123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436 |
- # frozen_string_literal: true
- require 'rails_helper'
- RSpec.describe Admin::AccountsController do
- render_views
- before { sign_in current_user, scope: :user }
- describe 'GET #index' do
- let(:current_user) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')) }
- around do |example|
- default_per_page = Account.default_per_page
- Account.paginates_per 1
- example.run
- Account.paginates_per default_per_page
- end
- it 'filters with parameters' do
- new = AccountFilter.method(:new)
- expect(AccountFilter).to receive(:new) do |params|
- h = params.to_h
- expect(h[:origin]).to eq 'local'
- expect(h[:by_domain]).to eq 'domain'
- expect(h[:status]).to eq 'active'
- expect(h[:username]).to eq 'username'
- expect(h[:display_name]).to eq 'display name'
- expect(h[:email]).to eq 'local-part@domain'
- expect(h[:ip]).to eq '0.0.0.42'
- new.call({})
- end
- get :index, params: {
- origin: 'local',
- by_domain: 'domain',
- status: 'active',
- username: 'username',
- display_name: 'display name',
- email: 'local-part@domain',
- ip: '0.0.0.42',
- }
- end
- it 'paginates accounts' do
- Fabricate(:account)
- get :index, params: { page: 2 }
- accounts = assigns(:accounts)
- expect(accounts.count).to eq 1
- expect(accounts.klass).to be Account
- end
- it 'returns http success' do
- get :index
- expect(response).to have_http_status(200)
- end
- end
- describe 'GET #show' do
- let(:current_user) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')) }
- let(:account) { Fabricate(:account) }
- it 'returns http success' do
- get :show, params: { id: account.id }
- expect(response).to have_http_status(200)
- end
- end
- describe 'POST #memorialize' do
- subject { post :memorialize, params: { id: account.id } }
- let(:current_user) { Fabricate(:user, role: current_role) }
- let(:account) { user.account }
- let(:user) { Fabricate(:user, role: target_role) }
- context 'when user is admin' do
- let(:current_role) { UserRole.find_by(name: 'Admin') }
- context 'when target user is admin' do
- let(:target_role) { UserRole.find_by(name: 'Admin') }
- it 'fails to memorialize account' do
- expect(subject).to have_http_status 403
- expect(account.reload).to_not be_memorial
- end
- end
- context 'when target user is not admin' do
- let(:target_role) { UserRole.find_by(name: 'Moderator') }
- it 'succeeds in memorializing account' do
- expect(subject).to redirect_to admin_account_path(account.id)
- expect(account.reload).to be_memorial
- end
- end
- end
- context 'when user is not admin' do
- let(:current_role) { UserRole.find_by(name: 'Moderator') }
- context 'when target user is admin' do
- let(:target_role) { UserRole.find_by(name: 'Admin') }
- it 'fails to memorialize account' do
- expect(subject).to have_http_status 403
- expect(account.reload).to_not be_memorial
- end
- end
- context 'when target user is not admin' do
- let(:target_role) { UserRole.find_by(name: 'Moderator') }
- it 'fails to memorialize account' do
- expect(subject).to have_http_status 403
- expect(account.reload).to_not be_memorial
- end
- end
- end
- end
- describe 'POST #enable' do
- subject { post :enable, params: { id: account.id } }
- let(:current_user) { Fabricate(:user, role: role) }
- let(:account) { user.account }
- let(:user) { Fabricate(:user, disabled: true) }
- context 'when user is admin' do
- let(:role) { UserRole.find_by(name: 'Admin') }
- it 'succeeds in enabling account' do
- expect(subject).to redirect_to admin_account_path(account.id)
- expect(user.reload).to_not be_disabled
- end
- end
- context 'when user is not admin' do
- let(:role) { UserRole.everyone }
- it 'fails to enable account' do
- expect(subject).to have_http_status 403
- expect(user.reload).to be_disabled
- end
- end
- end
- describe 'POST #approve' do
- subject { post :approve, params: { id: account.id } }
- let(:current_user) { Fabricate(:user, role: role) }
- let(:account) { user.account }
- let(:user) { Fabricate(:user) }
- before do
- account.user.update(approved: false)
- end
- context 'when user is admin' do
- let(:role) { UserRole.find_by(name: 'Admin') }
- it 'succeeds in approving account' do
- expect(subject).to redirect_to admin_accounts_path(status: 'pending')
- expect(user.reload).to be_approved
- end
- it 'logs action' do
- expect(subject).to have_http_status 302
- log_item = Admin::ActionLog.last
- expect(log_item).to_not be_nil
- expect(log_item.action).to eq :approve
- expect(log_item.account_id).to eq current_user.account_id
- expect(log_item.target_id).to eq account.user.id
- end
- end
- context 'when user is not admin' do
- let(:role) { UserRole.everyone }
- it 'fails to approve account' do
- expect(subject).to have_http_status 403
- expect(user.reload).to_not be_approved
- end
- end
- end
- describe 'POST #reject' do
- subject { post :reject, params: { id: account.id } }
- let(:current_user) { Fabricate(:user, role: role) }
- let(:account) { user.account }
- let(:user) { Fabricate(:user) }
- before do
- account.user.update(approved: false)
- end
- context 'when user is admin' do
- let(:role) { UserRole.find_by(name: 'Admin') }
- it 'succeeds in rejecting account' do
- expect(subject).to redirect_to admin_accounts_path(status: 'pending')
- end
- it 'logs action' do
- expect(subject).to have_http_status 302
- log_item = Admin::ActionLog.last
- expect(log_item).to_not be_nil
- expect(log_item.action).to eq :reject
- expect(log_item.account_id).to eq current_user.account_id
- expect(log_item.target_id).to eq account.user.id
- end
- end
- context 'when user is not admin' do
- let(:role) { UserRole.everyone }
- it 'fails to reject account' do
- expect(subject).to have_http_status 403
- expect(user.reload).to_not be_approved
- end
- end
- end
- describe 'POST #redownload' do
- subject { post :redownload, params: { id: account.id } }
- let(:current_user) { Fabricate(:user, role: role) }
- let(:account) { Fabricate(:account, domain: 'example.com') }
- before do
- allow_any_instance_of(ResolveAccountService).to receive(:call)
- end
- context 'when user is admin' do
- let(:role) { UserRole.find_by(name: 'Admin') }
- it 'succeeds in redownloading' do
- expect(subject).to redirect_to admin_account_path(account.id)
- end
- end
- context 'when user is not admin' do
- let(:role) { UserRole.everyone }
- it 'fails to redownload' do
- expect(subject).to have_http_status 403
- end
- end
- end
- describe 'POST #remove_avatar' do
- subject { post :remove_avatar, params: { id: account.id } }
- let(:current_user) { Fabricate(:user, role: role) }
- let(:account) { Fabricate(:account) }
- context 'when user is admin' do
- let(:role) { UserRole.find_by(name: 'Admin') }
- it 'succeeds in removing avatar' do
- expect(subject).to redirect_to admin_account_path(account.id)
- end
- end
- context 'when user is not admin' do
- let(:role) { UserRole.everyone }
- it 'fails to remove avatar' do
- expect(subject).to have_http_status 403
- end
- end
- end
- describe 'POST #unblock_email' do
- subject { post :unblock_email, params: { id: account.id } }
- let(:current_user) { Fabricate(:user, role: role) }
- let(:account) { Fabricate(:account, suspended: true) }
- let!(:email_block) { Fabricate(:canonical_email_block, reference_account: account) }
- context 'when user is admin' do
- let(:role) { UserRole.find_by(name: 'Admin') }
- it 'succeeds in removing email blocks' do
- expect { subject }.to change { CanonicalEmailBlock.where(reference_account: account).count }.from(1).to(0)
- end
- it 'redirects to admin account path' do
- subject
- expect(response).to redirect_to admin_account_path(account.id)
- end
- end
- context 'when user is not admin' do
- let(:role) { UserRole.everyone }
- it 'fails to remove avatar' do
- subject
- expect(response).to have_http_status 403
- end
- end
- end
- describe 'POST #unsensitive' do
- subject { post :unsensitive, params: { id: account.id } }
- let(:current_user) { Fabricate(:user, role: role) }
- let(:account) { Fabricate(:account, sensitized_at: 1.year.ago) }
- context 'when user is admin' do
- let(:role) { UserRole.find_by(name: 'Admin') }
- it 'marks accounts not sensitized' do
- subject
- expect(account.reload).to_not be_sensitized
- expect(response).to redirect_to admin_account_path(account.id)
- end
- end
- context 'when user is not admin' do
- let(:role) { UserRole.everyone }
- it 'fails to change account' do
- subject
- expect(response).to have_http_status 403
- end
- end
- end
- describe 'POST #unsilence' do
- subject { post :unsilence, params: { id: account.id } }
- let(:current_user) { Fabricate(:user, role: role) }
- let(:account) { Fabricate(:account, silenced_at: 1.year.ago) }
- context 'when user is admin' do
- let(:role) { UserRole.find_by(name: 'Admin') }
- it 'marks accounts not silenced' do
- subject
- expect(account.reload).to_not be_silenced
- expect(response).to redirect_to admin_account_path(account.id)
- end
- end
- context 'when user is not admin' do
- let(:role) { UserRole.everyone }
- it 'fails to change account' do
- subject
- expect(response).to have_http_status 403
- end
- end
- end
- describe 'POST #unsuspend' do
- subject { post :unsuspend, params: { id: account.id } }
- let(:current_user) { Fabricate(:user, role: role) }
- let(:account) { Fabricate(:account) }
- before do
- account.suspend!
- end
- context 'when user is admin' do
- let(:role) { UserRole.find_by(name: 'Admin') }
- it 'marks accounts not suspended' do
- subject
- expect(account.reload).to_not be_suspended
- expect(response).to redirect_to admin_account_path(account.id)
- end
- end
- context 'when user is not admin' do
- let(:role) { UserRole.everyone }
- it 'fails to change account' do
- subject
- expect(response).to have_http_status 403
- end
- end
- end
- describe 'POST #destroy' do
- subject { post :destroy, params: { id: account.id } }
- let(:current_user) { Fabricate(:user, role: role) }
- let(:account) { Fabricate(:account) }
- before do
- account.suspend!
- end
- context 'when user is admin' do
- let(:role) { UserRole.find_by(name: 'Admin') }
- before do
- allow(Admin::AccountDeletionWorker).to receive(:perform_async).with(account.id)
- end
- it 'destroys the account' do
- subject
- expect(Admin::AccountDeletionWorker).to have_received(:perform_async).with(account.id)
- expect(response).to redirect_to admin_account_path(account.id)
- end
- end
- context 'when user is not admin' do
- let(:role) { UserRole.everyone }
- it 'fails to change account' do
- subject
- expect(response).to have_http_status 403
- end
- end
- end
- end
|