2023-02-22 00:55:31 +00:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-11-30 14:32:26 +00:00
|
|
|
require 'rails_helper'
|
|
|
|
|
2023-05-04 04:49:53 +01:00
|
|
|
RSpec.describe Admin::AccountsController do
|
2017-04-28 14:12:37 +01:00
|
|
|
render_views
|
|
|
|
|
2018-06-12 13:24:46 +01:00
|
|
|
before { sign_in current_user, scope: :user }
|
2016-11-30 14:32:26 +00:00
|
|
|
|
|
|
|
describe 'GET #index' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:current_user) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')) }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
2017-06-29 00:43:10 +01:00
|
|
|
around do |example|
|
|
|
|
default_per_page = Account.default_per_page
|
|
|
|
Account.paginates_per 1
|
|
|
|
example.run
|
|
|
|
Account.paginates_per default_per_page
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'filters with parameters' do
|
|
|
|
new = AccountFilter.method(:new)
|
|
|
|
|
|
|
|
expect(AccountFilter).to receive(:new) do |params|
|
|
|
|
h = params.to_h
|
|
|
|
|
2021-12-05 20:48:39 +00:00
|
|
|
expect(h[:origin]).to eq 'local'
|
2017-06-29 00:43:10 +01:00
|
|
|
expect(h[:by_domain]).to eq 'domain'
|
2021-12-05 20:48:39 +00:00
|
|
|
expect(h[:status]).to eq 'active'
|
2017-06-29 00:43:10 +01:00
|
|
|
expect(h[:username]).to eq 'username'
|
|
|
|
expect(h[:display_name]).to eq 'display name'
|
|
|
|
expect(h[:email]).to eq 'local-part@domain'
|
|
|
|
expect(h[:ip]).to eq '0.0.0.42'
|
|
|
|
|
|
|
|
new.call({})
|
|
|
|
end
|
|
|
|
|
|
|
|
get :index, params: {
|
2021-12-05 20:48:39 +00:00
|
|
|
origin: 'local',
|
2017-06-29 00:43:10 +01:00
|
|
|
by_domain: 'domain',
|
2021-12-05 20:48:39 +00:00
|
|
|
status: 'active',
|
2017-06-29 00:43:10 +01:00
|
|
|
username: 'username',
|
|
|
|
display_name: 'display name',
|
|
|
|
email: 'local-part@domain',
|
2023-02-18 14:33:41 +00:00
|
|
|
ip: '0.0.0.42',
|
2017-06-29 00:43:10 +01:00
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'paginates accounts' do
|
|
|
|
Fabricate(:account)
|
|
|
|
|
|
|
|
get :index, params: { page: 2 }
|
|
|
|
|
|
|
|
accounts = assigns(:accounts)
|
|
|
|
expect(accounts.count).to eq 1
|
|
|
|
expect(accounts.klass).to be Account
|
|
|
|
end
|
|
|
|
|
2016-11-30 14:32:26 +00:00
|
|
|
it 'returns http success' do
|
|
|
|
get :index
|
2018-04-21 20:35:07 +01:00
|
|
|
expect(response).to have_http_status(200)
|
2016-11-30 14:32:26 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'GET #show' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:current_user) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')) }
|
2022-01-27 23:46:42 +00:00
|
|
|
let(:account) { Fabricate(:account) }
|
2016-12-03 19:04:19 +00:00
|
|
|
|
2016-11-30 14:32:26 +00:00
|
|
|
it 'returns http success' do
|
2016-12-03 19:04:19 +00:00
|
|
|
get :show, params: { id: account.id }
|
2018-04-21 20:35:07 +01:00
|
|
|
expect(response).to have_http_status(200)
|
2016-11-30 14:32:26 +00:00
|
|
|
end
|
|
|
|
end
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
describe 'POST #memorialize' do
|
|
|
|
subject { post :memorialize, params: { id: account.id } }
|
|
|
|
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:current_user) { Fabricate(:user, role: current_role) }
|
2022-01-27 23:46:42 +00:00
|
|
|
let(:account) { user.account }
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:user) { Fabricate(:user, role: target_role) }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:current_role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
context 'when target user is admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
it 'fails to memorialize account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 01:33:27 +00:00
|
|
|
expect(account.reload).to_not be_memorial
|
2018-06-12 13:24:46 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when target user is not admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Moderator') }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
it 'succeeds in memorializing account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2018-06-12 13:24:46 +01:00
|
|
|
expect(account.reload).to be_memorial
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:current_role) { UserRole.find_by(name: 'Moderator') }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
context 'when target user is admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
it 'fails to memorialize account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 01:33:27 +00:00
|
|
|
expect(account.reload).to_not be_memorial
|
2018-06-12 13:24:46 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when target user is not admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Moderator') }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
it 'fails to memorialize account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 01:33:27 +00:00
|
|
|
expect(account.reload).to_not be_memorial
|
2018-06-12 13:24:46 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #enable' do
|
|
|
|
subject { post :enable, params: { id: account.id } }
|
|
|
|
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
2022-01-27 23:46:42 +00:00
|
|
|
let(:account) { user.account }
|
2018-06-12 13:24:46 +01:00
|
|
|
let(:user) { Fabricate(:user, disabled: true) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
it 'succeeds in enabling account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2023-02-20 01:33:27 +00:00
|
|
|
expect(user.reload).to_not be_disabled
|
2018-06-12 13:24:46 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:role) { UserRole.everyone }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
it 'fails to enable account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2018-06-12 13:24:46 +01:00
|
|
|
expect(user.reload).to be_disabled
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2022-12-06 23:25:18 +00:00
|
|
|
describe 'POST #approve' do
|
|
|
|
subject { post :approve, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { user.account }
|
|
|
|
let(:user) { Fabricate(:user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.user.update(approved: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'succeeds in approving account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to redirect_to admin_accounts_path(status: 'pending')
|
2022-12-06 23:25:18 +00:00
|
|
|
expect(user.reload).to be_approved
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'logs action' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 302
|
2022-12-06 23:25:18 +00:00
|
|
|
|
|
|
|
log_item = Admin::ActionLog.last
|
|
|
|
|
|
|
|
expect(log_item).to_not be_nil
|
|
|
|
expect(log_item.action).to eq :approve
|
|
|
|
expect(log_item.account_id).to eq current_user.account_id
|
|
|
|
expect(log_item.target_id).to eq account.user.id
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to approve account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 01:33:27 +00:00
|
|
|
expect(user.reload).to_not be_approved
|
2022-12-06 23:25:18 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #reject' do
|
|
|
|
subject { post :reject, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { user.account }
|
|
|
|
let(:user) { Fabricate(:user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.user.update(approved: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'succeeds in rejecting account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to redirect_to admin_accounts_path(status: 'pending')
|
2022-12-06 23:25:18 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'logs action' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 302
|
2022-12-06 23:25:18 +00:00
|
|
|
|
|
|
|
log_item = Admin::ActionLog.last
|
|
|
|
|
|
|
|
expect(log_item).to_not be_nil
|
|
|
|
expect(log_item.action).to eq :reject
|
|
|
|
expect(log_item.account_id).to eq current_user.account_id
|
|
|
|
expect(log_item.target_id).to eq account.user.id
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to reject account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 01:33:27 +00:00
|
|
|
expect(user.reload).to_not be_approved
|
2022-12-06 23:25:18 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-06-12 13:24:46 +01:00
|
|
|
describe 'POST #redownload' do
|
|
|
|
subject { post :redownload, params: { id: account.id } }
|
|
|
|
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account, domain: 'example.com') }
|
|
|
|
|
|
|
|
before do
|
|
|
|
allow_any_instance_of(ResolveAccountService).to receive(:call)
|
|
|
|
end
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
2022-07-05 01:41:40 +01:00
|
|
|
it 'succeeds in redownloading' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2018-06-12 13:24:46 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:role) { UserRole.everyone }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
it 'fails to redownload' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2018-06-12 13:24:46 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #remove_avatar' do
|
|
|
|
subject { post :remove_avatar, params: { id: account.id } }
|
|
|
|
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
2018-06-12 13:24:46 +01:00
|
|
|
let(:account) { Fabricate(:account) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
it 'succeeds in removing avatar' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2018-06-12 13:24:46 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:role) { UserRole.everyone }
|
2018-06-12 13:24:46 +01:00
|
|
|
|
|
|
|
it 'fails to remove avatar' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2018-06-12 13:24:46 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2021-12-17 22:02:14 +00:00
|
|
|
|
|
|
|
describe 'POST #unblock_email' do
|
2022-03-28 11:43:58 +01:00
|
|
|
subject { post :unblock_email, params: { id: account.id } }
|
2021-12-17 22:02:14 +00:00
|
|
|
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
2021-12-17 22:02:14 +00:00
|
|
|
let(:account) { Fabricate(:account, suspended: true) }
|
|
|
|
let!(:email_block) { Fabricate(:canonical_email_block, reference_account: account) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2021-12-17 22:02:14 +00:00
|
|
|
|
|
|
|
it 'succeeds in removing email blocks' do
|
2022-03-28 11:43:58 +01:00
|
|
|
expect { subject }.to change { CanonicalEmailBlock.where(reference_account: account).count }.from(1).to(0)
|
2021-12-17 22:02:14 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'redirects to admin account path' do
|
2022-03-28 11:43:58 +01:00
|
|
|
subject
|
2021-12-17 22:02:14 +00:00
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 01:41:40 +01:00
|
|
|
let(:role) { UserRole.everyone }
|
2021-12-17 22:02:14 +00:00
|
|
|
|
|
|
|
it 'fails to remove avatar' do
|
2022-03-28 11:43:58 +01:00
|
|
|
subject
|
2023-02-20 02:16:40 +00:00
|
|
|
expect(response).to have_http_status 403
|
2021-12-17 22:02:14 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2023-06-06 12:57:00 +01:00
|
|
|
|
|
|
|
describe 'POST #unsensitive' do
|
|
|
|
subject { post :unsensitive, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account, sensitized_at: 1.year.ago) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'marks accounts not sensitized' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(account.reload).to_not be_sensitized
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #unsilence' do
|
|
|
|
subject { post :unsilence, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account, silenced_at: 1.year.ago) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'marks accounts not silenced' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(account.reload).to_not be_silenced
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #unsuspend' do
|
|
|
|
subject { post :unsuspend, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.suspend!
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'marks accounts not suspended' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(account.reload).to_not be_suspended
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #destroy' do
|
|
|
|
subject { post :destroy, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.suspend!
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
before do
|
|
|
|
allow(Admin::AccountDeletionWorker).to receive(:perform_async).with(account.id)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'destroys the account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(Admin::AccountDeletionWorker).to have_received(:perform_async).with(account.id)
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2016-11-30 14:32:26 +00:00
|
|
|
end
|