2023-02-22 01:55:31 +01:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-11-30 15:32:26 +01:00
|
|
|
require 'rails_helper'
|
|
|
|
|
2023-05-04 05:49:53 +02:00
|
|
|
RSpec.describe Admin::AccountsController do
|
2017-04-28 15:12:37 +02:00
|
|
|
render_views
|
|
|
|
|
2018-06-12 14:24:46 +02:00
|
|
|
before { sign_in current_user, scope: :user }
|
2016-11-30 15:32:26 +01:00
|
|
|
|
|
|
|
describe 'GET #index' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:current_user) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')) }
|
2024-02-07 11:59:32 +01:00
|
|
|
let(:params) do
|
|
|
|
{
|
2023-11-07 10:46:28 +01:00
|
|
|
origin: 'local',
|
|
|
|
by_domain: 'domain',
|
|
|
|
status: 'active',
|
|
|
|
username: 'username',
|
|
|
|
display_name: 'display name',
|
|
|
|
email: 'local-part@domain',
|
|
|
|
ip: '0.0.0.42',
|
|
|
|
}
|
2024-02-07 11:59:32 +01:00
|
|
|
end
|
2023-11-07 10:46:28 +01:00
|
|
|
|
2024-02-07 11:59:32 +01:00
|
|
|
around do |example|
|
|
|
|
default_per_page = Account.default_per_page
|
|
|
|
Account.paginates_per 1
|
|
|
|
example.run
|
|
|
|
Account.paginates_per default_per_page
|
2017-06-29 01:43:10 +02:00
|
|
|
end
|
|
|
|
|
2024-02-07 11:59:32 +01:00
|
|
|
before do
|
2017-06-29 01:43:10 +02:00
|
|
|
Fabricate(:account)
|
|
|
|
|
2024-02-07 11:59:32 +01:00
|
|
|
account_filter = instance_double(AccountFilter, results: Account.all)
|
|
|
|
allow(AccountFilter).to receive(:new).and_return(account_filter)
|
2017-06-29 01:43:10 +02:00
|
|
|
end
|
|
|
|
|
2024-02-07 11:59:32 +01:00
|
|
|
it 'returns success and paginates and filters with parameters' do
|
|
|
|
get :index, params: params.merge(page: 2)
|
|
|
|
|
|
|
|
expect(response)
|
|
|
|
.to have_http_status(200)
|
|
|
|
expect(assigns(:accounts))
|
|
|
|
.to have_attributes(
|
|
|
|
count: eq(1),
|
|
|
|
klass: be(Account)
|
|
|
|
)
|
|
|
|
expect(AccountFilter)
|
|
|
|
.to have_received(:new)
|
|
|
|
.with(hash_including(params))
|
2016-11-30 15:32:26 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'GET #show' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:current_user) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')) }
|
2016-12-03 20:04:19 +01:00
|
|
|
|
2024-05-21 15:17:34 +02:00
|
|
|
context 'with a remote account' do
|
|
|
|
let(:account) { Fabricate(:account, domain: 'example.com') }
|
|
|
|
|
|
|
|
it 'returns http success' do
|
|
|
|
get :show, params: { id: account.id }
|
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with a local account' do
|
|
|
|
let(:account) { Fabricate(:account, domain: nil) }
|
|
|
|
|
|
|
|
it 'returns http success' do
|
|
|
|
get :show, params: { id: account.id }
|
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with a local deleted account' do
|
|
|
|
let(:account) { Fabricate(:account, domain: nil, user: nil) }
|
|
|
|
|
|
|
|
it 'returns http success' do
|
|
|
|
get :show, params: { id: account.id }
|
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
end
|
2016-11-30 15:32:26 +01:00
|
|
|
end
|
|
|
|
end
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
describe 'POST #memorialize' do
|
|
|
|
subject { post :memorialize, params: { id: account.id } }
|
|
|
|
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:current_user) { Fabricate(:user, role: current_role) }
|
2022-01-28 00:46:42 +01:00
|
|
|
let(:account) { user.account }
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:user) { Fabricate(:user, role: target_role) }
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:current_role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
context 'when target user is admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
it 'fails to memorialize account' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 02:33:27 +01:00
|
|
|
expect(account.reload).to_not be_memorial
|
2018-06-12 14:24:46 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when target user is not admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Moderator') }
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
it 'succeeds in memorializing account' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2018-06-12 14:24:46 +02:00
|
|
|
expect(account.reload).to be_memorial
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:current_role) { UserRole.find_by(name: 'Moderator') }
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
context 'when target user is admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
it 'fails to memorialize account' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 02:33:27 +01:00
|
|
|
expect(account.reload).to_not be_memorial
|
2018-06-12 14:24:46 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when target user is not admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Moderator') }
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
it 'fails to memorialize account' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 02:33:27 +01:00
|
|
|
expect(account.reload).to_not be_memorial
|
2018-06-12 14:24:46 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #enable' do
|
|
|
|
subject { post :enable, params: { id: account.id } }
|
|
|
|
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
2022-01-28 00:46:42 +01:00
|
|
|
let(:account) { user.account }
|
2018-06-12 14:24:46 +02:00
|
|
|
let(:user) { Fabricate(:user, disabled: true) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
it 'succeeds in enabling account' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2023-02-20 02:33:27 +01:00
|
|
|
expect(user.reload).to_not be_disabled
|
2018-06-12 14:24:46 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:role) { UserRole.everyone }
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
it 'fails to enable account' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to have_http_status 403
|
2018-06-12 14:24:46 +02:00
|
|
|
expect(user.reload).to be_disabled
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2022-12-07 00:25:18 +01:00
|
|
|
describe 'POST #approve' do
|
|
|
|
subject { post :approve, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { user.account }
|
|
|
|
let(:user) { Fabricate(:user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.user.update(approved: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
2024-01-26 17:21:31 +01:00
|
|
|
it 'succeeds in approving account and logs action' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to redirect_to admin_accounts_path(status: 'pending')
|
2022-12-07 00:25:18 +01:00
|
|
|
expect(user.reload).to be_approved
|
|
|
|
|
2023-12-04 13:56:28 +01:00
|
|
|
expect(latest_admin_action_log)
|
|
|
|
.to be_present
|
|
|
|
.and have_attributes(
|
|
|
|
action: eq(:approve),
|
|
|
|
account_id: eq(current_user.account_id),
|
|
|
|
target_id: eq(account.user.id)
|
|
|
|
)
|
2022-12-07 00:25:18 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to approve account' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 02:33:27 +01:00
|
|
|
expect(user.reload).to_not be_approved
|
2022-12-07 00:25:18 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #reject' do
|
|
|
|
subject { post :reject, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { user.account }
|
|
|
|
let(:user) { Fabricate(:user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.user.update(approved: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
2024-01-26 17:21:31 +01:00
|
|
|
it 'succeeds in rejecting account and logs action' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to redirect_to admin_accounts_path(status: 'pending')
|
2022-12-07 00:25:18 +01:00
|
|
|
|
2023-12-04 13:56:28 +01:00
|
|
|
expect(latest_admin_action_log)
|
|
|
|
.to be_present
|
|
|
|
.and have_attributes(
|
|
|
|
action: eq(:reject),
|
|
|
|
account_id: eq(current_user.account_id),
|
|
|
|
target_id: eq(account.user.id)
|
|
|
|
)
|
2022-12-07 00:25:18 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to reject account' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 02:33:27 +01:00
|
|
|
expect(user.reload).to_not be_approved
|
2022-12-07 00:25:18 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-06-12 14:24:46 +02:00
|
|
|
describe 'POST #redownload' do
|
|
|
|
subject { post :redownload, params: { id: account.id } }
|
|
|
|
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account, domain: 'example.com') }
|
|
|
|
|
|
|
|
before do
|
2023-11-14 15:52:59 +01:00
|
|
|
service = instance_double(ResolveAccountService, call: nil)
|
|
|
|
allow(ResolveAccountService).to receive(:new).and_return(service)
|
2022-07-05 02:41:40 +02:00
|
|
|
end
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 14:24:46 +02:00
|
|
|
|
2022-07-05 02:41:40 +02:00
|
|
|
it 'succeeds in redownloading' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2018-06-12 14:24:46 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:role) { UserRole.everyone }
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
it 'fails to redownload' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to have_http_status 403
|
2018-06-12 14:24:46 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #remove_avatar' do
|
|
|
|
subject { post :remove_avatar, params: { id: account.id } }
|
|
|
|
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
2018-06-12 14:24:46 +02:00
|
|
|
let(:account) { Fabricate(:account) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
it 'succeeds in removing avatar' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2018-06-12 14:24:46 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:role) { UserRole.everyone }
|
2018-06-12 14:24:46 +02:00
|
|
|
|
|
|
|
it 'fails to remove avatar' do
|
2023-02-20 05:00:48 +01:00
|
|
|
expect(subject).to have_http_status 403
|
2018-06-12 14:24:46 +02:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2021-12-17 23:02:14 +01:00
|
|
|
|
|
|
|
describe 'POST #unblock_email' do
|
2022-03-28 12:43:58 +02:00
|
|
|
subject { post :unblock_email, params: { id: account.id } }
|
2021-12-17 23:02:14 +01:00
|
|
|
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
2021-12-17 23:02:14 +01:00
|
|
|
let(:account) { Fabricate(:account, suspended: true) }
|
2023-10-31 09:22:19 +01:00
|
|
|
|
|
|
|
before do
|
|
|
|
_email_block = Fabricate(:canonical_email_block, reference_account: account)
|
|
|
|
end
|
2021-12-17 23:02:14 +01:00
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2021-12-17 23:02:14 +01:00
|
|
|
|
2024-01-26 17:21:31 +01:00
|
|
|
it 'succeeds in removing email blocks and redirects to admin account path' do
|
2022-03-28 12:43:58 +02:00
|
|
|
expect { subject }.to change { CanonicalEmailBlock.where(reference_account: account).count }.from(1).to(0)
|
2021-12-17 23:02:14 +01:00
|
|
|
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 02:41:40 +02:00
|
|
|
let(:role) { UserRole.everyone }
|
2021-12-17 23:02:14 +01:00
|
|
|
|
|
|
|
it 'fails to remove avatar' do
|
2022-03-28 12:43:58 +02:00
|
|
|
subject
|
2023-02-20 03:16:40 +01:00
|
|
|
expect(response).to have_http_status 403
|
2021-12-17 23:02:14 +01:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2023-06-06 13:57:00 +02:00
|
|
|
|
|
|
|
describe 'POST #unsensitive' do
|
|
|
|
subject { post :unsensitive, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account, sensitized_at: 1.year.ago) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'marks accounts not sensitized' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(account.reload).to_not be_sensitized
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #unsilence' do
|
|
|
|
subject { post :unsilence, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account, silenced_at: 1.year.ago) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'marks accounts not silenced' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(account.reload).to_not be_silenced
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #unsuspend' do
|
|
|
|
subject { post :unsuspend, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.suspend!
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'marks accounts not suspended' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(account.reload).to_not be_suspended
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #destroy' do
|
|
|
|
subject { post :destroy, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.suspend!
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
before do
|
|
|
|
allow(Admin::AccountDeletionWorker).to receive(:perform_async).with(account.id)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'destroys the account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(Admin::AccountDeletionWorker).to have_received(:perform_async).with(account.id)
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2023-12-04 13:56:28 +01:00
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def latest_admin_action_log
|
|
|
|
Admin::ActionLog.last
|
|
|
|
end
|
2016-11-30 15:32:26 +01:00
|
|
|
end
|