Add more tests for self-destruct mode (#30374)
This commit is contained in:
parent
def6b686ff
commit
de4815afda
2 changed files with 162 additions and 0 deletions
70
spec/helpers/self_destruct_helper_spec.rb
Normal file
70
spec/helpers/self_destruct_helper_spec.rb
Normal file
|
@ -0,0 +1,70 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
RSpec.describe SelfDestructHelper do
|
||||
describe 'self_destruct?' do
|
||||
context 'when SELF_DESTRUCT is unset' do
|
||||
it 'returns false' do
|
||||
expect(helper.self_destruct?).to be false
|
||||
end
|
||||
end
|
||||
|
||||
context 'when SELF_DESTRUCT is set to an invalid value' do
|
||||
around do |example|
|
||||
ClimateControl.modify SELF_DESTRUCT: 'true' do
|
||||
example.run
|
||||
end
|
||||
end
|
||||
|
||||
it 'returns false' do
|
||||
expect(helper.self_destruct?).to be false
|
||||
end
|
||||
end
|
||||
|
||||
context 'when SELF_DESTRUCT is set to value signed for the wrong purpose' do
|
||||
around do |example|
|
||||
ClimateControl.modify(
|
||||
SELF_DESTRUCT: Rails.application.message_verifier('foo').generate('example.com'),
|
||||
LOCAL_DOMAIN: 'example.com'
|
||||
) do
|
||||
example.run
|
||||
end
|
||||
end
|
||||
|
||||
it 'returns false' do
|
||||
expect(helper.self_destruct?).to be false
|
||||
end
|
||||
end
|
||||
|
||||
context 'when SELF_DESTRUCT is set to value signed for the wrong domain' do
|
||||
around do |example|
|
||||
ClimateControl.modify(
|
||||
SELF_DESTRUCT: Rails.application.message_verifier('self-destruct').generate('foo.com'),
|
||||
LOCAL_DOMAIN: 'example.com'
|
||||
) do
|
||||
example.run
|
||||
end
|
||||
end
|
||||
|
||||
it 'returns false' do
|
||||
expect(helper.self_destruct?).to be false
|
||||
end
|
||||
end
|
||||
|
||||
context 'when SELF_DESTRUCT is set to a correctly-signed value' do
|
||||
around do |example|
|
||||
ClimateControl.modify(
|
||||
SELF_DESTRUCT: Rails.application.message_verifier('self-destruct').generate('example.com'),
|
||||
LOCAL_DOMAIN: 'example.com'
|
||||
) do
|
||||
example.run
|
||||
end
|
||||
end
|
||||
|
||||
it 'returns true' do
|
||||
expect(helper.self_destruct?).to be true
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
92
spec/requests/self_destruct_spec.rb
Normal file
92
spec/requests/self_destruct_spec.rb
Normal file
|
@ -0,0 +1,92 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
describe 'Self-destruct mode' do
|
||||
before do
|
||||
allow(SelfDestructHelper).to receive(:self_destruct?).and_return(true)
|
||||
end
|
||||
|
||||
shared_examples 'generic logged out request' do |path|
|
||||
it 'returns 410 gone and mentions self-destruct' do
|
||||
get path, headers: { 'Accept' => 'text/html' }
|
||||
|
||||
expect(response).to have_http_status(410)
|
||||
expect(response.body).to include(I18n.t('self_destruct.title'))
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'accessible logged-in endpoint' do |path|
|
||||
it 'returns 200 ok' do
|
||||
get path
|
||||
|
||||
expect(response).to have_http_status(200)
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples 'ActivityPub request' do |path|
|
||||
context 'without signature' do
|
||||
it 'returns 410 gone' do
|
||||
get path, headers: {
|
||||
'Accept' => 'application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
|
||||
}
|
||||
|
||||
expect(response).to have_http_status(410)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with invalid signature' do
|
||||
it 'returns 410 gone' do
|
||||
get path, headers: {
|
||||
'Accept' => 'application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
|
||||
'Signature' => 'keyId="https://remote.domain/users/bob#main-key",algorithm="rsa-sha256",headers="date host (request-target)",signature="bar"',
|
||||
}
|
||||
|
||||
expect(response).to have_http_status(410)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
context 'when requesting various unavailable endpoints' do
|
||||
it_behaves_like 'generic logged out request', '/'
|
||||
it_behaves_like 'generic logged out request', '/about'
|
||||
it_behaves_like 'generic logged out request', '/public'
|
||||
end
|
||||
|
||||
context 'when requesting a suspended account' do
|
||||
let(:suspended) { Fabricate(:account, username: 'suspended') }
|
||||
|
||||
before do
|
||||
suspended.suspend!
|
||||
end
|
||||
|
||||
it_behaves_like 'generic logged out request', '/@suspended'
|
||||
it_behaves_like 'ActivityPub request', '/users/suspended'
|
||||
it_behaves_like 'ActivityPub request', '/users/suspended/followers'
|
||||
it_behaves_like 'ActivityPub request', '/users/suspended/outbox'
|
||||
end
|
||||
|
||||
context 'when requesting a non-suspended account' do
|
||||
before do
|
||||
Fabricate(:account, username: 'bob')
|
||||
end
|
||||
|
||||
it_behaves_like 'generic logged out request', '/@bob'
|
||||
it_behaves_like 'ActivityPub request', '/users/bob'
|
||||
it_behaves_like 'ActivityPub request', '/users/bob/followers'
|
||||
it_behaves_like 'ActivityPub request', '/users/bob/outbox'
|
||||
end
|
||||
|
||||
context 'when accessing still-enabled endpoints when logged in' do
|
||||
let(:user) { Fabricate(:user) }
|
||||
|
||||
before do
|
||||
sign_in(user)
|
||||
end
|
||||
|
||||
it_behaves_like 'accessible logged-in endpoint', '/auth/edit'
|
||||
it_behaves_like 'accessible logged-in endpoint', '/settings/export'
|
||||
it_behaves_like 'accessible logged-in endpoint', '/settings/login_activities'
|
||||
it_behaves_like 'accessible logged-in endpoint', '/settings/exports/follows.csv'
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue