autonomic-cooperative/hometown
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
.circleci
.github
app
bin
config
db
dist
lib
log
nanobox
public
spec
controllers
activitypub
admin
api
v1
accounts
apps
lists
push
statuses
timelines
accounts_controller_spec.rb
apps_controller_spec.rb
blocks_controller_spec.rb
conversations_controller_spec.rb
custom_emojis_controller_spec.rb
domain_blocks_controller_spec.rb
favourites_controller_spec.rb
filter_controller_spec.rb
follow_requests_controller_spec.rb
follows_controller_spec.rb
instances_controller_spec.rb
lists_controller_spec.rb
media_controller_spec.rb
mutes_controller_spec.rb
notifications_controller_spec.rb
reports_controller_spec.rb
search_controller_spec.rb
statuses_controller_spec.rb
streaming_controller_spec.rb
suggestions_controller_spec.rb
v2
web
base_controller_spec.rb
oembed_controller_spec.rb
push_controller_spec.rb
salmon_controller_spec.rb
subscriptions_controller_spec.rb
auth
concerns
oauth
settings
well_known
about_controller_spec.rb
account_follow_controller_spec.rb
account_unfollow_controller_spec.rb
accounts_controller_spec.rb
application_controller_spec.rb
authorize_interactions_controller_spec.rb
emojis_controller_spec.rb
follower_accounts_controller_spec.rb
following_accounts_controller_spec.rb
home_controller_spec.rb
intents_controller_spec.rb
invites_controller_spec.rb
manifests_controller_spec.rb
media_controller_spec.rb
remote_follow_controller_spec.rb
remote_unfollows_controller_spec.rb
shares_controller_spec.rb
statuses_controller_spec.rb
stream_entries_controller_spec.rb
tags_controller_spec.rb
fabricators
features
fixtures
helpers
lib
mailers
models
policies
presenters
requests
routing
services
support
validators
views
workers
rails_helper.rb
spec_helper.rb
streaming
vendor
.buildpacks
.codeclimate.yml
.dockerignore
.editorconfig
.env.nanobox
.env.production.sample
.env.test
.env.vagrant
.eslintignore
.eslintrc.yml
.foreman
.gitattributes
.gitignore
.haml-lint.yml
.nanoignore
.nvmrc
.postcssrc.yml
.profile
.rspec
.rubocop.yml
.ruby-version
.scss-lint.yml
.slugignore
.yarnclean
AUTHORS.md
Aptfile
CHANGELOG.md
CODE_OF_CONDUCT.md
CONTRIBUTING.md
Capfile
Dockerfile
Gemfile
Gemfile.lock
LICENSE
Procfile
Procfile.dev
README.md
Rakefile
Vagrantfile
app.json
babel.config.js
boxfile.yml
config.ru
docker-compose.yml
jest.config.js
package.json
priv-config
scalingo.json
yarn.lock
9b5348240eb78814690691288c655ede7d7f9415
hometown/spec/controllers/api/v1/domain_blocks_controller_spec.rb
Eugen Rochko 1f6ed4f86a Add more granular OAuth scopes () 
* Add more granular OAuth scopes

* Add human-readable descriptions of the new scopes

* Ensure new scopes look good on the app UI

* Add tests

* Group scopes in screen and color-code dangerous ones

* Fix wrong extra scope
2018-07-05 18:31:35 +02:00

76 lines
1.8 KiB
Ruby
Raw Blame History

require 'rails_helper'
RSpec.describe Api::V1::DomainBlocksController, type: :controller do
render_views
let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
before do
user.account.block_domain!('example.com')
allow(controller).to receive(:doorkeeper_token) { token }
end
shared_examples 'forbidden for wrong scope' do |wrong_scope|
let(:scopes) { wrong_scope }
it 'returns http forbidden' do
expect(response).to have_http_status(403)
end
end
describe 'GET #show' do
let(:scopes) { 'read:blocks' }
before do
get :show, params: { limit: 1 }
end
it 'returns http success' do
expect(response).to have_http_status(200)
end
it 'returns blocked domains' do
expect(body_as_json.first).to eq 'example.com'
end
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
end
describe 'POST #create' do
let(:scopes) { 'write:blocks' }
before do
post :create, params: { domain: 'example.org' }
end
it 'returns http success' do
expect(response).to have_http_status(200)
end
it 'creates a domain block' do
expect(user.account.domain_blocking?('example.org')).to be true
end
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
end
describe 'DELETE #destroy' do
let(:scopes) { 'write:blocks' }
before do
delete :destroy, params: { domain: 'example.com' }
end
it 'returns http success' do
expect(response).to have_http_status(200)
end
it 'deletes a domain block' do
expect(user.account.domain_blocking?('example.com')).to be false
end
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
end
end
Reference in New Issue View Git Blame Copy Permalink