bastodon/spec/controllers/api/v1/follow_requests_controller_spec.rb
Eugen Rochko 1f6ed4f86a
Add more granular OAuth scopes (#7929)
* Add more granular OAuth scopes

* Add human-readable descriptions of the new scopes

* Ensure new scopes look good on the app UI

* Add tests

* Group scopes in screen and color-code dangerous ones

* Fix wrong extra scope
2018-07-05 18:31:35 +02:00

58 lines
1.4 KiB
Ruby

require 'rails_helper'
RSpec.describe Api::V1::FollowRequestsController, type: :controller do
render_views
let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice', locked: true)) }
let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
let(:follower) { Fabricate(:account, username: 'bob') }
before do
FollowService.new.call(follower, user.account.acct)
allow(controller).to receive(:doorkeeper_token) { token }
end
describe 'GET #index' do
let(:scopes) { 'read:follows' }
before do
get :index, params: { limit: 1 }
end
it 'returns http success' do
expect(response).to have_http_status(200)
end
end
describe 'POST #authorize' do
let(:scopes) { 'write:follows' }
before do
post :authorize, params: { id: follower.id }
end
it 'returns http success' do
expect(response).to have_http_status(200)
end
it 'allows follower to follow' do
expect(follower.following?(user.account)).to be true
end
end
describe 'POST #reject' do
let(:scopes) { 'write:follows' }
before do
post :reject, params: { id: follower.id }
end
it 'returns http success' do
expect(response).to have_http_status(200)
end
it 'removes follow request' do
expect(FollowRequest.where(target_account: user.account, account: follower).count).to eq 0
end
end
end