :id => 99999 } + get edit_user_block_path(:id => 99999) assert_response :not_found assert_template "not_found" assert_select "p", "Sorry, the user block with ID 99999 could not be found." @@ -224,60 +216,74 @@ class UserBlocksControllerTest < ActionController::TestCase moderator_user = create(:moderator_user) # Not logged in yet, so creating a block should fail - post :create + post user_blocks_path assert_response :forbidden # Login as a normal user - session[:user] = create(:user).id + session_for(create(:user)) # Check that normal users can't create blocks - post :create - assert_response :forbidden + post user_blocks_path + assert_response :redirect + assert_redirected_to :controller => "errors", :action => "forbidden" # Login as a moderator - session[:user] = moderator_user.id + session_for(moderator_user) # A bogus block period should result in an error assert_no_difference "UserBlock.count" do - post :create, - :params => { :display_name => target_user.display_name, - :user_block_period => "99" } + post user_blocks_path(:display_name => target_user.display_name, + :user_block_period => "99") end assert_redirected_to new_user_block_path(:display_name => target_user.display_name) assert_equal "The blocking period must be one of the values selectable in the drop-down list.", flash[:error] # Check that creating a block works assert_difference "UserBlock.count", 1 do - post :create, - :params => { :display_name => target_user.display_name, - :user_block_period => "12", - :user_block => { :needs_view => false, :reason => "Vandalism" } } + post user_blocks_path(:display_name => target_user.display_name, + :user_block_period => "12", + :user_block => { :needs_view => false, :reason => "Vandalism" }) end id = UserBlock.order(:id).ids.last assert_redirected_to user_block_path(:id => id) assert_equal "Created a block on user #{target_user.display_name}.", flash[:notice] b = UserBlock.find(id) - assert_in_delta Time.now, b.created_at, 1 - assert_in_delta Time.now, b.updated_at, 1 - assert_in_delta Time.now + 12.hours, b.ends_at, 1 - assert_equal false, b.needs_view + assert_in_delta Time.now.utc, b.created_at, 1 + assert_in_delta Time.now.utc, b.updated_at, 1 + assert_in_delta Time.now.utc + 12.hours, b.ends_at, 1 + assert_not b.needs_view assert_equal "Vandalism", b.reason assert_equal "markdown", b.reason_format assert_equal moderator_user.id, b.creator_id # We should get an error if no user is specified - post :create + post user_blocks_path assert_response :not_found - assert_template "user/no_such_user" + assert_template "users/no_such_user" assert_select "h1", "The user does not exist" # We should get an error if the user doesn't exist - post :create, :params => { :display_name => "non_existent_user" } + post user_blocks_path(:display_name => "non_existent_user") assert_response :not_found - assert_template "user/no_such_user" + assert_template "users/no_such_user" assert_select "h1", "The user non_existent_user does not exist" end + ## + # test the duration of a created block + def test_create_duration + target_user = create(:user) + moderator_user = create(:moderator_user) + + session_for(moderator_user) + post user_blocks_path(:display_name => target_user.display_name, + :user_block_period => "336", + :user_block => { :needs_view => false, :reason => "Vandalism" }) + + block = UserBlock.order(:id).last + assert_equal 1209600, block.ends_at - block.created_at + end + ## # test the update action def test_update @@ -286,62 +292,54 @@ class UserBlocksControllerTest < ActionController::TestCase active_block = create(:user_block, :creator => moderator_user) # Not logged in yet, so updating a block should fail - put :update, :params => { :id => active_block.id } + put user_block_path(:id => active_block) assert_response :forbidden # Login as a normal user - session[:user] = create(:user).id + session_for(create(:user)) # Check that normal users can't update blocks - put :update, :params => { :id => active_block.id } - assert_response :forbidden + put user_block_path(:id => active_block) + assert_response :redirect + assert_redirected_to :controller => "errors", :action => "forbidden" # Login as the wrong moderator - session[:user] = second_moderator_user.id + session_for(second_moderator_user) # Check that only the person who created a block can update it assert_no_difference "UserBlock.count" do - put :update, - :params => { :id => active_block.id, - :user_block_period => "12", - :user_block => { :needs_view => true, :reason => "Vandalism" } } + put user_block_path(:id => active_block, + :user_block_period => "12", + :user_block => { :needs_view => true, :reason => "Vandalism" }) end assert_redirected_to edit_user_block_path(active_block) assert_equal "Only the moderator who created this block can edit it.", flash[:error] # Login as the correct moderator - session[:user] = moderator_user.id + session_for(moderator_user) # A bogus block period should result in an error assert_no_difference "UserBlock.count" do - put :update, - :params => { :id => active_block.id, - :user_block_period => "99" } + put user_block_path(:id => active_block, :user_block_period => "99") end assert_redirected_to edit_user_block_path(active_block) assert_equal "The blocking period must be one of the values selectable in the drop-down list.", flash[:error] # Check that updating a block works assert_no_difference "UserBlock.count" do - put :update, - :params => { :id => active_block.id, - :user_block_period => "12", - :user_block => { :needs_view => true, :reason => "Vandalism" } } + put user_block_path(:id => active_block, + :user_block_period => "12", + :user_block => { :needs_view => true, :reason => "Vandalism" }) end assert_redirected_to user_block_path(active_block) assert_equal "Block updated.", flash[:notice] b = UserBlock.find(active_block.id) - assert_in_delta Time.now, b.updated_at, 1 - assert_equal true, b.needs_view + assert_in_delta Time.now.utc, b.updated_at, 1 + assert b.needs_view assert_equal "Vandalism", b.reason - # We should get an error if no block ID is specified - assert_raise ActionController::UrlGenerationError do - put :update - end - # We should get an error if the block doesn't exist - put :update, :params => { :id => 99999 } + put user_block_path(:id => 99999) assert_response :not_found assert_template "not_found" assert_select "p", "Sorry, the user block with ID 99999 could not be found." @@ -353,22 +351,22 @@ class UserBlocksControllerTest < ActionController::TestCase active_block = create(:user_block) # Check that the block revoke page requires us to login - get :revoke, :params => { :id => active_block.id } - assert_redirected_to login_path(:referer => revoke_user_block_path(:id => active_block.id)) + get revoke_user_block_path(:id => active_block) + assert_redirected_to login_path(:referer => revoke_user_block_path(:id => active_block)) # Login as a normal user - session[:user] = create(:user).id + session_for(create(:user)) # Check that normal users can't load the block revoke page - get :revoke, :params => { :id => active_block.id } - assert_redirected_to user_blocks_path - assert_equal "You need to be a moderator to perform that action.", flash[:error] + get revoke_user_block_path(:id => active_block) + assert_response :redirect + assert_redirected_to :controller => "errors", :action => "forbidden" # Login as a moderator - session[:user] = create(:moderator_user).id + session_for(create(:moderator_user)) # Check that the block revoke page loads for moderators - get :revoke, :params => { :id => active_block.id } + get revoke_user_block_path(:id => active_block) assert_response :success assert_template "revoke" assert_select "form", :count => 1 do @@ -376,24 +374,104 @@ class UserBlocksControllerTest < ActionController::TestCase assert_select "input[type='submit'][value='Revoke!']", :count => 1 end - # Check that revoking a block works - post :revoke, :params => { :id => active_block.id, :confirm => true } - assert_redirected_to user_block_path(active_block) + # Check that revoking a block using GET should fail + get revoke_user_block_path(:id => active_block, :confirm => true) + assert_response :success + assert_template "revoke" b = UserBlock.find(active_block.id) - assert_in_delta Time.now, b.ends_at, 1 + assert_operator b.ends_at - Time.now.utc, :>, 100 - # We should get an error if no block ID is specified - assert_raise ActionController::UrlGenerationError do - get :revoke - end + # Check that revoking a block works using POST + post revoke_user_block_path(:id => active_block, :confirm => true) + assert_redirected_to user_block_path(active_block) + b = UserBlock.find(active_block.id) + assert_in_delta Time.now.utc, b.ends_at, 1 # We should get an error if the block doesn't exist - get :revoke, :params => { :id => 99999 } + get revoke_user_block_path(:id => 99999) assert_response :not_found assert_template "not_found" assert_select "p", "Sorry, the user block with ID 99999 could not be found." end + ## + # test the revoke all page + def test_revoke_all_page + blocked_user = create(:user) + create(:user_block, :user => blocked_user) + + # Asking for the revoke all blocks page with a bogus user name should fail + get user_blocks_on_path(:display_name => "non_existent_user") + assert_response :not_found + + # Check that the revoke all blocks page requires us to login + get revoke_all_user_blocks_path(blocked_user) + assert_redirected_to login_path(:referer => revoke_all_user_blocks_path(blocked_user)) + + # Login as a normal user + session_for(create(:user)) + + # Check that normal users can't load the revoke all blocks page + get revoke_all_user_blocks_path(blocked_user) + assert_response :redirect + assert_redirected_to :controller => "errors", :action => "forbidden" + + # Login as a moderator + session_for(create(:moderator_user)) + + # Check that the revoke all blocks page loads for moderators + get revoke_all_user_blocks_path(blocked_user) + assert_response :success + end + + ## + # test the revoke all action + def test_revoke_all_action + blocked_user = create(:user) + active_block1 = create(:user_block, :user => blocked_user) + active_block2 = create(:user_block, :user => blocked_user) + expired_block1 = create(:user_block, :expired, :user => blocked_user) + blocks = [active_block1, active_block2, expired_block1] + moderator_user = create(:moderator_user) + + assert_predicate active_block1, :active? + assert_predicate active_block2, :active? + assert_not_predicate expired_block1, :active? + + # Login as a normal user + session_for(create(:user)) + + # Check that normal users can't load the block revoke page + get revoke_all_user_blocks_path(:blocked_user) + assert_response :redirect + assert_redirected_to :controller => "errors", :action => "forbidden" + + # Login as a moderator + session_for(moderator_user) + + # Check that revoking blocks using GET should fail + get revoke_all_user_blocks_path(blocked_user, :confirm => true) + assert_response :success + assert_template "revoke_all" + + blocks.each(&:reload) + assert_predicate active_block1, :active? + assert_predicate active_block2, :active? + assert_not_predicate expired_block1, :active? + + # Check that revoking blocks works using POST + post revoke_all_user_blocks_path(blocked_user, :confirm => true) + assert_redirected_to user_blocks_on_path(blocked_user) + + blocks.each(&:reload) + assert_not_predicate active_block1, :active? + assert_not_predicate active_block2, :active? + assert_not_predicate expired_block1, :active? + assert_equal moderator_user, active_block1.revoker + assert_equal moderator_user, active_block2.revoker + assert_not_equal moderator_user, expired_block1.revoker + end + ## # test the blocks_on action def test_blocks_on @@ -404,25 +482,20 @@ class UserBlocksControllerTest < ActionController::TestCase revoked_block = create(:user_block, :revoked, :user => blocked_user) expired_block = create(:user_block, :expired, :user => unblocked_user) - # Asking for a list of blocks with no user name should fail - assert_raise ActionController::UrlGenerationError do - get :blocks_on - end - # Asking for a list of blocks with a bogus user name should fail - get :blocks_on, :params => { :display_name => "non_existent_user" } + get user_blocks_on_path(:display_name => "non_existent_user") assert_response :not_found - assert_template "user/no_such_user" + assert_template "users/no_such_user" assert_select "h1", "The user non_existent_user does not exist" # Check the list of blocks for a user that has never been blocked - get :blocks_on, :params => { :display_name => normal_user.display_name } + get user_blocks_on_path(:display_name => normal_user.display_name) assert_response :success assert_select "table#block_list", false assert_select "p", "#{normal_user.display_name} has not been blocked yet." # Check the list of blocks for a user that is currently blocked - get :blocks_on, :params => { :display_name => blocked_user.display_name } + get user_blocks_on_path(:display_name => blocked_user.display_name) assert_response :success assert_select "table#block_list", :count => 1 do assert_select "tr", 3 @@ -431,7 +504,7 @@ class UserBlocksControllerTest < ActionController::TestCase end # Check the list of blocks for a user that has previously been blocked - get :blocks_on, :params => { :display_name => unblocked_user.display_name } + get user_blocks_on_path(:display_name => unblocked_user.display_name) assert_response :success assert_select "table#block_list", :count => 1 do assert_select "tr", 2 @@ -445,13 +518,13 @@ class UserBlocksControllerTest < ActionController::TestCase user = create(:user) create_list(:user_block, 50, :user => user) - get :blocks_on, :params => { :display_name => user.display_name } + get user_blocks_on_path(:display_name => user.display_name) assert_response :success assert_select "table#block_list", :count => 1 do assert_select "tr", :count => 21 end - get :blocks_on, :params => { :display_name => user.display_name, :page => 2 } + get user_blocks_on_path(:display_name => user.display_name, :page => 2) assert_response :success assert_select "table#block_list", :count => 1 do assert_select "tr", :count => 21 @@ -468,19 +541,14 @@ class UserBlocksControllerTest < ActionController::TestCase expired_block = create(:user_block, :expired, :creator => second_moderator_user) revoked_block = create(:user_block, :revoked, :creator => second_moderator_user) - # Asking for a list of blocks with no user name should fail - assert_raise ActionController::UrlGenerationError do - get :blocks_by - end - # Asking for a list of blocks with a bogus user name should fail - get :blocks_by, :params => { :display_name => "non_existent_user" } + get user_blocks_by_path(:display_name => "non_existent_user") assert_response :not_found - assert_template "user/no_such_user" + assert_template "users/no_such_user" assert_select "h1", "The user non_existent_user does not exist" # Check the list of blocks given by one moderator - get :blocks_by, :params => { :display_name => moderator_user.display_name } + get user_blocks_by_path(:display_name => moderator_user.display_name) assert_response :success assert_select "table#block_list", :count => 1 do assert_select "tr", 2 @@ -488,7 +556,7 @@ class UserBlocksControllerTest < ActionController::TestCase end # Check the list of blocks given by a different moderator - get :blocks_by, :params => { :display_name => second_moderator_user.display_name } + get user_blocks_by_path(:display_name => second_moderator_user.display_name) assert_response :success assert_select "table#block_list", :count => 1 do assert_select "tr", 3 @@ -497,7 +565,7 @@ class UserBlocksControllerTest < ActionController::TestCase end # Check the list of blocks (not) given by a normal user - get :blocks_by, :params => { :display_name => normal_user.display_name } + get user_blocks_by_path(:display_name => normal_user.display_name) assert_response :success assert_select "table#block_list", false assert_select "p", "#{normal_user.display_name} has not made any blocks yet." @@ -509,13 +577,13 @@ class UserBlocksControllerTest < ActionController::TestCase user = create(:moderator_user) create_list(:user_block, 50, :creator => user) - get :blocks_by, :params => { :display_name => user.display_name } + get user_blocks_by_path(:display_name => user.display_name) assert_response :success assert_select "table#block_list", :count => 1 do assert_select "tr", :count => 21 end - get :blocks_by, :params => { :display_name => user.display_name, :page => 2 } + get user_blocks_by_path(:display_name => user.display_name, :page => 2) assert_response :success assert_select "table#block_list", :count => 1 do assert_select "tr", :count => 21