X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/c79da4746a7fcea96da37aa2021c309100762d21..69abc1310245adab250083aafc015a716a884a93:/test/controllers/user_blocks_controller_test.rb?ds=sidebyside diff --git a/test/controllers/user_blocks_controller_test.rb b/test/controllers/user_blocks_controller_test.rb index a7ab02c75..2ab90364e 100644 --- a/test/controllers/user_blocks_controller_test.rb +++ b/test/controllers/user_blocks_controller_test.rb @@ -13,10 +13,6 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest { :path => "/user_blocks", :method => :get }, { :controller => "user_blocks", :action => "index" } ) - assert_routing( - { :path => "/user_blocks/new", :method => :get }, - { :controller => "user_blocks", :action => "new" } - ) assert_routing( { :path => "/user_blocks", :method => :post }, { :controller => "user_blocks", :action => "create" } @@ -37,14 +33,6 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest { :path => "/user_blocks/1", :method => :delete }, { :controller => "user_blocks", :action => "destroy", :id => "1" } ) - assert_routing( - { :path => "/blocks/1/revoke", :method => :get }, - { :controller => "user_blocks", :action => "revoke", :id => "1" } - ) - assert_routing( - { :path => "/blocks/1/revoke", :method => :post }, - { :controller => "user_blocks", :action => "revoke", :id => "1" } - ) assert_routing( { :path => "/user/username/blocks", :method => :get }, @@ -115,6 +103,18 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest check_no_page_link "Older Blocks" end + ## + # test the index action with invalid pages + def test_index_invalid_paged + %w[-1 0 fred].each do |id| + get user_blocks_path(:before => id) + assert_redirected_to :controller => :errors, :action => :bad_request + + get user_blocks_path(:after => id) + assert_redirected_to :controller => :errors, :action => :bad_request + end + end + ## # test the show action def test_show @@ -147,14 +147,118 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest assert_select "h1 a[href='#{user_path active_block.user}']", :text => active_block.user.display_name assert_select "h1 a[href='#{user_path active_block.creator}']", :text => active_block.creator.display_name assert UserBlock.find(active_block.id).needs_view + end - # Login as the blocked user - session_for(active_block.user) + ## + # test clearing needs_view by showing a zero-hour block to the blocked user + def test_show_sets_deactivates_at_for_zero_hour_block + user = create(:user) + session_for(user) - # Now viewing it should mark it as seen - get user_block_path(:id => active_block) - assert_response :success - assert_not UserBlock.find(active_block.id).needs_view + freeze_time do + block = create(:user_block, :needs_view, :zero_hour, :user => user) + assert block.needs_view + assert_nil block.deactivates_at + + travel 1.hour + + get user_block_path(block) + assert_response :success + block.reload + assert_not block.needs_view + assert_equal Time.now.utc, block.deactivates_at + + travel 1.hour + + get user_block_path(block) + assert_response :success + block.reload + assert_not block.needs_view + assert_equal Time.now.utc - 1.hour, block.deactivates_at + end + end + + ## + # test clearing needs_view by showing a timed block to the blocked user + def test_show_sets_deactivates_at_for_timed_block + user = create(:user) + session_for(user) + + freeze_time do + block = create(:user_block, :needs_view, :created_at => Time.now.utc, :ends_at => Time.now.utc + 24.hours, :user => user) + assert block.needs_view + assert_nil block.deactivates_at + + travel 1.hour + + get user_block_path(block) + assert_response :success + block.reload + assert_not block.needs_view + assert_equal Time.now.utc + 23.hours, block.deactivates_at + + travel 1.hour + + get user_block_path(block) + assert_response :success + block.reload + assert_not block.needs_view + assert_equal Time.now.utc + 22.hours, block.deactivates_at + + travel 24.hours + + get user_block_path(block) + assert_response :success + block.reload + assert_not block.needs_view + assert_equal Time.now.utc - 2.hours, block.deactivates_at + end + end + + ## + # test edit/revoke link for active blocks + def test_active_block_buttons + creator_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + block = create(:user_block, :creator => creator_user) + + session_for(other_moderator_user) + check_block_buttons block, :edit => 1 + + session_for(creator_user) + check_block_buttons block, :edit => 1 + end + + ## + # test the edit link for expired blocks + def test_expired_block_buttons + creator_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + block = create(:user_block, :expired, :creator => creator_user) + + session_for(other_moderator_user) + check_block_buttons block + + session_for(creator_user) + check_block_buttons block, :edit => 1 + end + + ## + # test the edit link for revoked blocks + def test_revoked_block_buttons + creator_user = create(:moderator_user) + revoker_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + block = create(:user_block, :revoked, :creator => creator_user, :revoker => revoker_user) + + session_for(other_moderator_user) + check_block_buttons block + + session_for(creator_user) + check_block_buttons block, :edit => 1 + + session_for(revoker_user) + check_block_buttons block, :edit => 1 end ## @@ -198,7 +302,9 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest ## # test the edit action def test_edit - active_block = create(:user_block) + creator_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + active_block = create(:user_block, :creator => creator_user) # Check that the block edit page requires us to login get edit_user_block_path(:id => active_block) @@ -212,17 +318,37 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest assert_redirected_to :controller => "errors", :action => "forbidden" # Login as a moderator - session_for(create(:moderator_user)) + session_for(other_moderator_user) # Check that the block edit page loads for moderators get edit_user_block_path(:id => active_block) assert_response :success assert_select "h1 a[href='#{user_path active_block.user}']", :text => active_block.user.display_name + assert_select "form#edit_user_block_#{active_block.id}", :count => 1 do + assert_select "textarea#user_block_reason", :count => 1 + assert_select "select#user_block_period", :count => 0 + assert_select "input#user_block_needs_view[type='checkbox']", :count => 0 + assert_select "input[type='submit'][value='Update block']", :count => 0 + assert_select "input#user_block_period[type='hidden']", :count => 1 + assert_select "input#user_block_needs_view[type='hidden']", :count => 1 + assert_select "input[type='submit'][value='Revoke block']", :count => 1 + end + + # Login as the block creator + session_for(creator_user) + + # Check that the block edit page loads for the creator + get edit_user_block_path(:id => active_block) + assert_response :success + assert_select "h1 a[href='#{user_path active_block.user}']", :text => active_block.user.display_name assert_select "form#edit_user_block_#{active_block.id}", :count => 1 do assert_select "textarea#user_block_reason", :count => 1 assert_select "select#user_block_period", :count => 1 assert_select "input#user_block_needs_view[type='checkbox']", :count => 1 assert_select "input[type='submit'][value='Update block']", :count => 1 + assert_select "input#user_block_period[type='hidden']", :count => 0 + assert_select "input#user_block_needs_view[type='hidden']", :count => 0 + assert_select "input[type='submit'][value='Revoke block']", :count => 0 end # We should get an error if the user doesn't exist @@ -232,6 +358,34 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest assert_select "p", "Sorry, the user block with ID 99999 could not be found." end + ## + # test the edit action when the remaining block duration doesn't match the available select options + def test_edit_duration + moderator_user = create(:moderator_user) + + freeze_time do + active_block = create(:user_block, :creator => moderator_user, :ends_at => Time.now.utc + 96.hours) + + session_for(moderator_user) + get edit_user_block_path(active_block) + + assert_select "form#edit_user_block_#{active_block.id}", :count => 1 do + assert_select "select#user_block_period", :count => 1 do + assert_select "option[value='96'][selected]", :count => 1 + end + end + + travel 2.hours + get edit_user_block_path(active_block) + + assert_select "form#edit_user_block_#{active_block.id}", :count => 1 do + assert_select "select#user_block_period", :count => 1 do + assert_select "option[value='96'][selected]", :count => 1 + end + end + end + end + ## # test the create action def test_create @@ -266,10 +420,9 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest :user_block_period => "12", :user_block => { :needs_view => false, :reason => "Vandalism" }) end - id = UserBlock.order(:id).ids.last - assert_redirected_to user_block_path(:id => id) + b = UserBlock.last + assert_redirected_to user_block_path(:id => b.id) assert_equal "Created a block on user #{target_user.display_name}.", flash[:notice] - b = UserBlock.find(id) assert_in_delta Time.now.utc, b.created_at, 1 assert_in_delta Time.now.utc, b.updated_at, 1 assert_in_delta Time.now.utc + 12.hours, b.ends_at, 1 @@ -302,7 +455,7 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest :user_block_period => "336", :user_block => { :needs_view => false, :reason => "Vandalism" }) - block = UserBlock.order(:id).last + block = UserBlock.last assert_equal 1209600, block.ends_at - block.created_at end @@ -310,7 +463,6 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest # test the update action def test_update moderator_user = create(:moderator_user) - second_moderator_user = create(:moderator_user) active_block = create(:user_block, :creator => moderator_user) # Not logged in yet, so updating a block should fail @@ -324,19 +476,7 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest put user_block_path(:id => active_block) assert_redirected_to :controller => "errors", :action => "forbidden" - # Login as the wrong moderator - session_for(second_moderator_user) - - # Check that only the person who created a block can update it - assert_no_difference "UserBlock.count" do - put user_block_path(:id => active_block, - :user_block_period => "12", - :user_block => { :needs_view => true, :reason => "Vandalism" }) - end - assert_redirected_to edit_user_block_path(active_block) - assert_equal "Only the moderator who created this block can edit it.", flash[:error] - - # Login as the correct moderator + # Login as the moderator session_for(moderator_user) # A bogus block period should result in an error @@ -367,52 +507,100 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest end ## - # test the revoke action - def test_revoke - active_block = create(:user_block) + # test the update action on expired blocks + def test_update_expired + creator_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + block = create(:user_block, :expired, :creator => creator_user, :reason => "Original Reason") + + session_for(other_moderator_user) + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to edit_user_block_path(block) + assert_equal "Only the moderator who created this block can edit it.", flash[:error] + block.reload + assert_not block.active? + assert_equal "Original Reason", block.reason - # Check that the block revoke page requires us to login - get revoke_user_block_path(:id => active_block) - assert_redirected_to login_path(:referer => revoke_user_block_path(:id => active_block)) + session_for(creator_user) + check_inactive_block_updates(block) + end - # Login as a normal user - session_for(create(:user)) + ## + # test the update action on revoked blocks + def test_update_revoked + creator_user = create(:moderator_user) + revoker_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + block = create(:user_block, :revoked, :creator => creator_user, :revoker => revoker_user, :reason => "Original Reason") + + session_for(other_moderator_user) + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to edit_user_block_path(block) + assert_equal "Only the moderators who created or revoked this block can edit it.", flash[:error] + block.reload + assert_not_predicate block, :active? + assert_equal "Original Reason", block.reason + + session_for(creator_user) + check_inactive_block_updates(block) + + session_for(revoker_user) + check_inactive_block_updates(block) + end - # Check that normal users can't load the block revoke page - get revoke_user_block_path(:id => active_block) - assert_redirected_to :controller => "errors", :action => "forbidden" + ## + # test the update action revoking the block + def test_revoke_using_update_by_creator + moderator_user = create(:moderator_user) + block = create(:user_block, :creator => moderator_user) - # Login as a moderator - session_for(create(:moderator_user)) + session_for(moderator_user) + put user_block_path(block, + :user_block_period => "24", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to user_block_path(block) + assert_equal "Block updated.", flash[:notice] + block.reload + assert_predicate block, :active? + assert_nil block.revoker + + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to user_block_path(block) + assert_equal "Block updated.", flash[:notice] + block.reload + assert_not_predicate block, :active? + assert_equal moderator_user, block.revoker + end - # Check that the block revoke page loads for moderators - get revoke_user_block_path(:id => active_block) - assert_response :success - assert_template "revoke" - assert_select "h1 a[href='#{user_path active_block.user}']", :text => active_block.user.display_name - assert_select "form", :count => 1 do - assert_select "input#confirm[type='checkbox']", :count => 1 - assert_select "input[type='submit'][value='Revoke!']", :count => 1 - end + def test_revoke_using_update_by_other_moderator + creator_user = create(:moderator_user) + other_moderator_user = create(:moderator_user) + block = create(:user_block, :creator => creator_user) - # Check that revoking a block using GET should fail - get revoke_user_block_path(:id => active_block, :confirm => true) + session_for(other_moderator_user) + put user_block_path(block, + :user_block_period => "24", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) assert_response :success - assert_template "revoke" - b = UserBlock.find(active_block.id) - assert_operator b.ends_at - Time.now.utc, :>, 100 - - # Check that revoking a block works using POST - post revoke_user_block_path(:id => active_block, :confirm => true) - assert_redirected_to user_block_path(active_block) - b = UserBlock.find(active_block.id) - assert_in_delta Time.now.utc, b.ends_at, 1 - - # We should get an error if the block doesn't exist - get revoke_user_block_path(:id => 99999) - assert_response :not_found - assert_template "not_found" - assert_select "p", "Sorry, the user block with ID 99999 could not be found." + assert_equal "Only the moderator who created this block can edit it without revoking.", flash[:error] + block.reload + assert_predicate block, :active? + assert_nil block.revoker + + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to user_block_path(block) + assert_equal "Block updated.", flash[:notice] + block.reload + assert_not_predicate block, :active? + assert_equal other_moderator_user, block.revoker end ## @@ -492,6 +680,134 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest assert_not_equal moderator_user, expired_block1.revoker end + ## + # test changes to end/deactivation dates + def test_dates_when_viewed_before_end + blocked_user = create(:user) + moderator_user = create(:moderator_user) + + freeze_time do + session_for(moderator_user) + assert_difference "UserBlock.count", 1 do + post user_blocks_path(:display_name => blocked_user.display_name, + :user_block_period => "48", + :user_block => { :needs_view => true, :reason => "Testing deactivates_at" }) + end + block = UserBlock.last + assert_equal Time.now.utc + 48.hours, block.ends_at + assert_nil block.deactivates_at + + travel 24.hours + session_for(blocked_user) + get user_block_path(block) + block.reload + assert_equal Time.now.utc + 24.hours, block.ends_at + assert_equal Time.now.utc + 24.hours, block.deactivates_at + end + end + + def test_dates_when_viewed_after_end + blocked_user = create(:user) + moderator_user = create(:moderator_user) + + freeze_time do + session_for(moderator_user) + assert_difference "UserBlock.count", 1 do + post user_blocks_path(:display_name => blocked_user.display_name, + :user_block_period => "24", + :user_block => { :needs_view => true, :reason => "Testing deactivates_at" }) + end + block = UserBlock.last + assert_equal Time.now.utc + 24.hours, block.ends_at + assert_nil block.deactivates_at + + travel 48.hours + session_for(blocked_user) + get user_block_path(block) + block.reload + assert_equal Time.now.utc - 24.hours, block.ends_at + assert_equal Time.now.utc, block.deactivates_at + end + end + + def test_dates_when_edited_before_end + blocked_user = create(:user) + moderator_user = create(:moderator_user) + + freeze_time do + session_for(moderator_user) + assert_difference "UserBlock.count", 1 do + post user_blocks_path(:display_name => blocked_user.display_name, + :user_block_period => "48", + :user_block => { :needs_view => false, :reason => "Testing deactivates_at" }) + end + block = UserBlock.last + assert_equal Time.now.utc + 48.hours, block.ends_at + assert_equal Time.now.utc + 48.hours, block.deactivates_at + + travel 24.hours + put user_block_path(block, + :user_block_period => "48", + :user_block => { :needs_view => false, :reason => "Testing deactivates_at updated" }) + block.reload + assert_equal Time.now.utc + 48.hours, block.ends_at + assert_equal Time.now.utc + 48.hours, block.deactivates_at + end + end + + def test_dates_when_edited_after_end + blocked_user = create(:user) + moderator_user = create(:moderator_user) + + freeze_time do + session_for(moderator_user) + assert_difference "UserBlock.count", 1 do + post user_blocks_path(:display_name => blocked_user.display_name, + :user_block_period => "24", + :user_block => { :needs_view => false, :reason => "Testing deactivates_at" }) + end + block = UserBlock.last + assert_equal Time.now.utc + 24.hours, block.ends_at + assert_equal Time.now.utc + 24.hours, block.deactivates_at + + travel 48.hours + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Testing deactivates_at updated" }) + block.reload + assert_equal Time.now.utc - 24.hours, block.ends_at + assert_equal Time.now.utc - 24.hours, block.deactivates_at + end + end + + ## + # test updates on legacy records without correctly initialized deactivates_at + def test_update_legacy_deactivates_at + blocked_user = create(:user) + moderator_user = create(:moderator_user) + + freeze_time do + block = UserBlock.new :user => blocked_user, + :creator => moderator_user, + :reason => "because", + :ends_at => Time.now.utc + 24.hours, + :needs_view => false + + assert_difference "UserBlock.count", 1 do + block.save :validate => false + end + + travel 48.hours + session_for(moderator_user) + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Testing legacy block update" }) + block.reload + assert_equal Time.now.utc - 24.hours, block.ends_at + assert_equal Time.now.utc - 24.hours, block.deactivates_at + end + end + ## # test the blocks_on action def test_blocks_on @@ -560,6 +876,20 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest check_no_page_link "Older Blocks" end + ## + # test the blocks_on action with invalid pages + def test_blocks_on_invalid_paged + user = create(:user) + + %w[-1 0 fred].each do |id| + get user_blocks_on_path(user, :before => id) + assert_redirected_to :controller => :errors, :action => :bad_request + + get user_blocks_on_path(user, :after => id) + assert_redirected_to :controller => :errors, :action => :bad_request + end + end + ## # test the blocks_by action def test_blocks_by @@ -628,8 +958,74 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest check_no_page_link "Older Blocks" end + ## + # test the blocks_by action with invalid pages + def test_blocks_by_invalid_paged + user = create(:moderator_user) + + %w[-1 0 fred].each do |id| + get user_blocks_by_path(user, :before => id) + assert_redirected_to :controller => :errors, :action => :bad_request + + get user_blocks_by_path(user, :after => id) + assert_redirected_to :controller => :errors, :action => :bad_request + end + end + private + def check_block_buttons(block, edit: 0) + [user_blocks_path, user_block_path(block)].each do |path| + get path + assert_response :success + assert_select "a[href='#{edit_user_block_path block}']", :count => edit + end + end + + def check_inactive_block_updates(block) + original_ends_at = block.ends_at + + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Updated Reason" }) + assert_redirected_to user_block_path(block) + assert_equal "Block updated.", flash[:notice] + block.reload + assert_not_predicate block, :active? + assert_equal "Updated Reason", block.reason + assert_equal original_ends_at, block.ends_at + + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => true, :reason => "Updated Reason Needs View" }) + assert_response :success + assert_equal "This block is inactive and cannot be reactivated.", flash[:error] + block.reload + assert_not_predicate block, :active? + assert_equal "Updated Reason", block.reason + assert_equal original_ends_at, block.ends_at + + put user_block_path(block, + :user_block_period => "1", + :user_block => { :needs_view => false, :reason => "Updated Reason Duration Extended" }) + assert_response :success + assert_equal "This block is inactive and cannot be reactivated.", flash[:error] + block.reload + assert_not_predicate block, :active? + assert_equal "Updated Reason", block.reason + assert_equal original_ends_at, block.ends_at + + put user_block_path(block, + :user_block_period => "0", + :user_block => { :needs_view => false, :reason => "Updated Reason Again" }) + assert_redirected_to user_block_path(block) + assert_equal "Block updated.", flash[:notice] + block.reload + assert_not_predicate block, :active? + assert_equal "Updated Reason Again", block.reason + assert_equal original_ends_at, block.ends_at + end + def check_user_blocks_table(user_blocks) assert_dom "table#block_list tbody tr" do |rows| assert_equal user_blocks.count, rows.count, "unexpected number of rows in user blocks table"