X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/67a5809c8a486b5e8cc92dabd08624afc1a12e6c..039b3e1c3226689e72ad4c15e80c2f35b91b87f0:/test/controllers/user_blocks_controller_test.rb diff --git a/test/controllers/user_blocks_controller_test.rb b/test/controllers/user_blocks_controller_test.rb index 68fc313c3..ed310f52e 100644 --- a/test/controllers/user_blocks_controller_test.rb +++ b/test/controllers/user_blocks_controller_test.rb @@ -33,14 +33,6 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest { :path => "/user_blocks/1", :method => :delete }, { :controller => "user_blocks", :action => "destroy", :id => "1" } ) - assert_routing( - { :path => "/blocks/1/revoke", :method => :get }, - { :controller => "user_blocks", :action => "revoke", :id => "1" } - ) - assert_routing( - { :path => "/blocks/1/revoke", :method => :post }, - { :controller => "user_blocks", :action => "revoke", :id => "1" } - ) assert_routing( { :path => "/user/username/blocks", :method => :get }, @@ -173,10 +165,10 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest block = create(:user_block, :creator => creator_user) session_for(other_moderator_user) - check_block_buttons block, :edit => 1, :revoke => 1 + check_block_buttons block, :edit => 1 session_for(creator_user) - check_block_buttons block, :edit => 1, :revoke => 1 + check_block_buttons block, :edit => 1 end ## @@ -252,7 +244,9 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest ## # test the edit action def test_edit - active_block = create(:user_block) + creator_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + active_block = create(:user_block, :creator => creator_user) # Check that the block edit page requires us to login get edit_user_block_path(:id => active_block) @@ -266,17 +260,37 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest assert_redirected_to :controller => "errors", :action => "forbidden" # Login as a moderator - session_for(create(:moderator_user)) + session_for(other_moderator_user) # Check that the block edit page loads for moderators get edit_user_block_path(:id => active_block) assert_response :success assert_select "h1 a[href='#{user_path active_block.user}']", :text => active_block.user.display_name + assert_select "form#edit_user_block_#{active_block.id}", :count => 1 do + assert_select "textarea#user_block_reason", :count => 1 + assert_select "select#user_block_period", :count => 0 + assert_select "input#user_block_needs_view[type='checkbox']", :count => 0 + assert_select "input[type='submit'][value='Update block']", :count => 0 + assert_select "input#user_block_period[type='hidden']", :count => 1 + assert_select "input#user_block_needs_view[type='hidden']", :count => 1 + assert_select "input[type='submit'][value='Revoke block']", :count => 1 + end + + # Login as the block creator + session_for(creator_user) + + # Check that the block edit page loads for the creator + get edit_user_block_path(:id => active_block) + assert_response :success + assert_select "h1 a[href='#{user_path active_block.user}']", :text => active_block.user.display_name assert_select "form#edit_user_block_#{active_block.id}", :count => 1 do assert_select "textarea#user_block_reason", :count => 1 assert_select "select#user_block_period", :count => 1 assert_select "input#user_block_needs_view[type='checkbox']", :count => 1 assert_select "input[type='submit'][value='Update block']", :count => 1 + assert_select "input#user_block_period[type='hidden']", :count => 0 + assert_select "input#user_block_needs_view[type='hidden']", :count => 0 + assert_select "input[type='submit'][value='Revoke block']", :count => 0 end # We should get an error if the user doesn't exist @@ -391,7 +405,6 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest # test the update action def test_update moderator_user = create(:moderator_user) - second_moderator_user = create(:moderator_user) active_block = create(:user_block, :creator => moderator_user) # Not logged in yet, so updating a block should fail @@ -405,19 +418,7 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest put user_block_path(:id => active_block) assert_redirected_to :controller => "errors", :action => "forbidden" - # Login as the wrong moderator - session_for(second_moderator_user) - - # Check that only the person who created a block can update it - assert_no_difference "UserBlock.count" do - put user_block_path(:id => active_block, - :user_block_period => "12", - :user_block => { :needs_view => true, :reason => "Vandalism" }) - end - assert_redirected_to edit_user_block_path(active_block) - assert_equal "Only the moderator who created this block can edit it.", flash[:error] - - # Login as the correct moderator + # Login as the moderator session_for(moderator_user) # A bogus block period should result in an error @@ -495,7 +496,7 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest ## # test the update action revoking the block - def test_revoke_using_update + def test_revoke_using_update_by_creator moderator_user = create(:moderator_user) block = create(:user_block, :creator => moderator_user) @@ -503,6 +504,8 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest put user_block_path(block, :user_block_period => "24", :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to user_block_path(block) + assert_equal "Block updated.", flash[:notice] block.reload assert_predicate block, :active? assert_nil block.revoker @@ -510,58 +513,36 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest put user_block_path(block, :user_block_period => "0", :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to user_block_path(block) + assert_equal "Block updated.", flash[:notice] block.reload assert_not_predicate block, :active? assert_equal moderator_user, block.revoker end - ## - # test the revoke action - def test_revoke - active_block = create(:user_block) - - # Check that the block revoke page requires us to login - get revoke_user_block_path(:id => active_block) - assert_redirected_to login_path(:referer => revoke_user_block_path(:id => active_block)) - - # Login as a normal user - session_for(create(:user)) - - # Check that normal users can't load the block revoke page - get revoke_user_block_path(:id => active_block) - assert_redirected_to :controller => "errors", :action => "forbidden" - - # Login as a moderator - session_for(create(:moderator_user)) - - # Check that the block revoke page loads for moderators - get revoke_user_block_path(:id => active_block) - assert_response :success - assert_template "revoke" - assert_select "h1 a[href='#{user_path active_block.user}']", :text => active_block.user.display_name - assert_select "form", :count => 1 do - assert_select "input#confirm[type='checkbox']", :count => 1 - assert_select "input[type='submit'][value='Revoke!']", :count => 1 - end + def test_revoke_using_update_by_other_moderator + creator_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + block = create(:user_block, :creator => creator_user) - # Check that revoking a block using GET should fail - get revoke_user_block_path(:id => active_block, :confirm => true) + session_for(other_moderator_user) + put user_block_path(block, + :user_block_period => "24", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) assert_response :success - assert_template "revoke" - b = UserBlock.find(active_block.id) - assert_operator b.ends_at - Time.now.utc, :>, 100 - - # Check that revoking a block works using POST - post revoke_user_block_path(:id => active_block, :confirm => true) - assert_redirected_to user_block_path(active_block) - b = UserBlock.find(active_block.id) - assert_in_delta Time.now.utc, b.ends_at, 1 + assert_equal "Only the moderator who created this block can edit it without revoking.", flash[:error] + block.reload + assert_predicate block, :active? + assert_nil block.revoker - # We should get an error if the block doesn't exist - get revoke_user_block_path(:id => 99999) - assert_response :not_found - assert_template "not_found" - assert_select "p", "Sorry, the user block with ID 99999 could not be found." + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to user_block_path(block) + assert_equal "Block updated.", flash[:notice] + block.reload + assert_not_predicate block, :active? + assert_equal other_moderator_user, block.revoker end ## @@ -935,12 +916,11 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest private - def check_block_buttons(block, edit: 0, revoke: 0) + def check_block_buttons(block, edit: 0) [user_blocks_path, user_block_path(block)].each do |path| get path assert_response :success assert_select "a[href='#{edit_user_block_path block}']", :count => edit - assert_select "a[href='#{revoke_user_block_path block}']", :count => revoke end end