# encoding: UTF-8 # frozen_string_literal: true RSpec.describe "spam rules for users" do describe 'auto-silence users based on flagging' do fab!(:admin) { Fabricate(:admin) } # needed to send a system message fab!(:moderator) { Fabricate(:moderator) } fab!(:user1) { Fabricate(:user) } fab!(:user2) { Fabricate(:user) } before do SiteSetting.hide_post_sensitivity = Reviewable.sensitivity[:disabled] Reviewable.set_priorities(high: 4.0) SiteSetting.silence_new_user_sensitivity = Reviewable.sensitivity[:low] SiteSetting.num_users_to_silence_new_user = 2 end context 'when spammer is a new user' do fab!(:spammer) { Fabricate(:user, trust_level: TrustLevel[0]) } context 'when spammer post is not flagged enough times' do let!(:spam_post) { create_post(user: spammer) } let!(:spam_post2) { create_post(user: spammer) } before do PostActionCreator.create(user1, spam_post, :spam) end it 'should not hide the post' do expect(spam_post.reload).to_not be_hidden end context 'when spam posts are flagged enough times, but not by enough users' do it 'should not hide the post' do PostActionCreator.create(user1, spam_post2, :spam) expect(spam_post.reload).to_not be_hidden expect(spam_post2.reload).to_not be_hidden expect(spammer.reload).to_not be_silenced end end context 'when one spam post is flagged enough times by enough users' do fab!(:another_topic) { Fabricate(:topic) } let!(:private_messages_count) { spammer.private_topics_count } let!(:mod_pm_count) { moderator.private_topics_count } let!(:reviewable) { PostActionCreator.spam(user2, spam_post).reviewable } it 'should hide the posts' do expect(Guardian.new(spammer).can_create_topic?(nil)).to be(false) expect { PostCreator.create(spammer, title: 'limited time offer for you', raw: 'better buy this stuff ok', archetype_id: 1) }.to raise_error(Discourse::InvalidAccess) expect(PostCreator.create(spammer, topic_id: another_topic.id, raw: 'my reply is spam in your topic', archetype_id: 1)).to eq(nil) expect(spammer.reload).to be_silenced expect(spam_post.reload).to be_hidden expect(spam_post2.reload).to be_hidden expect(spammer.reload.private_topics_count).to eq(private_messages_count + 1) end context "when a post is deleted" do it 'should silence the spammer' do spam_post.trash!(moderator); spammer.reload expect(spammer.reload).to be_silenced end end context "when spammer becomes trust level 1" do it 'should silence the spammer' do spammer.change_trust_level!(TrustLevel[1]); spammer.reload expect(spammer.reload).to be_silenced end end end context 'with hide_post_sensitivity' do it 'should silence the spammer' do Reviewable.set_priorities(high: 2.0) SiteSetting.hide_post_sensitivity = Reviewable.sensitivity[:low] PostActionCreator.create(user2, spam_post, :spam) expect(spammer.reload).to be_silenced expect(Guardian.new(spammer).can_create_topic?(nil)).to be false end end end end context "when spammer has trust level basic" do let(:spammer) { Fabricate(:user, trust_level: TrustLevel[1]) } context 'when one spam post is flagged enough times by enough users' do let!(:spam_post) { Fabricate(:post, user: spammer) } let!(:private_messages_count) { spammer.private_topics_count } it 'should not allow spammer to create new posts' do PostActionCreator.create(user1, spam_post, :spam) PostActionCreator.create(user2, spam_post, :spam) expect(spam_post.reload).to_not be_hidden expect(Guardian.new(spammer).can_create_topic?(nil)).to be(true) expect { PostCreator.create(spammer, title: 'limited time offer for you', raw: 'better buy this stuff ok', archetype_id: 1) }.to_not raise_error expect(spammer.reload.private_topics_count).to eq(private_messages_count) end end end [[:user, trust_level: TrustLevel[2]], [:admin], [:moderator]].each do |spammer_args| context "spammer is trusted #{spammer_args[0]}" do let!(:spammer) { Fabricate(*spammer_args) } let!(:spam_post) { Fabricate(:post, user: spammer) } let!(:private_messages_count) { spammer.private_topics_count } it 'should not hide the post' do PostActionCreator.create(user1, spam_post, :spam) PostActionCreator.create(user2, spam_post, :spam) expect(spam_post.reload).to_not be_hidden end end end end end