accounts_controller_spec.rb 8.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311
  1. require 'rails_helper'
  2. RSpec.describe Admin::AccountsController, type: :controller do
  3. render_views
  4. before { sign_in current_user, scope: :user }
  5. describe 'GET #index' do
  6. let(:current_user) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')) }
  7. around do |example|
  8. default_per_page = Account.default_per_page
  9. Account.paginates_per 1
  10. example.run
  11. Account.paginates_per default_per_page
  12. end
  13. it 'filters with parameters' do
  14. new = AccountFilter.method(:new)
  15. expect(AccountFilter).to receive(:new) do |params|
  16. h = params.to_h
  17. expect(h[:origin]).to eq 'local'
  18. expect(h[:by_domain]).to eq 'domain'
  19. expect(h[:status]).to eq 'active'
  20. expect(h[:username]).to eq 'username'
  21. expect(h[:display_name]).to eq 'display name'
  22. expect(h[:email]).to eq 'local-part@domain'
  23. expect(h[:ip]).to eq '0.0.0.42'
  24. new.call({})
  25. end
  26. get :index, params: {
  27. origin: 'local',
  28. by_domain: 'domain',
  29. status: 'active',
  30. username: 'username',
  31. display_name: 'display name',
  32. email: 'local-part@domain',
  33. ip: '0.0.0.42'
  34. }
  35. end
  36. it 'paginates accounts' do
  37. Fabricate(:account)
  38. get :index, params: { page: 2 }
  39. accounts = assigns(:accounts)
  40. expect(accounts.count).to eq 1
  41. expect(accounts.klass).to be Account
  42. end
  43. it 'returns http success' do
  44. get :index
  45. expect(response).to have_http_status(200)
  46. end
  47. end
  48. describe 'GET #show' do
  49. let(:current_user) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')) }
  50. let(:account) { Fabricate(:account) }
  51. it 'returns http success' do
  52. get :show, params: { id: account.id }
  53. expect(response).to have_http_status(200)
  54. end
  55. end
  56. describe 'POST #memorialize' do
  57. subject { post :memorialize, params: { id: account.id } }
  58. let(:current_user) { Fabricate(:user, role: current_role) }
  59. let(:account) { user.account }
  60. let(:user) { Fabricate(:user, role: target_role) }
  61. context 'when user is admin' do
  62. let(:current_role) { UserRole.find_by(name: 'Admin') }
  63. context 'when target user is admin' do
  64. let(:target_role) { UserRole.find_by(name: 'Admin') }
  65. it 'fails to memorialize account' do
  66. is_expected.to have_http_status :forbidden
  67. expect(account.reload).not_to be_memorial
  68. end
  69. end
  70. context 'when target user is not admin' do
  71. let(:target_role) { UserRole.find_by(name: 'Moderator') }
  72. it 'succeeds in memorializing account' do
  73. is_expected.to redirect_to admin_account_path(account.id)
  74. expect(account.reload).to be_memorial
  75. end
  76. end
  77. end
  78. context 'when user is not admin' do
  79. let(:current_role) { UserRole.find_by(name: 'Moderator') }
  80. context 'when target user is admin' do
  81. let(:target_role) { UserRole.find_by(name: 'Admin') }
  82. it 'fails to memorialize account' do
  83. is_expected.to have_http_status :forbidden
  84. expect(account.reload).not_to be_memorial
  85. end
  86. end
  87. context 'when target user is not admin' do
  88. let(:target_role) { UserRole.find_by(name: 'Moderator') }
  89. it 'fails to memorialize account' do
  90. is_expected.to have_http_status :forbidden
  91. expect(account.reload).not_to be_memorial
  92. end
  93. end
  94. end
  95. end
  96. describe 'POST #enable' do
  97. subject { post :enable, params: { id: account.id } }
  98. let(:current_user) { Fabricate(:user, role: role) }
  99. let(:account) { user.account }
  100. let(:user) { Fabricate(:user, disabled: true) }
  101. context 'when user is admin' do
  102. let(:role) { UserRole.find_by(name: 'Admin') }
  103. it 'succeeds in enabling account' do
  104. is_expected.to redirect_to admin_account_path(account.id)
  105. expect(user.reload).not_to be_disabled
  106. end
  107. end
  108. context 'when user is not admin' do
  109. let(:role) { UserRole.everyone }
  110. it 'fails to enable account' do
  111. is_expected.to have_http_status :forbidden
  112. expect(user.reload).to be_disabled
  113. end
  114. end
  115. end
  116. describe 'POST #approve' do
  117. subject { post :approve, params: { id: account.id } }
  118. let(:current_user) { Fabricate(:user, role: role) }
  119. let(:account) { user.account }
  120. let(:user) { Fabricate(:user) }
  121. before do
  122. account.user.update(approved: false)
  123. end
  124. context 'when user is admin' do
  125. let(:role) { UserRole.find_by(name: 'Admin') }
  126. it 'succeeds in approving account' do
  127. is_expected.to redirect_to admin_accounts_path(status: 'pending')
  128. expect(user.reload).to be_approved
  129. end
  130. it 'logs action' do
  131. is_expected.to have_http_status :found
  132. log_item = Admin::ActionLog.last
  133. expect(log_item).to_not be_nil
  134. expect(log_item.action).to eq :approve
  135. expect(log_item.account_id).to eq current_user.account_id
  136. expect(log_item.target_id).to eq account.user.id
  137. end
  138. end
  139. context 'when user is not admin' do
  140. let(:role) { UserRole.everyone }
  141. it 'fails to approve account' do
  142. is_expected.to have_http_status :forbidden
  143. expect(user.reload).not_to be_approved
  144. end
  145. end
  146. end
  147. describe 'POST #reject' do
  148. subject { post :reject, params: { id: account.id } }
  149. let(:current_user) { Fabricate(:user, role: role) }
  150. let(:account) { user.account }
  151. let(:user) { Fabricate(:user) }
  152. before do
  153. account.user.update(approved: false)
  154. end
  155. context 'when user is admin' do
  156. let(:role) { UserRole.find_by(name: 'Admin') }
  157. it 'succeeds in rejecting account' do
  158. is_expected.to redirect_to admin_accounts_path(status: 'pending')
  159. end
  160. it 'logs action' do
  161. is_expected.to have_http_status :found
  162. log_item = Admin::ActionLog.last
  163. expect(log_item).to_not be_nil
  164. expect(log_item.action).to eq :reject
  165. expect(log_item.account_id).to eq current_user.account_id
  166. expect(log_item.target_id).to eq account.user.id
  167. end
  168. end
  169. context 'when user is not admin' do
  170. let(:role) { UserRole.everyone }
  171. it 'fails to reject account' do
  172. is_expected.to have_http_status :forbidden
  173. expect(user.reload).not_to be_approved
  174. end
  175. end
  176. end
  177. describe 'POST #redownload' do
  178. subject { post :redownload, params: { id: account.id } }
  179. let(:current_user) { Fabricate(:user, role: role) }
  180. let(:account) { Fabricate(:account, domain: 'example.com') }
  181. before do
  182. allow_any_instance_of(ResolveAccountService).to receive(:call)
  183. end
  184. context 'when user is admin' do
  185. let(:role) { UserRole.find_by(name: 'Admin') }
  186. it 'succeeds in redownloading' do
  187. is_expected.to redirect_to admin_account_path(account.id)
  188. end
  189. end
  190. context 'when user is not admin' do
  191. let(:role) { UserRole.everyone }
  192. it 'fails to redownload' do
  193. is_expected.to have_http_status :forbidden
  194. end
  195. end
  196. end
  197. describe 'POST #remove_avatar' do
  198. subject { post :remove_avatar, params: { id: account.id } }
  199. let(:current_user) { Fabricate(:user, role: role) }
  200. let(:account) { Fabricate(:account) }
  201. context 'when user is admin' do
  202. let(:role) { UserRole.find_by(name: 'Admin') }
  203. it 'succeeds in removing avatar' do
  204. is_expected.to redirect_to admin_account_path(account.id)
  205. end
  206. end
  207. context 'when user is not admin' do
  208. let(:role) { UserRole.everyone }
  209. it 'fails to remove avatar' do
  210. is_expected.to have_http_status :forbidden
  211. end
  212. end
  213. end
  214. describe 'POST #unblock_email' do
  215. subject { post :unblock_email, params: { id: account.id } }
  216. let(:current_user) { Fabricate(:user, role: role) }
  217. let(:account) { Fabricate(:account, suspended: true) }
  218. let!(:email_block) { Fabricate(:canonical_email_block, reference_account: account) }
  219. context 'when user is admin' do
  220. let(:role) { UserRole.find_by(name: 'Admin') }
  221. it 'succeeds in removing email blocks' do
  222. expect { subject }.to change { CanonicalEmailBlock.where(reference_account: account).count }.from(1).to(0)
  223. end
  224. it 'redirects to admin account path' do
  225. subject
  226. expect(response).to redirect_to admin_account_path(account.id)
  227. end
  228. end
  229. context 'when user is not admin' do
  230. let(:role) { UserRole.everyone }
  231. it 'fails to remove avatar' do
  232. subject
  233. expect(response).to have_http_status :forbidden
  234. end
  235. end
  236. end
  237. end