X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/a14eff91770edb76843469ec9cb822d278639580..a56cdd547e286c1cd9cfe11d31bde413964c19ee:/test/controllers/diary_entries_controller_test.rb?ds=inline diff --git a/test/controllers/diary_entries_controller_test.rb b/test/controllers/diary_entries_controller_test.rb index b1e9b72f2..8d646c426 100644 --- a/test/controllers/diary_entries_controller_test.rb +++ b/test/controllers/diary_entries_controller_test.rb @@ -325,7 +325,6 @@ class DiaryEntriesControllerTest < ActionDispatch::IntegrationTest assert_select "p", :text => /#{new_body}/, :count => 1 assert_select "abbr[class='geo'][title='#{number_with_precision(new_latitude, :precision => 4)}; #{number_with_precision(new_longitude, :precision => 4)}']", :count => 1 # As we're not logged in, check that you cannot edit - # print @response.body assert_select "a[href='/user/#{ERB::Util.u(entry.user.display_name)}/diary/#{entry.id}/edit']", :text => "Edit this entry", :count => 1 end @@ -670,20 +669,37 @@ class DiaryEntriesControllerTest < ActionDispatch::IntegrationTest assert_response :success assert_template :show + # Try a non-integer ID + assert_raise ActionController::RoutingError do + get "/user/#{CGI.escape(user.display_name)}/diary/#{diary_entry.id})" + end + # Try a deleted entry diary_entry_deleted = create(:diary_entry, :user => user, :visible => false) get diary_entry_path(:display_name => user.display_name, :id => diary_entry_deleted) assert_response :not_found # Try an entry by a suspended user - diary_entry_suspended = create(:diary_entry, :user => suspended_user) - get diary_entry_path(:display_name => suspended_user.display_name, :id => diary_entry_suspended) + diary_entry_suspended_user = create(:diary_entry, :user => suspended_user) + get diary_entry_path(:display_name => suspended_user.display_name, :id => diary_entry_suspended_user) assert_response :not_found # Try an entry by a deleted user - diary_entry_deleted = create(:diary_entry, :user => deleted_user) - get diary_entry_path(:display_name => deleted_user.display_name, :id => diary_entry_deleted) + diary_entry_deleted_user = create(:diary_entry, :user => deleted_user) + get diary_entry_path(:display_name => deleted_user.display_name, :id => diary_entry_deleted_user) assert_response :not_found + + # Now try as a moderator + session_for(create(:moderator_user)) + get diary_entry_path(:display_name => user.display_name, :id => diary_entry_deleted) + assert_response :success + assert_template :show + + # Finally try as an administrator + session_for(create(:administrator_user)) + get diary_entry_path(:display_name => user.display_name, :id => diary_entry_deleted) + assert_response :success + assert_template :show end def test_show_hidden_comments @@ -760,8 +776,11 @@ class DiaryEntriesControllerTest < ActionDispatch::IntegrationTest session_for(create(:moderator_user)) post unhide_diary_entry_path(:display_name => user.display_name, :id => diary_entry) assert_response :redirect - assert_redirected_to :controller => :errors, :action => :forbidden - assert_not DiaryEntry.find(diary_entry.id).visible + assert_redirected_to :action => :index, :display_name => user.display_name + assert DiaryEntry.find(diary_entry.id).visible + + # Reset + diary_entry.reload.update(:visible => true) # Finally try as an administrator session_for(create(:administrator_user)) @@ -827,8 +846,11 @@ class DiaryEntriesControllerTest < ActionDispatch::IntegrationTest session_for(create(:moderator_user)) post unhide_diary_comment_path(:display_name => user.display_name, :id => diary_entry, :comment => diary_comment) assert_response :redirect - assert_redirected_to :controller => :errors, :action => :forbidden - assert_not DiaryComment.find(diary_comment.id).visible + assert_redirected_to :action => :show, :display_name => user.display_name, :id => diary_entry.id + assert DiaryComment.find(diary_comment.id).visible + + # Reset + diary_comment.reload.update(:visible => true) # Finally try as an administrator session_for(create(:administrator_user))