X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/7441f15b4fd59735ae00a16b47cfcf7eb99260a6..212fe75b6fd26d01dfacf31650e7f71eb7f06a63:/test/controllers/issues_controller_test.rb?ds=sidebyside diff --git a/test/controllers/issues_controller_test.rb b/test/controllers/issues_controller_test.rb index 224f2f8cf..a988fc909 100644 --- a/test/controllers/issues_controller_test.rb +++ b/test/controllers/issues_controller_test.rb @@ -1,144 +1,232 @@ require "test_helper" -class IssuesControllerTest < ActionController::TestCase +class IssuesControllerTest < ActionDispatch::IntegrationTest def test_index # Access issues list without login - get :index - assert_response :redirect + get issues_path assert_redirected_to login_path(:referer => issues_path) # Access issues list as normal user - session[:user] = create(:user).id - get :index - assert_response :redirect - assert_redirected_to root_path + session_for(create(:user)) + get issues_path + assert_redirected_to :controller => :errors, :action => :forbidden # Access issues list as administrator - session[:user] = create(:administrator_user).id - get :index + session_for(create(:administrator_user)) + get issues_path assert_response :success # Access issues list as moderator - session[:user] = create(:moderator_user).id - get :index + session_for(create(:moderator_user)) + get issues_path assert_response :success end - def test_show + def test_show_moderator target_user = create(:user) - issue = create(:issue, :reportable => target_user, :reported_user => target_user) + issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "moderator") # Access issue without login - get :show, :params => { :id => issue.id } - assert_response :redirect + get issue_path(:id => issue) assert_redirected_to login_path(:referer => issue_path(issue)) # Access issue as normal user - session[:user] = create(:user).id - get :show, :params => { :id => issue.id } - assert_response :redirect - assert_redirected_to root_path + session_for(create(:user)) + get issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :forbidden # Access issue as administrator - session[:user] = create(:administrator_user).id - get :show, :params => { :id => issue.id } + session_for(create(:administrator_user)) + get issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :not_found + + # Access issue as moderator + session_for(create(:moderator_user)) + get issue_path(:id => issue) assert_response :success + end + + def test_show_administrator + target_user = create(:user) + issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "administrator") + + # Access issue without login + get issue_path(:id => issue) + assert_redirected_to login_path(:referer => issue_path(issue)) + + # Access issue as normal user + session_for(create(:user)) + get issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :forbidden # Access issue as moderator - session[:user] = create(:moderator_user).id - get :show, :params => { :id => issue.id } + session_for(create(:moderator_user)) + get issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :not_found + + # Access issue as administrator + session_for(create(:administrator_user)) + get issue_path(:id => issue) assert_response :success end - def test_resolve + def test_resolve_moderator target_user = create(:user) - issue = create(:issue, :reportable => target_user, :reported_user => target_user) + issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "moderator") # Resolve issue without login - get :resolve, :params => { :id => issue.id } - assert_response :redirect - assert_redirected_to login_path(:referer => resolve_issue_path(issue)) + post resolve_issue_path(:id => issue) + assert_response :forbidden # Resolve issue as normal user - session[:user] = create(:user).id - get :resolve, :params => { :id => issue.id } - assert_response :redirect - assert_redirected_to root_path + session_for(create(:user)) + post resolve_issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :forbidden # Resolve issue as administrator - session[:user] = create(:administrator_user).id - get :resolve, :params => { :id => issue.id } + session_for(create(:administrator_user)) + post resolve_issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :not_found + assert_not issue.reload.resolved? + + # Resolve issue as moderator + session_for(create(:moderator_user)) + post resolve_issue_path(:id => issue) assert_response :redirect - assert_equal true, issue.reload.resolved? + assert_predicate issue.reload, :resolved? + end - issue.reopen! + def test_resolve_administrator + target_user = create(:user) + issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "administrator") + + # Resolve issue without login + post resolve_issue_path(:id => issue) + assert_response :forbidden + + # Resolve issue as normal user + session_for(create(:user)) + post resolve_issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :forbidden # Resolve issue as moderator - session[:user] = create(:moderator_user).id - get :resolve, :params => { :id => issue.id } + session_for(create(:moderator_user)) + post resolve_issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :not_found + assert_not issue.reload.resolved? + + # Resolve issue as administrator + session_for(create(:administrator_user)) + post resolve_issue_path(:id => issue) assert_response :redirect - assert_equal true, issue.reload.resolved? + assert_predicate issue.reload, :resolved? end - def test_ignore + def test_ignore_moderator target_user = create(:user) - issue = create(:issue, :reportable => target_user, :reported_user => target_user) + issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "moderator") # Ignore issue without login - get :ignore, :params => { :id => issue.id } - assert_response :redirect - assert_redirected_to login_path(:referer => ignore_issue_path(issue)) + post ignore_issue_path(:id => issue) + assert_response :forbidden # Ignore issue as normal user - session[:user] = create(:user).id - get :ignore, :params => { :id => issue.id } - assert_response :redirect - assert_redirected_to root_path + session_for(create(:user)) + post ignore_issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :forbidden # Ignore issue as administrator - session[:user] = create(:administrator_user).id - get :ignore, :params => { :id => issue.id } + session_for(create(:administrator_user)) + post ignore_issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :not_found + assert_not issue.reload.ignored? + + # Ignore issue as moderator + session_for(create(:moderator_user)) + post ignore_issue_path(:id => issue) assert_response :redirect - assert_equal true, issue.reload.ignored? + assert_predicate issue.reload, :ignored? + end - issue.reopen! + def test_ignore_administrator + target_user = create(:user) + issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "administrator") + + # Ignore issue without login + post ignore_issue_path(:id => issue) + assert_response :forbidden + + # Ignore issue as normal user + session_for(create(:user)) + post ignore_issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :forbidden # Ignore issue as moderator - session[:user] = create(:moderator_user).id - get :ignore, :params => { :id => issue.id } + session_for(create(:moderator_user)) + post ignore_issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :not_found + assert_not issue.reload.ignored? + + # Ignore issue as administrator + session_for(create(:administrator_user)) + post ignore_issue_path(:id => issue) assert_response :redirect - assert_equal true, issue.reload.ignored? + assert_predicate issue.reload, :ignored? end - def test_reopen + def test_reopen_moderator target_user = create(:user) - issue = create(:issue, :reportable => target_user, :reported_user => target_user) + issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "moderator") issue.resolve! # Reopen issue without login - get :reopen, :params => { :id => issue.id } - assert_response :redirect - assert_redirected_to login_path(:referer => reopen_issue_path(issue)) + post reopen_issue_path(:id => issue) + assert_response :forbidden # Reopen issue as normal user - session[:user] = create(:user).id - get :reopen, :params => { :id => issue.id } - assert_response :redirect - assert_redirected_to root_path + session_for(create(:user)) + post reopen_issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :forbidden # Reopen issue as administrator - session[:user] = create(:administrator_user).id - get :reopen, :params => { :id => issue.id } + session_for(create(:administrator_user)) + post reopen_issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :not_found + assert_not issue.reload.open? + + # Reopen issue as moderator + session_for(create(:moderator_user)) + post reopen_issue_path(:id => issue) assert_response :redirect - assert_equal true, issue.reload.open? + assert_predicate issue.reload, :open? + end + + def test_reopen_administrator + target_user = create(:user) + issue = create(:issue, :reportable => target_user, :reported_user => target_user, :assigned_role => "administrator") issue.resolve! + # Reopen issue without login + post reopen_issue_path(:id => issue) + assert_response :forbidden + + # Reopen issue as normal user + session_for(create(:user)) + post reopen_issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :forbidden + # Reopen issue as moderator - session[:user] = create(:moderator_user).id - get :reopen, :params => { :id => issue.id } + session_for(create(:moderator_user)) + post reopen_issue_path(:id => issue) + assert_redirected_to :controller => :errors, :action => :not_found + assert_not issue.reload.open? + + # Reopen issue as administrator + session_for(create(:administrator_user)) + post reopen_issue_path(:id => issue) assert_response :redirect - assert_equal true, issue.reload.open? + assert_predicate issue.reload, :open? end end