chuckya/spec/controllers/api/v1/accounts/credentials_controller_spec.rb
Claire cbd0ee1d07
Update Mastodon to Rails 6.1 (#15910)
* Update devise-two-factor to unreleased fork for Rails 6 support

Update tests to match new `rotp` version.

* Update nsa gem to unreleased fork for Rails 6 support

* Update rails to 6.1.3 and rails-i18n to 6.0

* Update to unreleased fork of pluck_each for Ruby 6 support

* Run "rails app:update"

* Add missing ActiveStorage config file

* Use config.ssl_options instead of removed ApplicationController#force_ssl

Disabled force_ssl-related tests as they do not seem to be easily testable
anymore.

* Fix nonce directives by removing Rails 5 specific monkey-patching

* Fix fixture_file_upload deprecation warning

* Fix yield-based test failing with Rails 6

* Use Rails 6's index_with when possible

* Use ActiveRecord::Cache::Store#delete_multi from Rails 6

This will yield better performances when deleting an account

* Disable Rails 6.1's automatic preload link headers

Since Rails 6.1, ActionView adds preload links for javascript files
in the Links header per default.

In our case, that will bloat headers too much and potentially cause
issues with reverse proxies. Furhermore, we don't need those links,
as we already output them as HTML link tags.

* Switch to Rails 6.0 default config

* Switch to Rails 6.1 default config

* Do not include autoload paths in the load path
2021-03-24 10:44:31 +01:00

106 lines
2.9 KiB
Ruby

require 'rails_helper'
describe Api::V1::Accounts::CredentialsController do
render_views
let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
context 'with an oauth token' do
before do
allow(controller).to receive(:doorkeeper_token) { token }
end
describe 'GET #show' do
let(:scopes) { 'read:accounts' }
it 'returns http success' do
get :show
expect(response).to have_http_status(200)
end
end
describe 'PATCH #update' do
let(:scopes) { 'write:accounts' }
describe 'with valid data' do
before do
allow(ActivityPub::UpdateDistributionWorker).to receive(:perform_async)
patch :update, params: {
display_name: "Alice Isn't Dead",
note: "Hi!\n\nToot toot!",
avatar: fixture_file_upload('avatar.gif', 'image/gif'),
header: fixture_file_upload('attachment.jpg', 'image/jpeg'),
source: {
privacy: 'unlisted',
sensitive: true,
}
}
end
it 'returns http success' do
expect(response).to have_http_status(200)
end
it 'updates account info' do
user.account.reload
expect(user.account.display_name).to eq("Alice Isn't Dead")
expect(user.account.note).to eq("Hi!\n\nToot toot!")
expect(user.account.avatar).to exist
expect(user.account.header).to exist
expect(user.setting_default_privacy).to eq('unlisted')
expect(user.setting_default_sensitive).to eq(true)
end
it 'queues up an account update distribution' do
expect(ActivityPub::UpdateDistributionWorker).to have_received(:perform_async).with(user.account_id)
end
end
describe 'with empty source list' do
before do
patch :update, params: {
display_name: "I'm a cat",
source: {},
}, as: :json
end
it 'returns http success' do
expect(response).to have_http_status(200)
end
end
describe 'with invalid data' do
before do
patch :update, params: { note: 'This is too long. ' * 30 }
end
it 'returns http unprocessable entity' do
expect(response).to have_http_status(:unprocessable_entity)
end
end
end
end
context 'without an oauth token' do
before do
allow(controller).to receive(:doorkeeper_token) { nil }
end
describe 'GET #show' do
it 'returns http unauthorized' do
get :show
expect(response).to have_http_status(:unauthorized)
end
end
describe 'PATCH #update' do
it 'returns http unauthorized' do
patch :update, params: { note: 'Foo' }
expect(response).to have_http_status(:unauthorized)
end
end
end
end