IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FEATURE: Public groups.

Browse Source
This commit is contained in:
Guo Xiang Tan
2016-12-07 12:06:56 +08:00
parent 78553151ea
commit be5b5f6bea
14 changed files with 352 additions and 187 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
spec/controllers/admin/groups_controller_spec.rb
View File

@@ -39,8 +39,10 @@ describe Admin::GroupsController do
"flair_bg_color"=>nil,
"flair_color"=>nil,
"bio_raw"=>nil,
"bio_cooked"=>nil
"bio_cooked"=>nil,
"public"=>false
}])
end
end

156
spec/controllers/groups_controller_spec.rb
View File

@@ -69,162 +69,6 @@ describe GroupsController do
end
end
describe "membership edit permission" do
it "refuses membership changes to unauthorized users" do
Guardian.any_instance.stubs(:can_edit?).with(group).returns(false)
xhr :put, :add_members, id: group.id, usernames: "bob"
expect(response).to be_forbidden
xhr :delete, :remove_member, id: group.id, username: "bob"
expect(response).to be_forbidden
end
it "cannot add members to automatic groups" do
Guardian.any_instance.stubs(:is_admin?).returns(true)
group = Fabricate(:group, name: "auto_group", automatic: true)
xhr :put, :add_members, id: group.id, usernames: "bob"
expect(response).to be_forbidden
end
end
describe "membership edits" do
before do
@user1 = Fabricate(:user)
group.add(@user1)
group.reload
Guardian.any_instance.stubs(:can_edit?).with(group).returns(true)
end
it "can make incremental adds" do
user2 = Fabricate(:user)
xhr :put, :add_members, id: group.id, usernames: user2.username
expect(response).to be_success
group.reload
expect(group.users.count).to eq(2)
end
it "can make incremental deletes" do
xhr :delete, :remove_member, id: group.id, username: @user1.username
expect(response).to be_success
group.reload
expect(group.users.count).to eq(0)
end
end
context ".add_members" do
before do
@admin = log_in(:admin)
end
it "cannot add members to automatic groups" do
xhr :put, :add_members, id: 1, usernames: "l77t"
expect(response.status).to eq(403)
end
context "is able to add several members to a group" do
let(:user1) { Fabricate(:user) }
let(:user2) { Fabricate(:user) }
let(:group) { Fabricate(:group) }
it "adds by username" do
xhr :put, :add_members, id: group.id, usernames: [user1.username, user2.username].join(",")
expect(response).to be_success
group.reload
expect(group.users.count).to eq(2)
end
it "adds by id" do
xhr :put, :add_members, id: group.id, user_ids: [user1.id, user2.id].join(",")
expect(response).to be_success
group.reload
expect(group.users.count).to eq(2)
end
end
it "returns 422 if member already exists" do
group = Fabricate(:group)
existing_member = Fabricate(:user)
group.add(existing_member)
group.save
xhr :put, :add_members, id: group.id, usernames: existing_member.username
expect(response.status).to eq(422)
end
end
context ".remove_member" do
before do
@admin = log_in(:admin)
end
it "cannot remove members from automatic groups" do
xhr :put, :remove_member, id: 1, user_id: 42
expect(response.status).to eq(403)
end
context "is able to remove a member" do
let(:user) { Fabricate(:user) }
let(:group) { Fabricate(:group) }
before do
group.add(user)
group.save
end
it "removes by id" do
expect do
xhr :delete, :remove_member, id: group.id, user_id: user.id
expect(response).to be_success
group.reload
end.to change{group.users.count}.from(1).to(0)
end
it "removes by username" do
expect do
xhr :delete, :remove_member, id: group.id, username: user.username
expect(response).to be_success
group.reload
end.to change{group.users.count}.from(1).to(0)
end
it "removes user.primary_group_id when user is removed from group" do
user.primary_group_id = group.id
user.save
xhr :delete, :remove_member, id: group.id, username: user.username
user.reload
expect(user.primary_group_id).to eq(nil)
end
it "removes by user_email" do
expect do
xhr :delete, :remove_member, id: group.id, user_email: user.email
expect(response).to be_success
group.reload
end.to change{group.users.count}.from(1).to(0)
end
end
end
describe '.posts_feed' do
it 'renders RSS' do
get :posts_feed, group_id: group.name, format: :rss

231
spec/integration/groups_spec.rb
View File

@@ -2,6 +2,7 @@ require 'rails_helper'
describe "Groups" do
let(:user) { Fabricate(:user) }
let(:group) { Fabricate(:group, users: [user]) }
def sign_in(user)
password = 'somecomplicatedpassword'
@@ -12,11 +13,9 @@ describe "Groups" do
end
describe "checking if a group can be mentioned" do
let(:group) { Fabricate(:group, name: 'test', users: [user]) }
it "should return the right response" do
sign_in(user)
group
group.update_attributes!(name: 'test')
get "/groups/test/mentionable.json", { name: group.name }
@@ -36,7 +35,11 @@ describe "Groups" do
end
describe "group can be updated" do
let(:group) { Fabricate(:group, name: 'test', users: [user]) }
let(:group) { Fabricate(:group, name: 'test', users: [user], public: false) }
before do
sign_in(user)
end
context "when user is group owner" do
before do
@@ -50,7 +53,8 @@ describe "Groups" do
flair_color: 'BBB',
flair_url: 'fa-adjust',
bio_raw: 'testing',
title: 'awesome team'
title: 'awesome team',
public: true
} }
expect(response).to be_success
@@ -62,6 +66,7 @@ describe "Groups" do
expect(group.flair_url).to eq('fa-adjust')
expect(group.bio_raw).to eq('testing')
expect(group.title).to eq('awesome team')
expect(group.public).to eq(true)
end
end
@@ -145,4 +150,220 @@ describe "Groups" do
expect(members.map { |m| m["id"] }).to eq([user1.id, user2.id])
end
end
describe "membership edit permissions" do
let(:group) { Fabricate(:group) }
context 'when user is not signed in' do
it 'should be fobidden' do
xhr :put, "/groups/#{group.id}/members", usernames: "bob"
expect(response).to be_forbidden
xhr :delete, "/groups/#{group.id}/members", username: "bob"
expect(response).to be_forbidden
end
context 'public group' do
it 'should be fobidden' do
group.update_attributes!(public: true)
expect { xhr :put, "/groups/#{group.id}/members", usernames: "bob" }
.to raise_error(Discourse::NotLoggedIn)
expect { xhr :delete, "/groups/#{group.id}/members", username: "bob" }
.to raise_error(Discourse::NotLoggedIn)
end
end
end
context 'when user is not an owner of the group' do
before do
sign_in(user)
end
it "refuses membership changes to unauthorized users" do
xhr :put, "/groups/#{group.id}/members", usernames: "bob"
expect(response).to be_forbidden
xhr :delete, "/groups/#{group.id}/members", username: "bob"
expect(response).to be_forbidden
end
end
context 'when user is an admin' do
let(:user) { Fabricate(:admin) }
let(:group) { Fabricate(:group, users: [user], automatic: true) }
before do
sign_in(user)
end
it "cannot add members to automatic groups" do
xhr :put, "/groups/#{group.id}/members", usernames: "bob"
expect(response).to be_forbidden
xhr :delete, "/groups/#{group.id}/members", username: "bob"
expect(response).to be_forbidden
end
end
end
describe "membership edits" do
let(:admin) { Fabricate(:admin) }
before do
sign_in(admin)
end
context 'adding members' do
it "can make incremental adds" do
user2 = Fabricate(:user)
expect(group.users.count).to eq(1)
xhr :put, "/groups/#{group.id}/members", usernames: user2.username
expect(response).to be_success
expect(group.reload.users.count).to eq(2)
end
it "can make incremental deletes" do
expect(group.users.count).to eq(1)
xhr :delete, "/groups/#{group.id}/members", username: user.username
expect(response).to be_success
expect(group.reload.users.count).to eq(0)
end
it "cannot add members to automatic groups" do
group.update!(automatic: true)
xhr :put, "/groups/#{group.id}/members", usernames: "l77t"
expect(response.status).to eq(403)
end
context "is able to add several members to a group" do
let(:user1) { Fabricate(:user) }
let(:user2) { Fabricate(:user) }
it "adds by username" do
expect { xhr :put, "/groups/#{group.id}/members", usernames: [user1.username, user2.username].join(",") }
.to change { group.users.count }.by(2)
expect(response).to be_success
end
it "adds by id" do
expect { xhr :put, "/groups/#{group.id}/members", user_ids: [user1.id, user2.id].join(",") }
.to change { group.users.count }.by(2)
expect(response).to be_success
end
end
it "returns 422 if member already exists" do
xhr :put, "/groups/#{group.id}/members", usernames: user.username
expect(response.status).to eq(422)
end
it "returns 404 if member is not found" do
xhr :put, "/groups/#{group.id}/members", usernames: 'some donkey'
expect(response.status).to eq(404)
end
context 'public group' do
let(:other_user) { Fabricate(:user) }
before do
group.update!(public: true)
end
it 'should allow a user to join the group' do
sign_in(other_user)
expect { xhr :put, "/groups/#{group.id}/members", usernames: other_user.username }
.to change { group.users.count }.by(1)
expect(response).to be_success
end
it 'should not allow a user to add another user to a group' do
xhr :put, "/groups/#{group.id}/members", usernames: other_user.username
expect(response).to be_forbidden
end
end
end
context 'removing members' do
it "cannot remove members from automatic groups" do
group.update!(automatic: true)
xhr :delete, "/groups/#{group.id}/members", user_id: 42
expect(response.status).to eq(403)
end
it "raises an error if user to be removed is not found" do
xhr :delete, "/groups/#{group.id}/members", user_id: -10
expect(response.status).to eq(404)
end
context "is able to remove a member" do
it "removes by id" do
expect { xhr :delete, "/groups/#{group.id}/members", user_id: user.id }
.to change { group.users.count }.by(-1)
expect(response).to be_success
end
it "removes by username" do
expect { xhr :delete, "/groups/#{group.id}/members", username: user.username }
.to change { group.users.count }.by(-1)
expect(response).to be_success
end
it "removes user.primary_group_id when user is removed from group" do
user.update!(primary_group_id: group.id)
xhr :delete, "/groups/#{group.id}/members", user_id: user.id
expect(user.reload.primary_group_id).to eq(nil)
end
it "removes by user_email" do
expect { xhr :delete, "/groups/#{group.id}/members", user_email: user.email }
.to change { group.users.count }.by(-1)
expect(response).to be_success
end
context 'public group' do
let(:other_user) { Fabricate(:user) }
let(:group) { Fabricate(:group, users: [other_user]) }
before do
group.update!(public: true)
end
it 'should allow a user to leave a group' do
sign_in(other_user)
expect { xhr :delete, "/groups/#{group.id}/members", username: other_user.username }
.to change { group.users.count }.by(-1)
expect(response).to be_success
end
it 'should not allow a user to leave a group for another user' do
xhr :delete, "/groups/#{group.id}/members", username: other_user.username
expect(response).to be_forbidden
end
end
end
end
end
end