discourse/spec/controllers/user_badges_controller_spec.rb

require 'rails_helper'

describe UserBadgesController do
  let(:user) { Fabricate(:user) }
  let(:badge) { Fabricate(:badge) }

  context 'index' do
    let(:badge) { Fabricate(:badge, target_posts: true, show_posts: false) }
    it 'does not leak private info' do
      p = create_post
      UserBadge.create(badge: badge, user: user, post_id: p.id, granted_by_id: -1, granted_at: Time.now)

      get :index, params: { badge_id: badge.id }, format: :json
      expect(response).to be_success

      parsed = JSON.parse(response.body)
      expect(parsed["topics"]).to eq(nil)
      expect(parsed["badges"].length).to eq(1)
      expect(parsed["user_badge_info"]["user_badges"][0]["post_id"]).to eq(nil)
    end

    it "fails when badges are disabled" do
      SiteSetting.enable_badges = false
      get :index, params: { badge_id: badge.id }, format: :json
      expect(response.status).to eq(404)
    end
  end

  context 'index' do
    let!(:user_badge) { UserBadge.create(badge: badge, user: user, granted_by: Discourse.system_user, granted_at: Time.now) }

    it 'requires username or badge_id to be specified' do
      expect do
        get :index, format: :json
      end.to raise_error(ActionController::ParameterMissing)
    end

    it 'returns user_badges for a user' do
      get :username, params: { username: user.username }, format: :json

      expect(response.status).to eq(200)
      parsed = JSON.parse(response.body)
      expect(parsed["user_badges"].length).to eq(1)
    end

    it 'returns user_badges for a badge' do
      get :index, params: { badge_id: badge.id }, format: :json

      expect(response.status).to eq(200)
      parsed = JSON.parse(response.body)
      expect(parsed["user_badge_info"]["user_badges"].length).to eq(1)
    end

    it 'includes counts when passed the aggregate argument' do
      get :username, params: {
        username: user.username, grouped: true
      }, format: :json

      expect(response.status).to eq(200)
      parsed = JSON.parse(response.body)
      expect(parsed["user_badges"].first.has_key?('count')).to eq(true)
    end
  end

  context 'create' do
    it 'requires username to be specified' do
      expect do
        post :create, params: { badge_id: badge.id }, format: :json
      end.to raise_error(ActionController::ParameterMissing)
    end

    it 'does not allow regular users to grant badges' do
      log_in_user Fabricate(:user)

      post :create, params: {
        badge_id: badge.id, username: user.username
      }, format: :json

      expect(response.status).to eq(403)
    end

    it 'grants badges from staff' do
      admin = Fabricate(:admin)
      post_1 = create_post

      log_in_user admin

      StaffActionLogger.any_instance.expects(:log_badge_grant).once

      post :create, params: {
        badge_id: badge.id,
        username: user.username,
        reason: Discourse.base_url + post_1.url
      }, format: :json

      expect(response.status).to eq(200)

      user_badge = UserBadge.find_by(user: user, badge: badge)

      expect(user_badge).to be_present
      expect(user_badge.granted_by).to eq(admin)
      expect(user_badge.post_id).to eq(post_1.id)
    end

    it 'does not grant badges from regular api calls' do
      Fabricate(:api_key, user: user)

      post :create, params: {
        badge_id: badge.id, username: user.username, api_key: user.api_key.key
      }, format: :json

      expect(response.status).to eq(403)
    end

    it 'grants badges from master api calls' do
      api_key = Fabricate(:api_key)
      StaffActionLogger.any_instance.expects(:log_badge_grant).never

      post :create, params: {
        badge_id: badge.id, username: user.username, api_key: api_key.key, api_username: "system"
      }, format: :json

      expect(response.status).to eq(200)
      user_badge = UserBadge.find_by(user: user, badge: badge)
      expect(user_badge).to be_present
      expect(user_badge.granted_by).to eq(Discourse.system_user)
    end

    it 'will trigger :user_badge_granted' do
      log_in :admin
      user

      event = DiscourseEvent.track_events do
        post :create, params: {
          badge_id: badge.id, username: user.username
        }, format: :json
      end.first

      expect(event[:event_name]).to eq(:user_badge_granted)
    end
  end

  context 'destroy' do
    let!(:user_badge) { UserBadge.create(badge: badge, user: user, granted_by: Discourse.system_user, granted_at: Time.now) }

    it 'checks that the user is authorized to revoke a badge' do
      delete :destroy, params: { id: user_badge.id }, format: :json
      expect(response.status).to eq(403)
    end

    it 'revokes the badge' do
      log_in :admin
      StaffActionLogger.any_instance.expects(:log_badge_revoke).once
      delete :destroy, params: { id: user_badge.id }, format: :json
      expect(response.status).to eq(200)
      expect(UserBadge.find_by(id: user_badge.id)).to eq(nil)
    end

    it 'will trigger :user_badge_removed' do
      log_in :admin

      event = DiscourseEvent.track_events do
        delete :destroy, params: { id: user_badge.id }, format: :json
      end.first

      expect(event[:event_name]).to eq(:user_badge_removed)
    end
  end
end
Prepare for separation of RSpec helper files Since rspec-rails 3, the default installation creates two helper files: * `spec_helper.rb` * `rails_helper.rb` `spec_helper.rb` is intended as a way of running specs that do not require Rails, whereas `rails_helper.rb` loads Rails (as Discourse's current `spec_helper.rb` does). For more information: https://www.relishapp.com/rspec/rspec-rails/docs/upgrade#default-helper-files In this commit, I've simply replaced all instances of `spec_helper` with `rails_helper`, and renamed the original `spec_helper.rb`. This brings the Discourse project closer to the standard usage of RSpec in a Rails app. At present, every spec relies on loading Rails, but there are likely many that don't need to. In a future pull request, I hope to introduce a separate, minimal `spec_helper.rb` which can be used in tests which don't rely on Rails. 2015-10-11 05:41:23 -04:00			`require 'rails_helper'`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00
			`describe UserBadgesController do`
			`let(:user) { Fabricate(:user) }`
			`let(:badge) { Fabricate(:badge) }`
FIX: faster update of all badges Introduced badge triggers, introduced concept of badge that happens due to a post but has the post hidden Delta badge grant happens once a minute, backed by redis 2014-07-22 21:42:24 -04:00
			`context 'index' do`
FIX: Some badge routes were still working even with badges disabled 2017-11-21 12:22:24 -05:00			`let(:badge) { Fabricate(:badge, target_posts: true, show_posts: false) }`
ADD: Spec tests for User Badge triggers NOTE: The DiscourseEvent trigger mechanism is VERY weird. If there are ANY triggers triggered in the chain, you can't only list the one you're looking for, you have to list all triggers in the order they will come. Example: line 98-100 :user_created and :user_verified are triggers that are introduced in PR #3237 so if this PR is accepted but not PR #3237 then lines 98-99 need to be removed. 2015-02-25 19:55:17 -05:00			`it 'does not leak private info' do`
FIX: faster update of all badges Introduced badge triggers, introduced concept of badge that happens due to a post but has the post hidden Delta badge grant happens once a minute, backed by redis 2014-07-22 21:42:24 -04:00			`p = create_post`
			`UserBadge.create(badge: badge, user: user, post_id: p.id, granted_by_id: -1, granted_at: Time.now)`

Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00			`get :index, params: { badge_id: badge.id }, format: :json`
FIX: Some badge routes were still working even with badges disabled 2017-11-21 12:22:24 -05:00			`expect(response).to be_success`
FEATURE: you can not drill down and see why you have badges Clicking on badges filters down the list to a particular user. 2016-01-18 01:59:07 -05:00
FIX: faster update of all badges Introduced badge triggers, introduced concept of badge that happens due to a post but has the post hidden Delta badge grant happens once a minute, backed by redis 2014-07-22 21:42:24 -04:00			`parsed = JSON.parse(response.body)`
controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(parsed["topics"]).to eq(nil)`
FEATURE: you can not drill down and see why you have badges Clicking on badges filters down the list to a particular user. 2016-01-18 01:59:07 -05:00			`expect(parsed["badges"].length).to eq(1)`
			`expect(parsed["user_badge_info"]["user_badges"][0]["post_id"]).to eq(nil)`
FIX: faster update of all badges Introduced badge triggers, introduced concept of badge that happens due to a post but has the post hidden Delta badge grant happens once a minute, backed by redis 2014-07-22 21:42:24 -04:00			`end`
FIX: Some badge routes were still working even with badges disabled 2017-11-21 12:22:24 -05:00
			`it "fails when badges are disabled" do`
			`SiteSetting.enable_badges = false`
			`get :index, params: { badge_id: badge.id }, format: :json`
Improve specs to test for the right response status. 2017-11-23 20:32:44 -05:00			`expect(response.status).to eq(404)`
FIX: Some badge routes were still working even with badges disabled 2017-11-21 12:22:24 -05:00			`end`
FIX: faster update of all badges Introduced badge triggers, introduced concept of badge that happens due to a post but has the post hidden Delta badge grant happens once a minute, backed by redis 2014-07-22 21:42:24 -04:00			`end`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00
			`context 'index' do`
Slightly faster badge system specs. (Shaves off ~100ms) 2014-04-16 06:34:27 -04:00			`let!(:user_badge) { UserBadge.create(badge: badge, user: user, granted_by: Discourse.system_user, granted_at: Time.now) }`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00
Add badge page. 2014-04-16 10:56:11 -04:00			`it 'requires username or badge_id to be specified' do`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00			`expect do`
			`get :index, format: :json`
			`end.to raise_error(ActionController::ParameterMissing)`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`end`

Add badge page. 2014-04-16 10:56:11 -04:00			`it 'returns user_badges for a user' do`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00			`get :username, params: { username: user.username }, format: :json`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00
controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(response.status).to eq(200)`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`parsed = JSON.parse(response.body)`
controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(parsed["user_badges"].length).to eq(1)`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`end`
Add badge page. 2014-04-16 10:56:11 -04:00
			`it 'returns user_badges for a badge' do`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00			`get :index, params: { badge_id: badge.id }, format: :json`
Add badge page. 2014-04-16 10:56:11 -04:00
controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(response.status).to eq(200)`
Add badge page. 2014-04-16 10:56:11 -04:00			`parsed = JSON.parse(response.body)`
FEATURE: you can not drill down and see why you have badges Clicking on badges filters down the list to a particular user. 2016-01-18 01:59:07 -05:00			`expect(parsed["user_badge_info"]["user_badges"].length).to eq(1)`
Add badge page. 2014-04-16 10:56:11 -04:00			`end`
Multiple grant badges. 2014-05-21 03:22:42 -04:00
			`it 'includes counts when passed the aggregate argument' do`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00			`get :username, params: {`
			`username: user.username, grouped: true`
			`}, format: :json`
Multiple grant badges. 2014-05-21 03:22:42 -04:00
controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(response.status).to eq(200)`
Multiple grant badges. 2014-05-21 03:22:42 -04:00			`parsed = JSON.parse(response.body)`
controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(parsed["user_badges"].first.has_key?('count')).to eq(true)`
Multiple grant badges. 2014-05-21 03:22:42 -04:00			`end`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`end`

			`context 'create' do`
			`it 'requires username to be specified' do`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00			`expect do`
			`post :create, params: { badge_id: badge.id }, format: :json`
			`end.to raise_error(ActionController::ParameterMissing)`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`end`

			`it 'does not allow regular users to grant badges' do`
			`log_in_user Fabricate(:user)`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00
			`post :create, params: {`
			`badge_id: badge.id, username: user.username`
			`}, format: :json`

controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(response.status).to eq(403)`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`end`

			`it 'grants badges from staff' do`
			`admin = Fabricate(:admin)`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00			`post_1 = create_post`
FIX: Cleaned the commit Only changing the code I changed, not other tests. 2015-02-25 20:24:21 -05:00
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`log_in_user admin`
FIX: Cleaned the commit Only changing the code I changed, not other tests. 2015-02-25 20:24:21 -05:00
Log badge grant/revoke to the staff actions log. 2014-03-19 15:30:12 -04:00			`StaffActionLogger.any_instance.expects(:log_badge_grant).once`
FIX: Cleaned the commit Only changing the code I changed, not other tests. 2015-02-25 20:24:21 -05:00
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00			`post :create, params: {`
			`badge_id: badge.id,`
			`username: user.username,`
			`reason: Discourse.base_url + post_1.url`
			`}, format: :json`
FIX: Cleaned the commit Only changing the code I changed, not other tests. 2015-02-25 20:24:21 -05:00
controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(response.status).to eq(200)`
FIX: Cleaned the commit Only changing the code I changed, not other tests. 2015-02-25 20:24:21 -05:00
Perform the where(...).first to find_by(...) refactoring. This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb" 2014-05-06 09:41:59 -04:00			`user_badge = UserBadge.find_by(user: user, badge: badge)`
FIX: Cleaned the commit Only changing the code I changed, not other tests. 2015-02-25 20:24:21 -05:00
controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(user_badge).to be_present`
			`expect(user_badge.granted_by).to eq(admin)`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00			`expect(user_badge.post_id).to eq(post_1.id)`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`end`

			`it 'does not grant badges from regular api calls' do`
			`Fabricate(:api_key, user: user)`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00
			`post :create, params: {`
			`badge_id: badge.id, username: user.username, api_key: user.api_key.key`
			`}, format: :json`

controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(response.status).to eq(403)`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`end`

			`it 'grants badges from master api calls' do`
			`api_key = Fabricate(:api_key)`
Log badge grant/revoke to the staff actions log. 2014-03-19 15:30:12 -04:00			`StaffActionLogger.any_instance.expects(:log_badge_grant).never`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00
			`post :create, params: {`
			`badge_id: badge.id, username: user.username, api_key: api_key.key, api_username: "system"`
			`}, format: :json`

controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(response.status).to eq(200)`
Perform the where(...).first to find_by(...) refactoring. This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb" 2014-05-06 09:41:59 -04:00			`user_badge = UserBadge.find_by(user: user, badge: badge)`
controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(user_badge).to be_present`
			`expect(user_badge.granted_by).to eq(Discourse.system_user)`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`end`
ADD: Spec tests for User Badge triggers NOTE: The DiscourseEvent trigger mechanism is VERY weird. If there are ANY triggers triggered in the chain, you can't only list the one you're looking for, you have to list all triggers in the order they will come. Example: line 98-100 :user_created and :user_verified are triggers that are introduced in PR #3237 so if this PR is accepted but not PR #3237 then lines 98-99 need to be removed. 2015-02-25 19:55:17 -05:00
			`it 'will trigger :user_badge_granted' do`
			`log_in :admin`
FEATURE: Webhook for user creation and approval 2016-09-13 04:03:17 -04:00			`user`
Remove stubs on DiscourseEvent in tests. 2017-06-01 03:19:43 -04:00
			`event = DiscourseEvent.track_events do`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00			`post :create, params: {`
			`badge_id: badge.id, username: user.username`
			`}, format: :json`
Remove stubs on DiscourseEvent in tests. 2017-06-01 03:19:43 -04:00			`end.first`

			`expect(event[:event_name]).to eq(:user_badge_granted)`
ADD: Spec tests for User Badge triggers NOTE: The DiscourseEvent trigger mechanism is VERY weird. If there are ANY triggers triggered in the chain, you can't only list the one you're looking for, you have to list all triggers in the order they will come. Example: line 98-100 :user_created and :user_verified are triggers that are introduced in PR #3237 so if this PR is accepted but not PR #3237 then lines 98-99 need to be removed. 2015-02-25 19:55:17 -05:00			`end`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`end`

			`context 'destroy' do`
Slightly faster badge system specs. (Shaves off ~100ms) 2014-04-16 06:34:27 -04:00			`let!(:user_badge) { UserBadge.create(badge: badge, user: user, granted_by: Discourse.system_user, granted_at: Time.now) }`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00
			`it 'checks that the user is authorized to revoke a badge' do`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00			`delete :destroy, params: { id: user_badge.id }, format: :json`
controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(response.status).to eq(403)`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`end`

			`it 'revokes the badge' do`
			`log_in :admin`
Log badge grant/revoke to the staff actions log. 2014-03-19 15:30:12 -04:00			`StaffActionLogger.any_instance.expects(:log_badge_revoke).once`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00			`delete :destroy, params: { id: user_badge.id }, format: :json`
controllers with rspec3 syntax 2015-01-09 12:04:02 -05:00			`expect(response.status).to eq(200)`
			`expect(UserBadge.find_by(id: user_badge.id)).to eq(nil)`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`end`
ADD: Spec tests for User Badge triggers NOTE: The DiscourseEvent trigger mechanism is VERY weird. If there are ANY triggers triggered in the chain, you can't only list the one you're looking for, you have to list all triggers in the order they will come. Example: line 98-100 :user_created and :user_verified are triggers that are introduced in PR #3237 so if this PR is accepted but not PR #3237 then lines 98-99 need to be removed. 2015-02-25 19:55:17 -05:00
			`it 'will trigger :user_badge_removed' do`
			`log_in :admin`
FEATURE: Webhook for user creation and approval 2016-09-13 04:03:17 -04:00
Remove stubs on DiscourseEvent in tests. 2017-06-01 03:19:43 -04:00			`event = DiscourseEvent.track_events do`
Fix all the errors to get our tests green on Rails 5.1. 2017-08-31 00:06:56 -04:00			`delete :destroy, params: { id: user_badge.id }, format: :json`
Remove stubs on DiscourseEvent in tests. 2017-06-01 03:19:43 -04:00			`end.first`

			`expect(event[:event_name]).to eq(:user_badge_removed)`
ADD: Spec tests for User Badge triggers NOTE: The DiscourseEvent trigger mechanism is VERY weird. If there are ANY triggers triggered in the chain, you can't only list the one you're looking for, you have to list all triggers in the order they will come. Example: line 98-100 :user_created and :user_verified are triggers that are introduced in PR #3237 so if this PR is accepted but not PR #3237 then lines 98-99 need to be removed. 2015-02-25 19:55:17 -05:00			`end`
Initial badge system implementation. 2014-03-05 07:52:20 -05:00			`end`
			`end`