cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openstreetmap-website/test/integration/user_blocks_test.rb
Anton Khorev cff4c63713 Add deactivates_at date to user blocks 
Block deactivation dates that take needs_view-block views into account were derived using updated_at. This was possible because inactive blocks couldn't be edited and their updated_at date wouldn't change. With editing of inactive blocks enabled deactivation date needs to be saved explicitly.
2024-08-19 14:33:20 +03:00

58 lines
2 KiB
Ruby
Raw Blame History

require "test_helper"
class UserBlocksTest < ActionDispatch::IntegrationTest
def test_api_blocked
blocked_user = create(:user)
get "/api/#{Settings.api_version}/user/details"
assert_response :unauthorized
get "/api/#{Settings.api_version}/user/details", :headers => basic_authorization_header(blocked_user.display_name, "test")
assert_response :success
# now block the user
UserBlock.create(
:user_id => blocked_user.id,
:creator_id => create(:moderator_user).id,
:reason => "testing",
:ends_at => Time.now.utc + 5.minutes,
:deactivates_at => Time.now.utc + 5.minutes
)
get "/api/#{Settings.api_version}/user/details", :headers => basic_authorization_header(blocked_user.display_name, "test")
assert_response :forbidden
end
def test_api_revoke
blocked_user = create(:user)
moderator = create(:moderator_user)
block = UserBlock.create(
:user_id => blocked_user.id,
:creator_id => moderator.id,
:reason => "testing",
:ends_at => Time.now.utc + 5.minutes,
:deactivates_at => Time.now.utc + 5.minutes
)
get "/api/#{Settings.api_version}/user/details", :headers => basic_authorization_header(blocked_user.display_name, "test")
assert_response :forbidden
# revoke the ban
get "/login"
assert_response :success
post "/login", :params => { "username" => moderator.email, "password" => "test", :referer => "/blocks/#{block.id}/revoke" }
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "user_blocks/revoke"
post "/blocks/#{block.id}/revoke", :params => { "confirm" => "yes" }
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "user_blocks/show"
reset!
# access the API again. this time it should work
get "/api/#{Settings.api_version}/user/details", :headers => basic_authorization_header(blocked_user.display_name, "test")
assert_response :success
end
end
Reference in a new issue View git blame Copy permalink