2023-02-22 00:55:31 +00:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-11-30 14:32:26 +00:00
|
|
|
require 'rails_helper'
|
|
|
|
|
2023-05-04 03:49:53 +00:00
|
|
|
RSpec.describe Admin::AccountsController do
|
2017-04-28 13:12:37 +00:00
|
|
|
render_views
|
|
|
|
|
2018-06-12 12:24:46 +00:00
|
|
|
before { sign_in current_user, scope: :user }
|
2016-11-30 14:32:26 +00:00
|
|
|
|
|
|
|
describe 'GET #index' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:current_user) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')) }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
2017-06-28 23:43:10 +00:00
|
|
|
around do |example|
|
|
|
|
default_per_page = Account.default_per_page
|
|
|
|
Account.paginates_per 1
|
|
|
|
example.run
|
|
|
|
Account.paginates_per default_per_page
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'filters with parameters' do
|
2023-11-07 09:46:28 +00:00
|
|
|
account_filter = instance_double(AccountFilter, results: Account.all)
|
|
|
|
allow(AccountFilter).to receive(:new).and_return(account_filter)
|
2023-11-13 16:01:24 +00:00
|
|
|
params = {
|
2023-11-07 09:46:28 +00:00
|
|
|
origin: 'local',
|
|
|
|
by_domain: 'domain',
|
|
|
|
status: 'active',
|
|
|
|
username: 'username',
|
|
|
|
display_name: 'display name',
|
|
|
|
email: 'local-part@domain',
|
|
|
|
ip: '0.0.0.42',
|
|
|
|
}
|
|
|
|
|
2023-11-13 16:01:24 +00:00
|
|
|
get :index, params: params
|
|
|
|
|
|
|
|
expect(AccountFilter).to have_received(:new).with(hash_including(params))
|
2017-06-28 23:43:10 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'paginates accounts' do
|
|
|
|
Fabricate(:account)
|
|
|
|
|
|
|
|
get :index, params: { page: 2 }
|
|
|
|
|
|
|
|
accounts = assigns(:accounts)
|
|
|
|
expect(accounts.count).to eq 1
|
|
|
|
expect(accounts.klass).to be Account
|
|
|
|
end
|
|
|
|
|
2016-11-30 14:32:26 +00:00
|
|
|
it 'returns http success' do
|
|
|
|
get :index
|
2018-04-21 19:35:07 +00:00
|
|
|
expect(response).to have_http_status(200)
|
2016-11-30 14:32:26 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'GET #show' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:current_user) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')) }
|
2022-01-27 23:46:42 +00:00
|
|
|
let(:account) { Fabricate(:account) }
|
2016-12-03 19:04:19 +00:00
|
|
|
|
2016-11-30 14:32:26 +00:00
|
|
|
it 'returns http success' do
|
2016-12-03 19:04:19 +00:00
|
|
|
get :show, params: { id: account.id }
|
2018-04-21 19:35:07 +00:00
|
|
|
expect(response).to have_http_status(200)
|
2016-11-30 14:32:26 +00:00
|
|
|
end
|
|
|
|
end
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
describe 'POST #memorialize' do
|
|
|
|
subject { post :memorialize, params: { id: account.id } }
|
|
|
|
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:current_user) { Fabricate(:user, role: current_role) }
|
2022-01-27 23:46:42 +00:00
|
|
|
let(:account) { user.account }
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:user) { Fabricate(:user, role: target_role) }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:current_role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
context 'when target user is admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
it 'fails to memorialize account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 01:33:27 +00:00
|
|
|
expect(account.reload).to_not be_memorial
|
2018-06-12 12:24:46 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when target user is not admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Moderator') }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
it 'succeeds in memorializing account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2018-06-12 12:24:46 +00:00
|
|
|
expect(account.reload).to be_memorial
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:current_role) { UserRole.find_by(name: 'Moderator') }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
context 'when target user is admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
it 'fails to memorialize account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 01:33:27 +00:00
|
|
|
expect(account.reload).to_not be_memorial
|
2018-06-12 12:24:46 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when target user is not admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:target_role) { UserRole.find_by(name: 'Moderator') }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
it 'fails to memorialize account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 01:33:27 +00:00
|
|
|
expect(account.reload).to_not be_memorial
|
2018-06-12 12:24:46 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #enable' do
|
|
|
|
subject { post :enable, params: { id: account.id } }
|
|
|
|
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
2022-01-27 23:46:42 +00:00
|
|
|
let(:account) { user.account }
|
2018-06-12 12:24:46 +00:00
|
|
|
let(:user) { Fabricate(:user, disabled: true) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
it 'succeeds in enabling account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2023-02-20 01:33:27 +00:00
|
|
|
expect(user.reload).to_not be_disabled
|
2018-06-12 12:24:46 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:role) { UserRole.everyone }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
it 'fails to enable account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2018-06-12 12:24:46 +00:00
|
|
|
expect(user.reload).to be_disabled
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2022-12-06 23:25:18 +00:00
|
|
|
describe 'POST #approve' do
|
|
|
|
subject { post :approve, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { user.account }
|
|
|
|
let(:user) { Fabricate(:user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.user.update(approved: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
2024-01-26 16:21:31 +00:00
|
|
|
it 'succeeds in approving account and logs action' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to redirect_to admin_accounts_path(status: 'pending')
|
2022-12-06 23:25:18 +00:00
|
|
|
expect(user.reload).to be_approved
|
|
|
|
|
2023-12-04 12:56:28 +00:00
|
|
|
expect(latest_admin_action_log)
|
|
|
|
.to be_present
|
|
|
|
.and have_attributes(
|
|
|
|
action: eq(:approve),
|
|
|
|
account_id: eq(current_user.account_id),
|
|
|
|
target_id: eq(account.user.id)
|
|
|
|
)
|
2022-12-06 23:25:18 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to approve account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 01:33:27 +00:00
|
|
|
expect(user.reload).to_not be_approved
|
2022-12-06 23:25:18 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #reject' do
|
|
|
|
subject { post :reject, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { user.account }
|
|
|
|
let(:user) { Fabricate(:user) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.user.update(approved: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
2024-01-26 16:21:31 +00:00
|
|
|
it 'succeeds in rejecting account and logs action' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to redirect_to admin_accounts_path(status: 'pending')
|
2022-12-06 23:25:18 +00:00
|
|
|
|
2023-12-04 12:56:28 +00:00
|
|
|
expect(latest_admin_action_log)
|
|
|
|
.to be_present
|
|
|
|
.and have_attributes(
|
|
|
|
action: eq(:reject),
|
|
|
|
account_id: eq(current_user.account_id),
|
|
|
|
target_id: eq(account.user.id)
|
|
|
|
)
|
2022-12-06 23:25:18 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to reject account' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2023-02-20 01:33:27 +00:00
|
|
|
expect(user.reload).to_not be_approved
|
2022-12-06 23:25:18 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-06-12 12:24:46 +00:00
|
|
|
describe 'POST #redownload' do
|
|
|
|
subject { post :redownload, params: { id: account.id } }
|
|
|
|
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account, domain: 'example.com') }
|
|
|
|
|
|
|
|
before do
|
2023-11-14 14:52:59 +00:00
|
|
|
service = instance_double(ResolveAccountService, call: nil)
|
|
|
|
allow(ResolveAccountService).to receive(:new).and_return(service)
|
2022-07-05 00:41:40 +00:00
|
|
|
end
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
2022-07-05 00:41:40 +00:00
|
|
|
it 'succeeds in redownloading' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2018-06-12 12:24:46 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:role) { UserRole.everyone }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
it 'fails to redownload' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2018-06-12 12:24:46 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #remove_avatar' do
|
|
|
|
subject { post :remove_avatar, params: { id: account.id } }
|
|
|
|
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
2018-06-12 12:24:46 +00:00
|
|
|
let(:account) { Fabricate(:account) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
it 'succeeds in removing avatar' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to redirect_to admin_account_path(account.id)
|
2018-06-12 12:24:46 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:role) { UserRole.everyone }
|
2018-06-12 12:24:46 +00:00
|
|
|
|
|
|
|
it 'fails to remove avatar' do
|
2023-02-20 04:00:48 +00:00
|
|
|
expect(subject).to have_http_status 403
|
2018-06-12 12:24:46 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2021-12-17 22:02:14 +00:00
|
|
|
|
|
|
|
describe 'POST #unblock_email' do
|
2022-03-28 10:43:58 +00:00
|
|
|
subject { post :unblock_email, params: { id: account.id } }
|
2021-12-17 22:02:14 +00:00
|
|
|
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
2021-12-17 22:02:14 +00:00
|
|
|
let(:account) { Fabricate(:account, suspended: true) }
|
2023-10-31 08:22:19 +00:00
|
|
|
|
|
|
|
before do
|
|
|
|
_email_block = Fabricate(:canonical_email_block, reference_account: account)
|
|
|
|
end
|
2021-12-17 22:02:14 +00:00
|
|
|
|
|
|
|
context 'when user is admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
2021-12-17 22:02:14 +00:00
|
|
|
|
2024-01-26 16:21:31 +00:00
|
|
|
it 'succeeds in removing email blocks and redirects to admin account path' do
|
2022-03-28 10:43:58 +00:00
|
|
|
expect { subject }.to change { CanonicalEmailBlock.where(reference_account: account).count }.from(1).to(0)
|
2021-12-17 22:02:14 +00:00
|
|
|
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
2022-07-05 00:41:40 +00:00
|
|
|
let(:role) { UserRole.everyone }
|
2021-12-17 22:02:14 +00:00
|
|
|
|
|
|
|
it 'fails to remove avatar' do
|
2022-03-28 10:43:58 +00:00
|
|
|
subject
|
2023-02-20 02:16:40 +00:00
|
|
|
expect(response).to have_http_status 403
|
2021-12-17 22:02:14 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2023-06-06 11:57:00 +00:00
|
|
|
|
|
|
|
describe 'POST #unsensitive' do
|
|
|
|
subject { post :unsensitive, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account, sensitized_at: 1.year.ago) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'marks accounts not sensitized' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(account.reload).to_not be_sensitized
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #unsilence' do
|
|
|
|
subject { post :unsilence, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account, silenced_at: 1.year.ago) }
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'marks accounts not silenced' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(account.reload).to_not be_silenced
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #unsuspend' do
|
|
|
|
subject { post :unsuspend, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.suspend!
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
it 'marks accounts not suspended' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(account.reload).to_not be_suspended
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'POST #destroy' do
|
|
|
|
subject { post :destroy, params: { id: account.id } }
|
|
|
|
|
|
|
|
let(:current_user) { Fabricate(:user, role: role) }
|
|
|
|
let(:account) { Fabricate(:account) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
account.suspend!
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is admin' do
|
|
|
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
|
|
|
|
|
|
|
before do
|
|
|
|
allow(Admin::AccountDeletionWorker).to receive(:perform_async).with(account.id)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'destroys the account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(Admin::AccountDeletionWorker).to have_received(:perform_async).with(account.id)
|
|
|
|
expect(response).to redirect_to admin_account_path(account.id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user is not admin' do
|
|
|
|
let(:role) { UserRole.everyone }
|
|
|
|
|
|
|
|
it 'fails to change account' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_http_status 403
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2023-12-04 12:56:28 +00:00
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def latest_admin_action_log
|
|
|
|
Admin::ActionLog.last
|
|
|
|
end
|
2016-11-30 14:32:26 +00:00
|
|
|
end
|