.circleci
.github
app
bin
chart
config
db
dist
lib
log
nanobox
public
spec
controllers
activitypub
admin
api
v1
accounts
admin
account_actions_controller_spec.rb
accounts_controller_spec.rb
reports_controller_spec.rb
announcements
apps
instances
lists
polls
push
statuses
timelines
accounts_controller_spec.rb
announcements_controller_spec.rb
apps_controller_spec.rb
blocks_controller_spec.rb
bookmarks_controller_spec.rb
conversations_controller_spec.rb
custom_emojis_controller_spec.rb
domain_blocks_controller_spec.rb
endorsements_controller_spec.rb
favourites_controller_spec.rb
filters_controller_spec.rb
follow_requests_controller_spec.rb
instances_controller_spec.rb
lists_controller_spec.rb
markers_controller_spec.rb
media_controller_spec.rb
mutes_controller_spec.rb
notifications_controller_spec.rb
polls_controller_spec.rb
reports_controller_spec.rb
statuses_controller_spec.rb
streaming_controller_spec.rb
suggestions_controller_spec.rb
trends_controller_spec.rb
v2
web
base_controller_spec.rb
oembed_controller_spec.rb
proofs_controller_spec.rb
auth
concerns
oauth
settings
well_known
about_controller_spec.rb
account_follow_controller_spec.rb
account_unfollow_controller_spec.rb
accounts_controller_spec.rb
application_controller_spec.rb
authorize_interactions_controller_spec.rb
emojis_controller_spec.rb
follower_accounts_controller_spec.rb
following_accounts_controller_spec.rb
home_controller_spec.rb
intents_controller_spec.rb
invites_controller_spec.rb
manifests_controller_spec.rb
media_controller_spec.rb
media_proxy_controller_spec.rb
relationships_controller_spec.rb
remote_follow_controller_spec.rb
remote_interaction_controller_spec.rb
shares_controller_spec.rb
statuses_controller_spec.rb
tags_controller_spec.rb
fabricators
features
fixtures
helpers
lib
mailers
models
policies
presenters
requests
routing
serializers
services
support
validators
views
workers
rails_helper.rb
spec_helper.rb
streaming
vendor
.buildpacks
.codeclimate.yml
.deepsource.toml
.dockerignore
.editorconfig
.env.nanobox
.env.production.sample
.env.test
.env.vagrant
.eslintignore
.eslintrc.js
.foreman
.gitattributes
.gitignore
.haml-lint.yml
.nanoignore
.nvmrc
.profile
.rspec
.rubocop.yml
.ruby-version
.sass-lint.yml
.slugignore
.yarnclean
AUTHORS.md
Aptfile
CHANGELOG.md
CODE_OF_CONDUCT.md
CONTRIBUTING.md
Capfile
Dockerfile
Gemfile
Gemfile.lock
LICENSE
Procfile
Procfile.dev
README.md
Rakefile
SECURITY.md
Vagrantfile
app.json
babel.config.js
boxfile.yml
config.ru
crowdin.yml
docker-compose.yml
ide-helper.js
package.json
postcss.config.js
priv-config
scalingo.json
yarn.lock
166 lines
4.1 KiB
Ruby
166 lines
4.1 KiB
Ruby
require 'rails_helper'
|
|
|
|
RSpec.describe Api::V1::Admin::AccountsController, type: :controller do
|
|
render_views
|
|
|
|
let(:role) { 'moderator' }
|
|
let(:user) { Fabricate(:user, role: role, account: Fabricate(:account, username: 'alice')) }
|
|
let(:scopes) { 'admin:read admin:write' }
|
|
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
|
|
let(:account) { Fabricate(:user).account }
|
|
|
|
before do
|
|
allow(controller).to receive(:doorkeeper_token) { token }
|
|
end
|
|
|
|
shared_examples 'forbidden for wrong scope' do |wrong_scope|
|
|
let(:scopes) { wrong_scope }
|
|
|
|
it 'returns http forbidden' do
|
|
expect(response).to have_http_status(403)
|
|
end
|
|
end
|
|
|
|
shared_examples 'forbidden for wrong role' do |wrong_role|
|
|
let(:role) { wrong_role }
|
|
|
|
it 'returns http forbidden' do
|
|
expect(response).to have_http_status(403)
|
|
end
|
|
end
|
|
|
|
describe 'GET #index' do
|
|
before do
|
|
get :index
|
|
end
|
|
|
|
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
|
it_behaves_like 'forbidden for wrong role', 'user'
|
|
|
|
it 'returns http success' do
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
end
|
|
|
|
describe 'GET #show' do
|
|
before do
|
|
get :show, params: { id: account.id }
|
|
end
|
|
|
|
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
|
it_behaves_like 'forbidden for wrong role', 'user'
|
|
|
|
it 'returns http success' do
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
end
|
|
|
|
describe 'POST #approve' do
|
|
before do
|
|
account.user.update(approved: false)
|
|
post :approve, params: { id: account.id }
|
|
end
|
|
|
|
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
|
it_behaves_like 'forbidden for wrong role', 'user'
|
|
|
|
it 'returns http success' do
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
|
|
it 'approves user' do
|
|
expect(account.reload.user_approved?).to be true
|
|
end
|
|
end
|
|
|
|
describe 'POST #reject' do
|
|
before do
|
|
account.user.update(approved: false)
|
|
post :reject, params: { id: account.id }
|
|
end
|
|
|
|
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
|
it_behaves_like 'forbidden for wrong role', 'user'
|
|
|
|
it 'returns http success' do
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
|
|
it 'removes user' do
|
|
expect(User.where(id: account.user.id).count).to eq 0
|
|
end
|
|
end
|
|
|
|
describe 'POST #enable' do
|
|
before do
|
|
account.user.update(disabled: true)
|
|
post :enable, params: { id: account.id }
|
|
end
|
|
|
|
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
|
it_behaves_like 'forbidden for wrong role', 'user'
|
|
|
|
it 'returns http success' do
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
|
|
it 'enables user' do
|
|
expect(account.reload.user_disabled?).to be false
|
|
end
|
|
end
|
|
|
|
describe 'POST #unsuspend' do
|
|
before do
|
|
account.suspend!
|
|
post :unsuspend, params: { id: account.id }
|
|
end
|
|
|
|
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
|
it_behaves_like 'forbidden for wrong role', 'user'
|
|
|
|
it 'returns http success' do
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
|
|
it 'unsuspends account' do
|
|
expect(account.reload.suspended?).to be false
|
|
end
|
|
end
|
|
|
|
describe 'POST #unsensitive' do
|
|
before do
|
|
account.touch(:sensitized_at)
|
|
post :unsensitive, params: { id: account.id }
|
|
end
|
|
|
|
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
|
it_behaves_like 'forbidden for wrong role', 'user'
|
|
|
|
it 'returns http success' do
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
|
|
it 'unsensitives account' do
|
|
expect(account.reload.sensitized?).to be false
|
|
end
|
|
end
|
|
|
|
describe 'POST #unsilence' do
|
|
before do
|
|
account.touch(:silenced_at)
|
|
post :unsilence, params: { id: account.id }
|
|
end
|
|
|
|
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
|
|
it_behaves_like 'forbidden for wrong role', 'user'
|
|
|
|
it 'returns http success' do
|
|
expect(response).to have_http_status(200)
|
|
end
|
|
|
|
it 'unsilences account' do
|
|
expect(account.reload.silenced?).to be false
|
|
end
|
|
end
|
|
end
|