IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix all the errors to get our tests green on Rails 5.1.

Browse Source
This commit is contained in:
Guo Xiang Tan
2017-08-31 12:06:56 +08:00
parent 898ee93547
commit 77d4c4d8dc
989 changed files with 5114 additions and 3117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
spec/controllers/about_controller_spec.rb
View File

@@ -6,20 +6,23 @@ describe AboutController do
it "should display the about page for anonymous user when login_required is false" do
SiteSetting.login_required = false
xhr :get, :index
get :index
expect(response).to be_success
end
it 'should redirect to login page for anonymous user when login_required is true' do
SiteSetting.login_required = true
xhr :get, :index
get :index
expect(response).to redirect_to '/login'
end
it "should display the about page for logged in user when login_required is true" do
SiteSetting.login_required = true
log_in
xhr :get, :index
get :index
expect(response).to be_success
end
end

6
spec/controllers/admin/admin_controller_spec.rb
View File

@@ -5,12 +5,14 @@ describe Admin::AdminController do
context 'index' do
it 'needs you to be logged in' do
expect { xhr :get, :index }.to raise_error(Discourse::NotLoggedIn)
expect do
get :index, format: :json
end.to raise_error(Discourse::NotLoggedIn)
end
it "raises an error if you aren't an admin" do
user = log_in
xhr :get, :index
get :index, format: :json
expect(response).to be_forbidden
end

16
spec/controllers/admin/api_controller_spec.rb
View File

@@ -10,7 +10,7 @@ describe Admin::ApiController do
context '.index' do
it "succeeds" do
xhr :get, :index
get :index, format: :json
expect(response).to be_success
end
end
@@ -19,14 +19,14 @@ describe Admin::ApiController do
let(:api_key) { Fabricate(:api_key) }
it "returns 404 when there is no key" do
xhr :put, :regenerate_key, id: 1234
put :regenerate_key, params: { id: 1234 }, format: :json
expect(response).not_to be_success
expect(response.status).to eq(404)
end
it "delegates to the api key's `regenerate!` method" do
ApiKey.any_instance.expects(:regenerate!)
xhr :put, :regenerate_key, id: api_key.id
put :regenerate_key, params: { id: api_key.id }, format: :json
end
end
@@ -34,22 +34,22 @@ describe Admin::ApiController do
let(:api_key) { Fabricate(:api_key) }
it "returns 404 when there is no key" do
xhr :delete, :revoke_key, id: 1234
delete :revoke_key, params: { id: 1234 }, format: :json
expect(response).not_to be_success
expect(response.status).to eq(404)
end
it "delegates to the api key's `regenerate!` method" do
ApiKey.any_instance.expects(:destroy)
xhr :delete, :revoke_key, id: api_key.id
delete :revoke_key, params: { id: api_key.id }, format: :json
end
end
context '.create_master_key' do
it "creates a record" do
expect {
xhr :post, :create_master_key
}.to change(ApiKey, :count).by(1)
expect do
post :create_master_key, format: :json
end.to change(ApiKey, :count).by(1)
end
end

40
spec/controllers/admin/backups_controller_spec.rb
View File

@@ -26,7 +26,7 @@ describe Admin::BackupsController do
BackupRestore.expects(:logs).returns([])
subject.expects(:store_preloaded).with("logs", "[]")
xhr :get, :index, format: :html
get :index, format: :html, xhr: true
expect(response).to be_success
end
@@ -38,7 +38,7 @@ describe Admin::BackupsController do
it "returns a list of all the backups" do
Backup.expects(:all).returns([Backup.new("backup1"), Backup.new("backup2")])
xhr :get, :index, format: :json
get :index, format: :json, xhr: true
expect(response).to be_success
@@ -56,7 +56,7 @@ describe Admin::BackupsController do
it "returns the current backups status" do
BackupRestore.expects(:operations_status)
xhr :get, :status
get :status, format: :json
expect(response).to be_success
end
@@ -68,7 +68,9 @@ describe Admin::BackupsController do
it "starts a backup" do
BackupRestore.expects(:backup!).with(@admin.id, publish_to_message_bus: true, with_uploads: false, client_id: "foo")
xhr :post, :create, with_uploads: false, client_id: "foo"
post :create, params: {
with_uploads: false, client_id: "foo"
}, format: :json
expect(response).to be_success
end
@@ -87,7 +89,7 @@ describe Admin::BackupsController do
StaffActionLogger.any_instance.expects(:log_backup_download).once
get :show, id: backup_filename, token: token
get :show, params: { id: backup_filename, token: token }, format: :json
expect(response.headers['Content-Length']).to eq("5")
expect(response.headers['Content-Disposition']).to match(/attachment; filename/)
@@ -104,7 +106,7 @@ describe Admin::BackupsController do
Backup.create_from_filename(backup_filename)
get :show, id: backup_filename, token: "bad_value"
get :show, params: { id: backup_filename, token: "bad_value" }, xhr: true
expect(response.status).to eq(422)
ensure
@@ -116,7 +118,7 @@ describe Admin::BackupsController do
token = EmailBackupToken.set(@admin.id)
Backup.expects(:[]).returns(nil)
get :show, id: backup_filename, token: token
get :show, params: { id: backup_filename, token: token }, format: :json
EmailBackupToken.del(@admin.id)
@@ -133,13 +135,13 @@ describe Admin::BackupsController do
Backup.expects(:[]).with(backup_filename).returns(b)
Jobs.expects(:enqueue).with(:download_backup_email, has_entries(to_address: @admin.email))
xhr :put, :email, id: backup_filename
put :email, params: { id: backup_filename }, format: :json
expect(response).to be_success
end
it "returns 404 when the backup does not exist" do
xhr :put, :email, id: backup_filename
put :email, params: { id: backup_filename }, format: :json
expect(response).to be_not_found
end
@@ -156,7 +158,7 @@ describe Admin::BackupsController do
StaffActionLogger.any_instance.expects(:log_backup_destroy).with(b).once
xhr :delete, :destroy, id: backup_filename
delete :destroy, params: { id: backup_filename }, format: :json
expect(response).to be_success
end
@@ -164,7 +166,7 @@ describe Admin::BackupsController do
it "doesn't remove the backup if not found" do
Backup.expects(:[]).with(backup_filename).returns(nil)
b.expects(:remove).never
xhr :delete, :destroy, id: backup_filename
delete :destroy, params: { id: backup_filename }, format: :json
expect(response).not_to be_success
end
@@ -179,7 +181,7 @@ describe Admin::BackupsController do
BackupRestore.expects(:logs).returns([])
subject.expects(:store_preloaded).with("logs", "[]")
xhr :get, :logs, format: :html
get :logs, format: :html, xhr: true
expect(response).to be_success
end
@@ -191,7 +193,7 @@ describe Admin::BackupsController do
expect(SiteSetting.disable_emails).to eq(false)
BackupRestore.expects(:restore!).with(@admin.id, filename: backup_filename, publish_to_message_bus: true, client_id: "foo")
xhr :post, :restore, id: backup_filename, client_id: "foo"
post :restore, params: { id: backup_filename, client_id: "foo" }, format: :json
expect(SiteSetting.disable_emails).to eq(true)
expect(response).to be_success
@@ -204,7 +206,7 @@ describe Admin::BackupsController do
it "enables readonly mode" do
Discourse.expects(:enable_readonly_mode)
expect { xhr :put, :readonly, enable: true }
expect { put :readonly, params: { enable: true }, format: :json }
.to change { UserHistory.count }.by(1)
expect(response).to be_success
@@ -218,7 +220,7 @@ describe Admin::BackupsController do
it "disables readonly mode" do
Discourse.expects(:disable_readonly_mode)
expect { xhr :put, :readonly, enable: false }
expect { put :readonly, params: { enable: false }, format: :json }
.to change { UserHistory.count }.by(1)
expect(response).to be_success
@@ -236,7 +238,10 @@ describe Admin::BackupsController do
it "should raise an error" do
['灰色.tar.gz', '; echo \'haha\'.tar.gz'].each do |invalid_filename|
described_class.any_instance.expects(:has_enough_space_on_disk?).returns(true)
xhr :post, :upload_backup_chunk, resumableFilename: invalid_filename, resumableTotalSize: 1
post :upload_backup_chunk, params: {
resumableFilename: invalid_filename, resumableTotalSize: 1
}
expect(response.status).to eq(415)
expect(response.body).to eq(I18n.t('backup.invalid_filename'))
@@ -251,7 +256,7 @@ describe Admin::BackupsController do
filename = 'test_Site-0123456789.tar.gz'
xhr :post, :upload_backup_chunk,
post :upload_backup_chunk, params: {
resumableFilename: filename,
resumableTotalSize: 1,
resumableIdentifier: 'test',
@@ -259,6 +264,7 @@ describe Admin::BackupsController do
resumableChunkSize: '1',
resumableCurrentChunkSize: '1',
file: fixture_file_upload(Tempfile.new)
}, format: :json
expect(response.status).to eq(200)
expect(response.body).to eq("")

85
spec/controllers/admin/badges_controller_spec.rb
View File

@@ -8,7 +8,7 @@ describe Admin::BadgesController do
context 'index' do
it 'returns badge index' do
xhr :get, :index
get :index, format: :json
expect(response).to be_success
end
end
@@ -16,13 +16,21 @@ describe Admin::BadgesController do
context 'preview' do
it 'allows preview enable_badge_sql is enabled' do
SiteSetting.enable_badge_sql = true
result = xhr :get, :preview, sql: 'select id as user_id, created_at granted_at from users'
expect(JSON.parse(result.body)["grant_count"]).to be > 0
get :preview, params: {
sql: 'select id as user_id, created_at granted_at from users'
}, format: :json
expect(JSON.parse(response.body)["grant_count"]).to be > 0
end
it 'does not allow anything if enable_badge_sql is disabled' do
SiteSetting.enable_badge_sql = false
result = xhr :get, :preview, sql: 'select id as user_id, created_at granted_at from users'
expect(result.status).to eq(403)
get :preview, params: {
sql: 'select id as user_id, created_at granted_at from users'
}, format: :json
expect(response.status).to eq(403)
end
end
@@ -31,9 +39,13 @@ describe Admin::BadgesController do
it 'can create badges correctly' do
SiteSetting.enable_badge_sql = true
result = xhr :post, :create, name: 'test', query: 'select 1 as user_id, null as granted_at', badge_type_id: 1
json = JSON.parse(result.body)
expect(result.status).to eq(200)
post :create, params: {
name: 'test', query: 'select 1 as user_id, null as granted_at', badge_type_id: 1
}, format: :json
json = JSON.parse(response.body)
expect(response.status).to eq(200)
expect(json["badge"]["name"]).to eq('test')
expect(json["badge"]["query"]).to eq('select 1 as user_id, null as granted_at')
end
@@ -51,37 +63,33 @@ describe Admin::BadgesController do
names = groupings.map { |g| g.name }
ids = groupings.map { |g| g.id.to_s }
xhr :post, :save_badge_groupings, ids: ids, names: names
post :save_badge_groupings, params: { ids: ids, names: names }, format: :json
groupings2 = BadgeGrouping.all.order(:position).to_a
expect(groupings2.map { |g| g.name }).to eq(names)
expect((groupings.map(&:id) - groupings2.map { |g| g.id }).compact).to be_blank
expect(::JSON.parse(response.body)["badge_groupings"].length).to eq(groupings2.length)
end
end
context '.badge_types' do
it 'returns success' do
xhr :get, :badge_types
expect(response).to be_success
end
it 'returns JSON' do
xhr :get, :badge_types
get :badge_types, format: :json
expect(response).to be_success
expect(::JSON.parse(response.body)["badge_types"]).to be_present
end
end
context '.destroy' do
it 'returns success' do
xhr :delete, :destroy, id: badge.id
delete :destroy, params: { id: badge.id }, format: :json
expect(response).to be_success
end
it 'deletes the badge' do
xhr :delete, :destroy, id: badge.id
delete :destroy, params: { id: badge.id }, format: :json
expect(Badge.where(id: badge.id).count).to eq(0)
end
end
@@ -92,9 +100,10 @@ describe Admin::BadgesController do
editor_badge = Badge.find(Badge::Editor)
editor_badge_name = editor_badge.name
xhr :put, :update,
id: editor_badge.id,
name: "123456"
put :update, params: {
id: editor_badge.id,
name: "123456"
}, format: :json
expect(response).to be_success
editor_badge.reload
@@ -107,14 +116,15 @@ describe Admin::BadgesController do
SiteSetting.enable_badge_sql = false
xhr :put, :update,
id: badge.id,
name: "123456",
query: "select id user_id, created_at granted_at from users",
badge_type_id: badge.badge_type_id,
allow_title: false,
multiple_grant: false,
enabled: true
put :update, params: {
id: badge.id,
name: "123456",
query: "select id user_id, created_at granted_at from users",
badge_type_id: badge.badge_type_id,
allow_title: false,
multiple_grant: false,
enabled: true
}, format: :json
expect(response).to be_success
badge.reload
@@ -126,14 +136,15 @@ describe Admin::BadgesController do
SiteSetting.enable_badge_sql = true
sql = "select id user_id, created_at granted_at from users"
xhr :put, :update,
id: badge.id,
name: "123456",
query: sql,
badge_type_id: badge.badge_type_id,
allow_title: false,
multiple_grant: false,
enabled: true
put :update, params: {
id: badge.id,
name: "123456",
query: sql,
badge_type_id: badge.badge_type_id,
allow_title: false,
multiple_grant: false,
enabled: true
}, format: :json
expect(response).to be_success
badge.reload

30
spec/controllers/admin/color_schemes_controller_spec.rb
View File

@@ -17,33 +17,29 @@ describe Admin::ColorSchemesController do
} }
describe "index" do
it "returns success" do
xhr :get, :index
expect(response).to be_success
end
it "returns JSON" do
Fabricate(:color_scheme)
xhr :get, :index
get :index, format: :json
expect(response).to be_success
expect(::JSON.parse(response.body)).to be_present
end
end
describe "create" do
it "returns success" do
xhr :post, :create, valid_params
expect(response).to be_success
end
it "returns JSON" do
xhr :post, :create, valid_params
post :create, params: valid_params, format: :json
expect(response).to be_success
expect(::JSON.parse(response.body)['id']).to be_present
end
it "returns failure with invalid params" do
params = valid_params
params[:color_scheme][:colors][0][:hex] = 'cool color please'
xhr :post, :create, valid_params
post :create, params: valid_params, format: :json
expect(response).not_to be_success
expect(::JSON.parse(response.body)['errors']).to be_present
end
@@ -54,13 +50,13 @@ describe Admin::ColorSchemesController do
it "returns success" do
ColorSchemeRevisor.expects(:revise).returns(existing)
xhr :put, :update, valid_params.merge(id: existing.id)
put :update, params: valid_params.merge(id: existing.id), format: :json
expect(response).to be_success
end
it "returns JSON" do
ColorSchemeRevisor.expects(:revise).returns(existing)
xhr :put, :update, valid_params.merge(id: existing.id)
put :update, params: valid_params.merge(id: existing.id), format: :json
expect(::JSON.parse(response.body)['id']).to be_present
end
@@ -69,7 +65,7 @@ describe Admin::ColorSchemesController do
params = valid_params.merge(id: color_scheme.id)
params[:color_scheme][:colors][0][:name] = color_scheme.colors.first.name
params[:color_scheme][:colors][0][:hex] = 'cool color please'
xhr :put, :update, params
put :update, params: params, format: :json
expect(response).not_to be_success
expect(::JSON.parse(response.body)['errors']).to be_present
end
@@ -80,7 +76,7 @@ describe Admin::ColorSchemesController do
it "returns success" do
expect {
xhr :delete, :destroy, id: existing.id
delete :destroy, params: { id: existing.id }, format: :json
}.to change { ColorScheme.count }.by(-1)
expect(response).to be_success
end

26
spec/controllers/admin/dashboard_controller_spec.rb
View File

@@ -15,20 +15,16 @@ describe Admin::DashboardController do
let!(:admin) { log_in(:admin) }
context '.index' do
it 'should be successful' do
xhr :get, :index
expect(response).to be_successful
end
context 'version checking is enabled' do
before do
SiteSetting.version_checks = true
end
it 'returns discourse version info' do
xhr :get, :index
json = JSON.parse(response.body)
expect(json['version_check']).to be_present
get :index, format: :json
expect(response).to be_success
expect(JSON.parse(response.body)['version_check']).to be_present
end
end
@@ -38,7 +34,7 @@ describe Admin::DashboardController do
end
it 'does not return discourse version info' do
xhr :get, :index
get :index, format: :json
json = JSON.parse(response.body)
expect(json['version_check']).not_to be_present
end
@@ -46,19 +42,15 @@ describe Admin::DashboardController do
end
context '.problems' do
it 'should be successful' do
AdminDashboardData.stubs(:fetch_problems).returns([])
xhr :get, :problems
expect(response).to be_successful
end
context 'when there are no problems' do
before do
AdminDashboardData.stubs(:fetch_problems).returns([])
end
it 'returns an empty array' do
xhr :get, :problems
get :problems, format: :json
expect(response).to be_success
json = JSON.parse(response.body)
expect(json['problems'].size).to eq(0)
end
@@ -70,7 +62,7 @@ describe Admin::DashboardController do
end
it 'returns an array of strings' do
xhr :get, :problems
get :problems, format: :json
json = JSON.parse(response.body)
expect(json['problems'].size).to eq(2)
expect(json['problems'][0]).to be_a(String)

35
spec/controllers/admin/email_controller_spec.rb
View File

@@ -10,10 +10,14 @@ describe Admin::EmailController do
context '.index' do
before do
subject.expects(:action_mailer_settings).returns(username: 'username',
password: 'secret')
subject
.expects(:action_mailer_settings)
.returns(
username: 'username',
password: 'secret'
)
xhr :get, :index
get :index, format: :json
end
it 'does not include the password in the response' do
@@ -27,7 +31,7 @@ describe Admin::EmailController do
context '.sent' do
before do
xhr :get, :sent
get :sent, format: :json
end
subject { response }
@@ -36,7 +40,7 @@ describe Admin::EmailController do
context '.skipped' do
before do
xhr :get, :skipped
get :skipped, format: :json
end
subject { response }
@@ -45,7 +49,9 @@ describe Admin::EmailController do
context '.test' do
it 'raises an error without the email parameter' do
expect { xhr :post, :test }.to raise_error(ActionController::ParameterMissing)
expect do
post :test, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
context 'with an email address' do
@@ -53,18 +59,23 @@ describe Admin::EmailController do
job_mock = mock
Jobs::TestEmail.expects(:new).returns(job_mock)
job_mock.expects(:execute).with(to_address: 'eviltrout@test.domain')
xhr :post, :test, email_address: 'eviltrout@test.domain'
post :test, params: { email_address: 'eviltrout@test.domain' }, format: :json
end
end
end
context '.preview_digest' do
it 'raises an error without the last_seen_at parameter' do
expect { xhr :get, :preview_digest }.to raise_error(ActionController::ParameterMissing)
expect do
get :preview_digest, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it "previews the digest" do
xhr :get, :preview_digest, last_seen_at: 1.week.ago, username: user.username
get :preview_digest, params: {
last_seen_at: 1.week.ago, username: user.username
}, format: :json
expect(response).to be_success
end
end
@@ -76,7 +87,7 @@ describe Admin::EmailController do
end
it 'should enqueue the right job' do
expect { xhr :post, :handle_mail, email: email('cc') }
expect { post :handle_mail, params: { email: email('cc') }, format: :json }
.to change { Jobs::ProcessEmail.jobs.count }.by(1)
end
end
@@ -84,7 +95,7 @@ describe Admin::EmailController do
context '.rejected' do
it 'should provide a string for a blank error' do
Fabricate(:incoming_email, error: "")
xhr :get, :rejected
get :rejected, format: :json
rejected = JSON.parse(response.body)
expect(rejected.first['error']).to eq(I18n.t("emails.incoming.unrecognized_error"))
end
@@ -93,7 +104,7 @@ describe Admin::EmailController do
context '.incoming' do
it 'should provide a string for a blank error' do
incoming_email = Fabricate(:incoming_email, error: "")
xhr :get, :incoming, id: incoming_email.id
get :incoming, params: { id: incoming_email.id }, format: :json
incoming = JSON.parse(response.body)
expect(incoming['error']).to eq(I18n.t("emails.incoming.unrecognized_error"))
end

2
spec/controllers/admin/emojis_controller_spec.rb
View File

@@ -22,7 +22,7 @@ describe Admin::EmojisController do
context ".index" do
it "returns a list of custom emojis" do
Emoji.expects(:custom).returns([custom_emoji])
xhr :get, :index
get :index, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json[0]["name"]).to eq(custom_emoji.name)

35
spec/controllers/admin/groups_controller_spec.rb
View File

@@ -18,7 +18,9 @@ describe Admin::GroupsController do
user = Fabricate(:user, trust_level: 2)
user2 = Fabricate(:user, trust_level: 4)
xhr :put, :bulk_perform, group_id: group.id, users: [user.username.upcase, user2.email, 'doesnt_exist']
put :bulk_perform, params: {
group_id: group.id, users: [user.username.upcase, user2.email, 'doesnt_exist']
}, format: :json
expect(response).to be_success
@@ -44,10 +46,13 @@ describe Admin::GroupsController do
group.add_owner(user)
expect do
xhr :put, :update, id: group.id, group: {
visibility_level: Group.visibility_levels[:owners],
allow_membership_requests: "true"
}
put :update, params: {
id: group.id,
group: {
visibility_level: Group.visibility_levels[:owners],
allow_membership_requests: "true"
}
}, format: :json
end.to change { GroupHistory.count }.by(2)
@@ -60,7 +65,7 @@ describe Admin::GroupsController do
end
it "ignore name change on automatic group" do
xhr :put, :update, id: 1, group: { name: "WAT" }
put :update, params: { id: 1, group: { name: "WAT" } }, format: :json
expect(response).to be_success
group = Group.find(1)
@@ -70,14 +75,22 @@ describe Admin::GroupsController do
it "doesn't launch the 'automatic group membership' job when it's not retroactive" do
Jobs.expects(:enqueue).never
group = Fabricate(:group)
xhr :put, :update, id: group.id, group: { automatic_membership_retroactive: "false" }
put :update, params: {
id: group.id, group: { automatic_membership_retroactive: "false" }
}, format: :json
expect(response).to be_success
end
it "launches the 'automatic group membership' job when it's retroactive" do
group = Fabricate(:group)
Jobs.expects(:enqueue).with(:automatic_group_membership, group_id: group.id)
xhr :put, :update, id: group.id, group: { automatic_membership_retroactive: "true" }
put :update, params: {
id: group.id, group: { automatic_membership_retroactive: "true" }
}, format: :json
expect(response).to be_success
end
@@ -87,14 +100,14 @@ describe Admin::GroupsController do
it "returns a 422 if the group is automatic" do
group = Fabricate(:group, automatic: true)
xhr :delete, :destroy, id: group.id
delete :destroy, params: { id: group.id }, format: :json
expect(response.status).to eq(422)
expect(Group.where(id: group.id).count).to eq(1)
end
it "is able to destroy a non-automatic group" do
group = Fabricate(:group)
xhr :delete, :destroy, id: group.id
delete :destroy, params: { id: group.id }, format: :json
expect(response.status).to eq(200)
expect(Group.where(id: group.id).count).to eq(0)
end
@@ -106,7 +119,7 @@ describe Admin::GroupsController do
it "is able to refresh automatic groups" do
Group.expects(:refresh_automatic_groups!).returns(true)
xhr :post, :refresh_automatic_groups
post :refresh_automatic_groups, format: :json
expect(response.status).to eq(200)
end

16
spec/controllers/admin/impersonate_controller_spec.rb
View File

@@ -12,7 +12,7 @@ describe Admin::ImpersonateController do
context 'index' do
it 'returns success' do
xhr :get, :index
get :index, format: :json
expect(response).to be_success
end
end
@@ -20,17 +20,17 @@ describe Admin::ImpersonateController do
context 'create' do
it 'requires a username_or_email parameter' do
expect { xhr :put, :create }.to raise_error(ActionController::ParameterMissing)
expect { put :create, format: :json }.to raise_error(ActionController::ParameterMissing)
end
it 'returns 404 when that user does not exist' do
xhr :post, :create, username_or_email: 'hedonismbot'
post :create, params: { username_or_email: 'hedonismbot' }, format: :json
expect(response.status).to eq(404)
end
it "raises an invalid access error if the user can't be impersonated" do
Guardian.any_instance.expects(:can_impersonate?).with(user).returns(false)
xhr :post, :create, username_or_email: user.email
post :create, params: { username_or_email: user.email }, format: :json
expect(response).to be_forbidden
end
@@ -38,21 +38,21 @@ describe Admin::ImpersonateController do
it "logs the impersonation" do
StaffActionLogger.any_instance.expects(:log_impersonate)
xhr :post, :create, username_or_email: user.username
post :create, params: { username_or_email: user.username }, format: :json
end
it "changes the current user session id" do
xhr :post, :create, username_or_email: user.username
post :create, params: { username_or_email: user.username }, format: :json
expect(session[:current_user_id]).to eq(user.id)
end
it "returns success" do
xhr :post, :create, username_or_email: user.email
post :create, params: { username_or_email: user.email }, format: :json
expect(response).to be_success
end
it "also works with an email address" do
xhr :post, :create, username_or_email: user.email
post :create, params: { username_or_email: user.email }, format: :json
expect(session[:current_user_id]).to eq(user.id)
end

6
spec/controllers/admin/permalinks_controller_spec.rb
View File

@@ -15,7 +15,7 @@ describe Admin::PermalinksController do
Fabricate(:permalink, url: "/discuss/topic/45")
Fabricate(:permalink, url: "/discuss/topic/76")
xhr :get, :index, filter: "topic"
get :index, params: { filter: "topic" }, format: :json
expect(response).to be_success
result = JSON.parse(response.body)
@@ -28,7 +28,7 @@ describe Admin::PermalinksController do
Fabricate(:permalink, external_url: "http://www.discourse.org")
Fabricate(:permalink, external_url: "http://try.discourse.org")
xhr :get, :index, filter: "discourse"
get :index, params: { filter: "discourse" }, format: :json
expect(response).to be_success
result = JSON.parse(response.body)
@@ -41,7 +41,7 @@ describe Admin::PermalinksController do
Fabricate(:permalink, url: "/discuss/topic/45", external_url: "http://discourse.org")
Fabricate(:permalink, url: "/discuss/topic/76", external_url: "http://try.discourse.org")
xhr :get, :index, filter: "discourse"
get :index, params: { filter: "discourse" }, format: :json
expect(response).to be_success
result = JSON.parse(response.body)

2
spec/controllers/admin/plugins_controller_spec.rb
View File

@@ -10,7 +10,7 @@ describe Admin::PluginsController do
let!(:admin) { log_in(:admin) }
it 'should return JSON' do
xhr :get, :index
get :index, format: :json
expect(response).to be_success
expect(::JSON.parse(response.body).has_key?('plugins')).to eq(true)
end

12
spec/controllers/admin/reports_controller_spec.rb
View File

@@ -16,11 +16,11 @@ describe Admin::ReportsController do
it "never calls Report.find" do
Report.expects(:find).never
xhr :get, :show, type: invalid_id
get :show, params: { type: invalid_id }, format: :json
end
it "returns 404" do
xhr :get, :show, type: invalid_id
get :show, params: { type: invalid_id }, format: :json
expect(response.status).to eq(404)
end
end
@@ -30,7 +30,7 @@ describe Admin::ReportsController do
context 'missing report' do
before do
Report.expects(:find).with('active', instance_of(Hash)).returns(nil)
xhr :get, :show, type: 'active'
get :show, params: { type: 'active' }, format: :json
end
it "renders the report as JSON" do
@@ -41,7 +41,7 @@ describe Admin::ReportsController do
context 'a report is found' do
before do
Report.expects(:find).with('active', instance_of(Hash)).returns(Report.new('active'))
xhr :get, :show, type: 'active'
get :show, params: { type: 'active' }, format: :json
end
it "renders the report as JSON" do
@@ -65,7 +65,7 @@ describe Admin::ReportsController do
topic
other_topic
xhr :get, :show, type: 'topics', category_id: category.id
get :show, params: { type: 'topics', category_id: category.id }, format: :json
expect(response).to be_success
@@ -85,7 +85,7 @@ describe Admin::ReportsController do
other_user
group.add(user)
xhr :get, :show, type: 'signups', group_id: group.id
get :show, params: { type: 'signups', group_id: group.id }, format: :json
expect(response).to be_success

2
spec/controllers/admin/screened_emails_controller_spec.rb
View File

@@ -9,7 +9,7 @@ describe Admin::ScreenedEmailsController do
context '.index' do
before do
xhr :get, :index
get :index, format: :json
end
subject { response }

8
spec/controllers/admin/screened_ip_addresses_controller_spec.rb
View File

@@ -16,13 +16,13 @@ describe Admin::ScreenedIpAddressesController do
Fabricate(:screened_ip_address, ip_address: "1.2.3.6")
Fabricate(:screened_ip_address, ip_address: "4.5.6.7")
xhr :get, :index, filter: "1.2.*"
get :index, params: { filter: "1.2.*" }, format: :json
expect(response).to be_success
result = JSON.parse(response.body)
expect(result.length).to eq(3)
xhr :get, :index, filter: "4.5.6.7"
get :index, params: { filter: "4.5.6.7" }, format: :json
expect(response).to be_success
result = JSON.parse(response.body)
@@ -44,7 +44,7 @@ describe Admin::ScreenedIpAddressesController do
StaffActionLogger.any_instance.expects(:log_roll_up)
SiteSetting.min_ban_entries_for_roll_up = 3
xhr :post, :roll_up
post :roll_up, format: :json
expect(response).to be_success
subnet = ScreenedIpAddress.where(ip_address: "1.2.3.0/24").first
@@ -64,7 +64,7 @@ describe Admin::ScreenedIpAddressesController do
StaffActionLogger.any_instance.expects(:log_roll_up)
SiteSetting.min_ban_entries_for_roll_up = 5
xhr :post, :roll_up
post :roll_up, format: :json
expect(response).to be_success
subnet = ScreenedIpAddress.where(ip_address: "1.2.0.0/16").first

2
spec/controllers/admin/screened_urls_controller_spec.rb
View File

@@ -9,7 +9,7 @@ describe Admin::ScreenedUrlsController do
context '.index' do
before do
xhr :get, :index
get :index, format: :json
end
subject { response }

29
spec/controllers/admin/site_settings_controller_spec.rb
View File

@@ -13,12 +13,12 @@ describe Admin::SiteSettingsController do
context 'index' do
it 'returns success' do
xhr :get, :index
get :index, format: :json
expect(response).to be_success
end
it 'returns JSON' do
xhr :get, :index
get :index, format: :json
expect(::JSON.parse(response.body)).to be_present
end
end
@@ -31,34 +31,47 @@ describe Admin::SiteSettingsController do
end
it 'sets the value when the param is present' do
xhr :put, :update, id: 'test_setting', test_setting: 'hello'
put :update, params: {
id: 'test_setting', test_setting: 'hello'
}, format: :json
expect(SiteSetting.test_setting).to eq('hello')
end
it 'allows value to be a blank string' do
xhr :put, :update, id: 'test_setting', test_setting: ''
put :update, params: {
id: 'test_setting', test_setting: ''
}, format: :json
expect(SiteSetting.test_setting).to eq('')
end
it 'logs the change' do
SiteSetting.test_setting = 'previous'
StaffActionLogger.any_instance.expects(:log_site_setting_change).with('test_setting', 'previous', 'hello')
xhr :put, :update, id: 'test_setting', test_setting: 'hello'
put :update, params: {
id: 'test_setting', test_setting: 'hello'
}, format: :json
expect(SiteSetting.test_setting).to eq('hello')
end
it 'does not allow changing of hidden settings' do
SiteSetting.setting(:hidden_setting, "hidden", hidden: true)
SiteSetting.refresh!
result = xhr :put, :update, id: 'hidden_setting', hidden_setting: 'not allowed'
put :update, params: {
id: 'hidden_setting', hidden_setting: 'not allowed'
}, format: :json
expect(SiteSetting.hidden_setting).to eq("hidden")
expect(result.status).to eq(422)
expect(response.status).to eq(422)
end
it 'fails when a setting does not exist' do
expect {
xhr :put, :update, id: 'provider', provider: 'gotcha'
put :update, params: { id: 'provider', provider: 'gotcha' }, format: :json
}.to raise_error(ArgumentError)
end
end

25
spec/controllers/admin/site_texts_controller_spec.rb
View File

@@ -13,7 +13,7 @@ describe Admin::SiteTextsController do
context '.index' do
it 'returns json' do
xhr :get, :index, q: 'title'
get :index, params: { q: 'title' }, format: :json
expect(response).to be_success
expect(::JSON.parse(response.body)).to be_present
end
@@ -21,7 +21,7 @@ describe Admin::SiteTextsController do
context '.show' do
it 'returns a site text for a key that exists' do
xhr :get, :show, id: 'title'
get :show, params: { id: 'title' }, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
@@ -35,7 +35,7 @@ describe Admin::SiteTextsController do
end
it 'returns not found for missing keys' do
xhr :get, :show, id: 'made_up_no_key_exists'
get :show, params: { id: 'made_up_no_key_exists' }, format: :json
expect(response).not_to be_success
end
end
@@ -52,7 +52,9 @@ describe Admin::SiteTextsController do
end
it 'returns the right error message' do
xhr :put, :update, id: 'some_key', site_text: { value: 'hello %{key}' }
put :update, params: {
id: 'some_key', site_text: { value: 'hello %{key}' }
}, format: :json
expect(response.status).to eq(422)
@@ -68,7 +70,7 @@ describe Admin::SiteTextsController do
it 'updates and reverts the key' do
orig_title = I18n.t(:title)
xhr :put, :update, id: 'title', site_text: { value: 'hello' }
put :update, params: { id: 'title', site_text: { value: 'hello' } }, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
@@ -81,7 +83,7 @@ describe Admin::SiteTextsController do
expect(site_text['value']).to eq('hello')
# Revert
xhr :put, :revert, id: 'title'
put :revert, params: { id: 'title' }, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
@@ -95,14 +97,19 @@ describe Admin::SiteTextsController do
end
it 'returns not found for missing keys' do
xhr :put, :update, id: 'made_up_no_key_exists', site_text: { value: 'hello' }
put :update, params: {
id: 'made_up_no_key_exists', site_text: { value: 'hello' }
}, format: :json
expect(response).not_to be_success
end
it 'logs the change' do
original_title = I18n.t(:title)
xhr :put, :update, id: 'title', site_text: { value: 'yay' }
put :update, params: {
id: 'title', site_text: { value: 'yay' }
}, format: :json
log = UserHistory.last
@@ -110,7 +117,7 @@ describe Admin::SiteTextsController do
expect(log.new_value).to eq('yay')
expect(log.action).to eq(UserHistory.actions[:change_site_text])
xhr :put, :revert, id: 'title'
put :revert, params: { id: 'title' }, format: :json
log = UserHistory.last

4
spec/controllers/admin/staff_action_logs_controller_spec.rb
View File

@@ -14,7 +14,7 @@ describe Admin::StaffActionLogsController do
topic = Fabricate(:topic)
_record = StaffActionLogger.new(Discourse.system_user).log_topic_deletion(topic)
xhr :get, :index, action_id: UserHistory.actions[:delete_topic]
get :index, params: { action_id: UserHistory.actions[:delete_topic] }, format: :json
json = JSON.parse(response.body)
expect(response).to be_success
@@ -40,7 +40,7 @@ describe Admin::StaffActionLogsController do
record = StaffActionLogger.new(Discourse.system_user)
.log_theme_change(original_json, theme)
xhr :get, :diff, id: record.id
get :diff, params: { id: record.id }, format: :json
expect(response).to be_success
parsed = JSON.parse(response.body)

62
spec/controllers/admin/themes_controller_spec.rb
View File

@@ -15,14 +15,15 @@ describe Admin::ThemesController do
render_views
let(:upload) do
ActionDispatch::Http::UploadedFile.new(filename: 'test.woff2',
tempfile: file_from_fixtures("fake.woff2", "woff2"))
Rack::Test::UploadedFile.new(file_from_fixtures("fake.woff2", "woff2"))
end
it 'can create a theme upload' do
xhr :post, :upload_asset, file: upload
post :upload_asset, params: { file: upload }, format: :json
expect(response.status).to eq(201)
upload = Upload.find_by(original_filename: "test.woff2")
upload = Upload.find_by(original_filename: "fake.woff2")
expect(upload.id).not_to be_nil
expect(JSON.parse(response.body)["upload_id"]).to eq(upload.id)
end
@@ -30,12 +31,11 @@ describe Admin::ThemesController do
context '.import' do
let(:theme_file) do
ActionDispatch::Http::UploadedFile.new(filename: 'sam-s-simple-theme.dcstyle.json',
tempfile: file_from_fixtures("sam-s-simple-theme.dcstyle.json", "json"))
Rack::Test::UploadedFile.new(file_from_fixtures("sam-s-simple-theme.dcstyle.json", "json"))
end
it 'imports a theme' do
xhr :post, :import, theme: theme_file
post :import, params: { theme: theme_file }, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
@@ -68,7 +68,7 @@ describe Admin::ThemesController do
# this will get serialized as well
ColorScheme.create_from_base(name: "test", colors: [])
xhr :get, :index
get :index, format: :json
expect(response).to be_success
@@ -83,7 +83,13 @@ describe Admin::ThemesController do
context ' .create' do
it 'creates a theme' do
xhr :post, :create, theme: { name: 'my test name', theme_fields: [name: 'scss', target: 'common', value: 'body{color: red;}'] }
post :create, params: {
theme: {
name: 'my test name',
theme_fields: [name: 'scss', target: 'common', value: 'body{color: red;}']
}
}, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
@@ -96,14 +102,22 @@ describe Admin::ThemesController do
context ' .update' do
it 'can change default theme' do
theme = Theme.create(name: 'my name', user_id: -1)
xhr :put, :update, id: theme.id, theme: { default: true }
put :update, params: {
id: theme.id, theme: { default: true }
}, format: :json
expect(SiteSetting.default_theme_key).to eq(theme.key)
end
it 'can unset default theme' do
theme = Theme.create(name: 'my name', user_id: -1)
SiteSetting.default_theme_key = theme.key
xhr :put, :update, id: theme.id, theme: { default: false }
put :update, params: {
id: theme.id, theme: { default: false }
}, format: :json
expect(SiteSetting.default_theme_key).to be_blank
end
@@ -116,16 +130,19 @@ describe Admin::ThemesController do
upload = Fabricate(:upload)
xhr :put, :update, id: theme.id,
theme: {
child_theme_ids: [child_theme.id],
name: 'my test name',
theme_fields: [
{ name: 'scss', target: 'common', value: '' },
{ name: 'scss', target: 'desktop', value: 'body{color: blue;}' },
{ name: 'bob', target: 'common', value: '', type_id: 2, upload_id: upload.id },
]
}
put :update, params: {
id: theme.id,
theme: {
child_theme_ids: [child_theme.id],
name: 'my test name',
theme_fields: [
{ name: 'scss', target: 'common', value: '' },
{ name: 'scss', target: 'desktop', value: 'body{color: blue;}' },
{ name: 'bob', target: 'common', value: '', type_id: 2, upload_id: upload.id },
]
}
}, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
@@ -135,11 +152,8 @@ describe Admin::ThemesController do
expect(fields[0]["value"]).to eq('')
expect(fields[0]["upload_id"]).to eq(upload.id)
expect(fields[1]["value"]).to eq('body{color: blue;}')
expect(fields.length).to eq(2)
expect(json["theme"]["child_themes"].length).to eq(1)
expect(UserHistory.where(action: UserHistory.actions[:change_theme]).count).to eq(1)
end
end

76
spec/controllers/admin/user_fields_controller_spec.rb
View File

@@ -12,19 +12,27 @@ describe Admin::UserFieldsController do
context '.create' do
it "creates a user field" do
expect {
xhr :post, :create, user_field: { name: 'hello', description: 'hello desc', field_type: 'text' }
post :create, params: {
user_field: { name: 'hello', description: 'hello desc', field_type: 'text' }
}, format: :json
expect(response).to be_success
}.to change(UserField, :count).by(1)
end
it "creates a user field with options" do
expect {
xhr :post, :create, user_field: { name: 'hello',
description: 'hello desc',
field_type: 'dropdown',
options: ['a', 'b', 'c'] }
expect do
post :create, params: {
user_field: {
name: 'hello',
description: 'hello desc',
field_type: 'dropdown',
options: ['a', 'b', 'c']
}
}, format: :json
expect(response).to be_success
}.to change(UserField, :count).by(1)
end.to change(UserField, :count).by(1)
expect(UserFieldOption.count).to eq(3)
end
@@ -34,7 +42,7 @@ describe Admin::UserFieldsController do
let!(:user_field) { Fabricate(:user_field) }
it "returns a list of user fields" do
xhr :get, :index
get :index, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json['user_fields']).to be_present
@@ -46,7 +54,7 @@ describe Admin::UserFieldsController do
it "deletes the user field" do
expect {
xhr :delete, :destroy, id: user_field.id
delete :destroy, params: { id: user_field.id }, format: :json
expect(response).to be_success
}.to change(UserField, :count).by(-1)
end
@@ -56,7 +64,11 @@ describe Admin::UserFieldsController do
let!(:user_field) { Fabricate(:user_field) }
it "updates the user field" do
xhr :put, :update, id: user_field.id, user_field: { name: 'fraggle', field_type: 'confirm', description: 'muppet' }
put :update, params: {
id: user_field.id,
user_field: { name: 'fraggle', field_type: 'confirm', description: 'muppet' }
}, format: :json
expect(response).to be_success
user_field.reload
expect(user_field.name).to eq('fraggle')
@@ -64,10 +76,16 @@ describe Admin::UserFieldsController do
end
it "updates the user field options" do
xhr :put, :update, id: user_field.id, user_field: { name: 'fraggle',
field_type: 'dropdown',
description: 'muppet',
options: ['hello', 'hello', 'world'] }
put :update, params: {
id: user_field.id,
user_field: {
name: 'fraggle',
field_type: 'dropdown',
description: 'muppet',
options: ['hello', 'hello', 'world']
}
}, format: :json
expect(response).to be_success
user_field.reload
expect(user_field.name).to eq('fraggle')
@@ -76,19 +94,31 @@ describe Admin::UserFieldsController do
end
it "keeps options when updating the user field" do
xhr :put, :update, id: user_field.id, user_field: { name: 'fraggle',
field_type: 'dropdown',
description: 'muppet',
options: ['hello', 'hello', 'world'],
position: 1 }
put :update, params: {
id: user_field.id,
user_field: {
name: 'fraggle',
field_type: 'dropdown',
description: 'muppet',
options: ['hello', 'hello', 'world'],
position: 1
}
}, format: :json
expect(response).to be_success
user_field.reload
expect(user_field.user_field_options.size).to eq(2)
xhr :put, :update, id: user_field.id, user_field: { name: 'fraggle',
field_type: 'dropdown',
description: 'muppet',
position: 2 }
put :update, params: {
id: user_field.id,
user_field: {
name: 'fraggle',
field_type: 'dropdown',
description: 'muppet',
position: 2
}
}, format: :json
expect(response).to be_success
user_field.reload
expect(user_field.user_field_options.size).to eq(2)

200
spec/controllers/admin/users_controller_spec.rb
View File

@@ -14,19 +14,19 @@ describe Admin::UsersController do
context '.index' do
it 'returns success' do
xhr :get, :index
get :index, format: :json
expect(response).to be_success
end
it 'returns JSON' do
xhr :get, :index
get :index, format: :json
expect(::JSON.parse(response.body)).to be_present
end
context 'when showing emails' do
it "returns email for all the users" do
xhr :get, :index, show_emails: "true"
get :index, params: { show_emails: "true" }, format: :json
data = ::JSON.parse(response.body)
data.each do |user|
expect(user["email"]).to be_present
@@ -36,7 +36,7 @@ describe Admin::UsersController do
it "logs only 1 enty" do
expect(UserHistory.where(action: UserHistory.actions[:check_email], acting_user_id: @user.id).count).to eq(0)
xhr :get, :index, show_emails: "true"
get :index, params: { show_emails: "true" }, format: :json
expect(UserHistory.where(action: UserHistory.actions[:check_email], acting_user_id: @user.id).count).to eq(1)
end
@@ -47,14 +47,14 @@ describe Admin::UsersController do
describe '.show' do
context 'an existing user' do
it 'returns success' do
xhr :get, :show, id: @user.id
get :show, params: { id: @user.id }, format: :json
expect(response).to be_success
end
end
context 'an existing user' do
it 'returns success' do
xhr :get, :show, id: 0
get :show, params: { id: 0 }, format: :json
expect(response).not_to be_success
end
end
@@ -66,19 +66,19 @@ describe Admin::UsersController do
it "does nothing without uesrs" do
User.any_instance.expects(:approve).never
xhr :put, :approve_bulk
put :approve_bulk, format: :json
end
it "won't approve the user when not allowed" do
Guardian.any_instance.expects(:can_approve?).with(evil_trout).returns(false)
User.any_instance.expects(:approve).never
xhr :put, :approve_bulk, users: [evil_trout.id]
put :approve_bulk, params: { users: [evil_trout.id] }, format: :json
end
it "approves the user when permitted" do
Guardian.any_instance.expects(:can_approve?).with(evil_trout).returns(true)
User.any_instance.expects(:approve).once
xhr :put, :approve_bulk, users: [evil_trout.id]
put :approve_bulk, params: { users: [evil_trout.id] }, format: :json
end
end
@@ -88,7 +88,7 @@ describe Admin::UsersController do
it 'calls generate_api_key' do
User.any_instance.expects(:generate_api_key).with(@user)
xhr :post, :generate_api_key, user_id: evil_trout.id
post :generate_api_key, params: { user_id: evil_trout.id }, format: :json
end
end
@@ -98,7 +98,7 @@ describe Admin::UsersController do
it 'calls revoke_api_key' do
User.any_instance.expects(:revoke_api_key)
xhr :delete, :revoke_api_key, user_id: evil_trout.id
delete :revoke_api_key, params: { user_id: evil_trout.id }, format: :json
end
end
@@ -109,13 +109,13 @@ describe Admin::UsersController do
it "raises an error when the user doesn't have permission" do
Guardian.any_instance.expects(:can_approve?).with(evil_trout).returns(false)
xhr :put, :approve, user_id: evil_trout.id
put :approve, params: { user_id: evil_trout.id }, format: :json
expect(response).to be_forbidden
end
it 'calls approve' do
User.any_instance.expects(:approve).with(@user)
xhr :put, :approve, user_id: evil_trout.id
put :approve, params: { user_id: evil_trout.id }, format: :json
end
end
@@ -126,7 +126,7 @@ describe Admin::UsersController do
it "also revoke any api keys" do
User.any_instance.expects(:revoke_api_key)
xhr :put, :suspend, user_id: evil_trout.id
put :suspend, params: { user_id: evil_trout.id }, format: :json
end
end
@@ -138,12 +138,12 @@ describe Admin::UsersController do
it 'raises an error unless the user can revoke access' do
Guardian.any_instance.expects(:can_revoke_admin?).with(@another_admin).returns(false)
xhr :put, :revoke_admin, user_id: @another_admin.id
put :revoke_admin, params: { user_id: @another_admin.id }, format: :json
expect(response).to be_forbidden
end
it 'updates the admin flag' do
xhr :put, :revoke_admin, user_id: @another_admin.id
put :revoke_admin, params: { user_id: @another_admin.id }, format: :json
@another_admin.reload
expect(@another_admin).not_to be_admin
end
@@ -160,18 +160,18 @@ describe Admin::UsersController do
it "raises an error when the user doesn't have permission" do
Guardian.any_instance.expects(:can_grant_admin?).with(@another_user).returns(false)
xhr :put, :grant_admin, user_id: @another_user.id
put :grant_admin, params: { user_id: @another_user.id }, format: :json
expect(response).to be_forbidden
end
it "returns a 404 if the username doesn't exist" do
xhr :put, :grant_admin, user_id: 123123
put :grant_admin, params: { user_id: 123123 }, format: :json
expect(response).to be_forbidden
end
it 'updates the admin flag' do
expect(AdminConfirmation.exists_for?(@another_user.id)).to eq(false)
xhr :put, :grant_admin, user_id: @another_user.id
put :grant_admin, params: { user_id: @another_user.id }, format: :json
expect(AdminConfirmation.exists_for?(@another_user.id)).to eq(true)
end
end
@@ -181,7 +181,9 @@ describe Admin::UsersController do
let(:group) { Fabricate(:group) }
it 'adds the user to the group' do
xhr :post, :add_group, group_id: group.id, user_id: user.id
post :add_group, params: {
group_id: group.id, user_id: user.id
}, format: :json
expect(response).to be_success
expect(GroupUser.where(user_id: user.id, group_id: group.id).exists?).to eq(true)
@@ -193,7 +195,10 @@ describe Admin::UsersController do
expect(group_history.target_user).to eq(user)
# Doing it again doesn't raise an error
xhr :post, :add_group, group_id: group.id, user_id: user.id
post :add_group, params: {
group_id: group.id, user_id: user.id
}, format: :json
expect(response).to be_success
end
end
@@ -207,31 +212,47 @@ describe Admin::UsersController do
it "raises an error when the user doesn't have permission" do
Guardian.any_instance.expects(:can_change_primary_group?).with(@another_user).returns(false)
xhr :put, :primary_group, user_id: @another_user.id
put :primary_group, params: {
user_id: @another_user.id
}, format: :json
expect(response).to be_forbidden
end
it "returns a 404 if the user doesn't exist" do
xhr :put, :primary_group, user_id: 123123
put :primary_group, params: {
user_id: 123123
}, format: :json
expect(response).to be_forbidden
end
it "changes the user's primary group" do
group.add(@another_user)
xhr :put, :primary_group, user_id: @another_user.id, primary_group_id: group.id
put :primary_group, params: {
user_id: @another_user.id, primary_group_id: group.id
}, format: :json
@another_user.reload
expect(@another_user.primary_group_id).to eq(group.id)
end
it "doesn't change primary group if they aren't a member of the group" do
xhr :put, :primary_group, user_id: @another_user.id, primary_group_id: group.id
put :primary_group, params: {
user_id: @another_user.id, primary_group_id: group.id
}, format: :json
@another_user.reload
expect(@another_user.primary_group_id).to be_nil
end
it "remove user's primary group" do
group.add(@another_user)
xhr :put, :primary_group, user_id: @another_user.id, primary_group_id: ""
put :primary_group, params: {
user_id: @another_user.id, primary_group_id: ""
}, format: :json
@another_user.reload
expect(@another_user.primary_group_id).to be(nil)
end
@@ -244,18 +265,28 @@ describe Admin::UsersController do
it "raises an error when the user doesn't have permission" do
Guardian.any_instance.expects(:can_change_trust_level?).with(@another_user).returns(false)
xhr :put, :trust_level, user_id: @another_user.id
put :trust_level, params: {
user_id: @another_user.id
}, format: :json
expect(response).not_to be_success
end
it "returns a 404 if the username doesn't exist" do
xhr :put, :trust_level, user_id: 123123
put :trust_level, params: {
user_id: 123123
}, format: :json
expect(response).not_to be_success
end
it "upgrades the user's trust level" do
StaffActionLogger.any_instance.expects(:log_trust_level_change).with(@another_user, @another_user.trust_level, 2).once
xhr :put, :trust_level, user_id: @another_user.id, level: 2
put :trust_level, params: {
user_id: @another_user.id, level: 2
}, format: :json
@another_user.reload
expect(@another_user.trust_level).to eq(2)
expect(response).to be_success
@@ -268,7 +299,11 @@ describe Admin::UsersController do
stat.time_read = SiteSetting.tl1_requires_time_spent_mins * 60
stat.save!
@another_user.update_attributes(trust_level: TrustLevel[1])
xhr :put, :trust_level, user_id: @another_user.id, level: TrustLevel[0]
put :trust_level, params: {
user_id: @another_user.id, level: TrustLevel[0]
}, format: :json
expect(response).to be_success
@another_user.reload
expect(@another_user.trust_level_locked).to eq(true)
@@ -282,12 +317,18 @@ describe Admin::UsersController do
it 'raises an error unless the user can revoke access' do
Guardian.any_instance.expects(:can_revoke_moderation?).with(@moderator).returns(false)
xhr :put, :revoke_moderation, user_id: @moderator.id
put :revoke_moderation, params: {
user_id: @moderator.id
}, format: :json
expect(response).to be_forbidden
end
it 'updates the moderator flag' do
xhr :put, :revoke_moderation, user_id: @moderator.id
put :revoke_moderation, params: {
user_id: @moderator.id
}, format: :json
@moderator.reload
expect(@moderator.moderator).not_to eq(true)
end
@@ -300,17 +341,17 @@ describe Admin::UsersController do
it "raises an error when the user doesn't have permission" do
Guardian.any_instance.expects(:can_grant_moderation?).with(@another_user).returns(false)
xhr :put, :grant_moderation, user_id: @another_user.id
put :grant_moderation, params: { user_id: @another_user.id }, format: :json
expect(response).to be_forbidden
end
it "returns a 404 if the username doesn't exist" do
xhr :put, :grant_moderation, user_id: 123123
put :grant_moderation, params: { user_id: 123123 }, format: :json
expect(response).to be_forbidden
end
it 'updates the moderator flag' do
xhr :put, :grant_moderation, user_id: @another_user.id
put :grant_moderation, params: { user_id: @another_user.id }, format: :json
@another_user.reload
expect(@another_user.moderator).to eq(true)
end
@@ -322,19 +363,26 @@ describe Admin::UsersController do
it 'does nothing without users' do
UserDestroyer.any_instance.expects(:destroy).never
xhr :delete, :reject_bulk
delete :reject_bulk, format: :json
end
it "won't delete users if not allowed" do
Guardian.any_instance.stubs(:can_delete_user?).returns(false)
UserDestroyer.any_instance.expects(:destroy).never
xhr :delete, :reject_bulk, users: [reject_me.id]
delete :reject_bulk, params: {
users: [reject_me.id]
}, format: :json
end
it "reports successes" do
Guardian.any_instance.stubs(:can_delete_user?).returns(true)
UserDestroyer.any_instance.stubs(:destroy).returns(true)
xhr :delete, :reject_bulk, users: [reject_me.id, reject_me_too.id]
delete :reject_bulk, params: {
users: [reject_me.id, reject_me_too.id]
}, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json['success'].to_i).to eq(2)
@@ -349,7 +397,11 @@ describe Admin::UsersController do
it 'can handle some successes and some failures' do
UserDestroyer.any_instance.stubs(:destroy).with(reject_me, anything).returns(false)
UserDestroyer.any_instance.stubs(:destroy).with(reject_me_too, anything).returns(true)
xhr :delete, :reject_bulk, users: [reject_me.id, reject_me_too.id]
delete :reject_bulk, params: {
users: [reject_me.id, reject_me_too.id]
}, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json['success'].to_i).to eq(1)
@@ -358,7 +410,11 @@ describe Admin::UsersController do
it 'reports failure due to a user still having posts' do
UserDestroyer.any_instance.expects(:destroy).with(reject_me, anything).raises(UserDestroyer::PostsExistError)
xhr :delete, :reject_bulk, users: [reject_me.id]
delete :reject_bulk, params: {
users: [reject_me.id]
}, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json['success'].to_i).to eq(0)
@@ -374,12 +430,12 @@ describe Admin::UsersController do
it "raises an error when the user doesn't have permission" do
Guardian.any_instance.expects(:can_delete_user?).with(@delete_me).returns(false)
xhr :delete, :destroy, id: @delete_me.id
delete :destroy, params: { id: @delete_me.id }, format: :json
expect(response).to be_forbidden
end
it "returns a 403 if the user doesn't exist" do
xhr :delete, :destroy, id: 123123
delete :destroy, params: { id: 123123 }, format: :json
expect(response).to be_forbidden
end
@@ -394,13 +450,13 @@ describe Admin::UsersController do
end
it "returns an error" do
xhr :delete, :destroy, id: @delete_me.id
delete :destroy, params: { id: @delete_me.id }, format: :json
expect(response).to be_forbidden
end
it "doesn't return an error if delete_posts == true" do
UserDestroyer.any_instance.expects(:destroy).with(@user, has_entry('delete_posts' => true)).returns(true)
xhr :delete, :destroy, id: @delete_me.id, delete_posts: true
delete :destroy, params: { id: @delete_me.id, delete_posts: true }, format: :json
expect(response).to be_success
end
@@ -408,7 +464,7 @@ describe Admin::UsersController do
it "deletes the user record" do
UserDestroyer.any_instance.expects(:destroy).returns(true)
xhr :delete, :destroy, id: @delete_me.id
delete :destroy, params: { id: @delete_me.id }, format: :json
end
end
@@ -418,7 +474,7 @@ describe Admin::UsersController do
end
it "returns success" do
xhr :put, :activate, user_id: @reg_user.id
put :activate, params: { user_id: @reg_user.id }, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json['success']).to eq("OK")
@@ -430,7 +486,7 @@ describe Admin::UsersController do
@reg_user.reload
expect(@reg_user.email_confirmed?).to eq(false)
xhr :put, :activate, user_id: @reg_user.id
put :activate, params: { user_id: @reg_user.id }, format: :json
expect(response).to be_success
@reg_user.reload
@@ -444,14 +500,14 @@ describe Admin::UsersController do
end
it "returns success" do
xhr :put, :log_out, user_id: @reg_user.id
put :log_out, params: { user_id: @reg_user.id }, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json['success']).to eq("OK")
end
it "returns 404 when user_id does not exist" do
xhr :put, :log_out, user_id: 123123
put :log_out, params: { user_id: 123123 }, format: :json
expect(response).not_to be_success
end
end
@@ -464,18 +520,18 @@ describe Admin::UsersController do
it "raises an error when the user doesn't have permission" do
Guardian.any_instance.expects(:can_block_user?).with(@reg_user).returns(false)
UserBlocker.expects(:block).never
xhr :put, :block, user_id: @reg_user.id
put :block, params: { user_id: @reg_user.id }, format: :json
expect(response).to be_forbidden
end
it "returns a 403 if the user doesn't exist" do
xhr :put, :block, user_id: 123123
put :block, params: { user_id: 123123 }, format: :json
expect(response).to be_forbidden
end
it "punishes the user for spamming" do
UserBlocker.expects(:block).with(@reg_user, @user, anything)
xhr :put, :block, user_id: @reg_user.id
put :block, params: { user_id: @reg_user.id }, format: :json
end
end
@@ -486,18 +542,18 @@ describe Admin::UsersController do
it "raises an error when the user doesn't have permission" do
Guardian.any_instance.expects(:can_unblock_user?).with(@reg_user).returns(false)
xhr :put, :unblock, user_id: @reg_user.id
put :unblock, params: { user_id: @reg_user.id }, format: :json
expect(response).to be_forbidden
end
it "returns a 403 if the user doesn't exist" do
xhr :put, :unblock, user_id: 123123
put :unblock, params: { user_id: 123123 }, format: :json
expect(response).to be_forbidden
end
it "punishes the user for spamming" do
UserBlocker.expects(:unblock).with(@reg_user, @user, anything)
xhr :put, :unblock, user_id: @reg_user.id
put :unblock, params: { user_id: @reg_user.id }, format: :json
end
end
@@ -505,7 +561,7 @@ describe Admin::UsersController do
it "uses ipinfo.io webservice to retrieve the info" do
Excon.expects(:get).with("https://ipinfo.io/123.123.123.123/json", read_timeout: 10, connect_timeout: 10)
xhr :get, :ip_info, ip: "123.123.123.123"
get :ip_info, params: { ip: "123.123.123.123" }, format: :json
end
end
@@ -518,7 +574,9 @@ describe Admin::UsersController do
UserDestroyer.any_instance.expects(:destroy).twice
xhr :delete, :delete_other_accounts_with_same_ip, ip: "42.42.42.42", exclude: -1, order: "trust_level DESC"
delete :delete_other_accounts_with_same_ip, params: {
ip: "42.42.42.42", exclude: -1, order: "trust_level DESC"
}, format: :json
end
end
@@ -526,14 +584,22 @@ describe Admin::UsersController do
context ".invite_admin" do
it "doesn't work when not via API" do
controller.stubs(:is_api?).returns(false)
xhr :post, :invite_admin, name: 'Bill', username: 'bill22', email: 'bill@bill.com'
post :invite_admin, params: {
name: 'Bill', username: 'bill22', email: 'bill@bill.com'
}, format: :json
expect(response).not_to be_success
end
it 'should invite admin' do
controller.stubs(:is_api?).returns(true)
Jobs.expects(:enqueue).with(:critical_user_email, anything).returns(true)
xhr :post, :invite_admin, name: 'Bill', username: 'bill22', email: 'bill@bill.com'
post :invite_admin, params: {
name: 'Bill', username: 'bill22', email: 'bill@bill.com'
}, format: :json
expect(response).to be_success
u = User.find_by_email('bill@bill.com')
@@ -545,7 +611,11 @@ describe Admin::UsersController do
it "doesn't send the email with send_email falsy" do
controller.stubs(:is_api?).returns(true)
Jobs.expects(:enqueue).with(:user_email, anything).never
xhr :post, :invite_admin, name: 'Bill', username: 'bill22', email: 'bill@bill.com', send_email: '0'
post :invite_admin, params: {
name: 'Bill', username: 'bill22', email: 'bill@bill.com', send_email: '0'
}, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json["password_url"]).to be_present
@@ -556,11 +626,11 @@ describe Admin::UsersController do
it "also clears the user's primary group" do
g = Fabricate(:group)
u = Fabricate(:user, primary_group: g)
xhr :delete, :remove_group, group_id: g.id, user_id: u.id
delete :remove_group, params: { group_id: g.id, user_id: u.id }, format: :json
expect(u.reload.primary_group).to be_nil
end
end
end
context '#sync_sso' do
@@ -592,7 +662,7 @@ describe Admin::UsersController do
sso.username = "Hokli$$!!"
sso.email = "bob2@bob.com"
xhr :post, :sync_sso, Rack::Utils.parse_query(sso.payload)
post :sync_sso, params: Rack::Utils.parse_query(sso.payload), format: :json
expect(response).to be_success
user.reload
@@ -606,7 +676,7 @@ describe Admin::UsersController do
sso.username = "dr_claw"
sso.email = "dr@claw.com"
sso.external_id = "2"
xhr :post, :sync_sso, Rack::Utils.parse_query(sso.payload)
post :sync_sso, params: Rack::Utils.parse_query(sso.payload), format: :json
expect(response).to be_success
user = User.find_by_email('dr@claw.com')
@@ -619,7 +689,7 @@ describe Admin::UsersController do
sso.name = ""
sso.external_id = "1"
xhr :post, :sync_sso, Rack::Utils.parse_query(sso.payload)
post :sync_sso, params: Rack::Utils.parse_query(sso.payload), format: :json
expect(response.status).to eq(403)
expect(JSON.parse(response.body)["message"]).to include("Primary email can't be blank")
end

2
spec/controllers/admin/versions_controller_spec.rb
View File

@@ -20,7 +20,7 @@ describe Admin::VersionsController do
end
describe 'show' do
subject { xhr :get, :show }
subject { get :show, format: :json }
it { is_expected.to be_success }
it 'should return the currently available version' do

51
spec/controllers/admin/web_hooks_controller_spec.rb
View File

@@ -14,17 +14,20 @@ describe Admin::WebHooksController do
describe '#create' do
it 'creates a webhook' do
xhr :post, :create, web_hook: {
payload_url: 'https://meta.discourse.org/',
content_type: 1,
secret: "a_secret_for_webhooks",
wildcard_web_hook: false,
active: true,
verify_certificate: true,
web_hook_event_type_ids: [1],
group_ids: [],
category_ids: []
}
post :create, params: {
web_hook: {
payload_url: 'https://meta.discourse.org/',
content_type: 1,
secret: "a_secret_for_webhooks",
wildcard_web_hook: false,
active: true,
verify_certificate: true,
web_hook_event_type_ids: [1],
group_ids: [],
category_ids: []
}
}, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
@@ -32,16 +35,19 @@ describe Admin::WebHooksController do
end
it 'returns error when field is not filled correctly' do
xhr :post, :create, web_hook: {
content_type: 1,
secret: "a_secret_for_webhooks",
wildcard_web_hook: false,
active: true,
verify_certificate: true,
web_hook_event_type_ids: [1],
group_ids: [],
category_ids: []
}
post :create, params: {
web_hook: {
content_type: 1,
secret: "a_secret_for_webhooks",
wildcard_web_hook: false,
active: true,
verify_certificate: true,
web_hook_event_type_ids: [1],
group_ids: [],
category_ids: []
}
}, format: :json
expect(response.status).to eq 422
response_body = JSON.parse(response.body)
@@ -53,7 +59,8 @@ describe Admin::WebHooksController do
it 'enqueues the ping event' do
Jobs.expects(:enqueue)
.with(:emit_web_hook_event, web_hook_id: web_hook.id, event_type: 'ping', event_name: 'ping')
xhr :post, :ping, id: web_hook.id
post :ping, params: { id: web_hook.id }, format: :json
expect(response).to be_success
end

6
spec/controllers/badges_controller_spec.rb
View File

@@ -20,7 +20,7 @@ describe BadgesController do
context 'show' do
it "should return a badge" do
get :show, id: badge.id, format: :json
get :show, params: { id: badge.id }, format: :json
expect(response.status).to eq(200)
parsed = JSON.parse(response.body)
expect(parsed["badge"]).to be_present
@@ -30,12 +30,12 @@ describe BadgesController do
log_in_user(user)
user_badge = BadgeGranter.grant(badge, user)
expect(user_badge.notification.read).to eq(false)
get :show, id: badge.id, format: :json
get :show, params: { id: badge.id }
expect(user_badge.notification.reload.read).to eq(true)
end
it 'renders rss feed of a badge' do
get :show, id: badge.id, format: :rss
get :show, params: { id: badge.id }, format: :rss
expect(response.status).to eq(200)
expect(response.content_type).to eq('application/rss+xml')
end

179
spec/controllers/categories_controller_spec.rb
View File

@@ -4,7 +4,7 @@ describe CategoriesController do
describe "create" do
it "requires the user to be logged in" do
expect { xhr :post, :create }.to raise_error(Discourse::NotLoggedIn)
expect { post :create, format: :json }.to raise_error(Discourse::NotLoggedIn)
end
describe "logged in" do
@@ -14,26 +14,38 @@ describe CategoriesController do
it "raises an exception when they don't have permission to create it" do
Guardian.any_instance.expects(:can_create?).with(Category, nil).returns(false)
xhr :post, :create, name: 'hello', color: 'ff0', text_color: 'fff'
post :create, params: {
name: 'hello', color: 'ff0', text_color: 'fff'
}, format: :json
expect(response).to be_forbidden
end
it "raises an exception when the name is missing" do
expect { xhr :post, :create, color: "ff0", text_color: "fff" }.to raise_error(ActionController::ParameterMissing)
expect do
post :create, params: { color: "ff0", text_color: "fff" }, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it "raises an exception when the color is missing" do
expect { xhr :post, :create, name: "hello", text_color: "fff" }.to raise_error(ActionController::ParameterMissing)
expect do
post :create, params: { name: "hello", text_color: "fff" }, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it "raises an exception when the text color is missing" do
expect { xhr :post, :create, name: "hello", color: "ff0" }.to raise_error(ActionController::ParameterMissing)
expect do
post :create, params: { name: "hello", color: "ff0" }, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
describe "failure" do
before do
@category = Fabricate(:category, user: @user)
xhr :post, :create, name: @category.name, color: "ff0", text_color: "fff"
post :create, params: {
name: @category.name, color: "ff0", text_color: "fff"
}, format: :json
end
it { is_expected.not_to respond_with(:success) }
@@ -48,12 +60,17 @@ describe CategoriesController do
readonly = CategoryGroup.permission_types[:readonly]
create_post = CategoryGroup.permission_types[:create_post]
xhr :post, :create, name: "hello", color: "ff0", text_color: "fff", slug: "hello-cat",
auto_close_hours: 72,
permissions: {
"everyone" => readonly,
"staff" => create_post
}
post :create, params: {
name: "hello",
color: "ff0",
text_color: "fff",
slug: "hello-cat",
auto_close_hours: 72,
permissions: {
"everyone" => readonly,
"staff" => create_post
}
}, format: :json
expect(response.status).to eq(200)
category = Category.find_by(name: "hello")
@@ -73,7 +90,8 @@ describe CategoriesController do
describe "destroy" do
it "requires the user to be logged in" do
expect { xhr :delete, :destroy, id: "category" }.to raise_error(Discourse::NotLoggedIn)
expect { delete :destroy, params: { id: "category" }, format: :json }
.to raise_error(Discourse::NotLoggedIn)
end
describe "logged in" do
@@ -84,13 +102,16 @@ describe CategoriesController do
it "raises an exception if they don't have permission to delete it" do
Guardian.any_instance.expects(:can_delete_category?).returns(false)
xhr :delete, :destroy, id: @category.slug
delete :destroy, params: { id: @category.slug }, format: :json
expect(response).to be_forbidden
end
it "deletes the record" do
Guardian.any_instance.expects(:can_delete_category?).returns(true)
expect { xhr :delete, :destroy, id: @category.slug }.to change(Category, :count).by(-1)
expect do
delete :destroy, params: { id: @category.slug }, format: :json
end.to change(Category, :count).by(-1)
expect(UserHistory.count).to eq(1)
end
end
@@ -119,24 +140,25 @@ describe CategoriesController do
payload[c3.id] = 6
payload[c4.id] = 5
xhr :post, :reorder, mapping: MultiJson.dump(payload)
post :reorder, params: { mapping: MultiJson.dump(payload) }, format: :json
SiteSetting.fixed_category_positions = true
list = CategoryList.new(Guardian.new(admin))
expect(list.categories).to eq([
Category.find(SiteSetting.uncategorized_category_id),
c1,
c4,
c2,
c3
])
Category.find(SiteSetting.uncategorized_category_id),
c1,
c4,
c2,
c3
])
end
end
describe "update" do
it "requires the user to be logged in" do
expect { xhr :put, :update, id: 'category' }.to raise_error(Discourse::NotLoggedIn)
expect { put :update, params: { id: 'category' }, format: :json }.to raise_error(Discourse::NotLoggedIn)
end
describe "logged in" do
@@ -149,26 +171,54 @@ describe CategoriesController do
it "raises an exception if they don't have permission to edit it" do
Guardian.any_instance.expects(:can_edit?).returns(false)
xhr :put, :update, id: @category.slug, name: 'hello', color: 'ff0', text_color: 'fff'
put :update, params: {
id: @category.slug,
name: 'hello',
color: 'ff0',
text_color: 'fff'
}, format: :json
expect(response).to be_forbidden
end
it "requires a name" do
expect { xhr :put, :update, id: @category.slug, color: 'fff', text_color: '0ff' }.to raise_error(ActionController::ParameterMissing)
expect do
put :update, params: {
id: @category.slug,
color: 'fff',
text_color: '0ff',
}, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it "requires a color" do
expect { xhr :put, :update, id: @category.slug, name: 'asdf', text_color: '0ff' }.to raise_error(ActionController::ParameterMissing)
expect do
put :update, params: {
id: @category.slug,
name: 'asdf',
text_color: '0ff',
}, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it "requires a text color" do
expect { xhr :put, :update, id: @category.slug, name: 'asdf', color: 'fff' }.to raise_error(ActionController::ParameterMissing)
expect do
put :update,
params: { id: @category.slug, name: 'asdf', color: 'fff' },
format: :json
end.to raise_error(ActionController::ParameterMissing)
end
describe "failure" do
before do
@other_category = Fabricate(:category, name: "Other", user: @user)
xhr :put, :update, id: @category.id, name: @other_category.name, color: "ff0", text_color: "fff"
put :update, params: {
id: @category.id,
name: @other_category.name,
color: "ff0",
text_color: "fff",
}, format: :json
end
it "returns errors on a duplicate category name" do
@@ -182,7 +232,14 @@ describe CategoriesController do
it "returns 422 if email_in address is already in use for other category" do
@other_category = Fabricate(:category, name: "Other", email_in: "mail@examle.com")
xhr :put, :update, id: @category.id, name: "Email", email_in: "mail@examle.com", color: "ff0", text_color: "fff"
put :update, params: {
id: @category.id,
name: "Email",
email_in: "mail@examle.com",
color: "ff0",
text_color: "fff",
}, format: :json
expect(response).not_to be_success
expect(response.code.to_i).to eq(422)
@@ -194,15 +251,21 @@ describe CategoriesController do
readonly = CategoryGroup.permission_types[:readonly]
create_post = CategoryGroup.permission_types[:create_post]
xhr :put, :update, id: @category.id, name: "hello", color: "ff0", text_color: "fff", slug: "hello-category",
auto_close_hours: 72,
permissions: {
"everyone" => readonly,
"staff" => create_post
},
custom_fields: {
"dancing" => "frogs"
}
put :update, params: {
id: @category.id,
name: "hello",
color: "ff0",
text_color: "fff",
slug: "hello-category",
auto_close_hours: 72,
permissions: {
"everyone" => readonly,
"staff" => create_post
},
custom_fields: {
"dancing" => "frogs"
},
}, format: :json
expect(response.status).to eq(200)
@category.reload
@@ -219,12 +282,16 @@ describe CategoriesController do
it 'logs the changes correctly' do
@category.update!(permissions: { "admins" => CategoryGroup.permission_types[:create_post] })
xhr :put , :update, id: @category.id, name: 'new name',
color: @category.color, text_color: @category.text_color,
slug: @category.slug,
permissions: {
put :update, params: {
id: @category.id,
name: 'new name',
color: @category.color,
text_color: @category.text_color,
slug: @category.slug,
permissions: {
"everyone" => CategoryGroup.permission_types[:create_post]
}
},
}, format: :json
expect(UserHistory.count).to eq(5) # 2 + 3 (bootstrap mode)
end
@@ -235,7 +302,9 @@ describe CategoriesController do
describe 'update_slug' do
it 'requires the user to be logged in' do
expect { xhr :put, :update_slug, category_id: 'category' }.to raise_error(Discourse::NotLoggedIn)
expect do
put :update_slug, params: { category_id: 'category' }, format: :json
end.to raise_error(Discourse::NotLoggedIn)
end
describe 'logged in' do
@@ -247,32 +316,44 @@ describe CategoriesController do
end
it 'rejects blank' do
xhr :put, :update_slug, category_id: @category.id, slug: nil
put :update_slug, params: { category_id: @category.id, slug: nil }, format: :json
expect(response.status).to eq(422)
end
it 'accepts valid custom slug' do
xhr :put, :update_slug, category_id: @category.id, slug: 'valid-slug'
put :update_slug,
params: { category_id: @category.id, slug: 'valid-slug' },
format: :json
expect(response).to be_success
expect(@category.reload.slug).to eq('valid-slug')
end
it 'accepts not well formed custom slug' do
xhr :put, :update_slug, category_id: @category.id, slug: ' valid slug'
put :update_slug,
params: { category_id: @category.id, slug: ' valid slug' },
format: :json
expect(response).to be_success
expect(@category.reload.slug).to eq('valid-slug')
end
it 'accepts and sanitize custom slug when the slug generation method is not english' do
SiteSetting.slug_generation_method = 'none'
xhr :put, :update_slug, category_id: @category.id, slug: ' another !_ slug @'
put :update_slug,
params: { category_id: @category.id, slug: ' another !_ slug @' },
format: :json
expect(response).to be_success
expect(@category.reload.slug).to eq('another-slug')
SiteSetting.slug_generation_method = 'ascii'
end
it 'rejects invalid custom slug' do
xhr :put, :update_slug, category_id: @category.id, slug: ' '
put :update_slug,
params: { category_id: @category.id, slug: ' ' },
format: :json
expect(response.status).to eq(422)
end
end

15
spec/controllers/category_hashtags_controller_spec.rb
View File

@@ -9,7 +9,8 @@ describe CategoryHashtagsController do
it 'only returns the categories that are valid' do
category = Fabricate(:category)
xhr :get, :check, category_slugs: [category.slug, 'none']
get :check, params: { category_slugs: [category.slug, 'none'] }, format: :json
expect(JSON.parse(response.body)).to eq(
"valid" => [{ "slug" => category.hashtag_slug, "url" => category.url_with_id }]
@@ -19,7 +20,8 @@ describe CategoryHashtagsController do
it 'does not return restricted categories for a normal user' do
group = Fabricate(:group)
private_category = Fabricate(:private_category, group: group)
xhr :get, :check, category_slugs: [private_category.slug]
get :check, params: { category_slugs: [private_category.slug] }, format: :json
expect(JSON.parse(response.body)).to eq("valid" => [])
end
@@ -29,7 +31,10 @@ describe CategoryHashtagsController do
group = Fabricate(:group)
group.add(admin)
private_category = Fabricate(:private_category, group: group)
xhr :get, :check, category_slugs: [private_category.slug]
get :check,
params: { category_slugs: [private_category.slug] },
format: :json
expect(JSON.parse(response.body)).to eq(
"valid" => [{ "slug" => private_category.hashtag_slug, "url" => private_category.url_with_id }]
@@ -39,7 +44,9 @@ describe CategoryHashtagsController do
describe "not logged in" do
it 'raises an exception' do
expect { xhr :get, :check, category_slugs: [] }.to raise_error(Discourse::NotLoggedIn)
expect do
get :check, params: { category_slugs: [] }, format: :json
end.to raise_error(Discourse::NotLoggedIn)
end
end
end

30
spec/controllers/clicks_controller_spec.rb
View File

@@ -6,12 +6,12 @@ describe ClicksController do
context 'missing params' do
it 'raises a 404 without the url param' do
xhr :get, :track, post_id: 123
get :track, params: { post_id: 123 }, format: :json
expect(response).to be_not_found
end
it "redirects to the url even without the topic_id or post_id params" do
xhr :get, :track, url: 'http://google.com'
get :track, params: { url: 'http://google.com' }, format: :json
expect(response).not_to be_redirect
end
end
@@ -19,12 +19,18 @@ describe ClicksController do
context 'correct params' do
let(:url) { "http://discourse.org" }
before { request.stubs(:remote_ip).returns('192.168.0.1') }
before do
request.headers.merge!('REMOTE_ADDR' => '192.168.0.1')
end
context "with a made up url" do
it "doesn't redirect" do
TopicLinkClick.expects(:create_from).returns(nil)
xhr :get, :track, url: 'http://discourse.org', post_id: 123
get :track,
params: { url: 'http://discourse.org', post_id: 123 },
format: :json
expect(response).not_to be_redirect
end
end
@@ -32,7 +38,11 @@ describe ClicksController do
context "with a query string" do
it "redirects" do
TopicLinkClick.expects(:create_from).with(has_entries('url' => 'http://discourse.org/?hello=123')).returns(url)
xhr :get, :track, url: 'http://discourse.org/?hello=123', post_id: 123
get :track, params: {
url: 'http://discourse.org/?hello=123', post_id: 123, format: :json
}
expect(response).to redirect_to(url)
end
end
@@ -40,13 +50,17 @@ describe ClicksController do
context 'with a post_id' do
it 'redirects' do
TopicLinkClick.expects(:create_from).with('url' => url, 'post_id' => '123', 'ip' => '192.168.0.1').returns(url)
xhr :get, :track, url: url, post_id: 123
get :track, params: { url: url, post_id: 123, format: :json }
expect(response).to redirect_to(url)
end
it "doesn't redirect with the redirect=false param" do
TopicLinkClick.expects(:create_from).with('url' => url, 'post_id' => '123', 'ip' => '192.168.0.1', 'redirect' => 'false').returns(url)
xhr :get, :track, url: url, post_id: 123, redirect: 'false'
get :track, params: {
url: url, post_id: 123, redirect: 'false', format: :json
}
expect(response).not_to be_redirect
end
@@ -55,7 +69,7 @@ describe ClicksController do
context 'with a topic_id' do
it 'redirects' do
TopicLinkClick.expects(:create_from).with('url' => url, 'topic_id' => '789', 'ip' => '192.168.0.1').returns(url)
xhr :get, :track, url: url, topic_id: 789
get :track, params: { url: url, topic_id: 789, format: :json }
expect(response).to redirect_to(url)
end
end

6
spec/controllers/composer_messages_controller_spec.rb
View File

@@ -5,7 +5,7 @@ describe ComposerMessagesController do
context '.index' do
it 'requires you to be logged in' do
expect { xhr :get, :index }.to raise_error(Discourse::NotLoggedIn)
expect { get :index, format: :json }.to raise_error(Discourse::NotLoggedIn)
end
context 'when logged in' do
@@ -13,7 +13,7 @@ describe ComposerMessagesController do
let(:args) { { 'topic_id' => '123', 'post_id' => '333', 'composer_action' => 'reply' } }
it 'redirects to your user preferences' do
xhr :get, :index
get :index, format: :json
expect(response).to be_success
end
@@ -21,7 +21,7 @@ describe ComposerMessagesController do
finder = mock
ComposerMessagesFinder.expects(:new).with(instance_of(User), has_entries(args)).returns(finder)
finder.expects(:find)
xhr :get, :index, args
get :index, params: args, format: :json
end
end
end

11
spec/controllers/directory_items_controller_spec.rb
View File

@@ -3,11 +3,11 @@ require 'rails_helper'
describe DirectoryItemsController do
it "requires a `period` param" do
expect { xhr :get, :index }.to raise_error(ActionController::ParameterMissing)
expect { get :index, format: :json }.to raise_error(ActionController::ParameterMissing)
end
it "requires a proper `period` param" do
xhr :get, :index, period: 'eviltrout'
get :index, params: { period: 'eviltrout' }, format: :json
expect(response).not_to be_success
end
@@ -17,9 +17,8 @@ describe DirectoryItemsController do
let!(:user) { log_in }
it "succeeds" do
xhr :get, :index, period: 'all'
get :index, params: { period: 'all' }, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
end
end
@@ -32,7 +31,7 @@ describe DirectoryItemsController do
end
it "succeeds with a valid value" do
xhr :get, :index, period: 'all'
get :index, params: { period: 'all' }, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
@@ -45,7 +44,7 @@ describe DirectoryItemsController do
it "fails when the directory is disabled" do
SiteSetting.enable_user_directory = false
xhr :get, :index, period: 'all'
get :index, params: { period: 'all' }, format: :json
expect(response).not_to be_success
end
end

4
spec/controllers/draft_controller_spec.rb
View File

@@ -8,14 +8,14 @@ describe DraftController do
it 'saves a draft on update' do
user = log_in
post :update, draft_key: 'xyz', data: 'my data', sequence: 0
post :update, params: { draft_key: 'xyz', data: 'my data', sequence: 0 }, format: :json
expect(Draft.get(user, 'xyz', 0)).to eq('my data')
end
it 'destroys drafts when required' do
user = log_in
Draft.set(user, 'xxx', 0, 'hi')
delete :destroy, draft_key: 'xxx', sequence: 0
delete :destroy, params: { draft_key: 'xxx', sequence: 0 }, format: :json
expect(Draft.get(user, 'xxx', 0)).to eq(nil)
end

67
spec/controllers/email_controller_spec.rb
View File

@@ -5,14 +5,14 @@ describe EmailController do
context '.preferences_redirect' do
it 'requires you to be logged in' do
expect { get :preferences_redirect }.to raise_error(Discourse::NotLoggedIn)
expect { get :preferences_redirect, format: :json }.to raise_error(Discourse::NotLoggedIn)
end
context 'when logged in' do
let!(:user) { log_in }
it 'redirects to your user preferences' do
get :preferences_redirect
get :preferences_redirect, format: :json
expect(response).to redirect_to("/u/#{user.username}/preferences")
end
end
@@ -21,7 +21,7 @@ describe EmailController do
context '.perform unsubscribe' do
it 'raises not found on invalid key' do
post :perform_unsubscribe, key: "123"
post :perform_unsubscribe, params: { key: "123" }, format: :json
expect(response.status).to eq(404)
end
@@ -34,7 +34,10 @@ describe EmailController do
email_direct: true,
email_private_messages: true)
post :perform_unsubscribe, key: key, unsubscribe_all: "1"
post :perform_unsubscribe,
params: { key: key, unsubscribe_all: "1" },
format: :json
expect(response.status).to eq(302)
user.user_option.reload
@@ -52,7 +55,10 @@ describe EmailController do
user.user_option.update_columns(mailing_list_mode: true)
post :perform_unsubscribe, key: key, disable_mailing_list: "1"
post :perform_unsubscribe,
params: { key: key, disable_mailing_list: "1" },
format: :json
expect(response.status).to eq(302)
user.user_option.reload
@@ -66,7 +72,10 @@ describe EmailController do
user.user_option.update_columns(email_digests: true)
post :perform_unsubscribe, key: key, disable_digest_emails: "1"
post :perform_unsubscribe,
params: { key: key, disable_digest_emails: "1" },
format: :json
expect(response.status).to eq(302)
user.user_option.reload
@@ -79,7 +88,11 @@ describe EmailController do
key = UnsubscribeKey.create_key_for(p.user, p)
TopicUser.change(p.user_id, p.topic_id, notification_level: TopicUser.notification_levels[:watching])
post :perform_unsubscribe, key: key, unwatch_topic: "1"
post :perform_unsubscribe,
params: { key: key, unwatch_topic: "1" },
format: :json
expect(response.status).to eq(302)
expect(TopicUser.get(p.topic, p.user).notification_level).to eq(TopicUser.notification_levels[:tracking])
@@ -90,7 +103,11 @@ describe EmailController do
key = UnsubscribeKey.create_key_for(p.user, p)
TopicUser.change(p.user_id, p.topic_id, notification_level: TopicUser.notification_levels[:watching])
post :perform_unsubscribe, key: key, mute_topic: "1"
post :perform_unsubscribe,
params: { key: key, mute_topic: "1" },
format: :json
expect(response.status).to eq(302)
expect(TopicUser.get(p.topic, p.user).notification_level).to eq(TopicUser.notification_levels[:muted])
@@ -104,7 +121,10 @@ describe EmailController do
category_id: p.topic.category_id,
notification_level: CategoryUser.notification_levels[:watching])
post :perform_unsubscribe, key: key, unwatch_category: "1"
post :perform_unsubscribe,
params: { key: key, unwatch_category: "1" },
format: :json
expect(response.status).to eq(302)
expect(CategoryUser.find_by(id: cu.id)).to eq(nil)
@@ -118,7 +138,10 @@ describe EmailController do
category_id: p.topic.category_id,
notification_level: CategoryUser.notification_levels[:watching_first_post])
post :perform_unsubscribe, key: key, unwatch_category: "1"
post :perform_unsubscribe,
params: { key: key, unwatch_category: "1" },
format: :json
expect(response.status).to eq(302)
expect(CategoryUser.find_by(id: cu.id)).to eq(nil)
@@ -134,14 +157,14 @@ describe EmailController do
user = Fabricate(:user)
key = UnsubscribeKey.create_key_for(user, "digest")
get :unsubscribe, key: key
get :unsubscribe, params: { key: key }
expect(response.body).to include(I18n.t("unsubscribe.log_out"))
expect(response.body).to include(I18n.t("unsubscribe.different_user_description"))
end
it 'displays not found if key is not found' do
get :unsubscribe, key: SecureRandom.hex
get :unsubscribe, params: { key: SecureRandom.hex }
expect(response.body).to include(CGI.escapeHTML(I18n.t("unsubscribe.not_found_description")))
end
@@ -152,18 +175,18 @@ describe EmailController do
user.user_option.update_columns(mailing_list_mode: true)
get :unsubscribe, key: key
get :unsubscribe, params: { key: key }
expect(response.body).to include(I18n.t("unsubscribe.mailing_list_mode"))
SiteSetting.disable_mailing_list_mode = true
get :unsubscribe, key: key
get :unsubscribe, params: { key: key }
expect(response.body).not_to include(I18n.t("unsubscribe.mailing_list_mode"))
user.user_option.update_columns(mailing_list_mode: false)
SiteSetting.disable_mailing_list_mode = false
get :unsubscribe, key: key
get :unsubscribe, params: { key: key }
expect(response.body).not_to include(I18n.t("unsubscribe.mailing_list_mode"))
end
@@ -175,7 +198,7 @@ describe EmailController do
key = UnsubscribeKey.create_key_for(user, "digest")
# because we are type digest we will always show digest and it will be selected
get :unsubscribe, key: key
get :unsubscribe, params: { key: key }
expect(response.body).to include(I18n.t("unsubscribe.disable_digest_emails"))
source = Nokogiri::HTML::fragment(response.body)
@@ -183,13 +206,13 @@ describe EmailController do
SiteSetting.disable_digest_emails = true
get :unsubscribe, key: key
get :unsubscribe, params: { key: key }
expect(response.body).not_to include(I18n.t("unsubscribe.disable_digest_emails"))
SiteSetting.disable_digest_emails = false
key = UnsubscribeKey.create_key_for(user, "not_digest")
get :unsubscribe, key: key
get :unsubscribe, params: { key: key }
expect(response.body).to include(I18n.t("unsubscribe.disable_digest_emails"))
end
@@ -201,12 +224,12 @@ describe EmailController do
notification_level: CategoryUser.notification_levels[:watching])
key = UnsubscribeKey.create_key_for(user, post)
get :unsubscribe, key: key
get :unsubscribe, params: { key: key }
expect(response.body).to include("unwatch_category")
cu.destroy!
get :unsubscribe, key: key
get :unsubscribe, params: { key: key }
expect(response.body).not_to include("unwatch_category")
end
@@ -219,12 +242,12 @@ describe EmailController do
notification_level: CategoryUser.notification_levels[:watching_first_post])
key = UnsubscribeKey.create_key_for(user, post)
get :unsubscribe, key: key
get :unsubscribe, params: { key: key }
expect(response.body).to include("unwatch_category")
cu.destroy!
get :unsubscribe, key: key
get :unsubscribe, params: { key: key }
expect(response.body).not_to include("unwatch_category")
end

146
spec/controllers/embed_controller_spec.rb
View File

@@ -1,146 +0,0 @@
require 'rails_helper'
describe EmbedController do
let(:host) { "eviltrout.com" }
let(:embed_url) { "http://eviltrout.com/2013/02/10/why-discourse-uses-emberjs.html" }
let(:discourse_username) { "eviltrout" }
it "is 404 without an embed_url" do
get :comments
expect(response).to render_template :embed_error
end
it "raises an error with a missing host" do
get :comments, embed_url: embed_url
expect(response).to render_template :embed_error
end
context "by topic id" do
before do
Fabricate(:embeddable_host)
controller.request.stubs(:referer).returns('http://eviltrout.com/some-page')
end
it "allows a topic to be embedded by id" do
topic = Fabricate(:topic)
get :comments, topic_id: topic.id
expect(response).to be_success
end
end
context ".info" do
context "without api key" do
it "fails" do
get :info, format: :json
expect(response).to render_template :embed_error
end
end
context "with api key" do
let(:api_key) { ApiKey.create_master_key }
context "with valid embed url" do
let(:topic_embed) { Fabricate(:topic_embed, embed_url: embed_url) }
it "returns information about the topic" do
get :info, format: :json, embed_url: topic_embed.embed_url, api_key: api_key.key, api_username: "system"
json = JSON.parse(response.body)
expect(json['topic_id']).to eq(topic_embed.topic.id)
expect(json['post_id']).to eq(topic_embed.post.id)
expect(json['topic_slug']).to eq(topic_embed.topic.slug)
end
end
context "without invalid embed url" do
it "returns error response" do
get :info, format: :json, embed_url: "http://nope.com", api_key: api_key.key, api_username: "system"
json = JSON.parse(response.body)
expect(json["error_type"]).to eq("not_found")
end
end
end
end
context "with a host" do
let!(:embeddable_host) { Fabricate(:embeddable_host) }
it "raises an error with no referer" do
get :comments, embed_url: embed_url
expect(response).to render_template :embed_error
end
context "success" do
before do
controller.request.stubs(:referer).returns(embed_url)
end
after do
expect(response).to be_success
expect(response.headers['X-Frame-Options']).to eq("ALLOWALL")
end
it "tells the topic retriever to work when no previous embed is found" do
TopicEmbed.expects(:topic_id_for_embed).returns(nil)
retriever = mock
TopicRetriever.expects(:new).returns(retriever)
retriever.expects(:retrieve)
get :comments, embed_url: embed_url
end
it "creates a topic view when a topic_id is found" do
TopicEmbed.expects(:topic_id_for_embed).returns(123)
TopicView.expects(:new).with(123, nil, limit: 100, exclude_first: true, exclude_deleted_users: true, exclude_hidden: true)
get :comments, embed_url: embed_url
end
it "provides the topic retriever with the discourse username when provided" do
TopicRetriever.expects(:new).with(embed_url, has_entry(author_username: discourse_username))
get :comments, embed_url: embed_url, discourse_username: discourse_username
end
end
end
context "with multiple hosts" do
before do
Fabricate(:embeddable_host)
Fabricate(:embeddable_host, host: 'http://discourse.org')
Fabricate(:embeddable_host, host: 'https://example.com/1234', class_name: 'example')
end
context "success" do
it "works with the first host" do
controller.request.stubs(:referer).returns("http://eviltrout.com/wat/1-2-3.html")
get :comments, embed_url: embed_url
expect(response).to be_success
end
it "works with the second host" do
controller.request.stubs(:referer).returns("https://discourse.org/blog-entry-1")
get :comments, embed_url: embed_url
expect(response).to be_success
end
it "works with a host with a path" do
controller.request.stubs(:referer).returns("https://example.com/some-other-path")
get :comments, embed_url: embed_url
expect(response).to be_success
end
it "contains custom class name" do
controller.request.stubs(:referer).returns("https://example.com/some-other-path")
get :comments, embed_url: embed_url
expect(assigns(:embeddable_css_class)).to eq(' class="example"')
end
it "doesn't work with a made up host" do
controller.request.stubs(:referer).returns("http://codinghorror.com/invalid-url")
get :comments, embed_url: embed_url
expect(response).to render_template :embed_error
end
end
end
end

22
spec/controllers/export_csv_controller_spec.rb
View File

@@ -6,7 +6,7 @@ describe ExportCsvController do
context "while not logged in" do
describe ".download" do
it "returns 404 when the unauthorized user tries to export csv file" do
get :show, id: export_filename
get :show, params: { id: export_filename }
expect(response.status).to eq(404)
end
end
@@ -18,19 +18,19 @@ describe ExportCsvController do
describe ".export_entity" do
it "enqueues export job" do
Jobs.expects(:enqueue).with(:export_csv_file, has_entries(entity: "user_archive", user_id: @user.id))
xhr :post, :export_entity, entity: "user_archive"
post :export_entity, params: { entity: "user_archive" }, format: :json
expect(response).to be_success
end
it "should not enqueue export job if rate limit is reached" do
Jobs::ExportCsvFile.any_instance.expects(:execute).never
UserExport.create(file_name: "user-archive-codinghorror-150116-003249", user_id: @user.id)
xhr :post, :export_entity, entity: "user_archive"
post :export_entity, params: { entity: "user_archive" }, format: :json
expect(response).not_to be_success
end
it "returns 404 when normal user tries to export admin entity" do
xhr :post, :export_entity, entity: "staff_action"
post :export_entity, params: { entity: "staff_action" }, format: :json
expect(response).not_to be_success
end
end
@@ -43,18 +43,18 @@ describe ExportCsvController do
export = UserExport.new()
UserExport.expects(:get_download_path).with(file_name).returns(export)
subject.expects(:send_file).with(export)
get :show, id: file_name
get :show, params: { id: file_name }
expect(response).to be_success
end
it "returns 404 when the user tries to export another user's csv file" do
get :show, id: export_filename
get :show, params: { id: export_filename }
expect(response).to be_not_found
end
it "returns 404 when the export file does not exist" do
UserExport.expects(:get_download_path).returns(nil)
get :show, id: export_filename
get :show, params: { id: export_filename }
expect(response).to be_not_found
end
end
@@ -66,14 +66,14 @@ describe ExportCsvController do
describe ".export_entity" do
it "enqueues export job" do
Jobs.expects(:enqueue).with(:export_csv_file, has_entries(entity: "staff_action", user_id: @admin.id))
xhr :post, :export_entity, entity: "staff_action"
post :export_entity, params: { entity: "staff_action" }, format: :json
expect(response).to be_success
end
it "should not rate limit export for staff" do
Jobs.expects(:enqueue).with(:export_csv_file, has_entries(entity: "staff_action", user_id: @admin.id))
UserExport.create(file_name: "screened-email-150116-010145", user_id: @admin.id)
xhr :post, :export_entity, entity: "staff_action"
post :export_entity, params: { entity: "staff_action" }, format: :json
expect(response).to be_success
end
end
@@ -86,13 +86,13 @@ describe ExportCsvController do
export = UserExport.new()
UserExport.expects(:get_download_path).with(file_name).returns(export)
subject.expects(:send_file).with(export)
get :show, id: file_name
get :show, params: { id: file_name }
expect(response).to be_success
end
it "returns 404 when the export file does not exist" do
UserExport.expects(:get_download_path).returns(nil)
get :show, id: export_filename
get :show, params: { id: export_filename }
expect(response).to be_not_found
end
end

22
spec/controllers/extra_locales_controller_spec.rb
View File

@@ -5,13 +5,13 @@ describe ExtraLocalesController do
context 'show' do
it "needs a valid bundle" do
get :show, bundle: 'made-up-bundle'
get :show, params: { bundle: 'made-up-bundle' }
expect(response).to_not be_success
expect(response.body).to be_blank
end
it "won't work with a weird parameter" do
get :show, bundle: '-invalid..character!!'
get :show, params: { bundle: '-invalid..character!!' }
expect(response).to_not be_success
end
@@ -22,16 +22,16 @@ describe ExtraLocalesController do
JsLocaleHelper.expects(:plugin_translations)
.with(I18n.locale.to_s)
.returns("admin_js" => {
"admin" => {
"site_settings" => {
"categories" => {
"github_badges" => "Github Badges"
}
}
}
}).at_least_once
"admin" => {
"site_settings" => {
"categories" => {
"github_badges" => "Github Badges"
}
}
}
}).at_least_once
get :show, bundle: "admin"
get :show, params: { bundle: "admin" }
expect(response).to be_success
expect(response.body.include?("github_badges")).to eq(true)

32
spec/controllers/finish_installation_controller_spec.rb
View File

@@ -50,19 +50,34 @@ describe FinishInstallationController do
end
it "raises an error when the email is not in the allowed list" do
expect {
post :register, email: 'notrobin@example.com', username: 'eviltrout', password: 'disismypasswordokay'
}.to raise_error(Discourse::InvalidParameters)
expect do
post :register, params: {
email: 'notrobin@example.com',
username: 'eviltrout',
password: 'disismypasswordokay'
}, format: :json
end.to raise_error(Discourse::InvalidParameters)
end
it "doesn't redirect when fields are wrong" do
post :register, email: 'robin@example.com', username: '', password: 'disismypasswordokay'
post :register, params: {
email: 'robin@example.com',
username: '',
password: 'disismypasswordokay'
}
expect(response).not_to be_redirect
end
it "registers the admin when the email is in the list" do
Jobs.expects(:enqueue).with(:critical_user_email, has_entries(type: :signup))
post :register, email: 'robin@example.com', username: 'eviltrout', password: 'disismypasswordokay'
post :register, params: {
email: 'robin@example.com',
username: 'eviltrout',
password: 'disismypasswordokay'
}, format: :json
expect(response).to be_redirect
expect(User.where(username: 'eviltrout').exists?).to eq(true)
end
@@ -87,7 +102,12 @@ describe FinishInstallationController do
before do
SiteSetting.has_login_hint = true
GlobalSetting.stubs(:developer_emails).returns("robin@example.com")
post :register, email: 'robin@example.com', username: 'eviltrout', password: 'disismypasswordokay'
post :register, params: {
email: 'robin@example.com',
username: 'eviltrout',
password: 'disismypasswordokay'
}
end
it "resends the email" do

22
spec/controllers/groups_controller_spec.rb
View File

@@ -6,20 +6,20 @@ describe GroupsController do
describe 'show' do
it "ensures the group can be seen" do
Guardian.any_instance.expects(:can_see?).with(group).returns(false)
xhr :get, :show, id: group.name
get :show, params: { id: group.name }, format: :json
expect(response).not_to be_success
end
it "responds with JSON" do
Guardian.any_instance.expects(:can_see?).with(group).returns(true)
xhr :get, :show, id: group.name
get :show, params: { id: group.name }, format: :json
expect(response).to be_success
expect(::JSON.parse(response.body)['basic_group']['id']).to eq(group.id)
end
it "works even with an upper case group name" do
Guardian.any_instance.expects(:can_see?).with(group).returns(true)
xhr :get, :show, id: group.name.upcase
get :show, params: { id: group.name.upcase }, format: :json
expect(response).to be_success
expect(::JSON.parse(response.body)['basic_group']['id']).to eq(group.id)
end
@@ -28,14 +28,14 @@ describe GroupsController do
describe "posts" do
it "ensures the group can be seen" do
Guardian.any_instance.expects(:can_see?).with(group).returns(false)
xhr :get, :posts, group_id: group.name
get :posts, params: { group_id: group.name }, format: :json
expect(response).not_to be_success
end
it "calls `posts_for` and responds with JSON" do
Guardian.any_instance.expects(:can_see?).with(group).returns(true)
Group.any_instance.expects(:posts_for).returns(Group.none)
xhr :get, :posts, group_id: group.name
get :posts, params: { group_id: group.name }, format: :json
expect(response).to be_success
end
end
@@ -43,13 +43,13 @@ describe GroupsController do
describe "members" do
it "ensures the group can be seen" do
Guardian.any_instance.expects(:can_see?).with(group).returns(false)
xhr :get, :members, group_id: group.name
get :members, params: { group_id: group.name }, format: :json
expect(response).not_to be_success
end
it "calls `posts_for` and responds with JSON" do
Guardian.any_instance.expects(:can_see?).with(group).returns(true)
xhr :get, :posts, group_id: group.name
get :posts, params: { group_id: group.name }, format: :json
expect(response).to be_success
end
@@ -57,12 +57,12 @@ describe GroupsController do
5.times { group.add(Fabricate(:user)) }
usernames = group.users.map { |m| m.username }.sort
xhr :get, :members, group_id: group.name, limit: 3
get :members, params: { group_id: group.name, limit: 3 }, format: :json
expect(response).to be_success
members = JSON.parse(response.body)["members"]
expect(members.map { |m| m['username'] }).to eq(usernames[0..2])
xhr :get, :members, group_id: group.name, limit: 3, offset: 3
get :members, params: { group_id: group.name, limit: 3, offset: 3 }, format: :json
expect(response).to be_success
members = JSON.parse(response.body)["members"]
expect(members.map { |m| m['username'] }).to eq(usernames[3..4])
@@ -71,7 +71,7 @@ describe GroupsController do
describe '.posts_feed' do
it 'renders RSS' do
get :posts_feed, group_id: group.name, format: :rss
get :posts_feed, params: { group_id: group.name }, format: :rss
expect(response).to be_success
expect(response.content_type).to eq('application/rss+xml')
end
@@ -79,7 +79,7 @@ describe GroupsController do
describe '.mentions_feed' do
it 'renders RSS' do
get :mentions_feed, group_id: group.name, format: :rss
get :mentions_feed, params: { group_id: group.name }, format: :rss
expect(response).to be_success
expect(response.content_type).to eq('application/rss+xml')
end

8
spec/controllers/inline_onebox_controller_spec.rb
View File

@@ -3,14 +3,16 @@ require 'rails_helper'
describe InlineOneboxController do
it "requires the user to be logged in" do
expect { xhr :get, :show, urls: [] }.to raise_error(Discourse::NotLoggedIn)
expect do
get :show, params: { urls: [] }, format: :json
end.to raise_error(Discourse::NotLoggedIn)
end
context "logged in" do
let!(:user) { log_in(:user) }
it "returns empty JSON for empty input" do
xhr :get, :show, urls: []
get :show, params: { urls: [] }, format: :json
expect(response).to be_success
json = JSON.parse(response.body)
expect(json['inline-oneboxes']).to eq([])
@@ -20,7 +22,7 @@ describe InlineOneboxController do
let(:topic) { Fabricate(:topic) }
it "returns information for a valid link" do
xhr :get, :show, urls: [ topic.url ]
get :show, params: { urls: [ topic.url ] }, format: :json
expect(response).to be_success
json = JSON.parse(response.body)
onebox = json['inline-oneboxes'][0]

130
spec/controllers/invites_controller_spec.rb
View File

@@ -3,26 +3,40 @@ require 'rails_helper'
describe InvitesController do
context '.show' do
render_views
it "shows error if invite not found" do
get :show, id: 'nopeNOPEnope'
expect(response).to render_template(layout: 'no_ember')
expect(flash[:error]).to be_present
get :show, params: { id: 'nopeNOPEnope' }
expect(response).to be_success
body = response.body
expect(body).to_not have_tag(:script, with: { src: '/assets/application.js' })
expect(CGI.unescapeHTML(body)).to include(I18n.t('invite.not_found'))
end
it "renders the accept invite page if invite exists" do
i = Fabricate(:invite)
get :show, id: i.invite_key
expect(response).to render_template(layout: 'application')
expect(flash[:error]).to be_nil
get :show, params: { id: i.invite_key }
expect(response).to be_success
body = response.body
expect(body).to have_tag(:script, with: { src: '/assets/application.js' })
expect(CGI.unescapeHTML(body)).to_not include(I18n.t('invite.not_found'))
end
end
context '.destroy' do
it 'requires you to be logged in' do
expect {
delete :destroy, email: 'jake@adventuretime.ooo'
}.to raise_error(Discourse::NotLoggedIn)
expect do
delete :destroy,
params: { email: 'jake@adventuretime.ooo' },
format: :json
end.to raise_error(Discourse::NotLoggedIn)
end
context 'while logged in' do
@@ -31,20 +45,24 @@ describe InvitesController do
let(:another_invite) { Fabricate(:invite, email: 'anotheremail@address.com') }
it 'raises an error when the email is missing' do
expect { delete :destroy }.to raise_error(ActionController::ParameterMissing)
expect { delete :destroy, format: :json }.to raise_error(ActionController::ParameterMissing)
end
it "raises an error when the email cannot be found" do
expect { delete :destroy, email: 'finn@adventuretime.ooo' }.to raise_error(Discourse::InvalidParameters)
expect do
delete :destroy, params: { email: 'finn@adventuretime.ooo' }, format: :json
end.to raise_error(Discourse::InvalidParameters)
end
it 'raises an error when the invite is not yours' do
expect { delete :destroy, email: another_invite.email }.to raise_error(Discourse::InvalidParameters)
expect do
delete :destroy, params: { email: another_invite.email }, format: :json
end.to raise_error(Discourse::InvalidParameters)
end
it "destroys the invite" do
Invite.any_instance.expects(:trash!).with(user)
delete :destroy, email: invite.email
delete :destroy, params: { email: invite.email }, format: :json
end
end
@@ -54,7 +72,7 @@ describe InvitesController do
context '#create' do
it 'requires you to be logged in' do
expect do
post :create, email: 'jake@adventuretime.ooo'
post :create, params: { email: 'jake@adventuretime.ooo' }, format: :json
end.to raise_error(Discourse::NotLoggedIn)
end
@@ -63,7 +81,7 @@ describe InvitesController do
it "fails if you can't invite to the forum" do
log_in
post :create, email: email
post :create, params: { email: email }, format: :json
expect(response).not_to be_success
end
@@ -71,7 +89,7 @@ describe InvitesController do
user = log_in(:trust_level_4)
invite = Invite.invite_by_email("invite@example.com", user)
invite.reload
post :create, email: invite.email
post :create, params: { email: invite.email }, format: :json
expect(response).not_to be_success
json = JSON.parse(response.body)
expect(json["failed"]).to be_present
@@ -80,7 +98,7 @@ describe InvitesController do
it "allows admins to invite to groups" do
group = Fabricate(:group)
log_in(:admin)
post :create, email: email, group_names: group.name
post :create, params: { email: email, group_names: group.name }, format: :json
expect(response).to be_success
expect(Invite.find_by(email: email).invited_groups.count).to eq(1)
end
@@ -91,7 +109,7 @@ describe InvitesController do
user.update!(trust_level: TrustLevel[2])
group.add_owner(user)
post :create, email: email, group_names: group.name
post :create, params: { email: email, group_names: group.name }, format: :json
expect(response).to be_success
expect(Invite.find_by(email: email).invited_groups.count).to eq(1)
@@ -101,13 +119,13 @@ describe InvitesController do
user = log_in(:admin)
invite = Invite.invite_by_email("invite@example.com", user)
invite.reload
post :create, email: invite.email
post :create, params: { email: invite.email }, format: :json
expect(response).to be_success
end
it "responds with error message in case of validation failure" do
log_in(:admin)
post :create, email: "test@mailinator.com"
post :create, params: { email: "test@mailinator.com" }, format: :json
expect(response).not_to be_success
json = JSON.parse(response.body)
expect(json["errors"]).to be_present
@@ -119,7 +137,9 @@ describe InvitesController do
context '.create_invite_link' do
it 'requires you to be logged in' do
expect {
post :create_invite_link, email: 'jake@adventuretime.ooo'
post :create_invite_link, params: {
email: 'jake@adventuretime.ooo'
}, format: :json
}.to raise_error(Discourse::NotLoggedIn)
end
@@ -128,7 +148,7 @@ describe InvitesController do
it "fails if you can't invite to the forum" do
log_in
post :create_invite_link, email: email
post :create_invite_link, params: { email: email }, format: :json
expect(response).not_to be_success
end
@@ -136,14 +156,22 @@ describe InvitesController do
user = log_in(:trust_level_4)
invite = Invite.invite_by_email("invite@example.com", user)
invite.reload
post :create_invite_link, email: invite.email
post :create_invite_link, params: {
email: invite.email
}, format: :json
expect(response).not_to be_success
end
it "allows admins to invite to groups" do
group = Fabricate(:group)
log_in(:admin)
post :create_invite_link, email: email, group_names: group.name
post :create_invite_link, params: {
email: email, group_names: group.name
}, format: :json
expect(response).to be_success
expect(Invite.find_by(email: email).invited_groups.count).to eq(1)
end
@@ -152,7 +180,11 @@ describe InvitesController do
Fabricate(:group, name: "security")
Fabricate(:group, name: "support")
log_in(:admin)
post :create_invite_link, email: email, group_names: "security,support"
post :create_invite_link, params: {
email: email, group_names: "security,support"
}, format: :json
expect(response).to be_success
expect(Invite.find_by(email: email).invited_groups.count).to eq(2)
end
@@ -163,7 +195,7 @@ describe InvitesController do
context 'with an invalid invite id' do
before do
xhr :put, :perform_accept_invitation, id: "doesn't exist", format: :json
put :perform_accept_invitation, params: { id: "doesn't exist" }, format: :json
end
it "redirects to the root" do
@@ -183,7 +215,7 @@ describe InvitesController do
let(:invite) { topic.invite_by_email(topic.user, "iceking@adventuretime.ooo") }
let(:deleted_invite) { invite.destroy; invite }
before do
xhr :put, :perform_accept_invitation, id: deleted_invite.invite_key, format: :json
put :perform_accept_invitation, params: { id: deleted_invite.invite_key }, format: :json
end
it "redirects to the root" do
@@ -204,14 +236,14 @@ describe InvitesController do
it 'redeems the invite' do
Invite.any_instance.expects(:redeem)
xhr :put, :perform_accept_invitation, id: invite.invite_key, format: :json
put :perform_accept_invitation, params: { id: invite.invite_key }, format: :json
end
context 'when redeem returns a user' do
let(:user) { Fabricate(:coding_horror) }
context 'success' do
subject { xhr :put, :perform_accept_invitation, id: invite.invite_key, format: :json }
subject { put :perform_accept_invitation, params: { id: invite.invite_key }, format: :json }
before do
Invite.any_instance.expects(:redeem).returns(user)
@@ -236,7 +268,7 @@ describe InvitesController do
end
context 'failure' do
subject { xhr :put, :perform_accept_invitation, id: invite.invite_key, format: :json }
subject { put :perform_accept_invitation, params: { id: invite.invite_key }, format: :json }
it "doesn't log in the user if there's a validation error" do
user.errors.add(:password, :common)
@@ -260,32 +292,32 @@ describe InvitesController do
user.send_welcome_message = true
user.expects(:enqueue_welcome_message).with('welcome_invite')
Jobs.expects(:enqueue).with(:invite_password_instructions_email, has_entries(username: user.username))
xhr :put, :perform_accept_invitation, id: invite.invite_key, format: :json
put :perform_accept_invitation, params: { id: invite.invite_key }, format: :json
end
it "sends password reset email if password is not set" do
user.expects(:enqueue_welcome_message).with('welcome_invite').never
Jobs.expects(:enqueue).with(:invite_password_instructions_email, has_entries(username: user.username))
xhr :put, :perform_accept_invitation, id: invite.invite_key, format: :json
put :perform_accept_invitation, params: { id: invite.invite_key }, format: :json
end
it "does not send password reset email if sso is enabled" do
SiteSetting.enable_sso = true
Jobs.expects(:enqueue).with(:invite_password_instructions_email, has_key(:username)).never
xhr :put, :perform_accept_invitation, id: invite.invite_key, format: :json
put :perform_accept_invitation, params: { id: invite.invite_key }, format: :json
end
it "does not send password reset email if local login is disabled" do
SiteSetting.enable_local_logins = false
Jobs.expects(:enqueue).with(:invite_password_instructions_email, has_key(:username)).never
xhr :put, :perform_accept_invitation, id: invite.invite_key, format: :json
put :perform_accept_invitation, params: { id: invite.invite_key }, format: :json
end
it 'sends an activation email if password is set' do
user.password_hash = 'qaw3ni3h2wyr63lakw7pea1nrtr44pls'
Jobs.expects(:enqueue).with(:invite_password_instructions_email, has_key(:username)).never
Jobs.expects(:enqueue).with(:critical_user_email, has_entries(type: :signup, user_id: user.id))
xhr :put, :perform_accept_invitation, id: invite.invite_key, format: :json
put :perform_accept_invitation, params: { id: invite.invite_key }, format: :json
end
end
end
@@ -298,7 +330,7 @@ describe InvitesController do
it "doesn't redeem the invite" do
Invite.any_instance.stubs(:redeem).never
put :perform_accept_invitation, id: invite.invite_key
put :perform_accept_invitation, params: { id: invite.invite_key }, format: :json
end
end
@@ -309,7 +341,7 @@ describe InvitesController do
it "doesn't redeem the invite" do
Invite.any_instance.stubs(:redeem).never
put :perform_accept_invitation, id: invite.invite_key
put :perform_accept_invitation, params: { id: invite.invite_key }, format: :json
end
end
end
@@ -318,7 +350,7 @@ describe InvitesController do
it 'requires you to be logged in' do
expect {
delete :resend_invite, email: 'first_name@example.com'
delete :resend_invite, params: { email: 'first_name@example.com' }, format: :json
}.to raise_error(Discourse::NotLoggedIn)
end
@@ -328,20 +360,24 @@ describe InvitesController do
let(:another_invite) { Fabricate(:invite, email: 'last_name@example.com') }
it 'raises an error when the email is missing' do
expect { post :resend_invite }.to raise_error(ActionController::ParameterMissing)
expect { post :resend_invite, format: :json }.to raise_error(ActionController::ParameterMissing)
end
it "raises an error when the email cannot be found" do
expect { post :resend_invite, email: 'first_name@example.com' }.to raise_error(Discourse::InvalidParameters)
expect do
post :resend_invite, params: { email: 'first_name@example.com' }, format: :json
end.to raise_error(Discourse::InvalidParameters)
end
it 'raises an error when the invite is not yours' do
expect { post :resend_invite, email: another_invite.email }.to raise_error(Discourse::InvalidParameters)
expect do
post :resend_invite, params: { email: another_invite.email }, format: :json
end.to raise_error(Discourse::InvalidParameters)
end
it "resends the invite" do
Invite.any_instance.expects(:resend_invite)
post :resend_invite, email: invite.email
post :resend_invite, params: { email: invite.email }, format: :json
end
end
@@ -351,26 +387,28 @@ describe InvitesController do
context '.upload_csv' do
it 'requires you to be logged in' do
expect {
xhr :post, :upload_csv
post :upload_csv, format: :json
}.to raise_error(Discourse::NotLoggedIn)
end
context 'while logged in' do
let(:csv_file) { File.new("#{Rails.root}/spec/fixtures/csv/discourse.csv") }
let(:file) do
ActionDispatch::Http::UploadedFile.new(filename: 'discourse.csv', tempfile: csv_file)
Rack::Test::UploadedFile.new(File.open(csv_file))
end
let(:filename) { 'discourse.csv' }
it "fails if you can't bulk invite to the forum" do
log_in
xhr :post, :upload_csv, file: file, name: filename
post :upload_csv, params: { file: file, name: filename }, format: :json
expect(response).not_to be_success
end
it "allows admin to bulk invite" do
log_in(:admin)
xhr :post, :upload_csv, file: file, name: filename
post :upload_csv, params: { file: file, name: filename }, format: :json
expect(response).to be_success
end
end

101
spec/controllers/list_controller_spec.rb
View File

@@ -11,23 +11,11 @@ describe ListController do
SiteSetting.top_menu = 'latest,-video|new|unread|categories|category/beer'
end
describe 'titles for crawler layout' do
it 'has no title for the default URL' do
xhr :get, Discourse.anonymous_filters[0], _escaped_fragment_: 'true'
expect(assigns(:title)).to be_blank
end
it 'has a title for non-default URLs' do
xhr :get, Discourse.anonymous_filters[1], _escaped_fragment_: 'true'
expect(assigns(:title)).to be_present
end
end
describe 'indexes' do
(Discourse.anonymous_filters - [:categories]).each do |filter|
context "#{filter}" do
before { xhr :get, filter }
before { get filter }
it { is_expected.to respond_with(:success) }
end
end
@@ -35,14 +23,14 @@ describe ListController do
it 'allows users to filter on a set of topic ids' do
p = create_post
xhr :get, :latest, format: :json, topic_ids: "#{p.topic_id}"
get :latest, format: :json, params: { topic_ids: "#{p.topic_id}" }
expect(response).to be_success
parsed = JSON.parse(response.body)
expect(parsed["topic_list"]["topics"].length).to eq(1)
end
it "doesn't throw an error with a negative page" do
xhr :get, :top, page: -1024
get :top, params: { page: -1024 }
expect(response).to be_success
end
end
@@ -105,7 +93,7 @@ describe ListController do
context 'without access to see the category' do
before do
Guardian.any_instance.expects(:can_see?).with(category).returns(false)
xhr :get, :category_latest, category: category.slug
get :category_latest, params: { category: category.slug }
end
it { is_expected.not_to respond_with(:success) }
@@ -113,7 +101,7 @@ describe ListController do
context 'with access to see the category' do
before do
xhr :get, :category_latest, category: category.slug
get :category_latest, params: { category: category.slug }
end
it { is_expected.to respond_with(:success) }
@@ -121,7 +109,9 @@ describe ListController do
context 'with a link that includes an id' do
before do
xhr :get, :category_latest, category: "#{category.id}-#{category.slug}"
get :category_latest, params: {
category: "#{category.id}-#{category.slug}"
}
end
it { is_expected.to respond_with(:success) }
@@ -132,7 +122,11 @@ describe ListController do
context "with valid slug" do
before do
xhr :get, :category_latest, parent_category: category.slug, category: child_category.slug, id: child_category.id
get :category_latest, params: {
parent_category: category.slug,
category: child_category.slug,
id: child_category.id
}
end
it { is_expected.to redirect_to(child_category.url) }
@@ -140,7 +134,11 @@ describe ListController do
context "with invalid slug" do
before do
xhr :get, :category_latest, parent_category: 'random slug', category: 'random slug', id: child_category.id
get :category_latest, params: {
parent_category: 'random slug',
category: 'random slug',
id: child_category.id
}
end
it { is_expected.to redirect_to(child_category.url) }
@@ -151,14 +149,17 @@ describe ListController do
# One category has another category's id at the beginning of its name
let!(:other_category) { Fabricate(:category, name: "#{category.id} name") }
before do
xhr :get, :category_latest, category: other_category.slug
end
it { is_expected.to respond_with(:success) }
it 'uses the correct category' do
expect(assigns(:category)).to eq(other_category)
get :category_latest,
params: { category: other_category.slug },
format: :json
expect(response).to be_success
body = JSON.parse(response.body)
expect(body["topic_list"]["topics"].first["category_id"])
.to eq(other_category.id)
end
end
@@ -167,7 +168,9 @@ describe ListController do
context 'when parent and child are requested' do
before do
xhr :get, :category_latest, parent_category: category.slug, category: sub_category.slug
get :category_latest, params: {
parent_category: category.slug, category: sub_category.slug
}
end
it { is_expected.to respond_with(:success) }
@@ -175,7 +178,9 @@ describe ListController do
context 'when child is requested with the wrong parent' do
before do
xhr :get, :category_latest, parent_category: 'not_the_right_slug', category: sub_category.slug
get :category_latest, params: {
parent_category: 'not_the_right_slug', category: sub_category.slug
}
end
it { is_expected.not_to respond_with(:success) }
@@ -184,7 +189,7 @@ describe ListController do
describe 'feed' do
it 'renders RSS' do
get :category_feed, category: category.slug, format: :rss
get :category_feed, params: { category: category.slug }, format: :rss
expect(response).to be_success
expect(response.content_type).to eq('application/rss+xml')
end
@@ -194,28 +199,28 @@ describe ListController do
it "has a top default view" do
category.update_attributes!(default_view: 'top', default_top_period: 'monthly')
described_class.expects(:best_period_with_topics_for).with(anything, category.id, :monthly).returns(:monthly)
xhr :get, :category_default, category: category.slug
get :category_default, params: { category: category.slug }
expect(response).to be_success
end
it "has a default view of nil" do
category.update_attributes!(default_view: nil)
described_class.expects(:best_period_for).never
xhr :get, :category_default, category: category.slug
get :category_default, params: { category: category.slug }
expect(response).to be_success
end
it "has a default view of ''" do
category.update_attributes!(default_view: '')
described_class.expects(:best_period_for).never
xhr :get, :category_default, category: category.slug
get :category_default, params: { category: category.slug }
expect(response).to be_success
end
it "has a default view of latest" do
category.update_attributes!(default_view: 'latest')
described_class.expects(:best_period_for).never
xhr :get, :category_default, category: category.slug
get :category_default, params: { category: category.slug }
expect(response).to be_success
end
end
@@ -224,13 +229,13 @@ describe ListController do
render_views
it 'for category default view' do
get :category_default, category: category.slug
get :category_default, params: { category: category.slug }
expect(response).to be_success
expect(css_select("link[rel=canonical]").length).to eq(1)
end
it 'for category latest view' do
get :category_latest, category: category.slug
get :category_latest, params: { category: category.slug }
expect(response).to be_success
expect(css_select("link[rel=canonical]").length).to eq(1)
end
@@ -242,7 +247,7 @@ describe ListController do
let!(:user) { log_in }
it "should respond with a list" do
xhr :get, :topics_by, username: @user.username
get :topics_by, params: { username: @user.username }
expect(response).to be_success
end
end
@@ -252,13 +257,13 @@ describe ListController do
it "raises an error when can_see_private_messages? is false " do
Guardian.any_instance.expects(:can_see_private_messages?).returns(false)
xhr :get, :private_messages, username: @user.username
get :private_messages, params: { username: @user.username }
expect(response).to be_forbidden
end
it "succeeds when can_see_private_messages? is false " do
Guardian.any_instance.expects(:can_see_private_messages?).returns(true)
xhr :get, :private_messages, username: @user.username
get :private_messages, params: { username: @user.username }
expect(response).to be_success
end
end
@@ -268,13 +273,13 @@ describe ListController do
it "raises an error when can_see_private_messages? is false " do
Guardian.any_instance.expects(:can_see_private_messages?).returns(false)
xhr :get, :private_messages_sent, username: @user.username
get :private_messages_sent, params: { username: @user.username }
expect(response).to be_forbidden
end
it "succeeds when can_see_private_messages? is false " do
Guardian.any_instance.expects(:can_see_private_messages?).returns(true)
xhr :get, :private_messages_sent, username: @user.username
get :private_messages_sent, params: { username: @user.username }
expect(response).to be_success
end
end
@@ -284,26 +289,26 @@ describe ListController do
it "raises an error when can_see_private_messages? is false " do
Guardian.any_instance.expects(:can_see_private_messages?).returns(false)
xhr :get, :private_messages_unread, username: @user.username
get :private_messages_unread, params: { username: @user.username }
expect(response).to be_forbidden
end
it "succeeds when can_see_private_messages? is false " do
Guardian.any_instance.expects(:can_see_private_messages?).returns(true)
xhr :get, :private_messages_unread, username: @user.username
get :private_messages_unread, params: { username: @user.username }
expect(response).to be_success
end
end
context 'read' do
it 'raises an error when not logged in' do
expect { xhr :get, :read }.to raise_error(Discourse::NotLoggedIn)
expect { get :read }.to raise_error(Discourse::NotLoggedIn)
end
context 'when logged in' do
before do
log_in_user(@user)
xhr :get, :read
get :read
end
it { is_expected.to respond_with(:success) }
@@ -378,7 +383,7 @@ describe ListController do
end
it "does not suppress" do
get SiteSetting.homepage, category: category_one.id, format: :json
get SiteSetting.homepage, params: { category: category_one.id }, format: :json
expect(response).to be_success
topic_titles = JSON.parse(response.body)["topic_list"]["topics"].map { |t| t["title"] }
@@ -395,11 +400,11 @@ describe ListController do
expect(response.body).to match(/plugin\.js/)
expect(response.body).to match(/plugin-third-party\.js/)
get :latest, safe_mode: "no_plugins"
get :latest, params: { safe_mode: "no_plugins" }
expect(response.body).not_to match(/plugin\.js/)
expect(response.body).not_to match(/plugin-third-party\.js/)
get :latest, safe_mode: "only_official"
get :latest, params: { safe_mode: "only_official" }
expect(response.body).to match(/plugin\.js/)
expect(response.body).not_to match(/plugin-third-party\.js/)

20
spec/controllers/notifications_controller_spec.rb
View File

@@ -7,12 +7,12 @@ describe NotificationsController do
describe '#index' do
it 'should succeed for recent' do
xhr :get, :index, recent: true
get :index, params: { recent: true }
expect(response).to be_success
end
it 'should succeed for history' do
xhr :get, :index
get :index
expect(response).to be_success
end
@@ -20,7 +20,7 @@ describe NotificationsController do
notification = Fabricate(:notification, user: user)
expect(user.reload.unread_notifications).to eq(1)
expect(user.reload.total_unread_notifications).to eq(1)
xhr :get, :index, recent: true
get :index, params: { recent: true }, format: :json
expect(user.reload.unread_notifications).to eq(0)
expect(user.reload.total_unread_notifications).to eq(1)
end
@@ -29,14 +29,14 @@ describe NotificationsController do
notification = Fabricate(:notification, user: user)
expect(user.reload.unread_notifications).to eq(1)
expect(user.reload.total_unread_notifications).to eq(1)
xhr :get, :index, recent: true, silent: true
get :index, params: { recent: true, silent: true }
expect(user.reload.unread_notifications).to eq(1)
expect(user.reload.total_unread_notifications).to eq(1)
end
context 'when username params is not valid' do
it 'should raise the right error' do
xhr :get, :index, username: 'somedude'
get :index, params: { username: 'somedude' }, format: :json
expect(response).to_not be_success
expect(response.status).to eq(404)
@@ -45,14 +45,14 @@ describe NotificationsController do
end
it 'should succeed' do
xhr :put, :mark_read
put :mark_read, format: :json
expect(response).to be_success
end
it "can update a single notification" do
notification = Fabricate(:notification, user: user)
notification2 = Fabricate(:notification, user: user)
xhr :put, :mark_read, id: notification.id
put :mark_read, params: { id: notification.id }, format: :json
expect(response).to be_success
notification.reload
@@ -66,7 +66,7 @@ describe NotificationsController do
notification = Fabricate(:notification, user: user)
expect(user.reload.unread_notifications).to eq(1)
expect(user.reload.total_unread_notifications).to eq(1)
xhr :put, :mark_read
put :mark_read, format: :json
user.reload
expect(user.reload.unread_notifications).to eq(0)
expect(user.reload.total_unread_notifications).to eq(0)
@@ -75,7 +75,9 @@ describe NotificationsController do
context 'when not logged in' do
it 'should raise an error' do
expect { xhr :get, :index, recent: true }.to raise_error(Discourse::NotLoggedIn)
expect do
get :index, params: { recent: true }, format: :json
end.to raise_error(Discourse::NotLoggedIn)
end
end

26
spec/controllers/onebox_controller_spec.rb
View File

@@ -5,7 +5,9 @@ describe OneboxController do
let(:url) { "http://google.com" }
it "requires the user to be logged in" do
expect { xhr :get, :show, url: url }.to raise_error(Discourse::NotLoggedIn)
expect do
get :show, params: { url: url }, format: :json
end.to raise_error(Discourse::NotLoggedIn)
end
describe "logged in" do
@@ -14,7 +16,7 @@ describe OneboxController do
it 'invalidates the cache if refresh is passed' do
Oneboxer.expects(:preview).with(url, invalidate_oneboxes: true)
xhr :get, :show, url: url, refresh: 'true', user_id: @user.id
get :show, params: { url: url, refresh: 'true', user_id: @user.id }, format: :json
end
describe "cached onebox" do
@@ -24,14 +26,11 @@ describe OneboxController do
before do
Oneboxer.expects(:cached_preview).with(url).returns(body)
Oneboxer.expects(:preview).never
xhr :get, :show, url: url, user_id: @user.id
end
it "returns success" do
expect(response).to be_success
get :show, params: { url: url, user_id: @user.id }, format: :json
end
it "returns the cached onebox response in the body" do
expect(response).to be_success
expect(response.body).to eq(body)
end
@@ -41,7 +40,7 @@ describe OneboxController do
it "returns 429" do
Oneboxer.expects(:is_previewing?).returns(true)
xhr :get, :show, url: url, user_id: @user.id
get :show, params: { url: url, user_id: @user.id }, format: :json
expect(response.status).to eq(429)
end
@@ -53,14 +52,11 @@ describe OneboxController do
before do
Oneboxer.expects(:preview).with(url, invalidate_oneboxes: false).returns(body)
xhr :get, :show, url: url, user_id: @user.id
end
it 'returns success' do
expect(response).to be_success
get :show, params: { url: url, user_id: @user.id }, format: :json
end
it 'returns the onebox response in the body' do
expect(response).to be_success
expect(response.body).to eq(body)
end
@@ -70,13 +66,13 @@ describe OneboxController do
it "returns 404 if the onebox is nil" do
Oneboxer.expects(:preview).with(url, invalidate_oneboxes: false).returns(nil)
xhr :get, :show, url: url, user_id: @user.id
get :show, params: { url: url, user_id: @user.id }, format: :json
expect(response.response_code).to eq(404)
end
it "returns 404 if the onebox is an empty string" do
Oneboxer.expects(:preview).with(url, invalidate_oneboxes: false).returns(" \t ")
xhr :get, :show, url: url, user_id: @user.id
get :show, params: { url: url, user_id: @user.id }, format: :json
expect(response.response_code).to eq(404)
end

10
spec/controllers/permalinks_controller_spec.rb
View File

@@ -5,7 +5,7 @@ describe PermalinksController do
it "should redirect to a permalink's target_url with status 301" do
permalink = Fabricate(:permalink)
Permalink.any_instance.stubs(:target_url).returns('/t/the-topic-slug/42')
get :show, url: permalink.url
get :show, params: { url: permalink.url }
expect(response).to redirect_to('/t/the-topic-slug/42')
expect(response.status).to eq(301)
end
@@ -15,7 +15,7 @@ describe PermalinksController do
Discourse.stubs(:base_uri).returns("/forum")
permalink = Fabricate(:permalink)
Permalink.any_instance.stubs(:target_url).returns('/forum/t/the-topic-slug/42')
get :show, url: permalink.url
get :show, params: { url: permalink.url }
expect(response).to redirect_to('/forum/t/the-topic-slug/42')
expect(response.status).to eq(301)
end
@@ -25,20 +25,20 @@ describe PermalinksController do
permalink = Fabricate(:permalink, url: '/topic/bla', external_url: '/topic/100')
get :show, url: permalink.url, test: "hello"
get :show, params: { url: permalink.url, test: "hello" }
expect(response).to redirect_to('/topic/100')
expect(response.status).to eq(301)
SiteSetting.permalink_normalizations = "/(.*)\\?.*/\\1X"
get :show, url: permalink.url, test: "hello"
get :show, params: { url: permalink.url, test: "hello" }
expect(response.status).to eq(404)
end
it 'return 404 if permalink record does not exist' do
get :show, url: '/not/a/valid/url'
get :show, params: { url: '/not/a/valid/url' }
expect(response.status).to eq(404)
end
end

33
spec/controllers/post_action_users_controller_spec.rb
View File

@@ -11,7 +11,7 @@ describe PostActionUsersController do
PostAction.act(post.user, post, notify_mod, message: 'well something is wrong here!')
PostAction.act(Fabricate(:user), post, notify_mod, message: 'well something is not wrong here!')
xhr :get, :index, id: post.id, post_action_type_id: notify_mod
get :index, params: { id: post.id, post_action_type_id: notify_mod }, format: :json
expect(response.status).to eq(200)
json = JSON.parse(response.body)
users = json["post_action_users"]
@@ -22,30 +22,43 @@ describe PostActionUsersController do
end
it 'raises an error without an id' do
expect {
xhr :get, :index, post_action_type_id: PostActionType.types[:like]
}.to raise_error(ActionController::ParameterMissing)
expect do
get :index,
params: { post_action_type_id: PostActionType.types[:like] },
format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it 'raises an error without a post action type' do
expect {
xhr :get, :index, id: post.id
}.to raise_error(ActionController::ParameterMissing)
expect do
get :index, params: { id: post.id }, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it "fails when the user doesn't have permission to see the post" do
Guardian.any_instance.expects(:can_see?).with(post).returns(false)
xhr :get, :index, id: post.id, post_action_type_id: PostActionType.types[:like]
get :index, params: {
id: post.id, post_action_type_id: PostActionType.types[:like]
}, format: :json
expect(response).to be_forbidden
end
it 'raises an error when anon tries to look at an invalid action' do
xhr :get, :index, id: Fabricate(:post).id, post_action_type_id: PostActionType.types[:notify_moderators]
get :index, params: {
id: Fabricate(:post).id,
post_action_type_id: PostActionType.types[:notify_moderators]
}, format: :json
expect(response).to be_forbidden
end
it 'succeeds' do
xhr :get, :index, id: post.id, post_action_type_id: PostActionType.types[:like]
get :index, params: {
id: post.id, post_action_type_id: PostActionType.types[:like]
}
expect(response).to be_success
end
end

128
spec/controllers/post_actions_controller_spec.rb
View File

@@ -4,7 +4,9 @@ describe PostActionsController do
describe 'create' do
it 'requires you to be logged in' do
expect { xhr :post, :create }.to raise_error(Discourse::NotLoggedIn)
expect do
post :create, format: :json
end.to raise_error(Discourse::NotLoggedIn)
end
context 'logged in as user' do
@@ -16,80 +18,14 @@ describe PostActionsController do
end
it 'fails when the user does not have permission to see the post' do
xhr :post, :create, id: private_message.id, post_action_type_id: PostActionType.types[:bookmark]
post :create, params: {
id: private_message.id,
post_action_type_id: PostActionType.types[:bookmark]
}, format: :json
expect(response).to be_forbidden
end
end
describe 'logged in as moderator' do
before do
@user = log_in(:moderator)
@post = Fabricate(:post, user: Fabricate(:coding_horror))
end
it 'raises an error when the id is missing' do
expect { xhr :post, :create, post_action_type_id: PostActionType.types[:like] }.to raise_error(ActionController::ParameterMissing)
end
it 'fails when the id is invalid' do
xhr :post, :create, post_action_type_id: PostActionType.types[:like], id: -1
expect(response.status).to eq(404)
end
it 'raises an error when the post_action_type_id index is missing' do
expect { xhr :post, :create, id: @post.id }.to raise_error(ActionController::ParameterMissing)
end
it "fails when the user doesn't have permission to see the post" do
@post = Fabricate(:private_message_post, user: Fabricate(:user))
xhr :post, :create, id: @post.id, post_action_type_id: PostActionType.types[:like]
expect(response).to be_forbidden
end
it 'allows us to create an post action on a post' do
PostAction.expects(:act).once.with(@user, @post, PostActionType.types[:like], {})
xhr :post, :create, id: @post.id, post_action_type_id: PostActionType.types[:like]
end
it "passes a list of taken actions through" do
PostAction.create(post_id: @post.id, user_id: @user.id, post_action_type_id: PostActionType.types[:inappropriate])
Guardian.any_instance.expects(:post_can_act?).with(@post, :off_topic,
has_entry(opts: has_entry(taken_actions: has_key(PostActionType.types[:inappropriate])))
)
xhr :post, :create, id: @post.id, post_action_type_id: PostActionType.types[:off_topic]
end
it 'passes the message through' do
PostAction.expects(:act).once.with(@user, @post, PostActionType.types[:like], message: 'action message goes here')
xhr :post, :create, id: @post.id, post_action_type_id: PostActionType.types[:like], message: 'action message goes here'
end
it 'passes the message through as warning' do
PostAction.expects(:act).once.with(@user, @post, PostActionType.types[:like], message: 'action message goes here', is_warning: true)
xhr :post, :create, id: @post.id, post_action_type_id: PostActionType.types[:like], message: 'action message goes here', is_warning: true
end
it "doesn't create message as a warning if the user isn't staff" do
Guardian.any_instance.stubs(:is_staff?).returns(false)
PostAction.expects(:act).once.with(@user, @post, PostActionType.types[:like], message: 'action message goes here')
xhr :post, :create, id: @post.id, post_action_type_id: PostActionType.types[:like], message: 'action message goes here', is_warning: true
end
it 'passes take_action through' do
PostAction.expects(:act).once.with(@user, @post, PostActionType.types[:like], take_action: true)
xhr :post, :create, id: @post.id, post_action_type_id: PostActionType.types[:like], take_action: 'true'
end
it "doesn't pass take_action through if the user isn't staff" do
Guardian.any_instance.stubs(:is_staff?).returns(false)
PostAction.expects(:act).once.with(@user, @post, PostActionType.types[:like], {})
xhr :post, :create, id: @post.id, post_action_type_id: PostActionType.types[:like], take_action: 'true'
end
end
end
context 'destroy' do
@@ -97,18 +33,22 @@ describe PostActionsController do
let(:post) { Fabricate(:post, user: Fabricate(:coding_horror)) }
it 'requires you to be logged in' do
expect { xhr :delete, :destroy, id: post.id }.to raise_error(Discourse::NotLoggedIn)
expect do
delete :destroy, params: { id: post.id }, format: :json
end.to raise_error(Discourse::NotLoggedIn)
end
context 'logged in' do
let!(:user) { log_in }
it 'raises an error when the post_action_type_id is missing' do
expect { xhr :delete, :destroy, id: post.id }.to raise_error(ActionController::ParameterMissing)
expect do
delete :destroy, params: { id: post.id }, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it "returns 404 when the post action type doesn't exist for that user" do
xhr :delete, :destroy, id: post.id, post_action_type_id: 1
delete :destroy, params: { id: post.id, post_action_type_id: 1 }, format: :json
expect(response.code).to eq('404')
end
@@ -116,18 +56,25 @@ describe PostActionsController do
let!(:post_action) { PostAction.create(user_id: user.id, post_id: post.id, post_action_type_id: 1) }
it 'returns success' do
xhr :delete, :destroy, id: post.id, post_action_type_id: 1
delete :destroy, params: { id: post.id, post_action_type_id: 1 }, format: :json
expect(response).to be_success
end
it 'deletes the action' do
xhr :delete, :destroy, id: post.id, post_action_type_id: 1
delete :destroy, params: {
id: post.id, post_action_type_id: 1
}, format: :json
expect(PostAction.exists?(user_id: user.id, post_id: post.id, post_action_type_id: 1, deleted_at: nil)).to eq(false)
end
it 'ensures it can be deleted' do
Guardian.any_instance.expects(:can_delete?).with(post_action).returns(false)
xhr :delete, :destroy, id: post.id, post_action_type_id: 1
delete :destroy, params: {
id: post.id, post_action_type_id: 1
}, format: :json
expect(response).to be_forbidden
end
end
@@ -142,7 +89,9 @@ describe PostActionsController do
context "not logged in" do
it "should not allow them to clear flags" do
expect { xhr :post, :defer_flags }.to raise_error(Discourse::NotLoggedIn)
expect do
post :defer_flags, format: :json
end.to raise_error(Discourse::NotLoggedIn)
end
end
@@ -150,12 +99,18 @@ describe PostActionsController do
let!(:user) { log_in(:moderator) }
it "raises an error without a post_action_type_id" do
expect { xhr :post, :defer_flags, id: flagged_post.id }.to raise_error(ActionController::ParameterMissing)
expect do
post :defer_flags, params: { id: flagged_post.id }, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it "raises an error when the user doesn't have access" do
Guardian.any_instance.expects(:can_defer_flags?).returns(false)
xhr :post, :defer_flags, id: flagged_post.id, post_action_type_id: PostActionType.types[:spam]
post :defer_flags, params: {
id: flagged_post.id, post_action_type_id: PostActionType.types[:spam]
}, format: :json
expect(response).to be_forbidden
end
@@ -166,13 +121,20 @@ describe PostActionsController do
end
it "delegates to defer_flags" do
xhr :post, :defer_flags, id: flagged_post.id, post_action_type_id: PostActionType.types[:spam]
post :defer_flags, params: {
id: flagged_post.id, post_action_type_id: PostActionType.types[:spam]
}, format: :json
expect(response).to be_success
end
it "works with a deleted post" do
flagged_post.trash!(user)
xhr :post, :defer_flags, id: flagged_post.id, post_action_type_id: PostActionType.types[:spam]
post :defer_flags, params: {
id: flagged_post.id, post_action_type_id: PostActionType.types[:spam]
}, format: :json
expect(response).to be_success
end

453
spec/controllers/posts_controller_spec.rb
View File

File diff suppressed because it is too large Load Diff

26
spec/controllers/queued_posts_controller_spec.rb
View File

@@ -5,7 +5,7 @@ require_dependency 'queued_post'
describe QueuedPostsController do
context 'without authentication' do
it 'fails' do
xhr :get, :index
get :index, format: :json
expect(response).not_to be_success
end
end
@@ -13,7 +13,7 @@ describe QueuedPostsController do
context 'as a regular user' do
let!(:user) { log_in(:user) }
it 'fails' do
xhr :get, :index
get :index, format: :json
expect(response).not_to be_success
end
end
@@ -22,7 +22,7 @@ describe QueuedPostsController do
let!(:user) { log_in(:moderator) }
it 'returns the queued posts' do
xhr :get, :index
get :index, format: :json
expect(response).to be_success
end
end
@@ -34,7 +34,10 @@ describe QueuedPostsController do
context 'approved' do
it 'updates the post to approved' do
xhr :put, :update, id: qp.id, queued_post: { state: 'approved' }
put :update, params: {
id: qp.id, queued_post: { state: 'approved' }
}, format: :json
expect(response).to be_success
qp.reload
@@ -45,7 +48,10 @@ describe QueuedPostsController do
context 'rejected' do
it 'updates the post to rejected' do
xhr :put, :update, id: qp.id, queued_post: { state: 'rejected' }
put :update, params: {
id: qp.id, queued_post: { state: 'rejected' }
}, format: :json
expect(response).to be_success
qp.reload
@@ -67,7 +73,10 @@ describe QueuedPostsController do
let(:queued_topic) { Fabricate(:queued_topic) }
before do
xhr :put, :update, id: queued_topic.id, queued_post: changes
put :update, params: {
id: queued_topic.id, queued_post: changes
}, format: :json
expect(response).to be_success
end
@@ -92,7 +101,10 @@ describe QueuedPostsController do
let(:queued_reply) { Fabricate(:queued_post) }
before do
xhr :put, :update, id: queued_reply.id, queued_post: changes
put :update, params: {
id: queued_reply.id, queued_post: changes
}, format: :json
expect(response).to be_success
end

20
spec/controllers/robots_txt_controller_spec.rb
View File

@@ -1,20 +0,0 @@
require 'rails_helper'
describe RobotsTxtController do
context '.index' do
it "returns index when indexing is allowed" do
SiteSetting.allow_index_in_robots_txt = true
get :index
expect(response).to render_template :index
end
it "returns noindex when indexing is disallowed" do
SiteSetting.allow_index_in_robots_txt = false
get :index
expect(response).to render_template :no_index
end
end
end

110
spec/controllers/search_controller_spec.rb
View File

@@ -9,7 +9,10 @@ describe SearchController do
it "can search correctly" do
my_post = Fabricate(:post, raw: 'this is my really awesome post')
xhr :get, :query, term: 'awesome', include_blurb: true
get :query, params: {
term: 'awesome', include_blurb: true
}, format: :json
expect(response).to be_success
data = JSON.parse(response.body)
@@ -21,7 +24,10 @@ describe SearchController do
it 'performs the query with a type filter' do
user = Fabricate(:user)
my_post = Fabricate(:post, raw: "#{user.username} is a cool person")
xhr :get, :query, term: user.username, type_filter: 'topic'
get :query, params: {
term: user.username, type_filter: 'topic'
}, format: :json
expect(response).to be_success
data = JSON.parse(response.body)
@@ -29,7 +35,10 @@ describe SearchController do
expect(data['posts'][0]['id']).to eq(my_post.id)
expect(data['users']).to be_blank
xhr :get, :query, term: user.username, type_filter: 'user'
get :query, params: {
term: user.username, type_filter: 'user'
}, format: :json
expect(response).to be_success
data = JSON.parse(response.body)
@@ -43,13 +52,11 @@ describe SearchController do
post = Fabricate(:post)
xhr(
:get,
:query,
get :query, params: {
term: post.topic_id,
type_filter: 'topic',
search_for_id: true
)
}, format: :json
expect(response).to be_success
data = JSON.parse(response.body)
@@ -61,13 +68,11 @@ describe SearchController do
user = Fabricate(:user)
my_post = Fabricate(:post, raw: "#{user.username} is a cool person")
xhr(
:get,
:query,
get :query, params: {
term: my_post.topic_id,
type_filter: 'topic',
search_for_id: true
)
}, format: :json
expect(response).to be_success
data = JSON.parse(response.body)
@@ -80,7 +85,7 @@ describe SearchController do
context "#query" do
it "logs the search term" do
SiteSetting.log_search_queries = true
xhr :get, :query, term: 'wookie'
get :query, params: { term: 'wookie' }, format: :json
expect(response).to be_success
expect(SearchLog.where(term: 'wookie')).to be_present
@@ -96,7 +101,7 @@ describe SearchController do
it "doesn't log when disabled" do
SiteSetting.log_search_queries = false
xhr :get, :query, term: 'wookie'
get :query, params: { term: 'wookie' }, format: :json
expect(response).to be_success
expect(SearchLog.where(term: 'wookie')).to be_blank
end
@@ -105,14 +110,14 @@ describe SearchController do
context "#show" do
it "logs the search term" do
SiteSetting.log_search_queries = true
xhr :get, :show, q: 'bantha'
get :show, params: { q: 'bantha' }, format: :json
expect(response).to be_success
expect(SearchLog.where(term: 'bantha')).to be_present
end
it "doesn't log when disabled" do
SiteSetting.log_search_queries = false
xhr :get, :show, q: 'bantha'
get :show, params: { q: 'bantha' }, format: :json
expect(response).to be_success
expect(SearchLog.where(term: 'bantha')).to be_blank
end
@@ -120,27 +125,38 @@ describe SearchController do
context "search context" do
it "raises an error with an invalid context type" do
expect {
xhr :get, :query, term: 'test', search_context: { type: 'security', id: 'hole' }
}.to raise_error(Discourse::InvalidParameters)
expect do
get :query, params: {
term: 'test', search_context: { type: 'security', id: 'hole' }
}, format: :json
end.to raise_error(Discourse::InvalidParameters)
end
it "raises an error with a missing id" do
expect {
xhr :get, :query, term: 'test', search_context: { type: 'user' }
}.to raise_error(Discourse::InvalidParameters)
expect do
get :query,
params: { term: 'test', search_context: { type: 'user' } },
format: :json
end.to raise_error(Discourse::InvalidParameters)
end
context "with a user" do
let(:user) { Fabricate(:user) }
it "raises an error if the user can't see the context" do
Guardian.any_instance.expects(:can_see?).with(user).returns(false)
xhr :get, :query, term: 'test', search_context: { type: 'user', id: user.username }
get :query, params: {
term: 'test', search_context: { type: 'user', id: user.username }
}, format: :json
expect(response).not_to be_success
end
it 'performs the query with a search context' do
xhr :get, :query, term: 'test', search_context: { type: 'user', id: user.username }
get :query, params: {
term: 'test', search_context: { type: 'user', id: user.username }
}, format: :json
expect(response).to be_success
end
end
@@ -149,9 +165,9 @@ describe SearchController do
context "#click" do
it "doesn't work wthout the necessary parameters" do
expect(-> {
xhr :post, :click
}).to raise_error(ActionController::ParameterMissing)
expect do
post :click, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it "doesn't record the click for a different user" do
@@ -164,11 +180,13 @@ describe SearchController do
ip_address: '127.0.0.1'
)
xhr :post, :click, search_log_id: search_log_id,
search_result_id: 12345,
search_result_type: 'topic'
expect(response).to be_success
post :click, params: {
search_log_id: search_log_id,
search_result_id: 12345,
search_result_type: 'topic'
}
expect(response).to be_success
expect(SearchLog.find(search_log_id).clicked_topic_id).to be_blank
end
@@ -182,16 +200,18 @@ describe SearchController do
ip_address: '127.0.0.1'
)
xhr :post, :click, search_log_id: search_log_id,
search_result_id: 12345,
search_result_type: 'topic'
expect(response).to be_success
post :click, params: {
search_log_id: search_log_id,
search_result_id: 12345,
search_result_type: 'topic'
}, format: :json
expect(response).to be_success
expect(SearchLog.find(search_log_id).clicked_topic_id).to eq(12345)
end
it "records the click for an anonymous user" do
request.stubs(:remote_ip).returns('192.168.0.1')
request.remote_addr = '192.168.0.1';
_, search_log_id = SearchLog.log(
term: 'kitty',
@@ -199,11 +219,13 @@ describe SearchController do
ip_address: '192.168.0.1'
)
xhr :post, :click, search_log_id: search_log_id,
search_result_id: 22222,
search_result_type: 'topic'
expect(response).to be_success
post :click, params: {
search_log_id: search_log_id,
search_result_id: 22222,
search_result_type: 'topic'
}, format: :json
expect(response).to be_success
expect(SearchLog.find(search_log_id).clicked_topic_id).to eq(22222)
end
@@ -216,11 +238,13 @@ describe SearchController do
ip_address: '192.168.0.1'
)
xhr :post, :click, search_log_id: search_log_id,
search_result_id: 22222,
search_result_type: 'topic'
expect(response).to be_success
post :click, params: {
search_log_id: search_log_id,
search_result_id: 22222,
search_result_type: 'topic'
}
expect(response).to be_success
expect(SearchLog.find(search_log_id).clicked_topic_id).to be_blank
end
end

209
spec/controllers/session_controller_spec.rb
View File

@@ -13,14 +13,14 @@ describe SessionController do
it "does not work when not in development mode" do
Rails.env.stubs(:development?).returns(false)
get :become, session_id: user.username
get :become, params: { session_id: user.username }, format: :json
expect(response).not_to be_redirect
expect(session[:current_user_id]).to be_blank
end
it "works in developmenet mode" do
Rails.env.stubs(:development?).returns(true)
get :become, session_id: user.username
get :become, params: { session_id: user.username }, format: :json
expect(response).to be_redirect
expect(session[:current_user_id]).to eq(user.id)
end
@@ -64,7 +64,7 @@ describe SessionController do
sso.external_id = 'abc'
sso.username = 'sam'
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
expect(response).to redirect_to('/')
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
@@ -87,7 +87,7 @@ describe SessionController do
ActionDispatch::Request.any_instance.stubs(:remote_ip).returns(screened_ip.ip_address)
sso = sso_for_ip_specs
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user).to eq(nil)
@@ -101,7 +101,7 @@ describe SessionController do
screened_ip = Fabricate(:screened_ip_address)
ActionDispatch::Request.any_instance.stubs(:remote_ip).returns(screened_ip.ip_address)
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user).to be_blank
end
@@ -114,7 +114,7 @@ describe SessionController do
sso.username = 'sam'
ScreenedEmail.block('bob@bob.com')
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user).to eq(nil)
@@ -130,7 +130,7 @@ describe SessionController do
sso.custom_fields["shop_name"] = "Sam"
sso.admin = true
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user.admin).to eq(true)
@@ -143,7 +143,7 @@ describe SessionController do
sso.name = 'Sam Saffron'
sso.username = 'sam'
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
expect(response).to redirect_to('/b/')
end
@@ -156,7 +156,7 @@ describe SessionController do
sso.name = 'Sam Saffron'
sso.username = 'sam'
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
expect(response).to redirect_to('https://gusundtrout.com')
end
@@ -167,7 +167,7 @@ describe SessionController do
sso.name = 'Sam Saffron'
sso.username = 'sam'
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
expect(response).to redirect_to('/')
end
@@ -178,7 +178,7 @@ describe SessionController do
sso.name = 'Sam Saffron'
sso.username = 'sam'
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
expect(response).to redirect_to('/')
end
@@ -192,7 +192,7 @@ describe SessionController do
sso.custom_fields["shop_name"] = "Sam"
events = DiscourseEvent.track_events do
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
end
expect(events.map { |event| event[:event_name] }).to include(
@@ -229,7 +229,7 @@ describe SessionController do
sso.username = 'sam'
sso.require_activation = true
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user).to eq(nil)
@@ -244,7 +244,7 @@ describe SessionController do
sso.username = 'sam'
sso.require_activation = true
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
end
end
@@ -259,7 +259,7 @@ describe SessionController do
user.create_single_sign_on_record(external_id: '997', last_payload: '')
user.stubs(:active?).returns(true)
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(user.id).to eq(logged_on_user.id)
@@ -275,7 +275,7 @@ describe SessionController do
user = Fabricate(:user)
user.create_single_sign_on_record(external_id: '997', last_payload: '')
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
user.single_sign_on_record.reload
expect(user.single_sign_on_record.last_payload).to eq(sso.unsigned_payload)
@@ -286,7 +286,7 @@ describe SessionController do
expect(user.id).to eq(logged_on_user.id)
# nonce is bad now
get :sso_login, Rack::Utils.parse_query(sso.payload)
get :sso_login, params: Rack::Utils.parse_query(sso.payload)
expect(response.code).to eq('419')
end
@@ -307,12 +307,15 @@ describe SessionController do
end
it "successfully logs in and redirects user to return_sso_url when the user is not logged in" do
get :sso_provider, Rack::Utils.parse_query(@sso.payload)
get :sso_provider, params: Rack::Utils.parse_query(@sso.payload)
expect(response).to redirect_to("/login")
xhr :post, :create, login: @user.username, password: "frogs", format: :json
post :create,
params: { login: @user.username, password: "frogs" },
format: :json,
xhr: true
location = cookies[:sso_destination_url]
location = response.cookies["sso_destination_url"]
# javascript code will handle redirection of user to return_sso_url
expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
@@ -330,7 +333,7 @@ describe SessionController do
it "successfully redirects user to return_sso_url when the user is logged in" do
log_in_user(@user)
get :sso_provider, Rack::Utils.parse_query(@sso.payload)
get :sso_provider, params: Rack::Utils.parse_query(@sso.payload)
location = response.header["Location"]
expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
@@ -371,7 +374,7 @@ describe SessionController do
end
it 'stores the external attributes' do
get :sso_login, Rack::Utils.parse_query(@sso.payload)
get :sso_login, params: Rack::Utils.parse_query(@sso.payload)
@user.single_sign_on_record.reload
expect(@user.single_sign_on_record.external_username).to eq(@sso.username)
expect(@user.single_sign_on_record.external_email).to eq(@sso.email)
@@ -379,7 +382,7 @@ describe SessionController do
end
it 'overrides attributes' do
get :sso_login, Rack::Utils.parse_query(@sso.payload)
get :sso_login, params: Rack::Utils.parse_query(@sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user.username).to eq(@suggested_username)
@@ -392,7 +395,7 @@ describe SessionController do
@sso.name = @user.name
@sso.email = @user.email
get :sso_login, Rack::Utils.parse_query(@sso.payload)
get :sso_login, params: Rack::Utils.parse_query(@sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user.username).to eq(@user.username)
@@ -420,12 +423,15 @@ describe SessionController do
end
it "successfully logs in and redirects user to return_sso_url when the user is not logged in" do
get :sso_provider, Rack::Utils.parse_query(@sso.payload)
get :sso_provider, params: Rack::Utils.parse_query(@sso.payload)
expect(response).to redirect_to("/login")
xhr :post, :create, login: @user.username, password: "frogs", format: :json
post :create,
params: { login: @user.username, password: "frogs" },
format: :json,
xhr: true
location = cookies[:sso_destination_url]
location = response.cookies["sso_destination_url"]
# javascript code will handle redirection of user to return_sso_url
expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
@@ -443,7 +449,7 @@ describe SessionController do
it "successfully redirects user to return_sso_url when the user is logged in" do
log_in_user(@user)
get :sso_provider, Rack::Utils.parse_query(@sso.payload)
get :sso_provider, params: Rack::Utils.parse_query(@sso.payload)
location = response.header["Location"]
expect(location).to match(/^http:\/\/somewhere.over.rainbow\/sso/)
@@ -467,7 +473,10 @@ describe SessionController do
context 'local login is disabled' do
before do
SiteSetting.enable_local_logins = false
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
end
it_behaves_like "failed to continue local login"
end
@@ -475,7 +484,10 @@ describe SessionController do
context 'SSO is enabled' do
before do
SiteSetting.enable_sso = true
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
end
it_behaves_like "failed to continue local login"
end
@@ -487,12 +499,17 @@ describe SessionController do
end
it "raises an error when the login isn't present" do
expect { xhr :post, :create }.to raise_error(ActionController::ParameterMissing)
expect do
post :create, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
describe 'invalid password' do
it "should return an error with an invalid password" do
xhr :post, :create, login: user.username, password: 'sssss'
post :create, params: {
login: user.username, password: 'sssss'
}, format: :json
expect(::JSON.parse(response.body)['error']).to be_present
end
end
@@ -500,7 +517,10 @@ describe SessionController do
describe 'invalid password' do
it "should return an error with an invalid password if too long" do
User.any_instance.expects(:confirm_password?).never
xhr :post, :create, login: user.username, password: ('s' * (User.max_password_length + 1))
post :create, params: {
login: user.username, password: ('s' * (User.max_password_length + 1))
}, format: :json
expect(::JSON.parse(response.body)['error']).to be_present
end
end
@@ -511,7 +531,9 @@ describe SessionController do
user.suspended_at = Time.now
user.save!
StaffActionLogger.new(user).log_user_suspend(user, "<strike>banned</strike>")
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
error = ::JSON.parse(response.body)['error']
expect(error).to be_present
@@ -523,7 +545,11 @@ describe SessionController do
describe 'deactivated user' do
it 'should return an error' do
User.any_instance.stubs(:active).returns(false)
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
expect(JSON.parse(response.body)['error']).to eq(I18n.t('login.not_activated'))
end
end
@@ -531,7 +557,9 @@ describe SessionController do
describe 'success by username' do
it 'logs in correctly' do
events = DiscourseEvent.track_events do
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
end
expect(events.map { |event| event[:event_name] }).to include(
@@ -550,7 +578,10 @@ describe SessionController do
before do
screened_ip = Fabricate(:screened_ip_address)
ActionDispatch::Request.any_instance.stubs(:remote_ip).returns(screened_ip.ip_address)
xhr :post, :create, login: "@" + user.username, password: 'myawesomepassword'
post :create, params: {
login: "@" + user.username, password: 'myawesomepassword'
}, format: :json
user.reload
end
@@ -561,7 +592,10 @@ describe SessionController do
describe 'strips leading @ symbol' do
before do
xhr :post, :create, login: "@" + user.username, password: 'myawesomepassword'
post :create, params: {
login: "@" + user.username, password: 'myawesomepassword'
}, format: :json
user.reload
end
@@ -572,7 +606,9 @@ describe SessionController do
describe 'also allow login by email' do
before do
xhr :post, :create, login: user.email, password: 'myawesomepassword'
post :create, params: {
login: user.email, password: 'myawesomepassword'
}, format: :json
end
it 'sets a session id' do
@@ -585,12 +621,18 @@ describe SessionController do
let(:email) { " #{user.email} " }
it "strips spaces from the username" do
xhr :post, :create, login: username, password: 'myawesomepassword'
post :create, params: {
login: username, password: 'myawesomepassword'
}, format: :json
expect(::JSON.parse(response.body)['error']).not_to be_present
end
it "strips spaces from the email" do
xhr :post, :create, login: email, password: 'myawesomepassword'
post :create, params: {
login: email, password: 'myawesomepassword'
}, format: :json
expect(::JSON.parse(response.body)['error']).not_to be_present
end
end
@@ -602,7 +644,9 @@ describe SessionController do
context 'with an unapproved user' do
before do
xhr :post, :create, login: user.email, password: 'myawesomepassword'
post :create, params: {
login: user.email, password: 'myawesomepassword'
}, format: :json
end
it "doesn't log in the user" do
@@ -619,7 +663,10 @@ describe SessionController do
context "with an unapproved user who is an admin" do
before do
User.any_instance.stubs(:admin?).returns(true)
xhr :post, :create, login: user.email, password: 'myawesomepassword'
post :create, params: {
login: user.email, password: 'myawesomepassword'
}, format: :json
end
it 'sets a session id' do
@@ -638,14 +685,22 @@ describe SessionController do
it 'is successful for admin at the ip address' do
User.any_instance.stubs(:admin?).returns(true)
ActionDispatch::Request.any_instance.stubs(:remote_ip).returns(permitted_ip_address)
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
expect(session[:current_user_id]).to eq(user.id)
end
it 'returns an error for admin not at the ip address' do
User.any_instance.stubs(:admin?).returns(true)
ActionDispatch::Request.any_instance.stubs(:remote_ip).returns("111.234.23.12")
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
expect(JSON.parse(response.body)['error']).to be_present
expect(session[:current_user_id]).not_to eq(user.id)
end
@@ -653,7 +708,11 @@ describe SessionController do
it 'is successful for non-admin not at the ip address' do
User.any_instance.stubs(:admin?).returns(false)
ActionDispatch::Request.any_instance.stubs(:remote_ip).returns("111.234.23.12")
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
expect(session[:current_user_id]).to eq(user.id)
end
end
@@ -661,7 +720,9 @@ describe SessionController do
context 'when email has not been confirmed' do
def post_login
xhr :post, :create, login: user.email, password: 'myawesomepassword'
post :create, params: {
login: user.email, password: 'myawesomepassword'
}, format: :json
end
it "doesn't log in the user" do
@@ -695,10 +756,17 @@ describe SessionController do
RateLimiter.clear_all!
2.times do
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
expect(response).to be_success
end
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
expect(response).not_to be_success
json = JSON.parse(response.body)
expect(json["error_type"]).to eq("rate_limit")
@@ -709,7 +777,7 @@ describe SessionController do
describe '.destroy' do
before do
@user = log_in
xhr :delete, :destroy, id: @user.username
delete :destroy, params: { id: @user.username }, format: :json
end
it 'removes the session variable' do
@@ -717,24 +785,28 @@ describe SessionController do
end
it 'removes the auth token cookie' do
expect(cookies[:_t]).to be_blank
expect(response.cookies["_t"]).to be_blank
end
end
describe '.forgot_password' do
it 'raises an error without a username parameter' do
expect { xhr :post, :forgot_password }.to raise_error(ActionController::ParameterMissing)
expect do
post :forgot_password, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
context 'for a non existant username' do
it "doesn't generate a new token for a made up username" do
expect { xhr :post, :forgot_password, login: 'made_up' }.not_to change(EmailToken, :count)
expect do
post :forgot_password, params: { login: 'made_up' }, format: :json
end.not_to change(EmailToken, :count)
end
it "doesn't enqueue an email" do
Jobs.expects(:enqueue).with(:user_mail, anything).never
xhr :post, :forgot_password, login: 'made_up'
post :forgot_password, params: { login: 'made_up' }, format: :json
end
end
@@ -744,7 +816,7 @@ describe SessionController do
context 'local login is disabled' do
before do
SiteSetting.enable_local_logins = false
xhr :post, :forgot_password, login: user.username
post :forgot_password, params: { login: user.username }, format: :json
end
it_behaves_like "failed to continue local login"
end
@@ -752,18 +824,23 @@ describe SessionController do
context 'SSO is enabled' do
before do
SiteSetting.enable_sso = true
xhr :post, :create, login: user.username, password: 'myawesomepassword'
post :create, params: {
login: user.username, password: 'myawesomepassword'
}, format: :json
end
it_behaves_like "failed to continue local login"
end
it "generates a new token for a made up username" do
expect { xhr :post, :forgot_password, login: user.username }.to change(EmailToken, :count)
expect do
post :forgot_password, params: { login: user.username }, format: :json
end.to change(EmailToken, :count)
end
it "enqueues an email" do
Jobs.expects(:enqueue).with(:critical_user_email, has_entries(type: :forgot_password, user_id: user.id))
xhr :post, :forgot_password, login: user.username
post :forgot_password, params: { login: user.username }, format: :json
end
end
@@ -771,12 +848,14 @@ describe SessionController do
let(:system) { Discourse.system_user }
it 'generates no token for system username' do
expect { xhr :post, :forgot_password, login: system.username }.not_to change(EmailToken, :count)
expect do
post :forgot_password, params: { login: system.username }, format: :json
end.not_to change(EmailToken, :count)
end
it 'enqueues no email' do
Jobs.expects(:enqueue).never
xhr :post, :forgot_password, login: system.username
post :forgot_password, params: { login: system.username }, format: :json
end
end
@@ -784,12 +863,14 @@ describe SessionController do
let!(:staged) { Fabricate(:staged) }
it 'generates no token for staged username' do
expect { xhr :post, :forgot_password, login: staged.username }.not_to change(EmailToken, :count)
expect do
post :forgot_password, params: { login: staged.username }, format: :json
end.not_to change(EmailToken, :count)
end
it 'enqueues no email' do
Jobs.expects(:enqueue).never
xhr :post, :forgot_password, login: staged.username
post :forgot_password, params: { login: staged.username }, format: :json
end
end
end
@@ -797,7 +878,7 @@ describe SessionController do
describe '.current' do
context "when not logged in" do
it "retuns 404" do
xhr :get, :current
get :current, format: :json
expect(response).not_to be_success
end
end
@@ -806,7 +887,7 @@ describe SessionController do
let!(:user) { log_in }
it "returns the JSON for the user" do
xhr :get, :current
get :current, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json['current_user']).to be_present

8
spec/controllers/similar_topics_controller_spec.rb
View File

@@ -7,13 +7,15 @@ describe SimilarTopicsController do
let(:raw) { 'this body is long enough to search for' }
it "requires a title" do
expect { xhr :get, :index, raw: raw }.to raise_error(ActionController::ParameterMissing)
expect do
get :index, params: { raw: raw }, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it "returns no results if the title length is below the minimum" do
Topic.expects(:similar_to).never
SiteSetting.min_title_similar_length = 100
xhr :get, :index, title: title, raw: raw
get :index, params: { title: title, raw: raw }, format: :json
json = ::JSON.parse(response.body)
expect(json["similar_topics"].size).to eq(0)
end
@@ -25,7 +27,7 @@ describe SimilarTopicsController do
end
after do
xhr :get, :index, title: title, raw: raw
get :index, params: { title: title, raw: raw }, format: :json
end
describe "With enough topics" do

6
spec/controllers/site_controller_spec.rb
View File

@@ -13,7 +13,7 @@ describe SiteController do
SiteSetting.apple_touch_icon_url = "https://boom.com/apple/logo.png"
SiteSetting.mobile_logo_url = "https://a.a/a.png"
xhr :get, :basic_info
get :basic_info, format: :json
json = JSON.parse(response.body)
expect(json["title"]).to eq("Hammer Time")
@@ -31,7 +31,7 @@ describe SiteController do
SiteSetting.login_required = true
SiteSetting.share_anonymized_statistics = true
xhr :get, :statistics
get :statistics, format: :json
json = JSON.parse(response.body)
expect(response).to be_success
@@ -54,7 +54,7 @@ describe SiteController do
it 'is not visible if site setting share_anonymized_statistics is disabled' do
SiteSetting.share_anonymized_statistics = false
xhr :get, :statistics
get :statistics, format: :json
expect(response).to redirect_to '/'
end
end

201
spec/controllers/static_controller_spec.rb
View File

@@ -1,201 +0,0 @@
require 'rails_helper'
describe StaticController do
context 'brotli_asset' do
it 'returns a non brotli encoded 404 if asset is missing' do
get :brotli_asset, path: 'missing.js'
expect(response.status).to eq(404)
expect(response.headers['Content-Encoding']).not_to eq('br')
expect(response.headers["Cache-Control"]).to match(/max-age=1/)
end
it 'can handle fallback brotli assets' do
begin
assets_path = Rails.root.join("tmp/backup_assets")
GlobalSetting.stubs(:fallback_assets_path).returns(assets_path.to_s)
FileUtils.mkdir_p(assets_path)
file_path = assets_path.join("test.js.br")
File.write(file_path, 'fake brotli file')
get :brotli_asset, path: 'test.js'
expect(response.status).to eq(200)
expect(response.headers["Cache-Control"]).to match(/public/)
ensure
File.delete(file_path)
end
end
it 'has correct headers for brotli assets' do
begin
assets_path = Rails.root.join("public/assets")
FileUtils.mkdir_p(assets_path)
file_path = assets_path.join("test.js.br")
File.write(file_path, 'fake brotli file')
get :brotli_asset, path: 'test.js'
expect(response.status).to eq(200)
expect(response.headers["Cache-Control"]).to match(/public/)
ensure
File.delete(file_path)
end
end
end
context 'show' do
before do
post = create_post
SiteSetting.tos_topic_id = post.topic.id
SiteSetting.guidelines_topic_id = post.topic.id
SiteSetting.privacy_topic_id = post.topic.id
end
context "with a static file that's present" do
before do
xhr :get, :show, id: 'faq'
end
it 'renders the static file if present' do
expect(response).to be_success
end
it "renders the file" do
expect(response).to render_template('static/show')
expect(assigns(:page)).to eq('faq')
end
end
[ ['tos', :tos_url], ['privacy', :privacy_policy_url] ].each do |id, setting_name|
context "#{id}" do
subject { xhr :get, :show, id: id }
context "when #{setting_name} site setting is NOT set" do
it "renders the #{id} page" do
expect(subject).to render_template("static/show")
expect(assigns(:page)).to eq(id)
end
end
context "when #{setting_name} site setting is set" do
before { SiteSetting.public_send("#{setting_name}=", 'http://example.com/page') }
it "redirects to the #{setting_name}" do
expect(subject).to redirect_to('http://example.com/page')
end
end
end
end
context "with a missing file" do
it "should respond 404" do
xhr :get, :show, id: 'does-not-exist'
expect(response.response_code).to eq(404)
end
end
it 'should redirect to / when logged in and path is /login' do
log_in
xhr :get, :show, id: 'login'
expect(response).to redirect_to '/'
end
it "should display the login template when login is required" do
SiteSetting.login_required = true
xhr :get, :show, id: 'login'
expect(response).to be_success
end
context "when login_required is enabled" do
before do
SiteSetting.login_required = true
end
it 'faq page redirects to login page for anon' do
xhr :get, :show, id: 'faq'
expect(response).to redirect_to '/login'
end
it 'guidelines page redirects to login page for anon' do
xhr :get, :show, id: 'guidelines'
expect(response).to redirect_to '/login'
end
it 'faq page loads for logged in user' do
log_in
xhr :get, :show, id: 'faq'
expect(response).to be_success
expect(response).to render_template('static/show')
expect(assigns(:page)).to eq('faq')
end
it 'guidelines page loads for logged in user' do
log_in
xhr :get, :show, id: 'guidelines'
expect(response).to be_success
expect(response).to render_template('static/show')
expect(assigns(:page)).to eq('faq')
end
end
end
describe '#enter' do
context 'without a redirect path' do
it 'redirects to the root url' do
xhr :post, :enter
expect(response).to redirect_to '/'
end
end
context 'with a redirect path' do
it 'redirects to the redirect path' do
xhr :post, :enter, redirect: '/foo'
expect(response).to redirect_to '/foo'
end
end
context 'with a full url' do
it 'redirects to the correct path' do
xhr :post, :enter, redirect: "#{Discourse.base_url}/foo"
expect(response).to redirect_to '/foo'
end
end
context 'with a period to force a new host' do
it 'redirects to the root path' do
xhr :post, :enter, redirect: ".org/foo"
expect(response).to redirect_to '/'
end
end
context 'with a full url to someone else' do
it 'redirects to the root path' do
xhr :post, :enter, redirect: "http://eviltrout.com/foo"
expect(response).to redirect_to '/'
end
end
context 'with an invalid URL' do
it "redirects to the root" do
xhr :post, :enter, redirect: "javascript:alert('trout')"
expect(response).to redirect_to '/'
end
end
context 'when the redirect path is the login page' do
it 'redirects to the root url' do
xhr :post, :enter, redirect: login_path
expect(response).to redirect_to '/'
end
end
end
end

28
spec/controllers/steps_controller_spec.rb
View File

@@ -7,14 +7,20 @@ describe StepsController do
end
it 'needs you to be logged in' do
expect {
xhr :put, :update, id: 'made-up-id', fields: { forum_title: "updated title" }
}.to raise_error(Discourse::NotLoggedIn)
expect do
put :update, params: {
id: 'made-up-id', fields: { forum_title: "updated title" }
}, format: :json
end.to raise_error(Discourse::NotLoggedIn)
end
it "raises an error if you aren't an admin" do
log_in(:moderator)
xhr :put, :update, id: 'made-up-id', fields: { forum_title: "updated title" }
put :update, params: {
id: 'made-up-id', fields: { forum_title: "updated title" }
}, format: :json
expect(response).to be_forbidden
end
@@ -25,18 +31,26 @@ describe StepsController do
it "raises an error if the wizard is disabled" do
SiteSetting.wizard_enabled = false
xhr :put, :update, id: 'contact', fields: { contact_email: "eviltrout@example.com" }
put :update, params: {
id: 'contact', fields: { contact_email: "eviltrout@example.com" }
}, format: :json
expect(response).to be_forbidden
end
it "updates properly if you are staff" do
xhr :put, :update, id: 'contact', fields: { contact_email: "eviltrout@example.com" }
put :update, params: {
id: 'contact', fields: { contact_email: "eviltrout@example.com" }
}, format: :json
expect(response).to be_success
expect(SiteSetting.contact_email).to eq("eviltrout@example.com")
end
it "returns errors if the field has them" do
xhr :put, :update, id: 'contact', fields: { contact_email: "not-an-email" }
put :update, params: {
id: 'contact', fields: { contact_email: "not-an-email" }
}, format: :json
expect(response).to_not be_success
end
end

24
spec/controllers/stylesheets_controller_spec.rb
View File

@@ -11,7 +11,7 @@ describe StylesheetsController do
digest = StylesheetCache.first.digest
StylesheetCache.destroy_all
get :show, name: "desktop_rtl_#{digest}"
get :show, params: { name: "desktop_rtl_#{digest}" }, format: :json
expect(response).to be_success
cached = StylesheetCache.first
@@ -21,7 +21,7 @@ describe StylesheetsController do
# tmp folder destruction and cached
`rm #{Stylesheet::Manager.cache_fullpath}/*`
get :show, name: "desktop_rtl_#{digest}"
get :show, params: { name: "desktop_rtl_#{digest}" }, format: :json
expect(response).to be_success
# there is an edge case which is ... disk and db cache is nuked, very unlikely to happen
@@ -37,10 +37,16 @@ describe StylesheetsController do
`rm #{Stylesheet::Manager.cache_fullpath}/*`
get :show, name: builder.stylesheet_filename.sub(".css", "")
get :show, params: {
name: builder.stylesheet_filename.sub(".css", "")
}, format: :json
expect(response).to be_success
get :show, name: builder.stylesheet_filename_no_digest.sub(".css", "")
get :show, params: {
name: builder.stylesheet_filename_no_digest.sub(".css", "")
}, format: :json
expect(response).to be_success
builder = Stylesheet::Manager.new(:desktop_theme, theme.key)
@@ -48,10 +54,16 @@ describe StylesheetsController do
`rm #{Stylesheet::Manager.cache_fullpath}/*`
get :show, name: builder.stylesheet_filename.sub(".css", "")
get :show, params: {
name: builder.stylesheet_filename.sub(".css", "")
}, format: :json
expect(response).to be_success
get :show, name: builder.stylesheet_filename_no_digest.sub(".css", "")
get :show, params: {
name: builder.stylesheet_filename_no_digest.sub(".css", "")
}, format: :json
expect(response).to be_success
end

91
spec/controllers/tags_controller_spec.rb
View File

@@ -14,7 +14,7 @@ describe TagsController do
context 'tagging disabled' do
it "returns 404" do
xhr :get, :show_latest, tag_id: tag.name
get :show_latest, params: { tag_id: tag.name }, format: :json
expect(response.status).to eq(404)
end
end
@@ -25,47 +25,80 @@ describe TagsController do
end
it "can filter by tag" do
xhr :get, :show_latest, tag_id: tag.name
get :show_latest, params: { tag_id: tag.name }, format: :json
expect(response).to be_success
end
it "can filter by two tags" do
single_tag_topic; multi_tag_topic; all_tag_topic
xhr :get, :show_latest, tag_id: tag.name, additional_tag_ids: other_tag.name
get :show_latest, params: {
tag_id: tag.name, additional_tag_ids: other_tag.name
}, format: :json
expect(response).to be_success
expect(assigns(:list).topics).to include all_tag_topic
expect(assigns(:list).topics).to include multi_tag_topic
expect(assigns(:list).topics).to_not include single_tag_topic
topic_ids = JSON.parse(response.body)["topic_list"]["topics"]
.map { |topic| topic["id"] }
expect(topic_ids).to include(all_tag_topic.id)
expect(topic_ids).to include(multi_tag_topic.id)
expect(topic_ids).to_not include(single_tag_topic.id)
end
it "can filter by multiple tags" do
single_tag_topic; multi_tag_topic; all_tag_topic
xhr :get, :show_latest, tag_id: tag.name, additional_tag_ids: "#{other_tag.name}/#{third_tag.name}"
get :show_latest, params: {
tag_id: tag.name, additional_tag_ids: "#{other_tag.name}/#{third_tag.name}"
}, format: :json
expect(response).to be_success
expect(assigns(:list).topics).to include all_tag_topic
expect(assigns(:list).topics).to_not include multi_tag_topic
expect(assigns(:list).topics).to_not include single_tag_topic
topic_ids = JSON.parse(response.body)["topic_list"]["topics"]
.map { |topic| topic["id"] }
expect(topic_ids).to include(all_tag_topic.id)
expect(topic_ids).to_not include(multi_tag_topic.id)
expect(topic_ids).to_not include(single_tag_topic.id)
end
it "does not find any tags when a tag which doesn't exist is passed" do
single_tag_topic
xhr :get, :show_latest, tag_id: tag.name, additional_tag_ids: "notatag"
get :show_latest, params: {
tag_id: tag.name, additional_tag_ids: "notatag"
}, format: :json
expect(response).to be_success
expect(assigns(:list).topics).to_not include single_tag_topic
topic_ids = JSON.parse(response.body)["topic_list"]["topics"]
.map { |topic| topic["id"] }
expect(topic_ids).to_not include(single_tag_topic.id)
end
it "can filter by category and tag" do
xhr :get, :show_latest, tag_id: tag.name, category: category.slug
get :show_latest, params: {
tag_id: tag.name, category: category.slug
}, format: :json
expect(response).to be_success
end
it "can filter by category, sub-category, and tag" do
xhr :get, :show_latest, tag_id: tag.name, category: subcategory.slug, parent_category: category.slug
get :show_latest, params: {
tag_id: tag.name, category: subcategory.slug, parent_category: category.slug
}, format: :json
expect(response).to be_success
end
it "can filter by category, no sub-category, and tag" do
xhr :get, :show_latest, tag_id: tag.name, category: 'none', parent_category: category.slug
get :show_latest, params: {
tag_id: tag.name, category: 'none', parent_category: category.slug
}, format: :json
expect(response).to be_success
end
@@ -77,14 +110,24 @@ describe TagsController do
slug: subcategory.slug
)
t = Fabricate(:topic, category_id: subcategory2.id, tags: [other_tag])
xhr :get, :show_latest, tag_id: other_tag.name, category: subcategory2.slug, parent_category: category2.slug
get :show_latest, params: {
tag_id: other_tag.name, category: subcategory2.slug, parent_category: category2.slug
}, format: :json
expect(response).to be_success
expect(assigns(:list).topics).to include(t)
topic_ids = JSON.parse(response.body)["topic_list"]["topics"]
.map { |topic| topic["id"] }
expect(topic_ids).to include(t.id)
end
it "can filter by bookmarked" do
log_in(:user)
xhr :get, :show_bookmarks, tag_id: tag.name
get :show_bookmarks, params: {
tag_id: tag.name
}, format: :json
expect(response).to be_success
end
end
@@ -93,7 +136,7 @@ describe TagsController do
describe 'search' do
context 'tagging disabled' do
it "returns 404" do
xhr :get, :search, q: 'stuff'
get :search, params: { q: 'stuff' }, format: :json
expect(response.status).to eq(404)
end
end
@@ -106,7 +149,7 @@ describe TagsController do
it "can return some tags" do
tag_names = ['stuff', 'stinky', 'stumped']
tag_names.each { |name| Fabricate(:tag, name: name) }
xhr :get, :search, q: 'stu'
get :search, params: { q: 'stu' }, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json["results"].map { |j| j["id"] }.sort).to eq(['stuff', 'stumped'])
@@ -115,7 +158,7 @@ describe TagsController do
it "can say if given tag is not allowed" do
yup, nope = Fabricate(:tag, name: 'yup'), Fabricate(:tag, name: 'nope')
category = Fabricate(:category, tags: [yup])
xhr :get, :search, q: 'nope', categoryId: category.id
get :search, params: { q: 'nope', categoryId: category.id }, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json["results"].map { |j| j["id"] }.sort).to eq([])
@@ -125,7 +168,7 @@ describe TagsController do
it "can return tags that are in secured categories but are allowed to be used" do
c = Fabricate(:private_category, group: Fabricate(:group))
Fabricate(:topic, category: c, tags: [Fabricate(:tag, name: "cooltag")])
xhr :get, :search, q: "cool"
get :search, params: { q: "cool" }, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json["results"].map { |j| j["id"] }).to eq(['cooltag'])
@@ -135,12 +178,12 @@ describe TagsController do
tag_names = ['房地产', 'тема-в-разработке']
tag_names.each { |name| Fabricate(:tag, name: name) }
xhr :get, :search, q: '房'
get :search, params: { q: '房' }, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json["results"].map { |j| j["id"] }).to eq(['房地产'])
xhr :get, :search, q: 'тема'
get :search, params: { q: 'тема' }, format: :json
expect(response).to be_success
json = ::JSON.parse(response.body)
expect(json["results"].map { |j| j["id"] }).to eq(['тема-в-разработке'])

151
spec/controllers/application_controller_spec.rb → spec/controllers/topic_controller_spec.rb
View File

@@ -30,12 +30,12 @@ describe TopicsController do
user = log_in
user.user_option.update_columns(theme_key: theme.key)
get :show, id: 666
get :show, params: { id: 666 }
expect(controller.theme_key).to eq(theme.key)
theme.update_columns(user_selectable: false)
get :show, id: 666
get :show, params: { id: 666 }
expect(controller.theme_key).not_to eq(theme.key)
end
@@ -45,7 +45,7 @@ describe TopicsController do
cookies['theme_key'] = "#{theme2.key},#{user.user_option.theme_key_seq}"
get :show, id: 666
get :show, params: { id: 666 }
expect(controller.theme_key).to eq(theme2.key)
end
@@ -55,20 +55,23 @@ describe TopicsController do
user.user_option.update_columns(theme_key: theme.key)
cookies['theme_key'] = "#{theme2.key},#{user.user_option.theme_key_seq - 1}"
get :show, id: 666
get :show, params: { id: 666 }
expect(controller.theme_key).to eq(theme.key)
end
end
it "doesn't store an incoming link when there's no referer" do
expect {
get :show, id: topic.id
get :show, params: { id: topic.id }, format: :json
}.not_to change(IncomingLink, :count)
end
it "doesn't raise an error on a very long link" do
set_referer("http://#{'a' * 2000}.com")
expect { get :show, id: topic.id }.not_to raise_error
expect do
get :show, params: { id: topic.id }, format: :json
end.not_to raise_error
end
describe "has_escaped_fragment?" do
@@ -78,9 +81,17 @@ describe TopicsController do
it "uses the application layout even with an escaped fragment param" do
SiteSetting.enable_escaped_fragments = false
get :show, 'topic_id' => topic.id, 'slug' => topic.slug, '_escaped_fragment_' => 'true'
expect(response).to render_template(layout: 'application')
assert_select "meta[name=fragment]", false, "it doesn't have the meta tag"
get :show, params: {
'topic_id' => topic.id,
'slug' => topic.slug,
'_escaped_fragment_' => 'true'
}
body = response.body
expect(body).to have_tag(:script, with: { src: '/assets/application.js' })
expect(body).to_not have_tag(:meta, with: { name: 'fragment' })
end
end
@@ -91,15 +102,25 @@ describe TopicsController do
end
it "uses the application layout when there's no param" do
get :show, topic_id: topic.id, slug: topic.slug
expect(response).to render_template(layout: 'application')
assert_select "meta[name=fragment]", true, "it has the meta tag"
get :show, params: { topic_id: topic.id, slug: topic.slug }
body = response.body
expect(body).to have_tag(:script, with: { src: '/assets/application.js' })
expect(body).to have_tag(:meta, with: { name: 'fragment' })
end
it "uses the crawler layout when there's an _escaped_fragment_ param" do
get :show, topic_id: topic.id, slug: topic.slug, _escaped_fragment_: 'true'
expect(response).to render_template(layout: 'crawler')
assert_select "meta[name=fragment]", false, "it doesn't have the meta tag"
get :show, params: {
topic_id: topic.id,
slug: topic.slug,
_escaped_fragment_: 'true'
}
body = response.body
expect(body).to have_tag(:body, with: { class: 'crawler' })
expect(body).to_not have_tag(:meta, with: { name: 'fragment' })
end
end
end
@@ -109,18 +130,24 @@ describe TopicsController do
context "when not a crawler" do
it "renders with the application layout" do
get :show, topic_id: topic.id, slug: topic.slug
expect(response).to render_template(layout: 'application')
assert_select "meta[name=fragment]", true, "it has the meta tag"
get :show, params: { topic_id: topic.id, slug: topic.slug }
body = response.body
expect(body).to have_tag(:script, with: { src: '/assets/application.js' })
expect(body).to have_tag(:meta, with: { name: 'fragment' })
end
end
context "when a crawler" do
it "renders with the crawler layout" do
request.env["HTTP_USER_AGENT"] = "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
get :show, topic_id: topic.id, slug: topic.slug
expect(response).to render_template(layout: 'crawler')
assert_select "meta[name=fragment]", false, "it doesn't have the meta tag"
get :show, params: { topic_id: topic.id, slug: topic.slug }
body = response.body
expect(body).to have_tag(:body, with: { class: 'crawler' })
expect(body).to_not have_tag(:meta, with: { name: 'fragment' })
end
end
@@ -131,15 +158,21 @@ describe TopicsController do
context "when the SiteSetting is enabled" do
it "uses the application layout when there's no param" do
get :show, topic_id: topic.id, slug: topic.slug
expect(response).to render_template(layout: 'application')
assert_select "meta[name=fragment]", true, "it has the meta tag"
get :show, params: { topic_id: topic.id, slug: topic.slug }
body = response.body
expect(body).to have_tag(:script, src: '/assets/application.js')
expect(body).to have_tag(:meta, with: { name: 'fragment' })
end
it "uses the crawler layout when there's an print param" do
get :show, topic_id: topic.id, slug: topic.slug, print: 'true'
expect(response).to render_template(layout: 'crawler')
assert_select "meta[name=fragment]", false, "it doesn't have the meta tag"
get :show, params: { topic_id: topic.id, slug: topic.slug, print: 'true' }
body = response.body
expect(body).to have_tag(:body, class: 'crawler')
expect(body).to_not have_tag(:meta, with: { name: 'fragment' })
end
end
end
@@ -151,7 +184,7 @@ describe TopicsController do
request.cookies['cn'] = "2828,100,#{notification.id}"
get :show, topic_id: 100
get :show, params: { topic_id: 100, format: :json }
expect(response.cookies['cn']).to eq nil
@@ -166,7 +199,7 @@ describe TopicsController do
request.headers['Discourse-Clear-Notifications'] = "2828,100,#{notification.id}"
get :show, topic_id: 100
get :show, params: { topic_id: 100, format: :json }
notification.reload
expect(notification.read).to eq true
@@ -184,7 +217,7 @@ describe TopicsController do
context "with an anonymous user" do
it "uses the default locale" do
get :show, topic_id: topic.id
get :show, params: { topic_id: topic.id, format: :json }
expect(I18n.locale).to eq(:en)
end
@@ -195,7 +228,7 @@ describe TopicsController do
user = Fabricate(:user, locale: :fr)
log_in_user(user)
get :show, topic_id: topic.id
get :show, params: { topic_id: topic.id, format: :json }
expect(I18n.locale).to eq(:en)
end
@@ -214,7 +247,7 @@ describe TopicsController do
context "with an anonymous user" do
it "uses the locale from the headers" do
get :show, topic_id: topic.id
get :show, params: { topic_id: topic.id, format: :json }
expect(I18n.locale).to eq(:fr)
end
@@ -225,7 +258,7 @@ describe TopicsController do
user = Fabricate(:user, locale: :fr)
log_in_user(user)
get :show, topic_id: topic.id
get :show, params: { topic_id: topic.id, format: :json }
expect(I18n.locale).to eq(:fr)
end
@@ -239,7 +272,7 @@ describe TopicsController do
SiteSetting.default_locale = "en"
set_accept_language("zh-CN")
get :show, topic_id: topic.id
get :show, params: { topic_id: topic.id, format: :json }
expect(I18n.locale).to eq(:zh_CN)
end
@@ -251,7 +284,7 @@ describe TopicsController do
SiteSetting.default_locale = 'en'
set_accept_language('')
get :show, topic_id: topic.id
get :show, params: { topic_id: topic.id, format: :json }
expect(I18n.locale).to eq(:en)
end
@@ -261,13 +294,13 @@ describe TopicsController do
describe "read only header" do
it "returns no read only header by default" do
get :show, topic_id: topic.id
get :show, params: { topic_id: topic.id, format: :json }
expect(response.headers['Discourse-Readonly']).to eq(nil)
end
it "returns a readonly header if the site is read only" do
Discourse.received_readonly!
get :show, topic_id: topic.id
get :show, params: { topic_id: topic.id, format: :json }
expect(response.headers['Discourse-Readonly']).to eq('true')
end
end
@@ -298,31 +331,65 @@ describe 'api' do
# choosing an arbitrarily easy to mock trusted activity
it 'allows users with api key to bookmark posts' do
PostAction.expects(:act).with(user, post, PostActionType.types[:bookmark]).once
put :bookmark, bookmarked: "true", post_id: post.id, api_key: api_key.key, format: :json
put :bookmark, params: {
bookmarked: "true",
post_id: post.id,
api_key: api_key.key
}, format: :json
expect(response).to be_success
end
it 'raises an error with a user key that does not match an optionally specified username' do
PostAction.expects(:act).with(user, post, PostActionType.types[:bookmark]).never
put :bookmark, bookmarked: "true", post_id: post.id, api_key: api_key.key, api_username: 'made_up', format: :json
put :bookmark, params: {
bookmarked: "true",
post_id: post.id,
api_key: api_key.key,
api_username: 'made_up'
}, format: :json
expect(response).not_to be_success
end
it 'allows users with a master api key to bookmark posts' do
PostAction.expects(:act).with(user, post, PostActionType.types[:bookmark]).once
put :bookmark, bookmarked: "true", post_id: post.id, api_key: master_key.key, api_username: user.username, format: :json
put :bookmark, params: {
bookmarked: "true",
post_id: post.id,
api_key: master_key.key,
api_username: user.username
}, format: :json
expect(response).to be_success
end
it 'disallows phonies to bookmark posts' do
PostAction.expects(:act).with(user, post, PostActionType.types[:bookmark]).never
put :bookmark, bookmarked: "true", post_id: post.id, api_key: SecureRandom.hex(32), api_username: user.username, format: :json
put :bookmark, params: {
bookmarked: "true",
post_id: post.id,
api_key: SecureRandom.hex(32),
api_username: user.username
}, format: :json
expect(response.code.to_i).to eq(403)
end
it 'disallows blank api' do
PostAction.expects(:act).with(user, post, PostActionType.types[:bookmark]).never
put :bookmark, bookmarked: "true", post_id: post.id, api_key: "", api_username: user.username, format: :json
put :bookmark, params: {
bookmarked: "true",
post_id: post.id,
api_key: "",
api_username: user.username
}, format: :json
expect(response.code.to_i).to eq(403)
end
end

573
spec/controllers/topics_controller_spec.rb
View File

File diff suppressed because it is too large Load Diff

73
spec/controllers/uploads_controller_spec.rb
View File

@@ -5,7 +5,7 @@ describe UploadsController do
context '.create' do
it 'requires you to be logged in' do
expect { xhr :post, :create }.to raise_error(Discourse::NotLoggedIn)
expect { post :create, format: :json }.to raise_error(Discourse::NotLoggedIn)
end
context 'logged in' do
@@ -13,32 +13,38 @@ describe UploadsController do
before { @user = log_in :user }
let(:logo) do
ActionDispatch::Http::UploadedFile.new(filename: 'logo.png',
tempfile: file_from_fixtures("logo.png"))
Rack::Test::UploadedFile.new(file_from_fixtures("logo.png"))
end
let(:fake_jpg) do
ActionDispatch::Http::UploadedFile.new(filename: 'fake.jpg',
tempfile: file_from_fixtures("fake.jpg"))
Rack::Test::UploadedFile.new(file_from_fixtures("fake.jpg"))
end
let(:text_file) do
ActionDispatch::Http::UploadedFile.new(filename: 'LICENSE.TXT',
tempfile: File.new("#{Rails.root}/LICENSE.txt"))
Rack::Test::UploadedFile.new(File.new("#{Rails.root}/LICENSE.txt"))
end
it 'expects a type' do
expect { xhr :post, :create, file: logo }.to raise_error(ActionController::ParameterMissing)
expect do
post :create, params: { format: :json, file: logo }
end.to raise_error(ActionController::ParameterMissing)
end
it 'parameterize the type' do
subject.expects(:create_upload).with(logo, nil, "super_long_type_with_charssuper_long_type_with_char", false, false)
xhr :post, :create, file: logo, type: "super \# long \//\\ type with \\. $%^&*( chars" * 5
subject.expects(:create_upload).with(
anything,
nil,
"super_long_type_with_charssuper_long_type_with_char",
false,
false
)
post :create, params: { format: :json, file: logo, type: "super \# long \//\\ type with \\. $%^&*( chars" * 5 }
end
it 'can look up long urls' do
upload = Fabricate(:upload)
xhr :post, :lookup_urls, short_urls: [upload.short_url]
post :lookup_urls, params: { short_urls: [upload.short_url], format: :json }
result = JSON.parse(response.body)
expect(result[0]["url"]).to eq(upload.url)
end
@@ -47,7 +53,7 @@ describe UploadsController do
Jobs.expects(:enqueue).with(:create_avatar_thumbnails, anything)
message = MessageBus.track_publish do
xhr :post, :create, file: logo, type: "avatar"
post :create, params: { file: logo, type: "avatar", format: :json }
end.find { |m| m.channel == "/uploads/avatar" }
expect(response.status).to eq 200
@@ -62,7 +68,7 @@ describe UploadsController do
Jobs.expects(:enqueue).never
message = MessageBus.track_publish do
xhr :post, :create, file: text_file, type: "composer"
post :create, params: { file: text_file, type: "composer", format: :json }
end.find { |m| m.channel == "/uploads/composer" }
expect(response.status).to eq 200
@@ -79,7 +85,12 @@ describe UploadsController do
stub_request(:head, 'http://example.com/image.png')
stub_request(:get, "http://example.com/image.png").to_return(body: File.read('spec/fixtures/images/logo.png'))
xhr :post, :create, url: 'http://example.com/image.png', type: "avatar", synchronous: true
post :create, params: {
url: 'http://example.com/image.png',
type: "avatar",
synchronous: true,
format: :json
}
json = ::JSON.parse(response.body)
@@ -93,7 +104,12 @@ describe UploadsController do
Jobs.expects(:enqueue).with(:create_avatar_thumbnails, anything).never
message = MessageBus.track_publish do
xhr :post, :create, file: logo, retain_hours: 100, type: "profile_background"
post :create, params: {
file: logo,
retain_hours: 100,
type: "profile_background",
format: :json
}
end.first
id = message.data["id"]
@@ -104,7 +120,7 @@ describe UploadsController do
Jobs.expects(:enqueue).never
message = MessageBus.track_publish do
xhr :post, :create, type: "composer"
post :create, params: { type: "composer", format: :json }
end.first
expect(response.status).to eq 200
@@ -117,7 +133,7 @@ describe UploadsController do
Jobs.expects(:enqueue).never
message = MessageBus.track_publish do
xhr :post, :create, file: text_file, type: "avatar"
post :create, params: { file: text_file, type: "avatar", format: :json }
end.first
expect(response.status).to eq 200
@@ -126,13 +142,13 @@ describe UploadsController do
it 'ensures allow_uploaded_avatars is enabled when uploading an avatar' do
SiteSetting.allow_uploaded_avatars = false
xhr :post, :create, file: logo, type: "avatar"
post :create, params: { file: logo, type: "avatar", format: :json }
expect(response).to_not be_success
end
it 'ensures sso_overrides_avatar is not enabled when uploading an avatar' do
SiteSetting.sso_overrides_avatar = true
xhr :post, :create, file: logo, type: "avatar"
post :create, params: { file: logo, type: "avatar", format: :json }
expect(response).to_not be_success
end
@@ -142,7 +158,12 @@ describe UploadsController do
@user.update_columns(moderator: true)
message = MessageBus.track_publish do
xhr :post, :create, file: text_file, type: "composer", for_private_message: "true"
post :create, params: {
file: text_file,
type: "composer",
for_private_message: "true",
format: :json
}
end.first
expect(response).to be_success
@@ -153,7 +174,7 @@ describe UploadsController do
Jobs.expects(:enqueue).with(:create_avatar_thumbnails, anything).never
message = MessageBus.track_publish do
xhr :post, :create, file: fake_jpg, type: "composer"
post :create, params: { file: fake_jpg, type: "composer", format: :json }
end.find { |m| m.channel == '/uploads/composer' }
expect(response.status).to eq 200
@@ -176,14 +197,14 @@ describe UploadsController do
Discourse.stubs(:store).returns(store)
Upload.expects(:find_by).never
get :show, site: site, sha: sha, extension: "pdf"
get :show, params: { site: site, sha: sha, extension: "pdf" }
expect(response.response_code).to eq(404)
end
it "returns 404 when the upload doesn't exist" do
Upload.stubs(:find_by).returns(nil)
get :show, site: site, sha: sha, extension: "pdf"
get :show, params: { site: site, sha: sha, extension: "pdf" }
expect(response.response_code).to eq(404)
end
@@ -194,7 +215,7 @@ describe UploadsController do
controller.stubs(:render)
controller.expects(:send_file)
get :show, site: site, sha: sha, extension: "zip"
get :show, params: { site: site, sha: sha, extension: "zip" }
end
it "handles file without extension" do
@@ -203,7 +224,7 @@ describe UploadsController do
controller.stubs(:render)
controller.expects(:send_file)
get :show, site: site, sha: sha
get :show, params: { site: site, sha: sha, format: :json }
expect(response).to be_success
end
@@ -214,7 +235,7 @@ describe UploadsController do
it "returns 404 when an anonymous user tries to download a file" do
Upload.expects(:find_by).never
get :show, site: site, sha: sha, extension: "pdf"
get :show, params: { site: site, sha: sha, extension: "pdf", format: :json }
expect(response.response_code).to eq(404)
end

27
spec/controllers/user_actions_controller_spec.rb
View File

@@ -5,14 +5,16 @@ describe UserActionsController do
context 'index' do
it 'fails if username is not specified' do
expect { xhr :get, :index }.to raise_error(ActionController::ParameterMissing)
expect do
get :index, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it 'renders list correctly' do
UserActionCreator.enable
post = Fabricate(:post)
xhr :get, :index, username: post.user.username
get :index, params: { username: post.user.username }, format: :json
expect(response.status).to eq(200)
parsed = JSON.parse(response.body)
@@ -27,7 +29,11 @@ describe UserActionsController do
it 'renders help text if provided for self' do
logged_in = log_in
xhr :get, :index, filter: UserAction::LIKE, username: logged_in.username, no_results_help_key: "user_activity.no_bookmarks"
get :index, params: {
filter: UserAction::LIKE,
username: logged_in.username,
no_results_help_key: "user_activity.no_bookmarks"
}, format: :json
expect(response.status).to eq(200)
parsed = JSON.parse(response.body)
@@ -38,7 +44,12 @@ describe UserActionsController do
it 'renders help text for others' do
user = Fabricate(:user)
xhr :get, :index, filter: UserAction::LIKE, username: user.username, no_results_help_key: "user_activity.no_bookmarks"
get :index, params: {
filter: UserAction::LIKE,
username: user.username,
no_results_help_key: "user_activity.no_bookmarks"
}, format: :json
expect(response.status).to eq(200)
parsed = JSON.parse(response.body)
@@ -50,7 +61,9 @@ describe UserActionsController do
context "without access" do
let(:user) { Fabricate(:user) }
it "raises an exception" do
xhr :get, :index, username: user.username, filter: UserAction::PENDING
get :index, params: {
username: user.username, filter: UserAction::PENDING
}, format: :json
expect(response).to_not be_success
end
@@ -62,7 +75,9 @@ describe UserActionsController do
it 'finds queued posts' do
queued_post = PostEnqueuer.new(user, 'default').enqueue(raw: 'this is the raw enqueued content')
xhr :get, :index, username: user.username, filter: UserAction::PENDING
get :index, params: {
username: user.username, filter: UserAction::PENDING
}, format: :json
expect(response.status).to eq(200)
parsed = JSON.parse(response.body)

72
spec/controllers/user_api_keys_controller_spec.rb
View File

@@ -3,34 +3,34 @@ require 'rails_helper'
describe UserApiKeysController do
let :public_key do
<<TXT
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDh7BS7Ey8hfbNhlNAW/47pqT7w
IhBz3UyBYzin8JurEQ2pY9jWWlY8CH147KyIZf1fpcsi7ZNxGHeDhVsbtUKZxnFV
p16Op3CHLJnnJKKBMNdXMy0yDfCAHZtqxeBOTcCo1Vt/bHpIgiK5kmaekyXIaD0n
w0z/BYpOgZ8QwnI5ZwIDAQAB
-----END PUBLIC KEY-----
TXT
<<~TXT
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDh7BS7Ey8hfbNhlNAW/47pqT7w
IhBz3UyBYzin8JurEQ2pY9jWWlY8CH147KyIZf1fpcsi7ZNxGHeDhVsbtUKZxnFV
p16Op3CHLJnnJKKBMNdXMy0yDfCAHZtqxeBOTcCo1Vt/bHpIgiK5kmaekyXIaD0n
w0z/BYpOgZ8QwnI5ZwIDAQAB
-----END PUBLIC KEY-----
TXT
end
let :private_key do
<<TXT
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQDh7BS7Ey8hfbNhlNAW/47pqT7wIhBz3UyBYzin8JurEQ2pY9jW
WlY8CH147KyIZf1fpcsi7ZNxGHeDhVsbtUKZxnFVp16Op3CHLJnnJKKBMNdXMy0y
DfCAHZtqxeBOTcCo1Vt/bHpIgiK5kmaekyXIaD0nw0z/BYpOgZ8QwnI5ZwIDAQAB
AoGAeHesbjzCivc+KbBybXEEQbBPsThY0Y+VdgD0ewif2U4UnNhzDYnKJeTZExwQ
vAK2YsRDV3KbhljnkagQduvmgJyCKuV/CxZvbJddwyIs3+U2D4XysQp3e1YZ7ROr
YlOIoekHCx1CNm6A4iImqGxB0aJ7Owdk3+QSIaMtGQWaPTECQQDz2UjJ+bomguNs
zdcv3ZP7W3U5RG+TpInSHiJXpt2JdNGfHItozGJCxfzDhuKHK5Cb23bgldkvB9Xc
p/tngTtNAkEA7S4cqUezA82xS7aYPehpRkKEmqzMwR3e9WeL7nZ2cdjZAHgXe49l
3mBhidEyRmtPqbXo1Xix8LDuqik0IdnlgwJAQeYTnLnHS8cNjQbnw4C/ECu8Nzi+
aokJ0eXg5A0tS4ttZvGA31Z0q5Tz5SdbqqnkT6p0qub0JZiZfCNNdsBe9QJAaGT5
fJDwfGYW+YpfLDCV1bUFhMc2QHITZtSyxL0jmSynJwu02k/duKmXhP+tL02gfMRy
vTMorxZRllgYeCXeXQJAEGRXR8/26jwqPtKKJzC7i9BuOYEagqj0nLG2YYfffCMc
d3JGCf7DMaUlaUE8bJ08PtHRJFSGkNfDJLhLKSjpbw==
-----END RSA PRIVATE KEY-----
TXT
<<~TXT
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQDh7BS7Ey8hfbNhlNAW/47pqT7wIhBz3UyBYzin8JurEQ2pY9jW
WlY8CH147KyIZf1fpcsi7ZNxGHeDhVsbtUKZxnFVp16Op3CHLJnnJKKBMNdXMy0y
DfCAHZtqxeBOTcCo1Vt/bHpIgiK5kmaekyXIaD0nw0z/BYpOgZ8QwnI5ZwIDAQAB
AoGAeHesbjzCivc+KbBybXEEQbBPsThY0Y+VdgD0ewif2U4UnNhzDYnKJeTZExwQ
vAK2YsRDV3KbhljnkagQduvmgJyCKuV/CxZvbJddwyIs3+U2D4XysQp3e1YZ7ROr
YlOIoekHCx1CNm6A4iImqGxB0aJ7Owdk3+QSIaMtGQWaPTECQQDz2UjJ+bomguNs
zdcv3ZP7W3U5RG+TpInSHiJXpt2JdNGfHItozGJCxfzDhuKHK5Cb23bgldkvB9Xc
p/tngTtNAkEA7S4cqUezA82xS7aYPehpRkKEmqzMwR3e9WeL7nZ2cdjZAHgXe49l
3mBhidEyRmtPqbXo1Xix8LDuqik0IdnlgwJAQeYTnLnHS8cNjQbnw4C/ECu8Nzi+
aokJ0eXg5A0tS4ttZvGA31Z0q5Tz5SdbqqnkT6p0qub0JZiZfCNNdsBe9QJAaGT5
fJDwfGYW+YpfLDCV1bUFhMc2QHITZtSyxL0jmSynJwu02k/duKmXhP+tL02gfMRy
vTMorxZRllgYeCXeXQJAEGRXR8/26jwqPtKKJzC7i9BuOYEagqj0nLG2YYfffCMc
d3JGCf7DMaUlaUE8bJ08PtHRJFSGkNfDJLhLKSjpbw==
-----END RSA PRIVATE KEY-----
TXT
end
let :args do
@@ -56,13 +56,13 @@ TXT
it "does not allow anon" do
expect {
post :create, args
post :create, params: args, format: :json
}.to raise_error(Discourse::NotLoggedIn)
end
it "refuses to redirect to disallowed place" do
log_in_user(Fabricate(:user))
post :create, args
post :create, params: args, format: :json
expect(response.code).to eq("403")
end
@@ -74,7 +74,7 @@ TXT
log_in_user(user)
post :create, args
post :create, params: args, format: :json
expect(response.code).to eq("302")
end
@@ -86,7 +86,7 @@ TXT
log_in_user(user)
post :create, args
post :create, params: args, format: :json
expect(response.code).to eq("403")
end
@@ -101,7 +101,7 @@ TXT
log_in_user(user)
post :create, args
post :create, params: args, format: :json
expect(response.code).to eq("403")
end
@@ -109,7 +109,7 @@ TXT
it "allows for a revoke with no id" do
key = Fabricate(:readonly_user_api_key)
request.env['HTTP_USER_API_KEY'] = key.key
post :revoke
post :revoke, format: :json
expect(response.status).to eq(200)
@@ -122,7 +122,7 @@ TXT
key2 = Fabricate(:readonly_user_api_key)
request.env['HTTP_USER_API_KEY'] = key1.key
post :revoke, id: key2.id
post :revoke, params: { id: key2.id }, format: :json
expect(response.status).to eq(403)
end
@@ -130,7 +130,7 @@ TXT
it "will allow readonly api keys to revoke self" do
key = Fabricate(:readonly_user_api_key)
request.env['HTTP_USER_API_KEY'] = key.key
post :revoke, id: key.id
post :revoke, params: { id: key.id }, format: :json
expect(response.status).to eq(200)
@@ -149,7 +149,7 @@ TXT
log_in_user(user)
post :create, args
post :create, params: args, format: :json
expect(response.code).to eq("302")
uri = URI.parse(response.redirect_url)
@@ -184,7 +184,7 @@ TXT
log_in_user(user)
post :create, args
post :create, params: args, format: :json
expect(response.code).to eq("302")
uri = URI.parse(response.redirect_url)
@@ -211,7 +211,7 @@ TXT
# should overwrite if needed
args["access"] = "pr"
post :create, args
post :create, params: args, format: :json
expect(response.code).to eq("302")
end

39
spec/controllers/user_avatars_controller_spec.rb
View File

@@ -5,12 +5,19 @@ describe UserAvatarsController do
context 'show_proxy_letter' do
it 'returns not found if external avatar is set somewhere else' do
SiteSetting.external_system_avatars_url = "https://somewhere.else.com/avatar.png"
response = get :show_proxy_letter, version: 'v2', letter: 'a', color: 'aaaaaa', size: 20
get :show_proxy_letter, params: {
version: 'v2', letter: 'a', color: 'aaaaaa', size: 20
}, format: :json
expect(response.status).to eq(404)
end
it 'returns an avatar if we are allowing the proxy' do
response = get :show_proxy_letter, version: 'v2', letter: 'a', color: 'aaaaaa', size: 360
get :show_proxy_letter, params: {
version: 'v2', letter: 'a', color: 'aaaaaa', size: 360
}, format: :json
expect(response.status).to eq(200)
end
end
@@ -30,23 +37,30 @@ describe UserAvatarsController do
GlobalSetting.expects(:cdn_url).returns("http://awesome.com/boom")
upload = Fabricate(:upload, url: "//test.s3.amazonaws.com/something")
Fabricate(:optimized_image,
sha1: SecureRandom.hex << "A" * 8,
upload: upload,
width: 98,
height: 98,
url: "//test.s3.amazonaws.com/something/else")
sha1: SecureRandom.hex << "A" * 8,
upload: upload,
width: 98,
height: 98,
url: "//test.s3.amazonaws.com/something/else"
)
user = Fabricate(:user, uploaded_avatar_id: upload.id)
get :show, size: 97, username: user.username, version: upload.id, hostname: 'default'
get :show, params: {
size: 97, username: user.username, version: upload.id, hostname: 'default'
}, format: :json
# 98 is closest which is 49 * 2 for retina
expect(response).to redirect_to("http://awesome.com/boom/user_avatar/default/#{user.username_lower}/98/#{upload.id}_#{OptimizedImage::VERSION}.png")
get :show, size: 98, username: user.username, version: upload.id, hostname: 'default'
get :show, params: {
size: 98, username: user.username, version: upload.id, hostname: 'default'
}, format: :json
expect(response.body).to eq("image")
expect(response.headers["Cache-Control"]).to eq('max-age=31557600, public, immutable')
expect(response.headers["Cache-Control"]).to eq('max-age=31556952, public, immutable')
end
it 'serves image even if size missing and its in local mode' do
@@ -55,7 +69,10 @@ describe UserAvatarsController do
upload = Fabricate(:upload)
user = Fabricate(:user, uploaded_avatar_id: upload.id)
get :show, size: 51, username: user.username, version: upload.id, hostname: 'default'
get :show, params: {
size: 51, username: user.username, version: upload.id, hostname: 'default'
}, format: :json
expect(response).to be_success
end
end

58
spec/controllers/user_badges_controller_spec.rb
View File

@@ -10,7 +10,7 @@ describe UserBadgesController do
p = create_post
UserBadge.create(badge: badge, user: user, post_id: p.id, granted_by_id: -1, granted_at: Time.now)
xhr :get, :index, badge_id: badge.id
get :index, params: { badge_id: badge.id }, format: :json
expect(response.status).to eq(200)
parsed = JSON.parse(response.body)
@@ -24,11 +24,13 @@ describe UserBadgesController do
let!(:user_badge) { UserBadge.create(badge: badge, user: user, granted_by: Discourse.system_user, granted_at: Time.now) }
it 'requires username or badge_id to be specified' do
expect { xhr :get, :index }.to raise_error(ActionController::ParameterMissing)
expect do
get :index, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it 'returns user_badges for a user' do
xhr :get, :username, username: user.username
get :username, params: { username: user.username }, format: :json
expect(response.status).to eq(200)
parsed = JSON.parse(response.body)
@@ -36,7 +38,7 @@ describe UserBadgesController do
end
it 'returns user_badges for a badge' do
xhr :get, :index, badge_id: badge.id
get :index, params: { badge_id: badge.id }, format: :json
expect(response.status).to eq(200)
parsed = JSON.parse(response.body)
@@ -44,7 +46,9 @@ describe UserBadgesController do
end
it 'includes counts when passed the aggregate argument' do
xhr :get, :username, username: user.username, grouped: true
get :username, params: {
username: user.username, grouped: true
}, format: :json
expect(response.status).to eq(200)
parsed = JSON.parse(response.body)
@@ -54,26 +58,34 @@ describe UserBadgesController do
context 'create' do
it 'requires username to be specified' do
expect { xhr :post, :create, badge_id: badge.id }.to raise_error(ActionController::ParameterMissing)
expect do
post :create, params: { badge_id: badge.id }, format: :json
end.to raise_error(ActionController::ParameterMissing)
end
it 'does not allow regular users to grant badges' do
log_in_user Fabricate(:user)
xhr :post, :create, badge_id: badge.id, username: user.username
post :create, params: {
badge_id: badge.id, username: user.username
}, format: :json
expect(response.status).to eq(403)
end
it 'grants badges from staff' do
admin = Fabricate(:admin)
post = create_post
post_1 = create_post
log_in_user admin
StaffActionLogger.any_instance.expects(:log_badge_grant).once
xhr :post, :create, badge_id: badge.id,
username: user.username,
reason: Discourse.base_url + post.url
post :create, params: {
badge_id: badge.id,
username: user.username,
reason: Discourse.base_url + post_1.url
}, format: :json
expect(response.status).to eq(200)
@@ -81,19 +93,27 @@ describe UserBadgesController do
expect(user_badge).to be_present
expect(user_badge.granted_by).to eq(admin)
expect(user_badge.post_id).to eq(post.id)
expect(user_badge.post_id).to eq(post_1.id)
end
it 'does not grant badges from regular api calls' do
Fabricate(:api_key, user: user)
xhr :post, :create, badge_id: badge.id, username: user.username, api_key: user.api_key.key
post :create, params: {
badge_id: badge.id, username: user.username, api_key: user.api_key.key
}, format: :json
expect(response.status).to eq(403)
end
it 'grants badges from master api calls' do
api_key = Fabricate(:api_key)
StaffActionLogger.any_instance.expects(:log_badge_grant).never
xhr :post, :create, badge_id: badge.id, username: user.username, api_key: api_key.key, api_username: "system"
post :create, params: {
badge_id: badge.id, username: user.username, api_key: api_key.key, api_username: "system"
}, format: :json
expect(response.status).to eq(200)
user_badge = UserBadge.find_by(user: user, badge: badge)
expect(user_badge).to be_present
@@ -105,7 +125,9 @@ describe UserBadgesController do
user
event = DiscourseEvent.track_events do
xhr :post, :create, badge_id: badge.id, username: user.username
post :create, params: {
badge_id: badge.id, username: user.username
}, format: :json
end.first
expect(event[:event_name]).to eq(:user_badge_granted)
@@ -116,14 +138,14 @@ describe UserBadgesController do
let!(:user_badge) { UserBadge.create(badge: badge, user: user, granted_by: Discourse.system_user, granted_at: Time.now) }
it 'checks that the user is authorized to revoke a badge' do
xhr :delete, :destroy, id: user_badge.id
delete :destroy, params: { id: user_badge.id }, format: :json
expect(response.status).to eq(403)
end
it 'revokes the badge' do
log_in :admin
StaffActionLogger.any_instance.expects(:log_badge_revoke).once
xhr :delete, :destroy, id: user_badge.id
delete :destroy, params: { id: user_badge.id }, format: :json
expect(response.status).to eq(200)
expect(UserBadge.find_by(id: user_badge.id)).to eq(nil)
end
@@ -132,7 +154,7 @@ describe UserBadgesController do
log_in :admin
event = DiscourseEvent.track_events do
xhr :delete, :destroy, id: user_badge.id
delete :destroy, params: { id: user_badge.id }, format: :json
end.first
expect(event[:event_name]).to eq(:user_badge_removed)

802
spec/controllers/users_controller_spec.rb
View File

File diff suppressed because it is too large Load Diff

120
spec/controllers/users_email_controller_spec.rb
View File

@@ -1,120 +0,0 @@
require 'rails_helper'
describe UsersEmailController do
describe '.confirm' do
it 'errors out for invalid tokens' do
get :confirm, token: 'asdfasdf'
expect(response).to be_success
expect(assigns(:update_result)).to eq(:error)
end
context 'valid old address token' do
let(:user) { Fabricate(:moderator) }
let(:updater) { EmailUpdater.new(user.guardian, user) }
before do
updater.change_to('new.n.cool@example.com')
end
it 'confirms with a correct token' do
get :confirm, token: user.email_tokens.last.token
expect(response).to be_success
expect(assigns(:update_result)).to eq(:authorizing_new)
end
end
context 'valid new address token' do
let(:user) { Fabricate(:user) }
let(:updater) { EmailUpdater.new(user.guardian, user) }
before do
updater.change_to('new.n.cool@example.com')
end
it 'confirms with a correct token' do
user.user_stat.update_columns(bounce_score: 42, reset_bounce_score_after: 1.week.from_now)
events = DiscourseEvent.track_events do
get :confirm, token: user.email_tokens.last.token
end
expect(events.map { |event| event[:event_name] }).to include(
:user_logged_in, :user_first_logged_in
)
expect(response).to be_success
expect(assigns(:update_result)).to eq(:complete)
user.reload
expect(user.user_stat.bounce_score).to eq(0)
expect(user.user_stat.reset_bounce_score_after).to eq(nil)
end
end
end
describe '.update' do
let(:new_email) { 'bubblegum@adventuretime.ooo' }
it "requires you to be logged in" do
expect { xhr :put, :update, username: 'asdf', email: new_email }.to raise_error(Discourse::NotLoggedIn)
end
context 'when logged in' do
let!(:user) { log_in }
it 'raises an error without an email parameter' do
expect { xhr :put, :update, username: user.username }.to raise_error(ActionController::ParameterMissing)
end
it "raises an error if you can't edit the user's email" do
Guardian.any_instance.expects(:can_edit_email?).with(user).returns(false)
xhr :put, :update, username: user.username, email: new_email
expect(response).to be_forbidden
end
context 'when the new email address is taken' do
let!(:other_user) { Fabricate(:coding_horror) }
it 'raises an error' do
xhr :put, :update, username: user.username, email: other_user.email
expect(response).to_not be_success
end
it 'raises an error if there is whitespace too' do
xhr :put, :update, username: user.username, email: other_user.email + ' '
expect(response).to_not be_success
end
end
context 'when new email is different case of existing email' do
let!(:other_user) { Fabricate(:user, email: 'case.insensitive@gmail.com') }
it 'raises an error' do
xhr :put, :update, username: user.username, email: other_user.email.upcase
expect(response).to_not be_success
end
end
it 'raises an error when new email domain is present in email_domains_blacklist site setting' do
SiteSetting.email_domains_blacklist = "mailinator.com"
xhr :put, :update, username: user.username, email: "not_good@mailinator.com"
expect(response).to_not be_success
end
it 'raises an error when new email domain is not present in email_domains_whitelist site setting' do
SiteSetting.email_domains_whitelist = "discourse.org"
xhr :put, :update, username: user.username, email: new_email
expect(response).to_not be_success
end
context 'success' do
it 'has an email token' do
expect { xhr :put, :update, username: user.username, email: new_email }.to change(EmailChangeRequest, :count)
end
end
end
end
end

78
spec/controllers/webhooks_controller_spec.rb
View File

@@ -16,11 +16,13 @@ describe WebhooksController do
WebhooksController.any_instance.expects(:mailgun_verify).returns(true)
post :mailgun, "token" => "705a8ccd2ce932be8e98c221fe701c1b4a0afcb8bbd57726de",
"timestamp" => Time.now.to_i,
"event" => "dropped",
"recipient" => email,
"Message-Id" => "<12345@il.com>"
post :mailgun, params: {
"token" => "705a8ccd2ce932be8e98c221fe701c1b4a0afcb8bbd57726de",
"timestamp" => Time.now.to_i,
"event" => "dropped",
"recipient" => email,
"Message-Id" => "<12345@il.com>"
}, format: :json
expect(response).to be_success
@@ -37,14 +39,16 @@ describe WebhooksController do
user = Fabricate(:user, email: email)
email_log = Fabricate(:email_log, user: user, message_id: message_id, to_address: email)
post :sendgrid, "_json" => [
{
"email" => email,
"smtp-id" => "<12345@il.com>",
"event" => "bounce",
"status" => "5.0.0"
}
]
post :sendgrid, params: {
"_json" => [
{
"email" => email,
"smtp-id" => "<12345@il.com>",
"event" => "bounce",
"status" => "5.0.0"
}
]
}, format: :json
expect(response).to be_success
@@ -61,10 +65,12 @@ describe WebhooksController do
user = Fabricate(:user, email: email)
email_log = Fabricate(:email_log, user: user, message_id: message_id, to_address: email)
post :mailjet, "event" => "bounce",
"email" => email,
"hard_bounce" => true,
"CustomID" => message_id
post :mailjet, params: {
"event" => "bounce",
"email" => email,
"hard_bounce" => true,
"CustomID" => message_id
}, format: :json
expect(response).to be_success
@@ -81,15 +87,17 @@ describe WebhooksController do
user = Fabricate(:user, email: email)
email_log = Fabricate(:email_log, user: user, message_id: message_id, to_address: email)
post :mandrill, mandrill_events: [{
"event" => "hard_bounce",
"msg" => {
"email" => email,
"metadata" => {
"message_id" => message_id
post :mandrill, params: {
mandrill_events: [{
"event" => "hard_bounce",
"msg" => {
"email" => email,
"metadata" => {
"message_id" => message_id
}
}
}
}]
}]
}, format: :json
expect(response).to be_success
@@ -106,17 +114,19 @@ describe WebhooksController do
user = Fabricate(:user, email: email)
email_log = Fabricate(:email_log, user: user, message_id: message_id, to_address: email)
post :sparkpost, "_json" => [{
"msys" => {
"message_event" => {
"bounce_class" => 10,
"rcpt_to" => email,
"rcpt_meta" => {
"message_id" => message_id
post :sparkpost, params: {
"_json" => [{
"msys" => {
"message_event" => {
"bounce_class" => 10,
"rcpt_to" => email,
"rcpt_meta" => {
"message_id" => message_id
}
}
}
}
}]
}]
}, format: :json
expect(response).to be_success

12
spec/controllers/wizard_controller_spec.rb
View File

@@ -10,31 +10,33 @@ describe WizardController do
end
it 'needs you to be logged in' do
expect { xhr :get, :index }.to raise_error(Discourse::NotLoggedIn)
expect do
get :index, format: :json
end.to raise_error(Discourse::NotLoggedIn)
end
it "raises an error if you aren't an admin" do
log_in(:moderator)
xhr :get, :index
get :index, format: :json
expect(response).to be_forbidden
end
it "raises an error if the wizard is disabled" do
SiteSetting.wizard_enabled = false
log_in(:admin)
xhr :get, :index
get :index, format: :json
expect(response).to be_forbidden
end
it "renders the wizard if you are an admin" do
log_in(:admin)
xhr :get, :index
get :index, format: :json
expect(response).to be_success
end
it "returns JSON when the mime type is appropriate" do
log_in(:admin)
xhr :get, :index, format: 'json'
get :index, format: 'json'
expect(response).to be_success
expect(::JSON.parse(response.body).has_key?('wizard')).to eq(true)
end