X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/ef7f3d800cbdd49b692df10d312e5fd880e2e938..9ef85e42ba4a3b10157b2aa0711e68acaf9e3f9e:/test/controllers/diary_entry_controller_test.rb diff --git a/test/controllers/diary_entry_controller_test.rb b/test/controllers/diary_entry_controller_test.rb index 1260fa468..f86321bc3 100644 --- a/test/controllers/diary_entry_controller_test.rb +++ b/test/controllers/diary_entry_controller_test.rb @@ -1,7 +1,7 @@ -require 'test_helper' +require "test_helper" class DiaryEntryControllerTest < ActionController::TestCase - fixtures :users, :diary_entries, :diary_comments, :languages + fixtures :users, :user_roles, :diary_entries, :diary_comments, :languages, :friends include ActionView::Helpers::NumberHelper @@ -85,53 +85,144 @@ class DiaryEntryControllerTest < ActionController::TestCase ) end - def test_showing_new_diary_entry + def test_new + # Make sure that you are redirected to the login page when you + # are not logged in get :new assert_response :redirect - assert_redirected_to :controller => :user, :action => "login", :referer => "/diary/new" - # Now pretend to login by using the session hash, with the - # id of the person we want to login as through session(:user)=user.id - get(:new, nil, 'user' => users(:normal_user).id) - assert_response :success - # print @response.body + assert_redirected_to :controller => :user, :action => :login, :referer => "/diary/new" - # print @response.to_yaml + # Now try again when logged in + get :new, {}, { :user => users(:normal_user).id } + assert_response :success assert_select "title", :text => /New Diary Entry/, :count => 1 assert_select "div.content-heading", :count => 1 do - assert_select "h1", :text => "New Diary Entry", :count => 1 + assert_select "h1", :text => /New Diary Entry/, :count => 1 end assert_select "div#content", :count => 1 do - # We don't care about the layout, we just care about the form fields - # that are available - assert_select "form[action='/diary/new']", :count => 1 do - assert_select "input[id=diary_entry_title][name='diary_entry[title]']", :count => 1 - assert_select "textarea#diary_entry_body[name='diary_entry[body]']", :count => 1 - assert_select "input#latitude[name='diary_entry[latitude]'][type=text]", :count => 1 - assert_select "input#longitude[name='diary_entry[longitude]'][type=text]", :count => 1 + assert_select "form[action='/diary/new'][method=post]", :count => 1 do + assert_select "input#diary_entry_title[name='diary_entry[title]']", :count => 1 + assert_select "textarea#diary_entry_body[name='diary_entry[body]']", :text => "", :count => 1 + assert_select "select#diary_entry_language_code", :count => 1 + assert_select "input#latitude[name='diary_entry[latitude]']", :count => 1 + assert_select "input#longitude[name='diary_entry[longitude]']", :count => 1 assert_select "input[name=commit][type=submit][value=Save]", :count => 1 + assert_select "input[name=commit][type=submit][value=Edit]", :count => 1 + assert_select "input[name=commit][type=submit][value=Preview]", :count => 1 + assert_select "input", :count => 7 end end + + new_title = "New Title" + new_body = "This is a new body for the diary entry" + new_latitude = "1.1" + new_longitude = "2.2" + new_language_code = "en" + + # Now try creating a invalid diary entry with an empty body + assert_no_difference "DiaryEntry.count" do + post :new, { :commit => "save", + :diary_entry => { :title => new_title, :body => "", :latitude => new_latitude, + :longitude => new_longitude, :language_code => new_language_code } }, + { :user => users(:normal_user).id } + end + assert_response :success + assert_template :edit + + assert_nil UserPreference.where(:user_id => users(:normal_user).id, :k => "diary.default_language").first + + # Now try creating a diary entry + assert_difference "DiaryEntry.count", 1 do + post :new, { :commit => "save", + :diary_entry => { :title => new_title, :body => new_body, :latitude => new_latitude, + :longitude => new_longitude, :language_code => new_language_code } }, + { :user => users(:normal_user).id } + end + assert_response :redirect + assert_redirected_to :action => :list, :display_name => users(:normal_user).display_name + entry = DiaryEntry.order(:id).last + assert_equal users(:normal_user).id, entry.user_id + assert_equal new_title, entry.title + assert_equal new_body, entry.body + assert_equal new_latitude.to_f, entry.latitude + assert_equal new_longitude.to_f, entry.longitude + assert_equal new_language_code, entry.language_code + + assert_equal new_language_code, UserPreference.where(:user_id => users(:normal_user).id, :k => "diary.default_language").first.v + + new_language_code = "de" + + # Now try creating a diary entry in a different language + assert_difference "DiaryEntry.count", 1 do + post :new, { :commit => "save", + :diary_entry => { :title => new_title, :body => new_body, :latitude => new_latitude, + :longitude => new_longitude, :language_code => new_language_code } }, + { :user => users(:normal_user).id } + end + assert_response :redirect + assert_redirected_to :action => :list, :display_name => users(:normal_user).display_name + entry = DiaryEntry.order(:id).last + assert_equal users(:normal_user).id, entry.user_id + assert_equal new_title, entry.title + assert_equal new_body, entry.body + assert_equal new_latitude.to_f, entry.latitude + assert_equal new_longitude.to_f, entry.longitude + assert_equal new_language_code, entry.language_code + + assert_equal new_language_code, UserPreference.where(:user_id => users(:normal_user).id, :k => "diary.default_language").first.v + end + + def test_new_spammy + # Generate some spammy content + spammy_title = "Spam Spam Spam Spam Spam" + spammy_body = 1.upto(50).map { |n| "http://example.com/spam#{n}" }.join(" ") + + # Try creating a spammy diary entry + assert_difference "DiaryEntry.count", 1 do + post :new, { :commit => "save", + :diary_entry => { :title => spammy_title, :body => spammy_body, :language_code => "en" } }, + { :user => users(:normal_user).id } + end + assert_response :redirect + assert_redirected_to :action => :list, :display_name => users(:normal_user).display_name + entry = DiaryEntry.order(:id).last + assert_equal users(:normal_user).id, entry.user_id + assert_equal spammy_title, entry.title + assert_equal spammy_body, entry.body + assert_equal "en", entry.language_code + assert_equal "suspended", User.find(users(:normal_user).id).status + + # Follow the redirect + get :list, { :display_name => users(:normal_user).display_name }, { :user => users(:normal_user).id } + assert_response :redirect + assert_redirected_to :controller => :user, :action => :suspended end - def test_editing_diary_entry + def test_edit entry = diary_entries(:normal_user_entry_1) # Make sure that you are redirected to the login page when you are # not logged in, without and with the id of the entry you want to edit get :edit, :display_name => entry.user.display_name, :id => entry.id assert_response :redirect - assert_redirected_to :controller => :user, :action => "login", :referer => "/user/#{entry.user.display_name}/diary/#{entry.id}/edit" + assert_redirected_to :controller => :user, :action => :login, :referer => "/user/#{entry.user.display_name}/diary/#{entry.id}/edit" # Verify that you get a not found error, when you pass a bogus id - get(:edit, { :display_name => entry.user.display_name, :id => 9999 }, { 'user' => entry.user.id }) + get :edit, { :display_name => entry.user.display_name, :id => 9999 }, { :user => entry.user.id } assert_response :not_found assert_select "div.content-heading", :count => 1 do assert_select "h2", :text => "No entry with the id: 9999", :count => 1 end + # Verify that you get redirected to view if you are not the user + # that created the entry + get :edit, { :display_name => entry.user.display_name, :id => entry.id }, { :user => users(:public_user).id } + assert_response :redirect + assert_redirected_to :action => :view, :display_name => entry.user.display_name, :id => entry.id + # Now pass the id, and check that you can edit it, when using the same # user as the person who created the entry - get(:edit, { :display_name => entry.user.display_name, :id => entry.id }, { 'user' => entry.user.id }) + get :edit, { :display_name => entry.user.display_name, :id => entry.id }, { :user => entry.user.id } assert_response :success assert_select "title", :text => /Edit diary entry/, :count => 1 assert_select "div.content-heading", :count => 1 do @@ -157,17 +248,17 @@ class DiaryEntryControllerTest < ActionController::TestCase new_latitude = "1.1" new_longitude = "2.2" new_language_code = "en" - post(:edit, { :display_name => entry.user.display_name, :id => entry.id, 'commit' => 'save', - 'diary_entry' => { 'title' => new_title, 'body' => new_body, 'latitude' => new_latitude, - 'longitude' => new_longitude, 'language_code' => new_language_code } }, - { 'user' => entry.user.id }) + post :edit, { :display_name => entry.user.display_name, :id => entry.id, :commit => "save", + :diary_entry => { :title => new_title, :body => new_body, :latitude => new_latitude, + :longitude => new_longitude, :language_code => new_language_code } }, + { :user => entry.user.id } assert_response :redirect assert_redirected_to :action => :view, :display_name => entry.user.display_name, :id => entry.id # Now check that the new data is rendered, when logged in - get :view, { :display_name => entry.user.display_name, :id => entry.id }, { 'user' => entry.user.id } + get :view, { :display_name => entry.user.display_name, :id => entry.id }, { :user => entry.user.id } assert_response :success - assert_template 'diary_entry/view' + assert_template "diary_entry/view" assert_select "title", :text => /Users' diaries | /, :count => 1 assert_select "div.content-heading", :count => 1 do assert_select "h2", :text => /#{entry.user.display_name}'s diary/, :count => 1 @@ -184,9 +275,9 @@ class DiaryEntryControllerTest < ActionController::TestCase end # and when not logged in as the user who wrote the entry - get :view, { :display_name => entry.user.display_name, :id => entry.id }, { 'user' => entry.user.id } + get :view, { :display_name => entry.user.display_name, :id => entry.id }, { :user => entry.user.id } assert_response :success - assert_template 'diary_entry/view' + assert_template "diary_entry/view" assert_select "title", :text => /Users' diaries | /, :count => 1 assert_select "div.content-heading", :count => 1 do assert_select "h2", :text => /#{users(:normal_user).display_name}'s diary/, :count => 1 @@ -204,64 +295,13 @@ class DiaryEntryControllerTest < ActionController::TestCase end end - def test_edit_diary_entry_i18n - get :edit, { :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_entry_1).id }, { 'user' => users(:normal_user).id } + def test_edit_i18n + get :edit, { :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_entry_1).id }, { :user => users(:normal_user).id } assert_response :success assert_select "span[class=translation_missing]", false, "Missing translation in edit diary entry" end - def test_create_diary_entry - # Make sure that you are redirected to the login page when you - # are not logged in - get :new - assert_response :redirect - assert_redirected_to :controller => :user, :action => :login, :referer => "/diary/new" - - # Now try again when logged in - get :new, {}, { :user => users(:normal_user).id } - assert_response :success - assert_select "title", :text => /New Diary Entry/, :count => 1 - assert_select "div.content-heading", :count => 1 do - assert_select "h1", :text => /New Diary Entry/, :count => 1 - end - assert_select "div#content", :count => 1 do - assert_select "form[action='/diary/new'][method=post]", :count => 1 do - assert_select "input#diary_entry_title[name='diary_entry[title]']", :count => 1 - assert_select "textarea#diary_entry_body[name='diary_entry[body]']", :text => "", :count => 1 - assert_select "select#diary_entry_language_code", :count => 1 - assert_select "input#latitude[name='diary_entry[latitude]']", :count => 1 - assert_select "input#longitude[name='diary_entry[longitude]']", :count => 1 - assert_select "input[name=commit][type=submit][value=Save]", :count => 1 - assert_select "input[name=commit][type=submit][value=Edit]", :count => 1 - assert_select "input[name=commit][type=submit][value=Preview]", :count => 1 - assert_select "input", :count => 7 - end - end - - # Now try creating a diary entry - new_title = "New Title" - new_body = "This is a new body for the diary entry" - new_latitude = "1.1" - new_longitude = "2.2" - new_language_code = "en" - assert_difference "DiaryEntry.count", 1 do - post(:new, { 'commit' => 'save', - 'diary_entry' => { 'title' => new_title, 'body' => new_body, 'latitude' => new_latitude, - 'longitude' => new_longitude, 'language_code' => new_language_code } }, - { :user => users(:normal_user).id }) - end - assert_response :redirect - assert_redirected_to :action => :list, :display_name => users(:normal_user).display_name - entry = DiaryEntry.find(6) - assert_equal users(:normal_user).id, entry.user_id - assert_equal new_title, entry.title - assert_equal new_body, entry.body - assert_equal new_latitude.to_f, entry.latitude - assert_equal new_longitude.to_f, entry.longitude - assert_equal new_language_code, entry.language_code - end - - def test_creating_diary_comment + def test_comment entry = diary_entries(:normal_user_entry_1) # Make sure that you are denied when you are not logged in @@ -275,6 +315,15 @@ class DiaryEntryControllerTest < ActionController::TestCase assert_select "h2", :text => "No entry with the id: 9999", :count => 1 end + # Now try an invalid comment with an empty body + assert_no_difference "ActionMailer::Base.deliveries.size" do + assert_no_difference "DiaryComment.count" do + post :comment, { :display_name => entry.user.display_name, :id => entry.id, :diary_comment => { :body => "" } }, { :user => users(:public_user).id } + end + end + assert_response :success + assert_template :view + # Now try again with the right id assert_difference "ActionMailer::Base.deliveries.size", 1 do assert_difference "DiaryComment.count", 1 do @@ -289,7 +338,7 @@ class DiaryEntryControllerTest < ActionController::TestCase assert_match /New comment/, email.text_part.decoded assert_match /New comment/, email.html_part.decoded ActionMailer::Base.deliveries.clear - comment = DiaryComment.find(5) + comment = DiaryComment.order(:id).last assert_equal entry.id, comment.diary_entry_id assert_equal users(:public_user).id, comment.user_id assert_equal "New comment", comment.body @@ -298,26 +347,106 @@ class DiaryEntryControllerTest < ActionController::TestCase get :view, :display_name => entry.user.display_name, :id => entry.id assert_response :success assert_select ".diary-comment", :count => 1 do - assert_select "#comment5", :count => 1 do + assert_select "#comment#{comment.id}", :count => 1 do assert_select "a[href='/user/#{users(:public_user).display_name}']", :text => users(:public_user).display_name, :count => 1 end assert_select ".richtext", :text => /New comment/, :count => 1 end end - # Check that you can get the expected response and template for all available languages - # Should test that there are no - def test_listing_diary_entries + def test_comment_spammy + # Find the entry to comment on + entry = diary_entries(:normal_user_entry_1) + + # Generate some spammy content + spammy_text = 1.upto(50).map { |n| "http://example.com/spam#{n}" }.join(" ") + + # Try creating a spammy comment + assert_difference "ActionMailer::Base.deliveries.size", 1 do + assert_difference "DiaryComment.count", 1 do + post :comment, { :display_name => entry.user.display_name, :id => entry.id, :diary_comment => { :body => spammy_text } }, { :user => users(:public_user).id } + end + end + assert_response :redirect + assert_redirected_to :action => :view, :display_name => entry.user.display_name, :id => entry.id + email = ActionMailer::Base.deliveries.first + assert_equal [users(:normal_user).email], email.to + assert_equal "[OpenStreetMap] #{users(:public_user).display_name} commented on your diary entry", email.subject + assert_match %r{http://example.com/spam}, email.text_part.decoded + assert_match %r{http://example.com/spam}, email.html_part.decoded + ActionMailer::Base.deliveries.clear + comment = DiaryComment.order(:id).last + assert_equal entry.id, comment.diary_entry_id + assert_equal users(:public_user).id, comment.user_id + assert_equal spammy_text, comment.body + assert_equal "suspended", User.find(users(:public_user).id).status + + # Follow the redirect + get :list, { :display_name => users(:normal_user).display_name }, { :user => users(:public_user).id } + assert_response :redirect + assert_redirected_to :controller => :user, :action => :suspended + + # Now view the diary entry, and check the new comment is not present + get :view, :display_name => entry.user.display_name, :id => entry.id + assert_response :success + assert_select ".diary-comment", :count => 0 + end + + def test_list_all + # Try a list of all diary entries get :list - assert_response :success, "Should be able to list the diary entries in locale" - assert_template 'list', "Should use the list template in locale" - assert_select "span[class=translation_missing]", false, "Missing translation in list of diary entries" + check_diary_list :normal_user_entry_1, :normal_user_geo_entry, :public_user_entry_1 + end - # Now try to find a specific user's diary entry + def test_list_user + # Try a list of diary entries for a valid user get :list, :display_name => users(:normal_user).display_name - assert_response :success, "Should be able to list the diary entries for a user in locale" - assert_template 'list', "Should use the list template for a user in locale" - assert_no_missing_translations + check_diary_list :normal_user_entry_1, :normal_user_geo_entry + + # Try a list of diary entries for an invalid user + get :list, :display_name => "No Such User" + assert_response :not_found + assert_template "user/no_such_user" + end + + def test_list_friends + # Try a list of diary entries for your friends when not logged in + get :list, :friends => true + assert_response :redirect + assert_redirected_to :controller => :user, :action => :login, :referer => "/diary/friends" + + # Try a list of diary entries for your friends when logged in + get :list, { :friends => true }, { :user => users(:normal_user).id } + check_diary_list :public_user_entry_1 + get :list, { :friends => true }, { :user => users(:public_user).id } + check_diary_list + end + + def test_list_nearby + # Try a list of diary entries for nearby users when not logged in + get :list, :nearby => true + assert_response :redirect + assert_redirected_to :controller => :user, :action => :login, :referer => "/diary/nearby" + + # Try a list of diary entries for nearby users when logged in + get :list, { :nearby => true }, { :user => users(:german_user).id } + check_diary_list :public_user_entry_1 + get :list, { :nearby => true }, { :user => users(:public_user).id } + check_diary_list + end + + def test_list_language + # Try a list of diary entries in english + get :list, :language => "en" + check_diary_list :normal_user_entry_1, :public_user_entry_1 + + # Try a list of diary entries in german + get :list, :language => "de" + check_diary_list :normal_user_geo_entry + + # Try a list of diary entries in slovenian + get :list, :language => "sl" + check_diary_list end def test_rss @@ -327,7 +456,7 @@ class DiaryEntryControllerTest < ActionController::TestCase assert_select "channel", :count => 1 do assert_select "channel>title", :count => 1 assert_select "image", :count => 1 - assert_select "channel>item", :count => 2 + assert_select "channel>item", :count => 3 end end end @@ -335,7 +464,7 @@ class DiaryEntryControllerTest < ActionController::TestCase def test_rss_language get :rss, :language => diary_entries(:normal_user_entry_1).language_code, :format => :rss assert_response :success, "Should be able to get a specific language diary RSS" - assert_select "rss>channel>item", :count => 1 # , "Diary entries should be filtered by language" + assert_select "rss>channel>item", :count => 2 # , "Diary entries should be filtered by language" end # def test_rss_nonexisting_language @@ -344,7 +473,7 @@ class DiaryEntryControllerTest < ActionController::TestCase # end def test_rss_language_with_no_entries - get :rss, :language => 'sl', :format => :rss + get :rss, :language => "sl", :format => :rss assert_response :success, "Should be able to get a specific language diary RSS" assert_select "rss>channel>item", :count => 0 # , "Diary entries should be filtered by language" end @@ -357,7 +486,7 @@ class DiaryEntryControllerTest < ActionController::TestCase def test_rss_nonexisting_user # Try a user that has never existed - get :rss, :display_name => 'fakeUsername76543', :format => :rss + get :rss, :display_name => "fakeUsername76543", :format => :rss assert_response :not_found, "Should not be able to get a nonexisting users diary RSS" # Try a suspended user @@ -369,7 +498,7 @@ class DiaryEntryControllerTest < ActionController::TestCase assert_response :not_found, "Should not be able to get a deleted users diary RSS" end - def test_viewing_diary_entry + def test_view # Try a normal entry that should work get :view, :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_entry_1).id assert_response :success @@ -388,7 +517,7 @@ class DiaryEntryControllerTest < ActionController::TestCase assert_response :not_found end - def test_viewing_hidden_comments + def test_view_hidden_comments # Get a diary entry that has hidden comments get :view, :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_geo_entry).id assert_response :success @@ -464,4 +593,18 @@ class DiaryEntryControllerTest < ActionController::TestCase get :comments, :display_name => users(:deleted_user).display_name assert_response :not_found end + + private + + def check_diary_list(*entries) + assert_response :success + assert_template "list" + assert_no_missing_translations + assert_select "div.diary_post", entries.count + + entries.each do |entry| + entry = diary_entries(entry) + assert_select "a[href=?]", "/user/#{entry.user.display_name}/diary/#{entry.id}" + end + end end