@@ -3,21 +3,38 @@ require 'rails_helper'
RSpec.describe Api::V1::AccountsController, type: :controller do
render_views
let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'follow read') }
let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }
let(:scopes) { '' }
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
before do
allow(controller).to receive(:doorkeeper_token) { token }
end
shared_examples 'forbidden for wrong scope' do |wrong_scope|
let(:scopes) { wrong_scope }
it 'returns http forbidden' do
expect(response).to have_http_status(403)
end
end
describe 'GET #show' do
it 'returns http success' do
let(:scopes) { 'read:accounts' }
before do
get :show, params: { id: user.account.id }
end
it 'returns http success' do
expect(response).to have_http_status(200)
end
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
end
describe 'POST #follow' do
let(:scopes) { 'write:follows' }
let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob', locked: locked)).account }
before do
@@ -41,6 +58,8 @@ RSpec.describe Api::V1::AccountsController, type: :controller do
it 'creates a following relation between user and target user' do
expect(user.account.following?(other_account)).to be true
end
it_behaves_like 'forbidden for wrong scope', 'read:accounts'
end
context 'with locked account' do
@@ -60,10 +79,13 @@ RSpec.describe Api::V1::AccountsController, type: :controller do
it 'creates a follow request relation between user and target user' do
expect(user.account.requested?(other_account)).to be true
end
it_behaves_like 'forbidden for wrong scope', 'read:accounts'
end
end
describe 'POST #unfollow' do
let(:scopes) { 'write:follows' }
let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob')).account }
before do
@@ -78,9 +100,12 @@ RSpec.describe Api::V1::AccountsController, type: :controller do
it 'removes the following relation between user and target user' do
expect(user.account.following?(other_account)).to be false
end
it_behaves_like 'forbidden for wrong scope', 'read:accounts'
end
describe 'POST #block' do
let(:scopes) { 'write:blocks' }
let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob')).account }
before do
@@ -99,9 +124,12 @@ RSpec.describe Api::V1::AccountsController, type: :controller do
it 'creates a blocking relation' do
expect(user.account.blocking?(other_account)).to be true
end
it_behaves_like 'forbidden for wrong scope', 'read:accounts'
end
describe 'POST #unblock' do
let(:scopes) { 'write:blocks' }
let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob')).account }
before do
@@ -116,9 +144,12 @@ RSpec.describe Api::V1::AccountsController, type: :controller do
it 'removes the blocking relation between user and target user' do
expect(user.account.blocking?(other_account)).to be false
end
it_behaves_like 'forbidden for wrong scope', 'read:accounts'
end
describe 'POST #mute' do
let(:scopes) { 'write:mutes' }
let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob')).account }
before do
@@ -141,9 +172,12 @@ RSpec.describe Api::V1::AccountsController, type: :controller do
it 'mutes notifications' do
expect(user.account.muting_notifications?(other_account)).to be true
end
it_behaves_like 'forbidden for wrong scope', 'read:accounts'
end
describe 'POST #mute with notifications set to false' do
let(:scopes) { 'write:mutes' }
let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob')).account }
before do
@@ -166,9 +200,12 @@ RSpec.describe Api::V1::AccountsController, type: :controller do
it 'does not mute notifications' do
expect(user.account.muting_notifications?(other_account)).to be false
end
it_behaves_like 'forbidden for wrong scope', 'read:accounts'
end
describe 'POST #unmute' do
let(:scopes) { 'write:mutes' }
let(:other_account) { Fabricate(:user, email: 'bob@example.com', account: Fabricate(:account, username: 'bob')).account }
before do
@@ -183,5 +220,7 @@ RSpec.describe Api::V1::AccountsController, type: :controller do
it 'removes the muting relation between user and target user' do
expect(user.account.muting?(other_account)).to be false
end
it_behaves_like 'forbidden for wrong scope', 'read:accounts'
end
end