cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add revoke all actions to received blocks resource

Browse source
This commit is contained in:
Anton Khorev 2024-12-24 07:50:29 +03:00
parent 2df389c97e
commit df1c59280f
10 changed files with 120 additions and 115 deletions
Download patch file Download diff file Expand all files Collapse all files

86
test/controllers/user_blocks_controller_test.rb
View file

@ -36,15 +36,6 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest
{ :path => "/user_blocks/1", :method => :delete },
{ :controller => "user_blocks", :action => "destroy", :id => "1" }
)
assert_routing(
{ :path => "/user/username/blocks/revoke_all", :method => :get },
{ :controller => "user_blocks", :action => "revoke_all", :display_name => "username" }
)
assert_routing(
{ :path => "/user/username/blocks/revoke_all", :method => :post },
{ :controller => "user_blocks", :action => "revoke_all", :display_name => "username" }
)
end
##
@ -598,83 +589,6 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest
assert_equal other_moderator_user, block.revoker
end
##
# test the revoke all page
def test_revoke_all_page
blocked_user = create(:user)
create(:user_block, :user => blocked_user)
# Asking for the revoke all blocks page with a bogus user name should fail
get user_received_blocks_path("non_existent_user")
assert_response :not_found
# Check that the revoke all blocks page requires us to login
get revoke_all_user_blocks_path(blocked_user)
assert_redirected_to login_path(:referer => revoke_all_user_blocks_path(blocked_user))
# Login as a normal user
session_for(create(:user))
# Check that normal users can't load the revoke all blocks page
get revoke_all_user_blocks_path(blocked_user)
assert_redirected_to :controller => "errors", :action => "forbidden"
# Login as a moderator
session_for(create(:moderator_user))
# Check that the revoke all blocks page loads for moderators
get revoke_all_user_blocks_path(blocked_user)
assert_response :success
assert_select "h1 a[href='#{user_path blocked_user}']", :text => blocked_user.display_name
end
##
# test the revoke all action
def test_revoke_all_action
blocked_user = create(:user)
active_block1 = create(:user_block, :user => blocked_user)
active_block2 = create(:user_block, :user => blocked_user)
expired_block1 = create(:user_block, :expired, :user => blocked_user)
blocks = [active_block1, active_block2, expired_block1]
moderator_user = create(:moderator_user)
assert_predicate active_block1, :active?
assert_predicate active_block2, :active?
assert_not_predicate expired_block1, :active?
# Login as a normal user
session_for(create(:user))
# Check that normal users can't load the block revoke page
get revoke_all_user_blocks_path(:blocked_user)
assert_redirected_to :controller => "errors", :action => "forbidden"
# Login as a moderator
session_for(moderator_user)
# Check that revoking blocks using GET should fail
get revoke_all_user_blocks_path(blocked_user, :confirm => true)
assert_response :success
assert_template "revoke_all"
blocks.each(&:reload)
assert_predicate active_block1, :active?
assert_predicate active_block2, :active?
assert_not_predicate expired_block1, :active?
# Check that revoking blocks works using POST
post revoke_all_user_blocks_path(blocked_user, :confirm => true)
assert_redirected_to user_received_blocks_path(blocked_user)
blocks.each(&:reload)
assert_not_predicate active_block1, :active?
assert_not_predicate active_block2, :active?
assert_not_predicate expired_block1, :active?
assert_equal moderator_user, active_block1.revoker
assert_equal moderator_user, active_block2.revoker
assert_not_equal moderator_user, expired_block1.revoker
end
##
# test changes to end/deactivation dates
def test_dates_when_viewed_before_end

84
test/controllers/users/received_blocks_controller_test.rb
View file

@ -12,6 +12,14 @@ module Users
{ :path => "/user/username/blocks", :method => :get },
{ :controller => "users/received_blocks", :action => "show", :user_display_name => "username" }
)
assert_routing(
{ :path => "/user/username/blocks/edit", :method => :get },
{ :controller => "users/received_blocks", :action => "edit", :user_display_name => "username" }
)
assert_routing(
{ :path => "/user/username/blocks", :method => :delete },
{ :controller => "users/received_blocks", :action => "destroy", :user_display_name => "username" }
)
end
def test_show
@ -91,5 +99,81 @@ module Users
assert_redirected_to :controller => "/errors", :action => :bad_request
end
end
##
# test the revoke all blocks page
def test_edit
blocked_user = create(:user)
create(:user_block, :user => blocked_user)
# Asking for the revoke all blocks page with a bogus user name should fail
get user_received_blocks_path("non_existent_user")
assert_response :not_found
# Check that the revoke all blocks page requires us to login
get edit_user_received_blocks_path(blocked_user)
assert_redirected_to login_path(:referer => edit_user_received_blocks_path(blocked_user))
# Login as a normal user
session_for(create(:user))
# Check that normal users can't load the revoke all blocks page
get edit_user_received_blocks_path(blocked_user)
assert_redirected_to :controller => "/errors", :action => "forbidden"
# Login as a moderator
session_for(create(:moderator_user))
# Check that the revoke all blocks page loads for moderators
get edit_user_received_blocks_path(blocked_user)
assert_response :success
assert_select "h1 a[href='#{user_path blocked_user}']", :text => blocked_user.display_name
end
##
# test the revoke all action
def test_destroy
blocked_user = create(:user)
active_block1 = create(:user_block, :user => blocked_user)
active_block2 = create(:user_block, :user => blocked_user)
expired_block1 = create(:user_block, :expired, :user => blocked_user)
blocks = [active_block1, active_block2, expired_block1]
moderator_user = create(:moderator_user)
assert_predicate active_block1, :active?
assert_predicate active_block2, :active?
assert_not_predicate expired_block1, :active?
# Check that normal users can't revoke all blocks
session_for(create(:user))
delete user_received_blocks_path(blocked_user, :confirm => true)
assert_redirected_to :controller => "/errors", :action => "forbidden"
blocks.each(&:reload)
assert_predicate active_block1, :active?
assert_predicate active_block2, :active?
assert_not_predicate expired_block1, :active?
# Check that confirmation is required
session_for(moderator_user)
delete user_received_blocks_path(blocked_user)
blocks.each(&:reload)
assert_predicate active_block1, :active?
assert_predicate active_block2, :active?
assert_not_predicate expired_block1, :active?
# Check that moderators can revoke all blocks
delete user_received_blocks_path(blocked_user, :confirm => true)
assert_redirected_to user_received_blocks_path(blocked_user)
blocks.each(&:reload)
assert_not_predicate active_block1, :active?
assert_not_predicate active_block2, :active?
assert_not_predicate expired_block1, :active?
assert_equal moderator_user, active_block1.revoker
assert_equal moderator_user, active_block2.revoker
assert_not_equal moderator_user, expired_block1.revoker
end
end
end

2
test/system/user_blocks_test.rb
View file

@ -31,7 +31,7 @@ class UserBlocksSystemTest < ApplicationSystemTestCase
blocked_user = create(:user)
sign_in_as(create(:moderator_user))
visit revoke_all_user_blocks_path(blocked_user)
visit edit_user_received_blocks_path(blocked_user)
assert_title "Revoking all blocks on #{blocked_user.display_name}"
assert_text "Revoking all blocks on #{blocked_user.display_name}"
assert_no_button "Revoke!"