2023-02-21 16:55:31 -08:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-11-30 06:32:26 -08:00
|
|
|
require 'rails_helper'
|
|
|
|
|
2023-05-03 20:49:53 -07:00
|
|
|
RSpec.describe Admin::AccountsController do
|
2017-04-28 06:12:37 -07:00
|
|
|
render_views
|
|
|
|
|
2018-06-12 05:24:46 -07:00
|
|
|
before { sign_in current_user, scope: :user }
|
2016-11-30 06:32:26 -08:00
|
|
|
|
|
|
|
describe 'GET #index' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:current_user) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')) }
|
2024-02-07 02:59:32 -08:00
|
|
|
let(:params) do
|
|
|
|
{
|
2023-11-07 01:46:28 -08:00
|
|
|
origin: 'local',
|
|
|
|
by_domain: 'domain',
|
|
|
|
status: 'active',
|
|
|
|
username: 'username',
|
|
|
|
display_name: 'display name',
|
|
|
|
email: 'local-part@domain',
|
|
|
|
ip: '0.0.0.42',
|
|
|
|
}
|
2024-02-07 02:59:32 -08:00
|
|
|
end
|
2023-11-07 01:46:28 -08:00
|
|
|
|
2024-02-07 02:59:32 -08:00
|
|
|
around do |example|
|
|
|
|
default_per_page = Account.default_per_page
|
|
|
|
Account.paginates_per 1
|
|
|
|
example.run
|
|
|
|
Account.paginates_per default_per_page
|
2017-06-28 16:43:10 -07:00
|
|
|
end
|
|
|
|
|
2024-02-07 02:59:32 -08:00
|
|
|
before do
|
2017-06-28 16:43:10 -07:00
|
|
|
Fabricate(:account)
|
|
|
|
|
2024-02-07 02:59:32 -08:00
|
|
|
account_filter = instance_double(AccountFilter, results: Account.all)
|
|
|
|
allow(AccountFilter).to receive(:new).and_return(account_filter)
|
2017-06-28 16:43:10 -07:00
|
|
|
end
|
|
|
|
|
2024-02-07 02:59:32 -08:00
|
|
|
it 'returns success and paginates and filters with parameters' do
|
|
|
|
get :index, params: params.merge(page: 2)
|
|
|
|
|
|
|
|
expect(response)
|
|
|
|
.to have_http_status(200)
|
|
|
|
expect(assigns(:accounts))
|
|
|
|
.to have_attributes(
|
|
|
|
count: eq(1),
|
|
|
|
klass: be(Account)
|
|
|
|
)
|
|
|
|
expect(AccountFilter)
|
|
|
|
.to have_received(:new)
|
|
|
|
.with(hash_including(params))
|
2016-11-30 06:32:26 -08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'GET #show' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:current_user) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')) }
|
2016-12-03 11:04:19 -08:00
|
|
|
|
2024-05-21 06:17:34 -07:00
|
|
|
context 'with a remote account' do
|
|
|
|
let(:account) { Fabricate(:account, domain: 'example.com') }
|
|
|
|
|
|
|
|
it 'returns http success' do
|
|
|
|
get :show, params: { id: account.id }
|
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with a local account' do
|
|
|
|
let(:account) { Fabricate(:account, domain: nil) }
|
|
|
|
|
|
|
|
it 'returns http success' do
|
|
|
|
get :show, params: { id: account.id }
|
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with a local deleted account' do
|
|
|
|
let(:account) { Fabricate(:account, domain: nil, user: nil) }
|
|
|
|
|
|
|
|
it 'returns http success' do
|
|
|
|
get :show, params: { id: account.id }
|
|
|
|
expect(response).to have_http_status(200)
|
|
|
|
end
|
2016-11-30 06:32:26 -08:00
|
|
|
end
|
|
|
|
end
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
describe 'POST #memorialize' do
|
|
|
|
subject { post :memorialize, params: { id: account.id } }
|
|
|
|
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:current_user) { Fabricate(:user, role: current_role) }
|
2022-01-27 15:46:42 -08:00
|
|
|
let(:account) { user.account }
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:user) { Fabricate(:user, role: target_role) }
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:current_role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
context 'when target user is admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
it 'fails to memorialize account' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-19 17:33:27 -08:00
|
|
|
expect(account.reload).to_not be_memorial
|
2018-06-12 05:24:46 -07:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when target user is not admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Moderator') }
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
it 'succeeds in memorializing account' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2018-06-12 05:24:46 -07:00
|
|
|
expect(account.reload).to be_memorial
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:current_role) { UserRole.find_by(name: 'Moderator') }
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
context 'when target user is admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
it 'fails to memorialize account' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-19 17:33:27 -08:00
|
|
|
expect(account.reload).to_not be_memorial
|
2018-06-12 05:24:46 -07:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when target user is not admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Moderator') }
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
it 'fails to memorialize account' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-19 17:33:27 -08:00
|
|
|
expect(account.reload).to_not be_memorial
|
2018-06-12 05:24:46 -07:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #enable' do
|
|
|
|
subject { post :enable, params: { id: account.id } }
|
|
|
|
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
2022-01-27 15:46:42 -08:00
|
|
|
let(:account) { user.account }
|
2018-06-12 05:24:46 -07:00
|
|
|
let(:user) { Fabricate(:user, disabled: true) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
it 'succeeds in enabling account' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2023-02-19 17:33:27 -08:00
|
|
|
expect(user.reload).to_not be_disabled
|
2018-06-12 05:24:46 -07:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:role) { UserRole.everyone }
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
it 'fails to enable account' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to have_http_status 403
|
2018-06-12 05:24:46 -07:00
|
|
|
expect(user.reload).to be_disabled
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2022-12-06 15:25:18 -08:00
|
|
|
describe 'POST #approve' do
|
|
|
|
subject { post :approve, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { user.account }
|
|
|
|
let(:user) { Fabricate(:user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.user.update(approved: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
2024-01-26 08:21:31 -08:00
|
|
|
it 'succeeds in approving account and logs action' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to redirect_to admin_accounts_path(status: 'pending')
|
2022-12-06 15:25:18 -08:00
|
|
|
expect(user.reload).to be_approved
|
|
|
|
|
2023-12-04 04:56:28 -08:00
|
|
|
expect(latest_admin_action_log)
|
|
|
|
.to be_present
|
|
|
|
.and have_attributes(
|
|
|
|
action: eq(:approve),
|
|
|
|
account_id: eq(current_user.account_id),
|
|
|
|
target_id: eq(account.user.id)
|
|
|
|
)
|
2022-12-06 15:25:18 -08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to approve account' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-19 17:33:27 -08:00
|
|
|
expect(user.reload).to_not be_approved
|
2022-12-06 15:25:18 -08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #reject' do
|
|
|
|
subject { post :reject, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { user.account }
|
|
|
|
let(:user) { Fabricate(:user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.user.update(approved: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
2024-01-26 08:21:31 -08:00
|
|
|
it 'succeeds in rejecting account and logs action' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to redirect_to admin_accounts_path(status: 'pending')
|
2022-12-06 15:25:18 -08:00
|
|
|
|
2024-05-25 09:46:32 -07:00
|
|
|
expect { account.reload }
|
|
|
|
.to raise_error(ActiveRecord::RecordNotFound)
|
2022-12-06 15:25:18 -08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to reject account' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-19 17:33:27 -08:00
|
|
|
expect(user.reload).to_not be_approved
|
2022-12-06 15:25:18 -08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-06-12 05:24:46 -07:00
|
|
|
describe 'POST #redownload' do
|
|
|
|
subject { post :redownload, params: { id: account.id } }
|
|
|
|
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account, domain: 'example.com') }
|
|
|
|
|
|
|
|
before do
|
2023-11-14 06:52:59 -08:00
|
|
|
service = instance_double(ResolveAccountService, call: nil)
|
|
|
|
allow(ResolveAccountService).to receive(:new).and_return(service)
|
2022-07-04 17:41:40 -07:00
|
|
|
end
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 05:24:46 -07:00
|
|
|
|
2022-07-04 17:41:40 -07:00
|
|
|
it 'succeeds in redownloading' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2018-06-12 05:24:46 -07:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:role) { UserRole.everyone }
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
it 'fails to redownload' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to have_http_status 403
|
2018-06-12 05:24:46 -07:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #remove_avatar' do
|
|
|
|
subject { post :remove_avatar, params: { id: account.id } }
|
|
|
|
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
2018-06-12 05:24:46 -07:00
|
|
|
let(:account) { Fabricate(:account) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
it 'succeeds in removing avatar' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2018-06-12 05:24:46 -07:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:role) { UserRole.everyone }
|
2018-06-12 05:24:46 -07:00
|
|
|
|
|
|
|
it 'fails to remove avatar' do
|
2023-02-19 20:00:48 -08:00
|
|
|
expect(subject).to have_http_status 403
|
2018-06-12 05:24:46 -07:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2021-12-17 14:02:14 -08:00
|
|
|
|
|
|
|
describe 'POST #unblock_email' do
|
2022-03-28 03:43:58 -07:00
|
|
|
subject { post :unblock_email, params: { id: account.id } }
|
2021-12-17 14:02:14 -08:00
|
|
|
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
2021-12-17 14:02:14 -08:00
|
|
|
let(:account) { Fabricate(:account, suspended: true) }
|
2023-10-31 01:22:19 -07:00
|
|
|
|
|
|
|
before do
|
|
|
|
_email_block = Fabricate(:canonical_email_block, reference_account: account)
|
|
|
|
end
|
2021-12-17 14:02:14 -08:00
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2021-12-17 14:02:14 -08:00
|
|
|
|
2024-01-26 08:21:31 -08:00
|
|
|
it 'succeeds in removing email blocks and redirects to admin account path' do
|
2022-03-28 03:43:58 -07:00
|
|
|
expect { subject }.to change { CanonicalEmailBlock.where(reference_account: account).count }.from(1).to(0)
|
2021-12-17 14:02:14 -08:00
|
|
|
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-04 17:41:40 -07:00
|
|
|
let(:role) { UserRole.everyone }
|
2021-12-17 14:02:14 -08:00
|
|
|
|
|
|
|
it 'fails to remove avatar' do
|
2022-03-28 03:43:58 -07:00
|
|
|
subject
|
2023-02-19 18:16:40 -08:00
|
|
|
expect(response).to have_http_status 403
|
2021-12-17 14:02:14 -08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2023-06-06 04:57:00 -07:00
|
|
|
|
|
|
|
describe 'POST #unsensitive' do
|
|
|
|
subject { post :unsensitive, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account, sensitized_at: 1.year.ago) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'marks accounts not sensitized' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(account.reload).to_not be_sensitized
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #unsilence' do
|
|
|
|
subject { post :unsilence, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account, silenced_at: 1.year.ago) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'marks accounts not silenced' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(account.reload).to_not be_silenced
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #unsuspend' do
|
|
|
|
subject { post :unsuspend, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.suspend!
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'marks accounts not suspended' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(account.reload).to_not be_suspended
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #destroy' do
|
|
|
|
subject { post :destroy, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.suspend!
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
before do
|
|
|
|
allow(Admin::AccountDeletionWorker).to receive(:perform_async).with(account.id)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'destroys the account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(Admin::AccountDeletionWorker).to have_received(:perform_async).with(account.id)
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2023-12-04 04:56:28 -08:00
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def latest_admin_action_log
|
|
|
|
Admin::ActionLog.last
|
|
|
|
end
|
2016-11-30 06:32:26 -08:00
|
|
|
end
|