Trang chủ Khám phá Trợ giúp
Đăng ký Đăng nhập
bida
/
bastodon
7
0
Fork 0
Các tập tin Các vấn đề 8 Yêu cầu khéo về 0 Wiki
Branch: bida
Branches Tags
bastodon
/
spec
/
policies
/
status_policy_spec.rb

status_policy_spec.rb 3.4 KB
Permalink Lịch sử Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129 
  1. # frozen_string_literal: true
    2. 

  2. 

  3. require 'rails_helper'
    4. 

  4. require 'pundit/rspec'
    5. 

  5. 

  6. RSpec.describe StatusPolicy, type: :model do
    7. 

  7.   subject { described_class }
    8. 

  8. 

  9.   let(:admin) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')) }
    10. 

  10.   let(:alice) { Fabricate(:account, username: 'alice') }
    11. 

  11.   let(:bob) { Fabricate(:account, username: 'bob') }
    12. 

  12.   let(:status) { Fabricate(:status, account: alice) }
    13. 

  13. 

  14.   permissions :show?, :reblog? do
    15. 

  15.     it 'grants access when no viewer' do
    16. 

  16.       expect(subject).to permit(nil, status)
    17. 

  17.     end
    18. 

  18. 

  19.     it 'denies access when viewer is blocked' do
    20. 

  20.       block = Fabricate(:block)
    21. 

  21.       status.visibility = :private
    22. 

  22.       status.account = block.target_account
    23. 

  23. 

  24.       expect(subject).to_not permit(block.account, status)
    25. 

  25.     end
    26. 

  26.   end
    27. 

  27. 

  28.   permissions :show? do
    29. 

  29.     it 'grants access when direct and account is viewer' do
    30. 

  30.       status.visibility = :direct
    31. 

  31. 

  32.       expect(subject).to permit(status.account, status)
    33. 

  33.     end
    34. 

  34. 

  35.     it 'grants access when direct and viewer is mentioned' do
    36. 

  36.       status.visibility = :direct
    37. 

  37.       status.mentions = [Fabricate(:mention, account: alice)]
    38. 

  38. 

  39.       expect(subject).to permit(alice, status)
    40. 

  40.     end
    41. 

  41. 

  42.     it 'denies access when direct and viewer is not mentioned' do
    43. 

  43.       viewer = Fabricate(:account)
    44. 

  44.       status.visibility = :direct
    45. 

  45. 

  46.       expect(subject).to_not permit(viewer, status)
    47. 

  47.     end
    48. 

  48. 

  49.     it 'grants access when private and account is viewer' do
    50. 

  50.       status.visibility = :private
    51. 

  51. 

  52.       expect(subject).to permit(status.account, status)
    53. 

  53.     end
    54. 

  54. 

  55.     it 'grants access when private and account is following viewer' do
    56. 

  56.       follow = Fabricate(:follow)
    57. 

  57.       status.visibility = :private
    58. 

  58.       status.account = follow.target_account
    59. 

  59. 

  60.       expect(subject).to permit(follow.account, status)
    61. 

  61.     end
    62. 

  62. 

  63.     it 'grants access when private and viewer is mentioned' do
    64. 

  64.       status.visibility = :private
    65. 

  65.       status.mentions = [Fabricate(:mention, account: alice)]
    66. 

  66. 

  67.       expect(subject).to permit(alice, status)
    68. 

  68.     end
    69. 

  69. 

  70.     it 'denies access when private and viewer is not mentioned or followed' do
    71. 

  71.       viewer = Fabricate(:account)
    72. 

  72.       status.visibility = :private
    73. 

  73. 

  74.       expect(subject).to_not permit(viewer, status)
    75. 

  75.     end
    76. 

  76.   end
    77. 

  77. 

  78.   permissions :reblog? do
    79. 

  79.     it 'denies access when private' do
    80. 

  80.       viewer = Fabricate(:account)
    81. 

  81.       status.visibility = :private
    82. 

  82. 

  83.       expect(subject).to_not permit(viewer, status)
    84. 

  84.     end
    85. 

  85. 

  86.     it 'denies access when direct' do
    87. 

  87.       viewer = Fabricate(:account)
    88. 

  88.       status.visibility = :direct
    89. 

  89. 

  90.       expect(subject).to_not permit(viewer, status)
    91. 

  91.     end
    92. 

  92.   end
    93. 

  93. 

  94.   permissions :destroy?, :unreblog? do
    95. 

  95.     it 'grants access when account is deleter' do
    96. 

  96.       expect(subject).to permit(status.account, status)
    97. 

  97.     end
    98. 

  98. 

  99.     it 'denies access when account is not deleter' do
    100. 

  100.       expect(subject).to_not permit(bob, status)
    101. 

  101.     end
    102. 

  102. 

  103.     it 'denies access when no deleter' do
    104. 

  104.       expect(subject).to_not permit(nil, status)
    105. 

  105.     end
    106. 

  106.   end
    107. 

  107. 

  108.   permissions :favourite? do
    109. 

  109.     it 'grants access when viewer is not blocked' do
    110. 

  110.       follow         = Fabricate(:follow)
    111. 

  111.       status.account = follow.target_account
    112. 

  112. 

  113.       expect(subject).to permit(follow.account, status)
    114. 

  114.     end
    115. 

  115. 

  116.     it 'denies when viewer is blocked' do
    117. 

  117.       block          = Fabricate(:block)
    118. 

  118.       status.account = block.target_account
    119. 

  119. 

  120.       expect(subject).to_not permit(block.account, status)
    121. 

  121.     end
    122. 

  122.   end
    123. 

  123. 

  124.   permissions :update? do
    125. 

  125.     it 'grants access if owner' do
    126. 

  126.       expect(subject).to permit(status.account, status)
    127. 

  127.     end
    128. 

  128.   end
    129. 

  129. end
    130.