discourse/spec/controllers/user_badges_controller_spec.rb

require 'spec_helper'

describe UserBadgesController do
  let(:user) { Fabricate(:user) }
  let(:badge) { Fabricate(:badge) }

  context 'index' do
    before do
      @user_badge = BadgeGranter.grant(badge, user)
    end

    it 'requires username to be specified' do
      expect { xhr :get, :index }.to raise_error
    end

    it 'returns the user\'s badges' do
      xhr :get, :index, username: user.username

      response.status.should == 200
      parsed = JSON.parse(response.body)
      parsed["user_badges"].length.should == 1
    end
  end

  context 'create' do
    it 'requires username to be specified' do
      expect { xhr :post, :create, badge_id: badge.id }.to raise_error
    end

    it 'does not allow regular users to grant badges' do
      log_in_user Fabricate(:user)
      xhr :post, :create, badge_id: badge.id, username: user.username
      response.status.should == 403
    end

    it 'grants badges from staff' do
      admin = Fabricate(:admin)
      log_in_user admin
      xhr :post, :create, badge_id: badge.id, username: user.username
      response.status.should == 200
      user_badge = UserBadge.where(user: user, badge: badge).first
      user_badge.should be_present
      user_badge.granted_by.should eq(admin)
    end

    it 'does not grant badges from regular api calls' do
      Fabricate(:api_key, user: user)
      xhr :post, :create, badge_id: badge.id, username: user.username, api_key: user.api_key.key
      response.status.should == 403
    end

    it 'grants badges from master api calls' do
      api_key = Fabricate(:api_key)
      xhr :post, :create, badge_id: badge.id, username: user.username, api_key: api_key.key
      response.status.should == 200
      user_badge = UserBadge.where(user: user, badge: badge).first
      user_badge.should be_present
      user_badge.granted_by.should eq(Discourse.system_user)
    end
  end

  context 'destroy' do
    before do
      @user_badge = BadgeGranter.grant(badge, user)
    end

    it 'checks that the user is authorized to revoke a badge' do
      xhr :delete, :destroy, id: @user_badge.id
      response.status.should == 403
    end

    it 'revokes the badge' do
      log_in :admin
      xhr :delete, :destroy, id: @user_badge.id
      response.status.should == 200
      UserBadge.where(id: @user_badge.id).first.should be_nil
    end
  end
end
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`require 'spec_helper'`

			`describe UserBadgesController do`
			`let(:user) { Fabricate(:user) }`
			`let(:badge) { Fabricate(:badge) }`

			`context 'index' do`
			`before do`
			`@user_badge = BadgeGranter.grant(badge, user)`
			`end`

			`it 'requires username to be specified' do`
			`expect { xhr :get, :index }.to raise_error`
			`end`

			`it 'returns the user\'s badges' do`
			`xhr :get, :index, username: user.username`

			`response.status.should == 200`
			`parsed = JSON.parse(response.body)`
			`parsed["user_badges"].length.should == 1`
			`end`
			`end`

			`context 'create' do`
			`it 'requires username to be specified' do`
			`expect { xhr :post, :create, badge_id: badge.id }.to raise_error`
			`end`

			`it 'does not allow regular users to grant badges' do`
			`log_in_user Fabricate(:user)`
			`xhr :post, :create, badge_id: badge.id, username: user.username`
			`response.status.should == 403`
			`end`

			`it 'grants badges from staff' do`
			`admin = Fabricate(:admin)`
			`log_in_user admin`
			`xhr :post, :create, badge_id: badge.id, username: user.username`
			`response.status.should == 200`
			`user_badge = UserBadge.where(user: user, badge: badge).first`
			`user_badge.should be_present`
			`user_badge.granted_by.should eq(admin)`
			`end`

			`it 'does not grant badges from regular api calls' do`
			`Fabricate(:api_key, user: user)`
			`xhr :post, :create, badge_id: badge.id, username: user.username, api_key: user.api_key.key`
			`response.status.should == 403`
			`end`

			`it 'grants badges from master api calls' do`
			`api_key = Fabricate(:api_key)`
			`xhr :post, :create, badge_id: badge.id, username: user.username, api_key: api_key.key`
			`response.status.should == 200`
			`user_badge = UserBadge.where(user: user, badge: badge).first`
			`user_badge.should be_present`
			`user_badge.granted_by.should eq(Discourse.system_user)`
			`end`
			`end`

			`context 'destroy' do`
			`before do`
			`@user_badge = BadgeGranter.grant(badge, user)`
			`end`

			`it 'checks that the user is authorized to revoke a badge' do`
			`xhr :delete, :destroy, id: @user_badge.id`
			`response.status.should == 403`
			`end`

			`it 'revokes the badge' do`
			`log_in :admin`
			`xhr :delete, :destroy, id: @user_badge.id`
			`response.status.should == 200`
			`UserBadge.where(id: @user_badge.id).first.should be_nil`
			`end`
			`end`
			`end`