abunchtell
/
mastodon
1
0
Fork 0
Code Issues 0 Activity
The code powering m.abunchtell.com https://m.abunchtell.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7542 Commits
1 Branch
94 MiB
 
 
 
 
Tree: 964ae8eee5
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '964ae8eee5'
${ noResults }
mastodon/spec/controllers/api/base_controller_spec.rb

93 lines
2.3 KiB
Raw Blame History 

  1. # frozen_string_literal: true

  2. 

  3. require 'rails_helper'

  4. 

  5. class FakeService; end

  6. 

  7. describe Api::BaseController do

  8.   controller do

  9.     def success

  10.       head 200

  11.     end

  12. 

  13.     def error

  14.       FakeService.new

  15.     end

  16.   end

  17. 

  18.   describe 'forgery protection' do

  19.     before do

  20.       routes.draw { post 'success' => 'api/base#success' }

  21.     end

  22. 

  23.     it 'does not protect from forgery' do

  24.       ActionController::Base.allow_forgery_protection = true

  25.       post 'success'

  26.       expect(response).to have_http_status(200)

  27.     end

  28.   end

  29. 

  30.   describe 'non-functional accounts handling' do

  31.     let(:user)  { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }

  32.     let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read') }

  33. 

  34.     controller do

  35.       before_action :require_user!

  36.     end

  37. 

  38.     before do

  39.       routes.draw { post 'success' => 'api/base#success' }

  40.       allow(controller).to receive(:doorkeeper_token) { token }

  41.     end

  42. 

  43.     it 'returns http forbidden for unconfirmed accounts' do

  44.       user.update(confirmed_at: nil)

  45.       post 'success'

  46.       expect(response).to have_http_status(403)

  47.     end

  48. 

  49.     it 'returns http forbidden for pending accounts' do

  50.       user.update(approved: false)

  51.       post 'success'

  52.       expect(response).to have_http_status(403)

  53.     end

  54. 

  55.     it 'returns http forbidden for disabled accounts' do

  56.       user.update(disabled: true)

  57.       post 'success'

  58.       expect(response).to have_http_status(403)

  59.     end

  60. 

  61.     it 'returns http forbidden for suspended accounts' do

  62.       user.account.suspend!

  63.       post 'success'

  64.       expect(response).to have_http_status(403)

  65.     end

  66.   end

  67. 

  68.   describe 'error handling' do

  69.     ERRORS_WITH_CODES = {

  70.       ActiveRecord::RecordInvalid => 422,

  71.       Mastodon::ValidationError => 422,

  72.       ActiveRecord::RecordNotFound => 404,

  73.       Mastodon::UnexpectedResponseError => 503,

  74.       HTTP::Error => 503,

  75.       OpenSSL::SSL::SSLError => 503,

  76.       Mastodon::NotPermittedError => 403,

  77.     }

  78. 

  79.     before do

  80.       routes.draw { get 'error' => 'api/base#error' }

  81.     end

  82. 

  83.     ERRORS_WITH_CODES.each do |error, code|

  84.       it "Handles error class of #{error}" do

  85.         expect(FakeService).to receive(:new).and_raise(error)

  86. 

  87.         get 'error'

  88.         expect(response).to have_http_status(code)

  89.       end

  90.     end

  91.   end

  92. end