2019-04-29 20:27:42 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2015-10-11 05:41:23 -04:00
|
|
|
require 'rails_helper'
|
2014-03-05 07:52:20 -05:00
|
|
|
|
|
|
|
describe UserBadgesController do
|
2019-05-06 23:12:20 -04:00
|
|
|
fab!(:user) { Fabricate(:user) }
|
|
|
|
fab!(:badge) { Fabricate(:badge) }
|
2014-07-22 21:42:24 -04:00
|
|
|
|
|
|
|
context 'index' do
|
2019-05-06 23:12:20 -04:00
|
|
|
fab!(:badge) { Fabricate(:badge, target_posts: true, show_posts: false) }
|
2015-02-25 19:55:17 -05:00
|
|
|
it 'does not leak private info' do
|
2014-07-22 21:42:24 -04:00
|
|
|
p = create_post
|
2018-06-04 22:59:01 -04:00
|
|
|
UserBadge.create!(badge: badge, user: user, post_id: p.id, granted_by_id: -1, granted_at: Time.now)
|
2014-07-22 21:42:24 -04:00
|
|
|
|
2018-06-04 22:59:01 -04:00
|
|
|
get "/user_badges.json", params: { badge_id: badge.id }
|
2018-06-07 04:11:09 -04:00
|
|
|
expect(response.status).to eq(200)
|
2016-01-18 01:59:07 -05:00
|
|
|
|
2020-05-07 11:04:12 -04:00
|
|
|
parsed = response.parsed_body
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(parsed["topics"]).to eq(nil)
|
2016-01-18 01:59:07 -05:00
|
|
|
expect(parsed["badges"].length).to eq(1)
|
|
|
|
expect(parsed["user_badge_info"]["user_badges"][0]["post_id"]).to eq(nil)
|
2014-07-22 21:42:24 -04:00
|
|
|
end
|
2017-11-21 12:22:24 -05:00
|
|
|
|
|
|
|
it "fails when badges are disabled" do
|
|
|
|
SiteSetting.enable_badges = false
|
2018-06-04 22:59:01 -04:00
|
|
|
get "/user_badges.json", params: { badge_id: badge.id }
|
2017-11-23 20:32:44 -05:00
|
|
|
expect(response.status).to eq(404)
|
2017-11-21 12:22:24 -05:00
|
|
|
end
|
2014-07-22 21:42:24 -04:00
|
|
|
end
|
2014-03-05 07:52:20 -05:00
|
|
|
|
|
|
|
context 'index' do
|
2014-04-16 06:34:27 -04:00
|
|
|
let!(:user_badge) { UserBadge.create(badge: badge, user: user, granted_by: Discourse.system_user, granted_at: Time.now) }
|
2014-03-05 07:52:20 -05:00
|
|
|
|
2014-04-16 10:56:11 -04:00
|
|
|
it 'requires username or badge_id to be specified' do
|
2018-06-04 22:59:01 -04:00
|
|
|
get "/user_badges.json"
|
|
|
|
expect(response.status).to eq(400)
|
2014-03-05 07:52:20 -05:00
|
|
|
end
|
|
|
|
|
2014-04-16 10:56:11 -04:00
|
|
|
it 'returns user_badges for a user' do
|
2018-06-04 22:59:01 -04:00
|
|
|
get "/user-badges/#{user.username}.json"
|
2014-03-05 07:52:20 -05:00
|
|
|
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq(200)
|
2020-05-07 11:04:12 -04:00
|
|
|
parsed = response.parsed_body
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(parsed["user_badges"].length).to eq(1)
|
2014-03-05 07:52:20 -05:00
|
|
|
end
|
2014-04-16 10:56:11 -04:00
|
|
|
|
2018-11-23 12:41:41 -05:00
|
|
|
it 'returns user_badges for a user with period in username' do
|
|
|
|
user.update!(username: "myname.test")
|
|
|
|
get "/user-badges/#{user.username}", xhr: true
|
|
|
|
|
|
|
|
expect(response.status).to eq(200)
|
2020-05-07 11:04:12 -04:00
|
|
|
parsed = response.parsed_body
|
2018-11-23 12:41:41 -05:00
|
|
|
expect(parsed["user_badges"].length).to eq(1)
|
|
|
|
end
|
|
|
|
|
2014-04-16 10:56:11 -04:00
|
|
|
it 'returns user_badges for a badge' do
|
2018-06-04 22:59:01 -04:00
|
|
|
get "/user_badges.json", params: { badge_id: badge.id }
|
2014-04-16 10:56:11 -04:00
|
|
|
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq(200)
|
2020-05-07 11:04:12 -04:00
|
|
|
parsed = response.parsed_body
|
2016-01-18 01:59:07 -05:00
|
|
|
expect(parsed["user_badge_info"]["user_badges"].length).to eq(1)
|
2014-04-16 10:56:11 -04:00
|
|
|
end
|
2014-05-21 03:22:42 -04:00
|
|
|
|
|
|
|
it 'includes counts when passed the aggregate argument' do
|
2018-06-04 22:59:01 -04:00
|
|
|
get "/user-badges/#{user.username}.json", params: {
|
|
|
|
grouped: true
|
|
|
|
}
|
2014-05-21 03:22:42 -04:00
|
|
|
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq(200)
|
2020-05-07 11:04:12 -04:00
|
|
|
parsed = response.parsed_body
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(parsed["user_badges"].first.has_key?('count')).to eq(true)
|
2014-05-21 03:22:42 -04:00
|
|
|
end
|
2020-10-09 17:18:44 -04:00
|
|
|
|
|
|
|
context 'hidden profiles' do
|
|
|
|
before do
|
|
|
|
user.user_option.update_columns(hide_profile_and_presence: true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it "returns 404 if `hide_profile_and_presence` user option is checked" do
|
|
|
|
get "/user-badges/#{user.username}.json"
|
|
|
|
expect(response.status).to eq(404)
|
|
|
|
end
|
|
|
|
|
|
|
|
it "returns user_badges if `allow_users_to_hide_profile` is false" do
|
|
|
|
SiteSetting.allow_users_to_hide_profile = false
|
|
|
|
|
|
|
|
get "/user-badges/#{user.username}.json"
|
|
|
|
expect(response.status).to eq(200)
|
|
|
|
end
|
|
|
|
end
|
2014-03-05 07:52:20 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'create' do
|
|
|
|
it 'requires username to be specified' do
|
2018-06-04 22:59:01 -04:00
|
|
|
post "/user_badges.json", params: { badge_id: badge.id }
|
|
|
|
expect(response.status).to eq(400)
|
2014-03-05 07:52:20 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not allow regular users to grant badges' do
|
2018-06-04 22:59:01 -04:00
|
|
|
sign_in(Fabricate(:user))
|
2017-08-31 00:06:56 -04:00
|
|
|
|
2018-06-04 22:59:01 -04:00
|
|
|
post "/user_badges.json", params: {
|
2017-08-31 00:06:56 -04:00
|
|
|
badge_id: badge.id, username: user.username
|
2018-06-04 22:59:01 -04:00
|
|
|
}
|
2017-08-31 00:06:56 -04:00
|
|
|
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq(403)
|
2014-03-05 07:52:20 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'grants badges from staff' do
|
|
|
|
admin = Fabricate(:admin)
|
2017-08-31 00:06:56 -04:00
|
|
|
post_1 = create_post
|
2015-02-25 20:24:21 -05:00
|
|
|
|
2018-06-04 22:59:01 -04:00
|
|
|
sign_in(admin)
|
2015-02-25 20:24:21 -05:00
|
|
|
|
2018-06-04 22:59:01 -04:00
|
|
|
post "/user_badges.json", params: {
|
2017-08-31 00:06:56 -04:00
|
|
|
badge_id: badge.id,
|
|
|
|
username: user.username,
|
|
|
|
reason: Discourse.base_url + post_1.url
|
2018-06-04 22:59:01 -04:00
|
|
|
}
|
2015-02-25 20:24:21 -05:00
|
|
|
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq(200)
|
2015-02-25 20:24:21 -05:00
|
|
|
|
2014-05-06 09:41:59 -04:00
|
|
|
user_badge = UserBadge.find_by(user: user, badge: badge)
|
2015-02-25 20:24:21 -05:00
|
|
|
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(user_badge).to be_present
|
|
|
|
expect(user_badge.granted_by).to eq(admin)
|
2017-08-31 00:06:56 -04:00
|
|
|
expect(user_badge.post_id).to eq(post_1.id)
|
2018-06-04 22:59:01 -04:00
|
|
|
expect(UserHistory.where(acting_user: admin, target_user: user).count).to eq(1)
|
2014-03-05 07:52:20 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not grant badges from regular api calls' do
|
2019-11-05 09:10:23 -05:00
|
|
|
api_key = Fabricate(:api_key, user: user)
|
2017-08-31 00:06:56 -04:00
|
|
|
|
2018-06-04 22:59:01 -04:00
|
|
|
post "/user_badges.json", params: {
|
2019-11-05 09:10:23 -05:00
|
|
|
badge_id: badge.id, username: user.username, api_key: api_key.key
|
2018-06-04 22:59:01 -04:00
|
|
|
}
|
2017-08-31 00:06:56 -04:00
|
|
|
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq(403)
|
2014-03-05 07:52:20 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'grants badges from master api calls' do
|
|
|
|
api_key = Fabricate(:api_key)
|
2017-08-31 00:06:56 -04:00
|
|
|
|
2020-04-06 18:55:44 -04:00
|
|
|
post "/user_badges.json",
|
|
|
|
params: {
|
|
|
|
badge_id: badge.id, username: user.username
|
|
|
|
},
|
|
|
|
headers: {
|
|
|
|
HTTP_API_KEY: api_key.key, HTTP_API_USERNAME: "system"
|
|
|
|
}
|
2017-08-31 00:06:56 -04:00
|
|
|
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq(200)
|
2014-05-06 09:41:59 -04:00
|
|
|
user_badge = UserBadge.find_by(user: user, badge: badge)
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(user_badge).to be_present
|
|
|
|
expect(user_badge.granted_by).to eq(Discourse.system_user)
|
2018-06-04 22:59:01 -04:00
|
|
|
expect(UserHistory.where(acting_user: Discourse.system_user, target_user: user).count).to eq(0)
|
2014-03-05 07:52:20 -05:00
|
|
|
end
|
2015-02-25 19:55:17 -05:00
|
|
|
|
|
|
|
it 'will trigger :user_badge_granted' do
|
2018-06-04 22:59:01 -04:00
|
|
|
sign_in(Fabricate(:admin))
|
2017-06-01 03:19:43 -04:00
|
|
|
|
2018-06-04 22:59:01 -04:00
|
|
|
events = DiscourseEvent.track_events do
|
|
|
|
post "/user_badges.json", params: {
|
2017-08-31 00:06:56 -04:00
|
|
|
badge_id: badge.id, username: user.username
|
2018-06-04 22:59:01 -04:00
|
|
|
}
|
|
|
|
end.map { |event| event[:event_name] }
|
2017-06-01 03:19:43 -04:00
|
|
|
|
2018-06-04 22:59:01 -04:00
|
|
|
expect(events).to include(:user_badge_granted)
|
2015-02-25 19:55:17 -05:00
|
|
|
end
|
2018-11-28 12:01:41 -05:00
|
|
|
|
|
|
|
it 'does not grant badge when external link is used in reason' do
|
|
|
|
admin = Fabricate(:admin)
|
|
|
|
post = create_post
|
|
|
|
|
|
|
|
sign_in(admin)
|
|
|
|
|
|
|
|
post "/user_badges.json", params: {
|
|
|
|
badge_id: badge.id,
|
|
|
|
username: user.username,
|
|
|
|
reason: "http://example.com/" + post.url
|
|
|
|
}
|
|
|
|
|
|
|
|
expect(response.status).to eq(400)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'does not grant badge if invalid discourse post/topic link is used in reason' do
|
|
|
|
admin = Fabricate(:admin)
|
|
|
|
post = create_post
|
|
|
|
|
|
|
|
sign_in(admin)
|
|
|
|
|
|
|
|
post "/user_badges.json", params: {
|
|
|
|
badge_id: badge.id,
|
|
|
|
username: user.username,
|
|
|
|
reason: Discourse.base_url + "/random_url/" + post.url
|
|
|
|
}
|
|
|
|
|
|
|
|
expect(response.status).to eq(400)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'grants badge when valid post/topic link is given in reason' do
|
|
|
|
admin = Fabricate(:admin)
|
|
|
|
post = create_post
|
|
|
|
|
|
|
|
sign_in(admin)
|
|
|
|
|
|
|
|
post "/user_badges.json", params: {
|
|
|
|
badge_id: badge.id,
|
|
|
|
username: user.username,
|
|
|
|
reason: Discourse.base_url + post.url
|
|
|
|
}
|
|
|
|
|
|
|
|
expect(response.status).to eq(200)
|
|
|
|
end
|
2018-12-31 03:04:47 -05:00
|
|
|
|
|
|
|
describe 'with relative_url_root' do
|
|
|
|
it 'grants badge when valid post/topic link is given in reason' do
|
2019-11-15 00:48:24 -05:00
|
|
|
set_subfolder "/discuss"
|
|
|
|
|
2018-12-31 03:04:47 -05:00
|
|
|
admin = Fabricate(:admin)
|
|
|
|
post = create_post
|
|
|
|
|
|
|
|
sign_in(admin)
|
|
|
|
|
|
|
|
post "/user_badges.json", params: {
|
|
|
|
badge_id: badge.id,
|
|
|
|
username: user.username,
|
|
|
|
reason: "#{Discourse.base_url}#{post.url}"
|
|
|
|
}
|
|
|
|
|
|
|
|
expect(response.status).to eq(200)
|
|
|
|
|
|
|
|
expect(UserBadge.exists?(
|
|
|
|
badge_id: badge.id,
|
|
|
|
post_id: post.id,
|
|
|
|
granted_by: admin.id)
|
|
|
|
).to eq(true)
|
|
|
|
end
|
|
|
|
end
|
2014-03-05 07:52:20 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'destroy' do
|
2014-04-16 06:34:27 -04:00
|
|
|
let!(:user_badge) { UserBadge.create(badge: badge, user: user, granted_by: Discourse.system_user, granted_at: Time.now) }
|
2014-03-05 07:52:20 -05:00
|
|
|
|
|
|
|
it 'checks that the user is authorized to revoke a badge' do
|
2018-06-04 22:59:01 -04:00
|
|
|
delete "/user_badges/#{user_badge.id}.json"
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq(403)
|
2014-03-05 07:52:20 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'revokes the badge' do
|
2018-06-04 22:59:01 -04:00
|
|
|
admin = Fabricate(:admin)
|
|
|
|
sign_in(admin)
|
|
|
|
delete "/user_badges/#{user_badge.id}.json"
|
|
|
|
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq(200)
|
|
|
|
expect(UserBadge.find_by(id: user_badge.id)).to eq(nil)
|
2018-06-04 22:59:01 -04:00
|
|
|
expect(UserHistory.where(acting_user: admin, target_user: user).count).to eq(1)
|
2014-03-05 07:52:20 -05:00
|
|
|
end
|
2015-02-25 19:55:17 -05:00
|
|
|
|
|
|
|
it 'will trigger :user_badge_removed' do
|
2018-06-04 22:59:01 -04:00
|
|
|
sign_in(Fabricate(:admin))
|
2016-09-13 04:03:17 -04:00
|
|
|
|
2018-06-04 22:59:01 -04:00
|
|
|
events = DiscourseEvent.track_events do
|
|
|
|
delete "/user_badges/#{user_badge.id}.json"
|
|
|
|
end.map { |event| event[:event_name] }
|
2017-06-01 03:19:43 -04:00
|
|
|
|
2018-06-04 22:59:01 -04:00
|
|
|
expect(events).to include(:user_badge_removed)
|
2015-02-25 19:55:17 -05:00
|
|
|
end
|
2014-03-05 07:52:20 -05:00
|
|
|
end
|
2021-06-01 04:33:40 -04:00
|
|
|
|
|
|
|
context "favorite" do
|
|
|
|
let!(:user_badge) { UserBadge.create(badge: badge, user: user, granted_by: Discourse.system_user, granted_at: Time.now) }
|
|
|
|
|
|
|
|
it "checks that the user is authorized to favorite the badge" do
|
|
|
|
sign_in(Fabricate(:admin))
|
|
|
|
put "/user_badges/#{user_badge.id}/toggle_favorite.json"
|
|
|
|
expect(response.status).to eq(403)
|
|
|
|
end
|
|
|
|
|
|
|
|
it "checks that the user has less than two favorited badges" do
|
|
|
|
sign_in(user)
|
|
|
|
UserBadge.create(badge: Fabricate(:badge), user: user, granted_by: Discourse.system_user, granted_at: Time.now, is_favorite: true)
|
|
|
|
UserBadge.create(badge: Fabricate(:badge), user: user, granted_by: Discourse.system_user, granted_at: Time.now, is_favorite: true)
|
|
|
|
put "/user_badges/#{user_badge.id}/toggle_favorite.json"
|
|
|
|
expect(response.status).to eq(400)
|
|
|
|
end
|
|
|
|
|
|
|
|
it "favorites a badge" do
|
|
|
|
sign_in(user)
|
|
|
|
put "/user_badges/#{user_badge.id}/toggle_favorite.json"
|
|
|
|
expect(response.status).to eq(200)
|
|
|
|
|
|
|
|
user_badge = UserBadge.find_by(user: user, badge: badge)
|
|
|
|
expect(user_badge.is_favorite).to be true
|
|
|
|
end
|
|
|
|
|
|
|
|
it "unfavorites a badge" do
|
|
|
|
sign_in(user)
|
|
|
|
user_badge.toggle!(:is_favorite)
|
|
|
|
put "/user_badges/#{user_badge.id}/toggle_favorite.json"
|
|
|
|
expect(response.status).to eq(200)
|
|
|
|
|
|
|
|
user_badge = UserBadge.find_by(user: user, badge: badge)
|
|
|
|
expect(user_badge.is_favorite).to be false
|
|
|
|
end
|
|
|
|
end
|
2014-03-05 07:52:20 -05:00
|
|
|
end
|