2015-10-11 05:41:23 -04:00
require 'rails_helper'
2013-02-05 14:16:51 -05:00
2014-02-19 11:41:17 -05:00
shared_examples 'finding and showing post' do
let ( :user ) { log_in }
let ( :post ) { Fabricate ( :post , user : user ) }
2013-02-05 14:16:51 -05:00
2014-02-19 11:41:17 -05:00
it 'ensures the user can see the post' do
Guardian . any_instance . expects ( :can_see? ) . with ( post ) . returns ( false )
xhr :get , action , params
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2013-04-24 04:05:35 -04:00
end
2014-02-19 11:41:17 -05:00
it 'succeeds' do
xhr :get , action , params
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-02-19 11:41:17 -05:00
end
2013-02-05 14:16:51 -05:00
2014-02-19 11:41:17 -05:00
context " deleted post " do
before do
post . trash! ( user )
end
it " can't find deleted posts as an anonymous user " do
xhr :get , action , params
2015-01-09 12:04:02 -05:00
expect ( response . status ) . to eq ( 404 )
2013-02-05 14:16:51 -05:00
end
2014-02-19 11:41:17 -05:00
it " can't find deleted posts as a regular user " do
log_in ( :user )
xhr :get , action , params
2015-01-09 12:04:02 -05:00
expect ( response . status ) . to eq ( 404 )
2013-02-05 14:16:51 -05:00
end
2014-02-19 11:41:17 -05:00
it " can find posts as a moderator " do
log_in ( :moderator )
xhr :get , action , params
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-02-19 11:41:17 -05:00
end
2014-08-07 13:12:35 -04:00
it " can find posts as a admin " do
log_in ( :admin )
xhr :get , action , params
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-08-07 13:12:35 -04:00
end
2014-02-19 11:41:17 -05:00
end
end
2013-02-08 17:49:15 -05:00
2014-02-24 12:14:35 -05:00
shared_examples 'action requires login' do | method , action , params |
it 'raises an exception when not logged in' do
2015-01-09 12:04:02 -05:00
expect { xhr method , action , params } . to raise_error ( Discourse :: NotLoggedIn )
2014-02-24 12:14:35 -05:00
end
end
2014-02-19 11:41:17 -05:00
describe PostsController do
2013-02-08 17:49:15 -05:00
2015-10-16 07:44:48 -04:00
describe 'latest' do
let ( :user ) { log_in }
let! ( :post ) { Fabricate ( :post , user : user ) }
let! ( :topicless_post ) { Fabricate ( :post , user : user , raw : '<p>Car 54, where are you?</p>' ) }
before do
topicless_post . update topic_id : - 100
end
it 'does not return posts without a topic for json' do
xhr :get , :latest , format : :json
expect ( response ) . to be_success
json = :: JSON . parse ( response . body )
post_ids = json [ 'latest_posts' ] . map { | p | p [ 'id' ] }
expect ( post_ids ) . to include post . id
expect ( post_ids ) . to_not include topicless_post . id
end
it 'does not return posts without a topic for rss' do
xhr :get , :latest , format : :rss
expect ( response ) . to be_success
expect ( assigns ( :posts ) ) . to include post
expect ( assigns ( :posts ) ) . to_not include topicless_post
end
end
2014-06-20 17:06:44 -04:00
describe 'cooked' do
before do
post = Post . new ( cooked : 'wat' )
PostsController . any_instance . expects ( :find_post_from_params ) . returns ( post )
end
it 'returns the cooked conent' do
xhr :get , :cooked , id : 1234
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-06-20 17:06:44 -04:00
json = :: JSON . parse ( response . body )
2015-01-09 12:04:02 -05:00
expect ( json ) . to be_present
expect ( json [ 'cooked' ] ) . to eq ( 'wat' )
2014-06-20 17:06:44 -04:00
end
end
2014-10-18 13:02:01 -04:00
describe 'raw_email' do
include_examples " action requires login " , :get , :raw_email , id : 2
describe " when logged in " do
2014-11-12 08:49:42 -05:00
let ( :user ) { log_in }
let ( :post ) { Fabricate ( :post , user : user , raw_email : 'email_content' ) }
2014-10-18 13:02:01 -04:00
it " raises an error if the user doesn't have permission to view raw email " do
Guardian . any_instance . expects ( :can_view_raw_email? ) . returns ( false )
xhr :get , :raw_email , id : post . id
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2014-10-18 13:02:01 -04:00
end
it " can view raw email " do
Guardian . any_instance . expects ( :can_view_raw_email? ) . returns ( true )
xhr :get , :raw_email , id : post . id
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-10-18 13:02:01 -04:00
json = :: JSON . parse ( response . body )
2015-01-09 12:04:02 -05:00
expect ( json [ 'raw_email' ] ) . to eq ( 'email_content' )
2014-10-18 13:02:01 -04:00
end
end
end
2014-02-19 11:41:17 -05:00
describe 'show' do
include_examples 'finding and showing post' do
let ( :action ) { :show }
let ( :params ) { { id : post . id } }
end
2014-04-23 22:42:04 -04:00
it 'gets all the expected fields' do
# non fabricated test
new_post = create_post
xhr :get , :show , { id : new_post . id }
parsed = JSON . parse ( response . body )
2015-01-09 12:04:02 -05:00
expect ( parsed [ " topic_slug " ] ) . to eq ( new_post . topic . slug )
expect ( parsed [ " moderator " ] ) . to eq ( false )
expect ( parsed [ " username " ] ) . to eq ( new_post . user . username )
expect ( parsed [ " cooked " ] ) . to eq ( new_post . cooked )
2014-04-23 22:42:04 -04:00
end
2014-02-19 11:41:17 -05:00
end
2013-02-08 17:49:15 -05:00
2014-02-19 11:41:17 -05:00
describe 'by_number' do
include_examples 'finding and showing post' do
let ( :action ) { :by_number }
let ( :params ) { { topic_id : post . topic_id , post_number : post . post_number } }
2013-02-08 17:49:15 -05:00
end
2013-08-06 17:42:36 -04:00
end
describe 'reply_history' do
2014-02-20 11:38:13 -05:00
include_examples 'finding and showing post' do
let ( :action ) { :reply_history }
let ( :params ) { { id : post . id } }
2013-08-06 17:42:36 -04:00
end
2013-02-08 17:49:15 -05:00
2014-02-20 11:38:13 -05:00
it 'asks post for reply history' do
2013-08-06 17:42:36 -04:00
Post . any_instance . expects ( :reply_history )
xhr :get , :reply_history , id : post . id
2014-02-20 11:38:13 -05:00
end
end
describe 'replies' do
include_examples 'finding and showing post' do
let ( :action ) { :replies }
let ( :params ) { { post_id : post . id } }
end
it 'asks post for replies' do
2015-09-24 20:15:58 -04:00
p1 = Fabricate ( :post )
xhr :get , :replies , post_id : p1 . id
expect ( response . status ) . to eq ( 200 )
2013-08-06 17:42:36 -04:00
end
2013-02-05 14:16:51 -05:00
end
describe 'delete a post' do
2014-02-24 12:14:35 -05:00
include_examples 'action requires login' , :delete , :destroy , id : 123
2013-02-05 14:16:51 -05:00
describe 'when logged in' do
2013-02-07 15:12:55 -05:00
let ( :user ) { log_in ( :moderator ) }
let ( :post ) { Fabricate ( :post , user : user , post_number : 2 ) }
2013-02-05 14:16:51 -05:00
2014-02-18 11:19:38 -05:00
it 'does not allow to destroy when edit time limit expired' do
Guardian . any_instance . stubs ( :can_delete_post? ) . with ( post ) . returns ( false )
Post . any_instance . stubs ( :edit_time_limit_expired? ) . returns ( true )
xhr :delete , :destroy , id : post . id
2015-01-09 12:04:02 -05:00
expect ( response . status ) . to eq ( 422 )
expect ( JSON . parse ( response . body ) [ 'errors' ] ) . to include ( I18n . t ( 'too_late_to_edit' ) )
2014-02-18 11:19:38 -05:00
end
2013-02-05 14:16:51 -05:00
it " raises an error when the user doesn't have permission to see the post " do
Guardian . any_instance . expects ( :can_delete? ) . with ( post ) . returns ( false )
xhr :delete , :destroy , id : post . id
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2013-02-05 14:16:51 -05:00
end
2013-03-18 17:52:29 -04:00
it " uses a PostDestroyer " do
destroyer = mock
2014-10-01 11:40:13 -04:00
PostDestroyer . expects ( :new ) . returns ( destroyer )
2013-03-18 17:52:29 -04:00
destroyer . expects ( :destroy )
2013-02-05 14:16:51 -05:00
xhr :delete , :destroy , id : post . id
end
2013-02-07 15:12:55 -05:00
end
end
describe 'recover a post' do
2014-02-24 12:14:35 -05:00
include_examples 'action requires login' , :put , :recover , post_id : 123
2013-02-07 15:12:55 -05:00
describe 'when logged in' do
let ( :user ) { log_in ( :moderator ) }
let ( :post ) { Fabricate ( :post , user : user , post_number : 2 ) }
it " raises an error when the user doesn't have permission to see the post " do
Guardian . any_instance . expects ( :can_recover_post? ) . with ( post ) . returns ( false )
xhr :put , :recover , post_id : post . id
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2013-02-07 15:12:55 -05:00
end
2013-07-22 03:48:24 -04:00
it " recovers a post correctly " do
topic_id = create_post . topic_id
post = create_post ( topic_id : topic_id )
PostDestroyer . new ( user , post ) . destroy
2013-02-07 15:12:55 -05:00
xhr :put , :recover , post_id : post . id
2013-07-22 03:48:24 -04:00
post . reload
2015-01-09 12:04:02 -05:00
expect ( post . deleted_at ) . to eq ( nil )
2013-02-05 14:16:51 -05:00
end
end
end
describe 'destroy_many' do
2014-02-24 12:14:35 -05:00
include_examples 'action requires login' , :delete , :destroy_many , post_ids : [ 123 , 345 ]
2013-02-05 14:16:51 -05:00
describe 'when logged in' do
let! ( :poster ) { log_in ( :moderator ) }
let! ( :post1 ) { Fabricate ( :post , user : poster , post_number : 2 ) }
2013-09-04 11:53:00 -04:00
let! ( :post2 ) { Fabricate ( :post , topic_id : post1 . topic_id , user : poster , post_number : 3 , reply_to_post_number : post1 . post_number ) }
2013-02-05 14:16:51 -05:00
it " raises invalid parameters no post_ids " do
2015-01-09 12:04:02 -05:00
expect { xhr :delete , :destroy_many } . to raise_error ( ActionController :: ParameterMissing )
2013-02-05 14:16:51 -05:00
end
it " raises invalid parameters with missing ids " do
2015-01-09 12:04:02 -05:00
expect { xhr :delete , :destroy_many , post_ids : [ 12345 ] } . to raise_error ( Discourse :: InvalidParameters )
2013-02-05 14:16:51 -05:00
end
it " raises an error when the user doesn't have permission to delete the posts " do
Guardian . any_instance . expects ( :can_delete? ) . with ( instance_of ( Post ) ) . returns ( false )
xhr :delete , :destroy_many , post_ids : [ post1 . id , post2 . id ]
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2013-02-05 14:16:51 -05:00
end
it " deletes the post " do
2013-09-04 20:50:58 -04:00
PostDestroyer . any_instance . expects ( :destroy ) . twice
2013-02-05 14:16:51 -05:00
xhr :delete , :destroy_many , post_ids : [ post1 . id , post2 . id ]
end
it " updates the highest read data for the forum " do
2013-09-04 20:50:58 -04:00
Topic . expects ( :reset_highest ) . twice
2013-02-05 14:16:51 -05:00
xhr :delete , :destroy_many , post_ids : [ post1 . id , post2 . id ]
end
2013-09-04 11:53:00 -04:00
describe " can delete replies " do
before do
PostReply . create ( post_id : post1 . id , reply_id : post2 . id )
end
it " deletes the post and the reply to it " do
2013-09-04 20:50:58 -04:00
PostDestroyer . any_instance . expects ( :destroy ) . twice
2013-09-04 11:53:00 -04:00
xhr :delete , :destroy_many , post_ids : [ post1 . id ] , reply_post_ids : [ post1 . id ]
end
end
2013-02-05 14:16:51 -05:00
end
end
describe 'edit a post' do
2014-02-24 12:14:35 -05:00
include_examples 'action requires login' , :put , :update , id : 2
2013-02-05 14:16:51 -05:00
2015-11-13 11:35:04 -05:00
let ( :post ) { Fabricate ( :post , user : logged_in_as ) }
let ( :update_params ) do
{
id : post . id ,
post : { raw : 'edited body' , edit_reason : 'typo' } ,
image_sizes : { 'http://image.com/image.jpg' = > { 'width' = > 123 , 'height' = > 456 } } ,
}
end
let ( :moderator ) { Fabricate ( :moderator ) }
2013-02-05 14:16:51 -05:00
2015-11-13 11:35:04 -05:00
describe 'when logged in as a regular user' do
let ( :logged_in_as ) { log_in }
2013-02-05 14:16:51 -05:00
2014-02-18 11:19:38 -05:00
it 'does not allow to update when edit time limit expired' do
Guardian . any_instance . stubs ( :can_edit? ) . with ( post ) . returns ( false )
Post . any_instance . stubs ( :edit_time_limit_expired? ) . returns ( true )
xhr :put , :update , update_params
2015-01-09 12:04:02 -05:00
expect ( response . status ) . to eq ( 422 )
expect ( JSON . parse ( response . body ) [ 'errors' ] ) . to include ( I18n . t ( 'too_late_to_edit' ) )
2014-02-18 11:19:38 -05:00
end
2013-02-05 14:16:51 -05:00
it 'passes the image sizes through' do
Post . any_instance . expects ( :image_sizes = )
xhr :put , :update , update_params
end
2013-11-15 17:28:16 -05:00
it 'passes the edit reason through' do
Post . any_instance . expects ( :edit_reason = )
xhr :put , :update , update_params
end
2013-02-05 14:16:51 -05:00
it " raises an error when the post parameter is missing " do
update_params . delete ( :post )
2015-01-09 12:04:02 -05:00
expect {
2013-02-05 14:16:51 -05:00
xhr :put , :update , update_params
2015-01-09 12:04:02 -05:00
} . to raise_error ( ActionController :: ParameterMissing )
2013-02-05 14:16:51 -05:00
end
it " raises an error when the user doesn't have permission to see the post " do
2014-01-07 10:32:09 -05:00
Guardian . any_instance . expects ( :can_edit? ) . with ( post ) . at_least_once . returns ( false )
2013-02-05 14:16:51 -05:00
xhr :put , :update , update_params
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2013-02-05 14:16:51 -05:00
end
it " calls revise with valid parameters " do
2015-07-28 16:58:56 -04:00
PostRevisor . any_instance . expects ( :revise! ) . with ( post . user , { raw : 'edited body' , edit_reason : 'typo' } , anything )
2013-02-05 14:16:51 -05:00
xhr :put , :update , update_params
end
it " extracts links from the new body " do
TopicLink . expects ( :extract_from ) . with ( post )
xhr :put , :update , update_params
end
2015-11-13 11:35:04 -05:00
it " doesn't allow updating of deleted posts " do
first_post = post . topic . ordered_posts . first
PostDestroyer . new ( moderator , first_post ) . destroy
xhr :put , :update , update_params
expect ( response ) . not_to be_success
end
end
describe " when logged in as staff " do
let ( :logged_in_as ) { log_in ( :moderator ) }
it " supports updating posts in deleted topics " do
first_post = post . topic . ordered_posts . first
PostDestroyer . new ( moderator , first_post ) . destroy
xhr :put , :update , update_params
expect ( response ) . to be_success
post . reload
expect ( post . raw ) . to eq ( 'edited body' )
end
2013-02-05 14:16:51 -05:00
end
end
describe 'bookmark a post' do
2014-02-24 12:14:35 -05:00
include_examples 'action requires login' , :put , :bookmark , post_id : 2
2013-02-05 14:16:51 -05:00
describe 'when logged in' do
let ( :post ) { Fabricate ( :post , user : log_in ) }
it " raises an error if the user doesn't have permission to see the post " do
2014-06-04 11:41:11 -04:00
Guardian . any_instance . expects ( :can_see? ) . with ( post ) . returns ( false ) . once
2014-05-09 11:49:39 -04:00
2013-02-25 11:42:20 -05:00
xhr :put , :bookmark , post_id : post . id , bookmarked : 'true'
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2013-02-05 14:16:51 -05:00
end
it 'creates a bookmark' do
2013-03-01 07:07:44 -05:00
PostAction . expects ( :act ) . with ( post . user , post , PostActionType . types [ :bookmark ] )
2013-02-05 14:16:51 -05:00
xhr :put , :bookmark , post_id : post . id , bookmarked : 'true'
end
it 'removes a bookmark' do
2013-03-01 07:07:44 -05:00
PostAction . expects ( :remove_act ) . with ( post . user , post , PostActionType . types [ :bookmark ] )
2013-02-05 14:16:51 -05:00
xhr :put , :bookmark , post_id : post . id
end
end
end
2014-05-13 08:53:11 -04:00
describe " wiki " do
include_examples " action requires login " , :put , :wiki , post_id : 2
describe " when logged in " do
let ( :user ) { log_in }
let ( :post ) { Fabricate ( :post , user : user ) }
2014-09-11 10:04:40 -04:00
it " raises an error if the user doesn't have permission to wiki the post " do
2016-01-11 10:26:00 -05:00
Guardian . any_instance . expects ( :can_wiki? ) . with ( post ) . returns ( false )
2014-05-13 08:53:11 -04:00
xhr :put , :wiki , post_id : post . id , wiki : 'true'
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2014-05-13 08:53:11 -04:00
end
it " can wiki a post " do
2016-01-11 10:26:00 -05:00
Guardian . any_instance . expects ( :can_wiki? ) . with ( post ) . returns ( true )
2014-05-13 08:53:11 -04:00
xhr :put , :wiki , post_id : post . id , wiki : 'true'
post . reload
2015-01-09 12:04:02 -05:00
expect ( post . wiki ) . to eq ( true )
2014-05-13 08:53:11 -04:00
end
it " can unwiki a post " do
wikied_post = Fabricate ( :post , user : user , wiki : true )
2016-01-11 10:26:00 -05:00
Guardian . any_instance . expects ( :can_wiki? ) . with ( wikied_post ) . returns ( true )
2014-05-13 08:53:11 -04:00
xhr :put , :wiki , post_id : wikied_post . id , wiki : 'false'
wikied_post . reload
2015-01-09 12:04:02 -05:00
expect ( wikied_post . wiki ) . to eq ( false )
2014-05-13 08:53:11 -04:00
end
end
end
2014-09-11 10:04:40 -04:00
describe " post_type " do
include_examples " action requires login " , :put , :post_type , post_id : 2
describe " when logged in " do
let ( :user ) { log_in }
let ( :post ) { Fabricate ( :post , user : user ) }
it " raises an error if the user doesn't have permission to change the post type " do
Guardian . any_instance . expects ( :can_change_post_type? ) . returns ( false )
xhr :put , :post_type , post_id : post . id , post_type : 2
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2014-09-11 10:04:40 -04:00
end
it " can change the post type " do
Guardian . any_instance . expects ( :can_change_post_type? ) . returns ( true )
xhr :put , :post_type , post_id : post . id , post_type : 2
post . reload
2015-01-09 12:04:02 -05:00
expect ( post . post_type ) . to eq ( 2 )
2014-09-11 10:04:40 -04:00
end
end
end
describe " rebake " do
include_examples " action requires login " , :put , :rebake , post_id : 2
describe " when logged in " do
let ( :user ) { log_in }
let ( :post ) { Fabricate ( :post , user : user ) }
it " raises an error if the user doesn't have permission to rebake the post " do
Guardian . any_instance . expects ( :can_rebake? ) . returns ( false )
xhr :put , :rebake , post_id : post . id
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2014-09-11 10:04:40 -04:00
end
it " can rebake the post " do
Guardian . any_instance . expects ( :can_rebake? ) . returns ( true )
xhr :put , :rebake , post_id : post . id
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-09-11 10:04:40 -04:00
end
end
end
2013-02-05 14:16:51 -05:00
describe 'creating a post' do
2015-08-03 20:55:59 -04:00
before do
SiteSetting . min_first_post_typing_time = 0
end
2014-02-24 12:14:35 -05:00
include_examples 'action requires login' , :post , :create
2013-02-05 14:16:51 -05:00
2014-07-14 01:59:58 -04:00
context 'api' do
2015-03-31 12:58:56 -04:00
it 'memoizes duplicate requests' do
2014-07-14 01:59:58 -04:00
raw = " this is a test post 123 #{ SecureRandom . hash } "
title = " this is a title #{ SecureRandom . hash } "
user = Fabricate ( :user )
master_key = ApiKey . create_master_key . key
xhr :post , :create , { api_username : user . username , api_key : master_key , raw : raw , title : title , wpid : 1 }
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-07-14 01:59:58 -04:00
original = response . body
xhr :post , :create , { api_username : user . username_lower , api_key : master_key , raw : raw , title : title , wpid : 2 }
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-07-14 01:59:58 -04:00
2015-01-09 12:04:02 -05:00
expect ( response . body ) . to eq ( original )
2014-07-14 01:59:58 -04:00
end
end
2013-02-05 14:16:51 -05:00
describe 'when logged in' do
let! ( :user ) { log_in }
2014-09-08 11:11:56 -04:00
let ( :moderator ) { log_in ( :moderator ) }
2013-02-05 14:16:51 -05:00
let ( :new_post ) { Fabricate . build ( :post , user : user ) }
2013-06-07 03:52:03 -04:00
it " raises an exception without a raw parameter " do
2015-01-09 12:04:02 -05:00
expect { xhr :post , :create } . to raise_error ( ActionController :: ParameterMissing )
2013-02-05 14:16:51 -05:00
end
2015-08-03 20:55:59 -04:00
it 'queues the post if min_first_post_typing_time is not met' do
SiteSetting . min_first_post_typing_time = 3000
2015-08-05 20:32:53 -04:00
# our logged on user here is tl1
SiteSetting . auto_block_fast_typers_max_trust_level = 1
2015-08-03 20:55:59 -04:00
xhr :post , :create , { raw : 'this is the test content' , title : 'this is the test title for the topic' }
expect ( response ) . to be_success
parsed = :: JSON . parse ( response . body )
expect ( parsed [ " action " ] ) . to eq ( " enqueued " )
2015-08-03 22:56:20 -04:00
user . reload
2015-08-03 22:06:07 -04:00
expect ( user . blocked ) . to eq ( true )
2015-08-03 22:56:20 -04:00
qp = QueuedPost . first
mod = Fabricate ( :moderator )
qp . approve! ( mod )
user . reload
expect ( user . blocked ) . to eq ( false )
2015-08-03 20:55:59 -04:00
end
2015-08-04 23:08:21 -04:00
it 'blocks correctly based on auto_block_first_post_regex' do
SiteSetting . auto_block_first_post_regex = " I love candy|i eat s[1-5] "
xhr :post , :create , { raw : 'this is the test content' , title : 'when I eat s3 sometimes when not looking' }
expect ( response ) . to be_success
parsed = :: JSON . parse ( response . body )
expect ( parsed [ " action " ] ) . to eq ( " enqueued " )
user . reload
expect ( user . blocked ) . to eq ( true )
end
2015-01-29 12:37:39 -05:00
it 'creates the post' do
2015-03-31 12:58:56 -04:00
xhr :post , :create , { raw : 'this is the test content' , title : 'this is the test title for the topic' }
2013-02-05 14:16:51 -05:00
2015-03-31 12:58:56 -04:00
expect ( response ) . to be_success
parsed = :: JSON . parse ( response . body )
# Deprecated structure
expect ( parsed [ 'post' ] ) . to be_blank
expect ( parsed [ 'cooked' ] ) . to be_present
end
2015-01-29 12:37:39 -05:00
2015-12-01 23:49:43 -05:00
it " can send a message to a group " do
group = Group . create ( name : 'test_group' , alias_level : Group :: ALIAS_LEVELS [ :nobody ] )
user1 = Fabricate ( :user )
group . add ( user1 )
xhr :post , :create , {
raw : 'I can haz a test' ,
title : 'I loves my test' ,
target_usernames : group . name ,
archetype : Archetype . private_message
}
expect ( response ) . not_to be_success
# allow pm to this group
group . update_columns ( alias_level : Group :: ALIAS_LEVELS [ :everyone ] )
xhr :post , :create , {
raw : 'I can haz a test' ,
title : 'I loves my test' ,
target_usernames : group . name ,
archetype : Archetype . private_message
}
expect ( response ) . to be_success
parsed = :: JSON . parse ( response . body )
post = Post . find ( parsed [ 'id' ] )
expect ( post . topic . topic_allowed_users . length ) . to eq ( 1 )
expect ( post . topic . topic_allowed_groups . length ) . to eq ( 1 )
end
2015-03-31 12:58:56 -04:00
it " returns the nested post with a param " do
xhr :post , :create , { raw : 'this is the test content' ,
title : 'this is the test title for the topic' ,
nested_post : true }
2015-01-29 12:37:39 -05:00
expect ( response ) . to be_success
2015-03-31 12:58:56 -04:00
parsed = :: JSON . parse ( response . body )
expect ( parsed [ 'post' ] ) . to be_present
expect ( parsed [ 'post' ] [ 'cooked' ] ) . to be_present
2013-02-05 14:16:51 -05:00
end
2013-07-28 22:25:19 -04:00
it 'protects against dupes' do
2014-07-14 01:59:58 -04:00
raw = " this is a test post 123 #{ SecureRandom . hash } "
title = " this is a title #{ SecureRandom . hash } "
2013-07-28 22:25:19 -04:00
2014-07-14 01:59:58 -04:00
xhr :post , :create , { raw : raw , title : title , wpid : 1 }
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2013-07-28 22:25:19 -04:00
2014-07-14 01:59:58 -04:00
xhr :post , :create , { raw : raw , title : title , wpid : 2 }
2015-01-09 12:04:02 -05:00
expect ( response ) . not_to be_success
2013-07-28 22:25:19 -04:00
end
2013-05-10 16:58:23 -04:00
context " errors " do
let ( :post_with_errors ) { Fabricate . build ( :post , user : user ) }
before do
post_with_errors . errors . add ( :base , I18n . t ( :spamming_host ) )
PostCreator . any_instance . stubs ( :errors ) . returns ( post_with_errors . errors )
PostCreator . any_instance . expects ( :create ) . returns ( post_with_errors )
end
it " does not succeed " do
2013-06-07 03:52:03 -04:00
xhr :post , :create , { raw : 'test' }
2013-05-10 16:58:23 -04:00
User . any_instance . expects ( :flag_linked_posts_as_spam ) . never
2015-01-09 12:04:02 -05:00
expect ( response ) . not_to be_success
2013-05-10 16:58:23 -04:00
end
it " it triggers flag_linked_posts_as_spam when the post creator returns spam " do
PostCreator . any_instance . expects ( :spam? ) . returns ( true )
User . any_instance . expects ( :flag_linked_posts_as_spam )
2013-06-07 03:52:03 -04:00
xhr :post , :create , { raw : 'test' }
2013-05-10 16:58:23 -04:00
end
end
2013-02-05 14:16:51 -05:00
context " parameters " do
before do
2015-03-31 12:58:56 -04:00
# Just for performance, no reason to actually perform for these
# tests.
NewPostManager . stubs ( :perform ) . returns ( NewPostResult )
2013-02-05 14:16:51 -05:00
end
it " passes raw through " do
2013-06-07 03:52:03 -04:00
xhr :post , :create , { raw : 'hello' }
2015-03-31 12:58:56 -04:00
expect ( assigns ( :manager_params ) [ 'raw' ] ) . to eq ( 'hello' )
2013-02-05 14:16:51 -05:00
end
it " passes title through " do
2013-06-07 03:52:03 -04:00
xhr :post , :create , { raw : 'hello' , title : 'new topic title' }
2015-03-31 12:58:56 -04:00
expect ( assigns ( :manager_params ) [ 'title' ] ) . to eq ( 'new topic title' )
2013-02-05 14:16:51 -05:00
end
it " passes topic_id through " do
2013-06-07 03:52:03 -04:00
xhr :post , :create , { raw : 'hello' , topic_id : 1234 }
2015-03-31 12:58:56 -04:00
expect ( assigns ( :manager_params ) [ 'topic_id' ] ) . to eq ( '1234' )
2013-02-05 14:16:51 -05:00
end
it " passes archetype through " do
2013-06-07 03:52:03 -04:00
xhr :post , :create , { raw : 'hello' , archetype : 'private_message' }
2015-03-31 12:58:56 -04:00
expect ( assigns ( :manager_params ) [ 'archetype' ] ) . to eq ( 'private_message' )
2013-02-05 14:16:51 -05:00
end
it " passes category through " do
2013-06-07 03:52:03 -04:00
xhr :post , :create , { raw : 'hello' , category : 'cool' }
2015-03-31 12:58:56 -04:00
expect ( assigns ( :manager_params ) [ 'category' ] ) . to eq ( 'cool' )
2013-02-05 14:16:51 -05:00
end
it " passes target_usernames through " do
2013-06-07 03:52:03 -04:00
xhr :post , :create , { raw : 'hello' , target_usernames : 'evil,trout' }
2015-03-31 12:58:56 -04:00
expect ( assigns ( :manager_params ) [ 'target_usernames' ] ) . to eq ( 'evil,trout' )
2013-02-05 14:16:51 -05:00
end
it " passes reply_to_post_number through " do
2015-09-22 13:32:19 -04:00
xhr :post , :create , { raw : 'hello' , reply_to_post_number : 6789 , topic_id : 1234 }
2015-03-31 12:58:56 -04:00
expect ( assigns ( :manager_params ) [ 'reply_to_post_number' ] ) . to eq ( '6789' )
2013-02-05 14:16:51 -05:00
end
it " passes image_sizes through " do
2013-09-27 04:55:50 -04:00
xhr :post , :create , { raw : 'hello' , image_sizes : { width : '100' , height : '200' } }
2015-03-31 12:58:56 -04:00
expect ( assigns ( :manager_params ) [ 'image_sizes' ] [ 'width' ] ) . to eq ( '100' )
expect ( assigns ( :manager_params ) [ 'image_sizes' ] [ 'height' ] ) . to eq ( '200' )
2013-02-25 11:42:20 -05:00
end
2013-02-05 14:16:51 -05:00
it " passes meta_data through " do
2013-06-07 03:52:03 -04:00
xhr :post , :create , { raw : 'hello' , meta_data : { xyz : 'abc' } }
2015-03-31 12:58:56 -04:00
expect ( assigns ( :manager_params ) [ 'meta_data' ] [ 'xyz' ] ) . to eq ( 'abc' )
2013-02-25 11:42:20 -05:00
end
2013-02-05 14:16:51 -05:00
2014-09-08 11:11:56 -04:00
context " is_warning " do
it " doesn't pass `is_warning` through if you're not staff " do
xhr :post , :create , { raw : 'hello' , archetype : 'private_message' , is_warning : 'true' }
2015-03-31 12:58:56 -04:00
expect ( assigns ( :manager_params ) [ 'is_warning' ] ) . to eq ( false )
2014-09-08 11:11:56 -04:00
end
it " passes `is_warning` through if you're staff " do
2015-03-31 12:58:56 -04:00
log_in ( :moderator )
2014-09-08 11:11:56 -04:00
xhr :post , :create , { raw : 'hello' , archetype : 'private_message' , is_warning : 'true' }
2015-03-31 12:58:56 -04:00
expect ( assigns ( :manager_params ) [ 'is_warning' ] ) . to eq ( true )
2014-09-08 11:11:56 -04:00
end
it " passes `is_warning` as false through if you're staff " do
xhr :post , :create , { raw : 'hello' , archetype : 'private_message' , is_warning : 'false' }
2015-03-31 12:58:56 -04:00
expect ( assigns ( :manager_params ) [ 'is_warning' ] ) . to eq ( false )
2014-09-08 11:11:56 -04:00
end
end
2013-02-05 14:16:51 -05:00
end
end
end
2014-02-04 14:05:50 -05:00
describe " revisions " do
2014-10-27 17:06:43 -04:00
let ( :post ) { Fabricate ( :post , version : 2 ) }
let ( :post_revision ) { Fabricate ( :post_revision , post : post ) }
2014-02-04 14:05:50 -05:00
it " throws an exception when revision is < 2 " do
expect {
xhr :get , :revisions , post_id : post_revision . post_id , revision : 1
} . to raise_error ( Discourse :: InvalidParameters )
end
context " when edit history is not visible to the public " do
before { SiteSetting . stubs ( :edit_history_visible_to_public ) . returns ( false ) }
2014-03-13 10:47:37 -04:00
it " ensures anonymous cannot see the revisions " do
xhr :get , :revisions , post_id : post_revision . post_id , revision : post_revision . number
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2014-03-13 10:47:37 -04:00
end
it " ensures regular user cannot see the revisions " do
2015-09-22 13:32:19 -04:00
log_in ( :user )
2014-02-04 14:05:50 -05:00
xhr :get , :revisions , post_id : post_revision . post_id , revision : post_revision . number
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2014-02-04 14:05:50 -05:00
end
it " ensures staff can see the revisions " do
log_in ( :admin )
xhr :get , :revisions , post_id : post_revision . post_id , revision : post_revision . number
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-02-04 14:05:50 -05:00
end
it " ensures poster can see the revisions " do
user = log_in ( :active_user )
2014-10-27 17:06:43 -04:00
post = Fabricate ( :post , user : user , version : 3 )
2014-03-13 10:47:37 -04:00
pr = Fabricate ( :post_revision , user : user , post : post )
2014-02-04 14:05:50 -05:00
xhr :get , :revisions , post_id : pr . post_id , revision : pr . number
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-02-04 14:05:50 -05:00
end
2014-03-13 10:47:37 -04:00
it " ensures trust level 4 can see the revisions " do
2014-09-05 02:52:40 -04:00
log_in ( :trust_level_4 )
2014-03-13 10:47:37 -04:00
xhr :get , :revisions , post_id : post_revision . post_id , revision : post_revision . number
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-03-13 10:47:37 -04:00
end
2014-02-04 14:05:50 -05:00
end
context " when edit history is visible to everyone " do
before { SiteSetting . stubs ( :edit_history_visible_to_public ) . returns ( true ) }
it " ensures anyone can see the revisions " do
xhr :get , :revisions , post_id : post_revision . post_id , revision : post_revision . number
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-02-04 14:05:50 -05:00
end
end
context " deleted post " do
let ( :admin ) { log_in ( :admin ) }
2014-10-27 17:06:43 -04:00
let ( :deleted_post ) { Fabricate ( :post , user : admin , version : 3 ) }
2014-02-04 14:05:50 -05:00
let ( :deleted_post_revision ) { Fabricate ( :post_revision , user : admin , post : deleted_post ) }
before { deleted_post . trash! ( admin ) }
it " also work on deleted post " do
xhr :get , :revisions , post_id : deleted_post_revision . post_id , revision : deleted_post_revision . number
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-02-04 14:05:50 -05:00
end
end
2014-05-12 10:30:10 -04:00
context " deleted topic " do
let ( :admin ) { log_in ( :admin ) }
let ( :deleted_topic ) { Fabricate ( :topic , user : admin ) }
2014-10-27 17:06:43 -04:00
let ( :post ) { Fabricate ( :post , user : admin , topic : deleted_topic , version : 3 ) }
2014-05-12 10:30:10 -04:00
let ( :post_revision ) { Fabricate ( :post_revision , user : admin , post : post ) }
before { deleted_topic . trash! ( admin ) }
it " also work on deleted topic " do
xhr :get , :revisions , post_id : post_revision . post_id , revision : post_revision . number
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-05-12 10:30:10 -04:00
end
end
2014-02-04 14:05:50 -05:00
end
2016-03-09 10:40:49 -05:00
describe 'revert post to a specific revision' do
include_examples 'action requires login' , :put , :revert , post_id : 123 , revision : 2
let ( :post ) { Fabricate ( :post , user : logged_in_as , raw : " Lorem ipsum dolor sit amet, cu nam libris tractatos, ancillae senserit ius ex " ) }
let ( :post_revision ) { Fabricate ( :post_revision , post : post , modifications : { " raw " = > [ " this is original post body. " , " this is edited post body. " ] } ) }
let ( :blank_post_revision ) { Fabricate ( :post_revision , post : post , modifications : { " edit_reason " = > [ " edit reason # 1 " , " edit reason # 2 " ] } ) }
let ( :same_post_revision ) { Fabricate ( :post_revision , post : post , modifications : { " raw " = > [ " Lorem ipsum dolor sit amet, cu nam libris tractatos, ancillae senserit ius ex " , " this is edited post body. " ] } ) }
let ( :revert_params ) do
{
post_id : post . id ,
revision : post_revision . number
}
end
let ( :moderator ) { Fabricate ( :moderator ) }
describe 'when logged in as a regular user' do
let ( :logged_in_as ) { log_in }
it " does not work " do
xhr :put , :revert , revert_params
expect ( response ) . to_not be_success
end
end
describe " when logged in as staff " do
let ( :logged_in_as ) { log_in ( :moderator ) }
it " throws an exception when revision is < 2 " do
expect {
xhr :put , :revert , post_id : post . id , revision : 1
} . to raise_error ( Discourse :: InvalidParameters )
end
it " fails when post_revision record is not found " do
xhr :put , :revert , post_id : post . id , revision : post_revision . number + 1
expect ( response ) . to_not be_success
end
it " fails when post record is not found " do
xhr :put , :revert , post_id : post . id + 1 , revision : post_revision . number
expect ( response ) . to_not be_success
end
it " fails when revision is blank " do
xhr :put , :revert , post_id : post . id , revision : blank_post_revision . number
expect ( response . status ) . to eq ( 422 )
expect ( JSON . parse ( response . body ) [ 'errors' ] ) . to include ( I18n . t ( 'revert_version_same' ) )
end
it " fails when revised version is same as current version " do
xhr :put , :revert , post_id : post . id , revision : same_post_revision . number
expect ( response . status ) . to eq ( 422 )
expect ( JSON . parse ( response . body ) [ 'errors' ] ) . to include ( I18n . t ( 'revert_version_same' ) )
end
it " works! " do
xhr :put , :revert , revert_params
expect ( response ) . to be_success
end
it " supports reverting posts in deleted topics " do
first_post = post . topic . ordered_posts . first
PostDestroyer . new ( moderator , first_post ) . destroy
xhr :put , :revert , revert_params
expect ( response ) . to be_success
end
end
end
2014-04-03 11:30:43 -04:00
describe 'expandable embedded posts' do
let ( :post ) { Fabricate ( :post ) }
it " raises an error when you can't see the post " do
Guardian . any_instance . expects ( :can_see? ) . with ( post ) . returns ( false )
xhr :get , :expand_embed , id : post . id
2015-01-09 12:04:02 -05:00
expect ( response ) . not_to be_success
2014-04-03 11:30:43 -04:00
end
it " retrieves the body when you can see the post " do
Guardian . any_instance . expects ( :can_see? ) . with ( post ) . returns ( true )
TopicEmbed . expects ( :expanded_for ) . with ( post ) . returns ( " full content " )
xhr :get , :expand_embed , id : post . id
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
expect ( :: JSON . parse ( response . body ) [ 'cooked' ] ) . to eq ( " full content " )
2014-04-03 11:30:43 -04:00
end
end
2014-07-16 15:04:55 -04:00
describe " flagged posts " do
include_examples " action requires login " , :get , :flagged_posts , username : " system "
describe " when logged in " do
before { log_in }
it " raises an error if the user doesn't have permission to see the flagged posts " do
Guardian . any_instance . expects ( :can_see_flagged_posts? ) . returns ( false )
xhr :get , :flagged_posts , username : " system "
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2014-07-16 15:04:55 -04:00
end
it " can see the flagged posts when authorized " do
Guardian . any_instance . expects ( :can_see_flagged_posts? ) . returns ( true )
xhr :get , :flagged_posts , username : " system "
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-07-16 15:04:55 -04:00
end
2014-10-09 10:10:16 -04:00
it " only shows agreed and deferred flags " do
user = Fabricate ( :user )
post_agreed = create_post ( user : user )
post_deferred = create_post ( user : user )
post_disagreed = create_post ( user : user )
moderator = Fabricate ( :moderator )
PostAction . act ( moderator , post_agreed , PostActionType . types [ :spam ] )
PostAction . act ( moderator , post_deferred , PostActionType . types [ :off_topic ] )
PostAction . act ( moderator , post_disagreed , PostActionType . types [ :inappropriate ] )
admin = Fabricate ( :admin )
PostAction . agree_flags! ( post_agreed , admin )
PostAction . defer_flags! ( post_deferred , admin )
PostAction . clear_flags! ( post_disagreed , admin )
Guardian . any_instance . expects ( :can_see_flagged_posts? ) . returns ( true )
xhr :get , :flagged_posts , username : user . username
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-10-09 10:10:16 -04:00
2015-01-09 12:04:02 -05:00
expect ( JSON . parse ( response . body ) . length ) . to eq ( 2 )
2014-10-09 10:10:16 -04:00
end
2014-07-16 15:04:55 -04:00
end
end
describe " deleted posts " do
include_examples " action requires login " , :get , :deleted_posts , username : " system "
describe " when logged in " do
before { log_in }
it " raises an error if the user doesn't have permission to see the deleted posts " do
Guardian . any_instance . expects ( :can_see_deleted_posts? ) . returns ( false )
xhr :get , :deleted_posts , username : " system "
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_forbidden
2014-07-16 15:04:55 -04:00
end
it " can see the deleted posts when authorized " do
Guardian . any_instance . expects ( :can_see_deleted_posts? ) . returns ( true )
xhr :get , :deleted_posts , username : " system "
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-07-16 15:04:55 -04:00
end
2015-04-13 11:48:31 -04:00
it " doesn't return secured categories for moderators if they don't have access " do
user = Fabricate ( :user )
admin = Fabricate ( :admin )
2015-09-22 13:32:19 -04:00
Fabricate ( :moderator )
2015-04-13 11:48:31 -04:00
group = Fabricate ( :group )
2015-11-09 08:52:04 -05:00
group . add_owner ( user )
2015-04-13 11:48:31 -04:00
secured_category = Fabricate ( :private_category , group : group )
secured_post = create_post ( user : user , category : secured_category )
PostDestroyer . new ( admin , secured_post ) . destroy
log_in ( :moderator )
xhr :get , :deleted_posts , username : user . username
expect ( response ) . to be_success
data = JSON . parse ( response . body )
expect ( data . length ) . to eq ( 0 )
end
it " doesn't return PMs for moderators " do
user = Fabricate ( :user )
admin = Fabricate ( :admin )
2015-09-22 13:32:19 -04:00
Fabricate ( :moderator )
2015-04-13 11:48:31 -04:00
pm_post = create_post ( user : user , archetype : 'private_message' , target_usernames : [ admin . username ] )
PostDestroyer . new ( admin , pm_post ) . destroy
log_in ( :moderator )
xhr :get , :deleted_posts , username : user . username
expect ( response ) . to be_success
data = JSON . parse ( response . body )
expect ( data . length ) . to eq ( 0 )
end
2014-10-09 10:10:16 -04:00
it " only shows posts deleted by other users " do
user = Fabricate ( :user )
admin = Fabricate ( :admin )
2015-09-22 13:32:19 -04:00
create_post ( user : user )
2014-10-09 10:10:16 -04:00
post_deleted_by_user = create_post ( user : user )
post_deleted_by_admin = create_post ( user : user )
PostDestroyer . new ( user , post_deleted_by_user ) . destroy
PostDestroyer . new ( admin , post_deleted_by_admin ) . destroy
Guardian . any_instance . expects ( :can_see_deleted_posts? ) . returns ( true )
xhr :get , :deleted_posts , username : user . username
2015-01-09 12:04:02 -05:00
expect ( response ) . to be_success
2014-10-09 10:10:16 -04:00
data = JSON . parse ( response . body )
2015-01-09 12:04:02 -05:00
expect ( data . length ) . to eq ( 1 )
expect ( data [ 0 ] [ " id " ] ) . to eq ( post_deleted_by_admin . id )
expect ( data [ 0 ] [ " deleted_by " ] [ " id " ] ) . to eq ( admin . id )
2014-10-09 10:10:16 -04:00
end
2014-07-16 15:04:55 -04:00
end
end
2015-01-05 11:02:32 -05:00
describe " view raw " do
describe " by ID " do
it " can be viewed by anonymous " do
post = Fabricate ( :post , raw : " 123456789 " )
xhr :get , :markdown_id , id : post . id
2015-04-25 11:18:35 -04:00
expect ( response ) . to be_success
expect ( response . body ) . to eq ( " 123456789 " )
2015-01-05 11:02:32 -05:00
end
end
describe " by post number " do
it " can be viewed by anonymous " do
topic = Fabricate ( :topic )
post = Fabricate ( :post , topic : topic , post_number : 1 , raw : " 123456789 " )
post . save
xhr :get , :markdown_num , topic_id : topic . id , post_number : 1
2015-04-25 11:18:35 -04:00
expect ( response ) . to be_success
expect ( response . body ) . to eq ( " 123456789 " )
2015-01-05 11:02:32 -05:00
end
end
end
2015-02-04 14:49:05 -05:00
describe " short link " do
let ( :topic ) { Fabricate ( :topic ) }
let ( :post ) { Fabricate ( :post , topic : topic ) }
it " redirects to the topic " do
xhr :get , :short_link , post_id : post . id
2015-04-25 11:18:35 -04:00
expect ( response ) . to be_redirect
2015-02-04 14:49:05 -05:00
end
it " returns a 403 when access is denied " do
Guardian . any_instance . stubs ( :can_see? ) . returns ( false )
xhr :get , :short_link , post_id : post . id
2015-04-25 11:18:35 -04:00
expect ( response ) . to be_forbidden
2015-02-04 14:49:05 -05:00
end
end
2013-02-05 14:16:51 -05:00
end