From cafdaec6cfd4d0b4033f0495017651e0a81187ca Mon Sep 17 00:00:00 2001 From: Daniel M Brasil Date: Mon, 16 Oct 2023 11:03:48 -0300 Subject: [PATCH] Migrate to request specs in `/api/v1/lists/:id/accounts` (#25468) --- .../api/v1/lists/accounts_controller_spec.rb | 80 -------- spec/requests/api/v1/lists/accounts_spec.rb | 178 ++++++++++++++++++ 2 files changed, 178 insertions(+), 80 deletions(-) delete mode 100644 spec/controllers/api/v1/lists/accounts_controller_spec.rb create mode 100644 spec/requests/api/v1/lists/accounts_spec.rb diff --git a/spec/controllers/api/v1/lists/accounts_controller_spec.rb b/spec/controllers/api/v1/lists/accounts_controller_spec.rb deleted file mode 100644 index 21e155a50..000000000 --- a/spec/controllers/api/v1/lists/accounts_controller_spec.rb +++ /dev/null @@ -1,80 +0,0 @@ -# frozen_string_literal: true - -require 'rails_helper' - -describe Api::V1::Lists::AccountsController do - render_views - - let(:user) { Fabricate(:user) } - let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) } - let(:list) { Fabricate(:list, account: user.account) } - - before do - follow = Fabricate(:follow, account: user.account) - list.accounts << follow.target_account - allow(controller).to receive(:doorkeeper_token) { token } - end - - describe 'GET #index' do - let(:scopes) { 'read:lists' } - - it 'returns http success' do - get :show, params: { list_id: list.id } - - expect(response).to have_http_status(200) - end - end - - describe 'POST #create' do - let(:scopes) { 'write:lists' } - let(:bob) { Fabricate(:account, username: 'bob') } - - context 'when the added account is followed' do - before do - user.account.follow!(bob) - post :create, params: { list_id: list.id, account_ids: [bob.id] } - end - - it 'adds account to the list', :aggregate_failures do - expect(response).to have_http_status(200) - expect(list.accounts.include?(bob)).to be true - end - end - - context 'when the added account has been sent a follow request' do - before do - user.account.follow_requests.create!(target_account: bob) - post :create, params: { list_id: list.id, account_ids: [bob.id] } - end - - it 'adds account to the list', :aggregate_failures do - expect(response).to have_http_status(200) - expect(list.accounts.include?(bob)).to be true - end - end - - context 'when the added account is not followed' do - before do - post :create, params: { list_id: list.id, account_ids: [bob.id] } - end - - it 'does not add the account to the list', :aggregate_failures do - expect(response).to have_http_status(404) - expect(list.accounts.include?(bob)).to be false - end - end - end - - describe 'DELETE #destroy' do - let(:scopes) { 'write:lists' } - - before do - delete :destroy, params: { list_id: list.id, account_ids: [list.accounts.first.id] } - end - - it 'removes account from the list', :aggregate_failures do - expect(response).to have_http_status(200) - expect(list.accounts.count).to eq 0 - end - end -end diff --git a/spec/requests/api/v1/lists/accounts_spec.rb b/spec/requests/api/v1/lists/accounts_spec.rb new file mode 100644 index 000000000..4d2a168b3 --- /dev/null +++ b/spec/requests/api/v1/lists/accounts_spec.rb @@ -0,0 +1,178 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Accounts' do + let(:user) { Fabricate(:user) } + let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) } + let(:scopes) { 'read:lists write:lists' } + let(:headers) { { 'Authorization' => "Bearer #{token.token}" } } + + describe 'GET /api/v1/lists/:id/accounts' do + subject do + get "/api/v1/lists/#{list.id}/accounts", headers: headers, params: params + end + + let(:params) { { limit: 0 } } + let(:list) { Fabricate(:list, account: user.account) } + let(:accounts) { Fabricate.times(3, :account) } + + let(:expected_response) do + accounts.map do |account| + a_hash_including(id: account.id.to_s, username: account.username, acct: account.acct) + end + end + + before do + accounts.each { |account| user.account.follow!(account) } + list.accounts << accounts + end + + it_behaves_like 'forbidden for wrong scope', 'write write:lists' + + it 'returns the accounts in the requested list', :aggregate_failures do + subject + + expect(response).to have_http_status(200) + expect(body_as_json).to match_array(expected_response) + end + + context 'with limit param' do + let(:params) { { limit: 1 } } + + it 'returns only the requested number of accounts' do + subject + + expect(body_as_json.size).to eq(params[:limit]) + end + end + end + + describe 'POST /api/v1/lists/:id/accounts' do + subject do + post "/api/v1/lists/#{list.id}/accounts", headers: headers, params: params + end + + let(:list) { Fabricate(:list, account: user.account) } + let(:bob) { Fabricate(:account, username: 'bob') } + let(:params) { { account_ids: [bob.id] } } + + it_behaves_like 'forbidden for wrong scope', 'read read:lists' + + context 'when the added account is followed' do + before do + user.account.follow!(bob) + end + + it 'adds account to the list', :aggregate_failures do + subject + + expect(response).to have_http_status(200) + expect(list.accounts).to include(bob) + end + end + + context 'when the added account has been sent a follow request' do + before do + user.account.follow_requests.create!(target_account: bob) + end + + it 'adds account to the list', :aggregate_failures do + subject + + expect(response).to have_http_status(200) + expect(list.accounts).to include(bob) + end + end + + context 'when the added account is not followed' do + it 'does not add the account to the list', :aggregate_failures do + subject + + expect(response).to have_http_status(404) + expect(list.accounts).to_not include(bob) + end + end + + context 'when the list is not owned by the requesting user' do + let(:list) { Fabricate(:list) } + + before do + user.account.follow!(bob) + end + + it 'returns http not found' do + subject + + expect(response).to have_http_status(404) + end + end + + context 'when account is already in the list' do + before do + user.account.follow!(bob) + list.accounts << bob + end + + it 'returns http unprocessable entity' do + subject + + expect(response).to have_http_status(422) + end + end + end + + describe 'DELETE /api/v1/lists/:id/accounts' do + subject do + delete "/api/v1/lists/#{list.id}/accounts", headers: headers, params: params + end + + context 'when the list is owned by the requesting user' do + let(:list) { Fabricate(:list, account: user.account) } + let(:bob) { Fabricate(:account, username: 'bob') } + let(:peter) { Fabricate(:account, username: 'peter') } + let(:params) { { account_ids: [bob.id] } } + + before do + user.account.follow!(bob) + user.account.follow!(peter) + list.accounts << [bob, peter] + end + + it 'removes the specified account from the list', :aggregate_failures do + subject + + expect(response).to have_http_status(200) + expect(list.accounts).to_not include(bob) + end + + it 'does not remove any other account from the list' do + subject + + expect(list.accounts).to include(peter) + end + + context 'when the specified account is not in the list' do + let(:params) { { account_ids: [0] } } + + it 'does not remove any account from the list', :aggregate_failures do + subject + + expect(response).to have_http_status(200) + expect(list.accounts).to contain_exactly(bob, peter) + end + end + end + + context 'when the list is not owned by the requesting user' do + let(:list) { Fabricate(:list) } + let(:params) { {} } + + it 'returns http not found' do + subject + + expect(response).to have_http_status(404) + end + end + end +end