mirror of
https://github.com/codeninjasllc/discourse.git
synced 2024-11-24 08:09:13 -05:00
118 lines
3.1 KiB
Ruby
118 lines
3.1 KiB
Ruby
|
require 'spec_helper'
|
||
|
|
|
||
|
|
describe Admin::UsersController do
|
||
|
|
|
||
|
|
it "is a subclass of AdminController" do
|
||
|
|
(Admin::UsersController < Admin::AdminController).should be_true
|
||
|
|
end
|
||
|
|
|
||
|
|
context 'while logged in as an admin' do
|
||
|
|
before do
|
||
|
|
@user = log_in(:admin)
|
||
|
|
end
|
||
|
|
|
||
|
|
context '.index' do
|
||
|
|
it 'returns success' do
|
||
|
|
xhr :get, :index
|
||
|
|
response.should be_success
|
||
|
|
end
|
||
|
|
|
||
|
|
it 'returns JSON' do
|
||
|
|
xhr :get, :index
|
||
|
|
::JSON.parse(response.body).should be_present
|
||
|
|
end
|
||
|
|
end
|
||
|
|
|
||
|
|
context '.show' do
|
||
|
|
it 'returns success' do
|
||
|
|
xhr :get, :show, id: @user.username
|
||
|
|
response.should be_success
|
||
|
|
end
|
||
|
|
end
|
||
|
|
|
||
|
|
context '.approve_bulk' do
|
||
|
|
|
||
|
|
let(:evil_trout) { Fabricate(:evil_trout) }
|
||
|
|
|
||
|
|
it "does nothing without uesrs" do
|
||
|
|
User.any_instance.expects(:approve).never
|
||
|
|
xhr :put, :approve_bulk
|
||
|
|
end
|
||
|
|
|
||
|
|
it "won't approve the user when not allowed" do
|
||
|
|
Guardian.any_instance.expects(:can_approve?).with(evil_trout).returns(false)
|
||
|
|
User.any_instance.expects(:approve).never
|
||
|
|
xhr :put, :approve_bulk, users: [evil_trout.id]
|
||
|
|
end
|
||
|
|
|
||
|
|
it "approves the user when permitted" do
|
||
|
|
Guardian.any_instance.expects(:can_approve?).with(evil_trout).returns(true)
|
||
|
|
User.any_instance.expects(:approve).once
|
||
|
|
xhr :put, :approve_bulk, users: [evil_trout.id]
|
||
|
|
end
|
||
|
|
|
||
|
|
end
|
||
|
|
|
||
|
|
context '.approve' do
|
||
|
|
|
||
|
|
let(:evil_trout) { Fabricate(:evil_trout) }
|
||
|
|
|
||
|
|
it "raises an error when the user doesn't have permission" do
|
||
|
|
Guardian.any_instance.expects(:can_approve?).with(evil_trout).returns(false)
|
||
|
|
xhr :put, :approve, user_id: evil_trout.id
|
||
|
|
response.should be_forbidden
|
||
|
|
end
|
||
|
|
|
||
|
|
it 'calls approve' do
|
||
|
|
User.any_instance.expects(:approve).with(@user)
|
||
|
|
xhr :put, :approve, user_id: evil_trout.id
|
||
|
|
end
|
||
|
|
|
||
|
|
end
|
||
|
|
|
||
|
|
context '.revoke_admin' do
|
||
|
|
before do
|
||
|
|
@another_admin = Fabricate(:another_admin)
|
||
|
|
end
|
||
|
|
|
||
|
|
it 'raises an error unless the user can revoke access' do
|
||
|
|
Guardian.any_instance.expects(:can_revoke_admin?).with(@another_admin).returns(false)
|
||
|
|
xhr :put, :revoke_admin, user_id: @another_admin.id
|
||
|
|
response.should be_forbidden
|
||
|
|
end
|
||
|
|
|
||
|
|
it 'updates the admin flag' do
|
||
|
|
xhr :put, :revoke_admin, user_id: @another_admin.id
|
||
|
|
@another_admin.reload
|
||
|
|
@another_admin.should_not be_admin
|
||
|
|
end
|
||
|
|
end
|
||
|
|
|
||
|
|
context '.grant_admin' do
|
||
|
|
before do
|
||
|
|
@another_user = Fabricate(:coding_horror)
|
||
|
|
end
|
||
|
|
|
||
|
|
it "raises an error when the user doesn't have permission" do
|
||
|
|
Guardian.any_instance.expects(:can_grant_admin?).with(@another_user).returns(false)
|
||
|
|
xhr :put, :grant_admin, user_id: @another_user.id
|
||
|
|
response.should be_forbidden
|
||
|
|
end
|
||
|
|
|
||
|
|
it "returns a 404 if the username doesn't exist" do
|
||
|
|
xhr :put, :grant_admin, user_id: 123123
|
||
|
|
response.should be_forbidden
|
||
|
|
end
|
||
|
|
|
||
|
|
it 'updates the admin flag' do
|
||
|
|
xhr :put, :grant_admin, user_id: @another_user.id
|
||
|
|
@another_user.reload
|
||
|
|
@another_user.should be_admin
|
||
|
|
end
|
||
|
|
end
|
||
|
|
|
||
|
|
end
|
||
|
|
|
||
|
|
|
||
|
|
|
||
|
|
end
|