accounts_controller_spec.rb 7.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260
  1. require 'rails_helper'
  2. RSpec.describe Api::V1::AccountsController, type: :controller do
  3. render_views
  4. let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }
  5. let(:scopes) { '' }
  6. let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
  7. before do
  8. allow(controller).to receive(:doorkeeper_token) { token }
  9. end
  10. shared_examples 'forbidden for wrong scope' do |wrong_scope|
  11. let(:scopes) { wrong_scope }
  12. it 'returns http forbidden' do
  13. expect(response).to have_http_status(403)
  14. end
  15. end
  16. describe 'POST #create' do
  17. let(:app) { Fabricate(:application) }
  18. let(:token) { Doorkeeper::AccessToken.find_or_create_for(app, nil, 'read write', nil, false) }
  19. let(:agreement) { nil }
  20. before do
  21. post :create, params: { username: 'test', password: '12345678', email: 'hello@world.tld', agreement: agreement }
  22. end
  23. context 'given truthy agreement' do
  24. let(:agreement) { 'true' }
  25. it 'returns http success' do
  26. expect(response).to have_http_status(200)
  27. end
  28. it 'returns a new access token as JSON' do
  29. expect(body_as_json[:access_token]).to_not be_blank
  30. end
  31. it 'creates a user' do
  32. user = User.find_by(email: 'hello@world.tld')
  33. expect(user).to_not be_nil
  34. expect(user.created_by_application_id).to eq app.id
  35. end
  36. end
  37. context 'given no agreement' do
  38. it 'returns http unprocessable entity' do
  39. expect(response).to have_http_status(422)
  40. end
  41. end
  42. end
  43. describe 'GET #show' do
  44. let(:scopes) { 'read:accounts' }
  45. before do
  46. get :show, params: { id: user.account.id }
  47. end
  48. it 'returns http success' do
  49. expect(response).to have_http_status(200)
  50. end
  51. it_behaves_like 'forbidden for wrong scope', 'write:statuses'
  52. end
  53. describe 'POST #follow' do
  54. let(:scopes) { 'write:follows' }
  55. let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob', locked: locked)).account }
  56. before do
  57. post :follow, params: { id: other_account.id }
  58. end
  59. context 'with unlocked account' do
  60. let(:locked) { false }
  61. it 'returns http success' do
  62. expect(response).to have_http_status(200)
  63. end
  64. it 'returns JSON with following=true and requested=false' do
  65. json = body_as_json
  66. expect(json[:following]).to be true
  67. expect(json[:requested]).to be false
  68. end
  69. it 'creates a following relation between user and target user' do
  70. expect(user.account.following?(other_account)).to be true
  71. end
  72. it_behaves_like 'forbidden for wrong scope', 'read:accounts'
  73. end
  74. context 'with locked account' do
  75. let(:locked) { true }
  76. it 'returns http success' do
  77. expect(response).to have_http_status(200)
  78. end
  79. it 'returns JSON with following=false and requested=true' do
  80. json = body_as_json
  81. expect(json[:following]).to be false
  82. expect(json[:requested]).to be true
  83. end
  84. it 'creates a follow request relation between user and target user' do
  85. expect(user.account.requested?(other_account)).to be true
  86. end
  87. it_behaves_like 'forbidden for wrong scope', 'read:accounts'
  88. end
  89. end
  90. describe 'POST #unfollow' do
  91. let(:scopes) { 'write:follows' }
  92. let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob')).account }
  93. before do
  94. user.account.follow!(other_account)
  95. post :unfollow, params: { id: other_account.id }
  96. end
  97. it 'returns http success' do
  98. expect(response).to have_http_status(200)
  99. end
  100. it 'removes the following relation between user and target user' do
  101. expect(user.account.following?(other_account)).to be false
  102. end
  103. it_behaves_like 'forbidden for wrong scope', 'read:accounts'
  104. end
  105. describe 'POST #block' do
  106. let(:scopes) { 'write:blocks' }
  107. let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob')).account }
  108. before do
  109. user.account.follow!(other_account)
  110. post :block, params: { id: other_account.id }
  111. end
  112. it 'returns http success' do
  113. expect(response).to have_http_status(200)
  114. end
  115. it 'removes the following relation between user and target user' do
  116. expect(user.account.following?(other_account)).to be false
  117. end
  118. it 'creates a blocking relation' do
  119. expect(user.account.blocking?(other_account)).to be true
  120. end
  121. it_behaves_like 'forbidden for wrong scope', 'read:accounts'
  122. end
  123. describe 'POST #unblock' do
  124. let(:scopes) { 'write:blocks' }
  125. let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob')).account }
  126. before do
  127. user.account.block!(other_account)
  128. post :unblock, params: { id: other_account.id }
  129. end
  130. it 'returns http success' do
  131. expect(response).to have_http_status(200)
  132. end
  133. it 'removes the blocking relation between user and target user' do
  134. expect(user.account.blocking?(other_account)).to be false
  135. end
  136. it_behaves_like 'forbidden for wrong scope', 'read:accounts'
  137. end
  138. describe 'POST #mute' do
  139. let(:scopes) { 'write:mutes' }
  140. let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob')).account }
  141. before do
  142. user.account.follow!(other_account)
  143. post :mute, params: { id: other_account.id }
  144. end
  145. it 'returns http success' do
  146. expect(response).to have_http_status(200)
  147. end
  148. it 'does not remove the following relation between user and target user' do
  149. expect(user.account.following?(other_account)).to be true
  150. end
  151. it 'creates a muting relation' do
  152. expect(user.account.muting?(other_account)).to be true
  153. end
  154. it 'mutes notifications' do
  155. expect(user.account.muting_notifications?(other_account)).to be true
  156. end
  157. it_behaves_like 'forbidden for wrong scope', 'read:accounts'
  158. end
  159. describe 'POST #mute with notifications set to false' do
  160. let(:scopes) { 'write:mutes' }
  161. let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob')).account }
  162. before do
  163. user.account.follow!(other_account)
  164. post :mute, params: { id: other_account.id, notifications: false }
  165. end
  166. it 'returns http success' do
  167. expect(response).to have_http_status(200)
  168. end
  169. it 'does not remove the following relation between user and target user' do
  170. expect(user.account.following?(other_account)).to be true
  171. end
  172. it 'creates a muting relation' do
  173. expect(user.account.muting?(other_account)).to be true
  174. end
  175. it 'does not mute notifications' do
  176. expect(user.account.muting_notifications?(other_account)).to be false
  177. end
  178. it_behaves_like 'forbidden for wrong scope', 'read:accounts'
  179. end
  180. describe 'POST #unmute' do
  181. let(:scopes) { 'write:mutes' }
  182. let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob')).account }
  183. before do
  184. user.account.mute!(other_account)
  185. post :unmute, params: { id: other_account.id }
  186. end
  187. it 'returns http success' do
  188. expect(response).to have_http_status(200)
  189. end
  190. it 'removes the muting relation between user and target user' do
  191. expect(user.account.muting?(other_account)).to be false
  192. end
  193. it_behaves_like 'forbidden for wrong scope', 'read:accounts'
  194. end
  195. end