Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/spec/requests/admin/badges_controller_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

624 lines
19 KiB
Ruby
Raw Normal View History

DEV: use #frozen_string_literal: true on all spec This change both speeds up specs (less strings to allocate) and helps catch cases where methods in Discourse are mutating inputs. Overall we will be migrating everything to use #frozen_string_literal: true it will take a while, but this is the first and safest move in this direction
2019-04-29 20:27:42 -04:00
# frozen_string_literal: true
Add RSpec 4 compatibility (#17652) * Remove outdated option https://github.com/rspec/rspec-core/commit/04078317ba6577699d06cf4dccf014254dcde7a6 * Use the non-globally exposed RSpec syntax https://github.com/rspec/rspec-core/pull/2803 * Use the non-globally exposed RSpec syntax, cont https://github.com/rspec/rspec-core/pull/2803 * Comply to strict predicate matchers See: - https://github.com/rspec/rspec-expectations/pull/1195 - https://github.com/rspec/rspec-expectations/pull/1196 - https://github.com/rspec/rspec-expectations/pull/1277
2022-07-27 22:27:38 -04:00
RSpec.describe Admin::BadgesController do
DEV: Allow fab! without block (#24314) The most common thing that we do with fab! is: fab!(:thing) { Fabricate(:thing) } This commit adds a shorthand for this which is just simply: fab!(:thing) i.e. If you omit the block, then, by default, you'll get a `Fabricate`d object using the fabricator of the same name.
2023-11-09 17:47:59 -05:00
fab!(:admin)
fab!(:moderator)
DEV: Extend specs coverage for non-admin access to admin endpoints (#18833) Replace base controller class inheritance specs with explicit specs for non-staff and moderator access to admin resources
2022-11-02 23:42:44 -04:00
fab!(:user) { Fabricate(:user, email: "user1@test.com", username: "username1") }
DEV: Allow fab! without block (#24314) The most common thing that we do with fab! is: fab!(:thing) { Fabricate(:thing) } This commit adds a shorthand for this which is just simply: fab!(:thing) i.e. If you omit the block, then, by default, you'll get a `Fabricate`d object using the fabricator of the same name.
2023-11-09 17:47:59 -05:00
fab!(:badge)
Initial badge system implementation.
2014-03-05 07:52:20 -05:00
DEV: Extend specs coverage for non-admin access to admin endpoints (#18833) Replace base controller class inheritance specs with explicit specs for non-staff and moderator access to admin resources
2022-11-02 23:42:44 -04:00
describe "#index" do
context "when logged in as an admin" do
before { sign_in(admin) }
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
DEV: Extend specs coverage for non-admin access to admin endpoints (#18833) Replace base controller class inheritance specs with explicit specs for non-staff and moderator access to admin resources
2022-11-02 23:42:44 -04:00
it "returns badge index" do
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
get "/admin/badges.json"
DEV: Assert for 200 response code to avoid changing magic helper in the future.
2018-06-07 04:11:09 -04:00
expect(response.status).to eq(200)
FIX: keep correct ordering on admin badges
2014-07-29 18:35:15 -04:00
end
end
DEV: Extend specs coverage for non-admin access to admin endpoints (#18833) Replace base controller class inheritance specs with explicit specs for non-staff and moderator access to admin resources
2022-11-02 23:42:44 -04:00
shared_examples "badges inaccessible" do
it "denies access to badges with a 404 response" do
get "/admin/badges.json"
expect(response.status).to eq(404)
expect(response.parsed_body["errors"]).to include(I18n.t("not_found"))
end
end
context "when logged in as a moderator" do
before { sign_in(moderator) }
include_examples "badges inaccessible"
end
context "when logged in as a non-staff user" do
before { sign_in(user) }
include_examples "badges inaccessible"
end
end
describe "#preview" do
context "when logged in as an admin" do
before { sign_in(admin) }
SECURITY: disable user entered badge SQL by default - Hidden site settings now must be change via rails console
2016-07-27 19:03:00 -04:00
it "allows preview enable_badge_sql is enabled" do
SiteSetting.enable_badge_sql = true
Fix all the errors to get our tests green on Rails 5.1.
2017-08-31 00:06:56 -04:00
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
post "/admin/badges/preview.json",
params: {
Fix all the errors to get our tests green on Rails 5.1.
2017-08-31 00:06:56 -04:00
sql: "select id as user_id, created_at granted_at from users",
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
}
Fix all the errors to get our tests green on Rails 5.1.
2017-08-31 00:06:56 -04:00
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
expect(response.status).to eq(200)
DEV: Use `response.parsed_body` in specs (#9615) Most of it was autofixed with rubocop-discourse 2.1.1.
2020-05-07 11:04:12 -04:00
expect(response.parsed_body["grant_count"]).to be > 0
SECURITY: disable user entered badge SQL by default - Hidden site settings now must be change via rails console
2016-07-27 19:03:00 -04:00
end
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
SECURITY: disable user entered badge SQL by default - Hidden site settings now must be change via rails console
2016-07-27 19:03:00 -04:00
it "does not allow anything if enable_badge_sql is disabled" do
SiteSetting.enable_badge_sql = false
Fix all the errors to get our tests green on Rails 5.1.
2017-08-31 00:06:56 -04:00
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
post "/admin/badges/preview.json",
params: {
Fix all the errors to get our tests green on Rails 5.1.
2017-08-31 00:06:56 -04:00
sql: "select id as user_id, created_at granted_at from users",
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
}
Fix all the errors to get our tests green on Rails 5.1.
2017-08-31 00:06:56 -04:00
expect(response.status).to eq(403)
SECURITY: disable user entered badge SQL by default - Hidden site settings now must be change via rails console
2016-07-27 19:03:00 -04:00
end
end
DEV: Extend specs coverage for non-admin access to admin endpoints (#18833) Replace base controller class inheritance specs with explicit specs for non-staff and moderator access to admin resources
2022-11-02 23:42:44 -04:00
shared_examples "badge preview inaccessible" do
it "denies access to badge preview with a 404 response" do
SiteSetting.enable_badge_sql = true
post "/admin/badges/preview.json",
params: {
sql: "select id as user_id, created_at granted_at from users",
}
expect(response.status).to eq(404)
expect(response.parsed_body["errors"]).to include(I18n.t("not_found"))
end
end
context "when logged in as a moderator" do
before { sign_in(moderator) }
include_examples "badge preview inaccessible"
end
context "when logged in as a non-staff user" do
before { sign_in(user) }
include_examples "badge preview inaccessible"
end
end
describe "#create" do
context "when logged in as an admin" do
before { sign_in(admin) }
FIX: base sql vanishes after badge creation
2017-05-09 09:25:57 -04:00
it "can create badges correctly" do
SiteSetting.enable_badge_sql = true
Fix all the errors to get our tests green on Rails 5.1.
2017-08-31 00:06:56 -04:00
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
post "/admin/badges.json",
params: {
Fix all the errors to get our tests green on Rails 5.1.
2017-08-31 00:06:56 -04:00
name: "test",
query: "select 1 as user_id, null as granted_at",
badge_type_id: 1,
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
}
Fix all the errors to get our tests green on Rails 5.1.
2017-08-31 00:06:56 -04:00
DEV: Use `response.parsed_body` in specs (#9615) Most of it was autofixed with rubocop-discourse 2.1.1.
2020-05-07 11:04:12 -04:00
json = response.parsed_body
Fix all the errors to get our tests green on Rails 5.1.
2017-08-31 00:06:56 -04:00
expect(response.status).to eq(200)
FIX: base sql vanishes after badge creation
2017-05-09 09:25:57 -04:00
expect(json["badge"]["name"]).to eq("test")
expect(json["badge"]["query"]).to eq("select 1 as user_id, null as granted_at")
DEV: Apply syntax_tree formatting to `spec/*`
2023-01-09 06:18:21 -05:00
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
expect(
UserHistory.where(
acting_user_id: admin.id,
action: UserHistory.actions[:create_badge],
).exists?,
).to eq(true)
FIX: base sql vanishes after badge creation
2017-05-09 09:25:57 -04:00
end
end
DEV: Extend specs coverage for non-admin access to admin endpoints (#18833) Replace base controller class inheritance specs with explicit specs for non-staff and moderator access to admin resources
2022-11-02 23:42:44 -04:00
shared_examples "badge creation not allowed" do
it "prevents badge creation with a 404 response" do
SiteSetting.enable_badge_sql = true
post "/admin/badges.json",
params: {
name: "test",
query: "select 1 as user_id, null as granted_at",
badge_type_id: 1,
}
expect(response.status).to eq(404)
expect(response.parsed_body["errors"]).to include(I18n.t("not_found"))
end
end
context "when logged in as a moderator" do
before { sign_in(moderator) }
include_examples "badge creation not allowed"
end
context "when logged in as a non-staff user" do
before { sign_in(user) }
include_examples "badge creation not allowed"
end
end
describe "#save_badge_groupings" do
context "when logged in as an admin" do
before { sign_in(admin) }
FEATURE: editable badge groups
2014-07-27 04:22:01 -04:00
it "can save badge groupings" do
groupings = BadgeGrouping.all.order(:position).to_a
groupings << BadgeGrouping.new(name: "Test 1")
groupings << BadgeGrouping.new(name: "Test 2")
groupings.shuffle!
names = groupings.map { |g| g.name }
ids = groupings.map { |g| g.id.to_s }
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
post "/admin/badges/badge_groupings.json", params: { ids: ids, names: names }
expect(response.status).to eq(200)
FEATURE: editable badge groups
2014-07-27 04:22:01 -04:00
groupings2 = BadgeGrouping.all.order(:position).to_a
controllers with rspec3 syntax
2015-01-09 12:04:02 -05:00
expect(groupings2.map { |g| g.name }).to eq(names)
expect((groupings.map(&:id) - groupings2.map { |g| g.id }).compact).to be_blank
DEV: Use `response.parsed_body` in specs (#9615) Most of it was autofixed with rubocop-discourse 2.1.1.
2020-05-07 11:04:12 -04:00
expect(response.parsed_body["badge_groupings"].length).to eq(groupings2.length)
FEATURE: editable badge groups
2014-07-27 04:22:01 -04:00
end
end
DEV: Extend specs coverage for non-admin access to admin endpoints (#18833) Replace base controller class inheritance specs with explicit specs for non-staff and moderator access to admin resources
2022-11-02 23:42:44 -04:00
shared_examples "badge grouping creation not allowed" do
it "prevents creation of badge groupings with a 404 response" do
groupings = BadgeGrouping.all.order(:position).to_a
groupings << BadgeGrouping.new(name: "Test 1")
groupings << BadgeGrouping.new(name: "Test 2")
groupings.shuffle!
names = groupings.map { |g| g.name }
ids = groupings.map { |g| g.id.to_s }
post "/admin/badges/badge_groupings.json", params: { ids: ids, names: names }
expect(response.status).to eq(404)
expect(response.parsed_body["errors"]).to include(I18n.t("not_found"))
end
end
context "when logged in as a moderator" do
before { sign_in(moderator) }
include_examples "badge grouping creation not allowed"
end
context "when logged in as a non-staff user" do
before { sign_in(user) }
include_examples "badge grouping creation not allowed"
end
end
describe "#badge_types" do
context "when logged in as an admin" do
before { sign_in(admin) }
Initial badge system implementation.
2014-03-05 07:52:20 -05:00
it "returns JSON" do
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
get "/admin/badges/types.json"
Fix all the errors to get our tests green on Rails 5.1.
2017-08-31 00:06:56 -04:00
DEV: Assert for 200 response code to avoid changing magic helper in the future.
2018-06-07 04:11:09 -04:00
expect(response.status).to eq(200)
DEV: Use `response.parsed_body` in specs (#9615) Most of it was autofixed with rubocop-discourse 2.1.1.
2020-05-07 11:04:12 -04:00
expect(response.parsed_body["badge_types"]).to be_present
Initial badge system implementation.
2014-03-05 07:52:20 -05:00
end
end
DEV: Extend specs coverage for non-admin access to admin endpoints (#18833) Replace base controller class inheritance specs with explicit specs for non-staff and moderator access to admin resources
2022-11-02 23:42:44 -04:00
shared_examples "badge types inaccessible" do
it "denies access to badge types with a 404 response" do
get "/admin/badges/types.json"
expect(response.status).to eq(404)
expect(response.parsed_body["errors"]).to include(I18n.t("not_found"))
end
end
context "when logged in as a moderator" do
before { sign_in(moderator) }
include_examples "badge types inaccessible"
end
context "when logged in as a non-staff user" do
before { sign_in(user) }
include_examples "badge types inaccessible"
end
end
describe "#destroy" do
context "when logged in as an admin" do
before { sign_in(admin) }
Initial badge system implementation.
2014-03-05 07:52:20 -05:00
it "deletes the badge" do
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
delete "/admin/badges/#{badge.id}.json"
DEV: Assert for 200 response code to avoid changing magic helper in the future.
2018-06-07 04:11:09 -04:00
expect(response.status).to eq(200)
FEATURE: staff action logs when creating/updating/deleting badges
2018-05-17 12:09:27 -04:00
expect(Badge.where(id: badge.id).exists?).to eq(false)
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
expect(
UserHistory.where(
acting_user_id: admin.id,
action: UserHistory.actions[:delete_badge],
).exists?,
).to eq(true)
Initial badge system implementation.
2014-03-05 07:52:20 -05:00
end
end
DEV: Extend specs coverage for non-admin access to admin endpoints (#18833) Replace base controller class inheritance specs with explicit specs for non-staff and moderator access to admin resources
2022-11-02 23:42:44 -04:00
shared_examples "badge deletion not allowed" do
it "prevents deletion of badges with a 404 response" do
delete "/admin/badges/#{badge.id}.json"
expect(response.status).to eq(404)
expect(response.parsed_body["errors"]).to include(I18n.t("not_found"))
expect(Badge.where(id: badge.id).exists?).to eq(true)
end
end
context "when logged in as a moderator" do
before { sign_in(moderator) }
include_examples "badge deletion not allowed"
end
context "when logged in as a non-staff user" do
before { sign_in(user) }
include_examples "badge deletion not allowed"
end
end
describe "#update" do
context "when logged in as an admin" do
before { sign_in(admin) }
FIX: should not be able to rename a system badge
2017-02-20 08:35:05 -05:00
it "does not update the name of system badges" do
editor_badge = Badge.find(Badge::Editor)
editor_badge_name = editor_badge.name
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
put "/admin/badges/#{editor_badge.id}.json", params: { name: "123456" }
FIX: should not be able to rename a system badge
2017-02-20 08:35:05 -05:00
DEV: Assert for 200 response code to avoid changing magic helper in the future.
2018-06-07 04:11:09 -04:00
expect(response.status).to eq(200)
FIX: should not be able to rename a system badge
2017-02-20 08:35:05 -05:00
editor_badge.reload
expect(editor_badge.name).to eq(editor_badge_name)
FEATURE: staff action logs when creating/updating/deleting badges
2018-05-17 12:09:27 -04:00
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
expect(
UserHistory.where(
acting_user_id: admin.id,
action: UserHistory.actions[:change_badge],
).exists?,
).to eq(true)
FIX: should not be able to rename a system badge
2017-02-20 08:35:05 -05:00
end
SECURITY: disable user entered badge SQL by default - Hidden site settings now must be change via rails console
2016-07-27 19:03:00 -04:00
it "does not allow query updates if badge_sql is disabled" do
badge.query = "select 123"
badge.save
SiteSetting.enable_badge_sql = false
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
put "/admin/badges/#{badge.id}.json",
params: {
Fix all the errors to get our tests green on Rails 5.1.
2017-08-31 00:06:56 -04:00
name: "123456",
query: "select id user_id, created_at granted_at from users",
badge_type_id: badge.badge_type_id,
allow_title: false,
multiple_grant: false,
enabled: true,
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
}
SECURITY: disable user entered badge SQL by default - Hidden site settings now must be change via rails console
2016-07-27 19:03:00 -04:00
DEV: Assert for 200 response code to avoid changing magic helper in the future.
2018-06-07 04:11:09 -04:00
expect(response.status).to eq(200)
SECURITY: disable user entered badge SQL by default - Hidden site settings now must be change via rails console
2016-07-27 19:03:00 -04:00
badge.reload
expect(badge.name).to eq("123456")
expect(badge.query).to eq("select 123")
Initial badge system implementation.
2014-03-05 07:52:20 -05:00
end
it "updates the badge" do
SECURITY: disable user entered badge SQL by default - Hidden site settings now must be change via rails console
2016-07-27 19:03:00 -04:00
SiteSetting.enable_badge_sql = true
sql = "select id user_id, created_at granted_at from users"
UX: Add image uploader widget for uploading badge images (#12377) Currently the process of adding a custom image to badge is quite clunky; you have to upload your image to a topic, and then copy the image URL and pasting it in a text field. Besides being clucky, if the topic or post that contains the image is deleted, the image will be garbage-collected in a few days and the badge will lose the image because the application is not that the image is referenced by a badge. This commit improves that by adding a proper image uploader widget for badge images.
2021-03-17 01:55:23 -04:00
image = Fabricate(:upload)
SECURITY: disable user entered badge SQL by default - Hidden site settings now must be change via rails console
2016-07-27 19:03:00 -04:00
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
put "/admin/badges/#{badge.id}.json",
params: {
Fix all the errors to get our tests green on Rails 5.1.
2017-08-31 00:06:56 -04:00
name: "123456",
query: sql,
badge_type_id: badge.badge_type_id,
allow_title: false,
multiple_grant: false,
UX: Add image uploader widget for uploading badge images (#12377) Currently the process of adding a custom image to badge is quite clunky; you have to upload your image to a topic, and then copy the image URL and pasting it in a text field. Besides being clucky, if the topic or post that contains the image is deleted, the image will be garbage-collected in a few days and the badge will lose the image because the application is not that the image is referenced by a badge. This commit improves that by adding a proper image uploader widget for badge images.
2021-03-17 01:55:23 -04:00
enabled: true,
image_upload_id: image.id,
icon: "fa-rocket",
REFACTOR: admin badges controller specs to requests (#5960)
2018-06-11 00:50:56 -04:00
}
SECURITY: disable user entered badge SQL by default - Hidden site settings now must be change via rails console
2016-07-27 19:03:00 -04:00
DEV: Assert for 200 response code to avoid changing magic helper in the future.
2018-06-07 04:11:09 -04:00
expect(response.status).to eq(200)
SECURITY: disable user entered badge SQL by default - Hidden site settings now must be change via rails console
2016-07-27 19:03:00 -04:00
badge.reload
expect(badge.name).to eq("123456")
expect(badge.query).to eq(sql)
UX: Add image uploader widget for uploading badge images (#12377) Currently the process of adding a custom image to badge is quite clunky; you have to upload your image to a topic, and then copy the image URL and pasting it in a text field. Besides being clucky, if the topic or post that contains the image is deleted, the image will be garbage-collected in a few days and the badge will lose the image because the application is not that the image is referenced by a badge. This commit improves that by adding a proper image uploader widget for badge images.
2021-03-17 01:55:23 -04:00
expect(badge.image_upload.id).to eq(image.id)
expect(badge.icon).to eq("fa-rocket")
Initial badge system implementation.
2014-03-05 07:52:20 -05:00
end
FIX: Badge and user title interaction fixes (#8282) * Fix user title logic when badge name customized * Fix an issue where a user's title was not considered a badge granted title when the user used a badge for their title and the badge name was customized. this affected the effectiveness of revoke_ungranted_titles! which only operates on badge_granted_titles. * When a user's title is set now it is considered a badge_granted_title if the badge name OR the badge custom name from TranslationOverride is the same as the title * When a user's badge is revoked we now also revoke their title if the user's title matches the badge name OR the badge custom name from TranslationOverride * Add a user history log when the title is revoked to remove confusion about why titles are revoked * Add granted_title_badge_id to user_profile, now when we set badge_granted_title on a user profile when updating a user's title based on a badge, we also remember which badge matched the title * When badge name (or custom text) changes update titles of users in a background job * When the name of a badge changes, or in the case of system badges when their custom translation text changes, then we need to update the title of all corresponding users who have a badge_granted_title and matching granted_title_badge_id. In the case of system badges we need to first get the proper badge ID based on the translation key e.g. badges.regular.name * Add migration to backfill all granted_title_badge_ids for both normal badge name titles and titles using custom badge text.
2019-11-08 00:34:24 -05:00
context "when there is a user with a title granted using the badge" do
fab!(:user_with_badge_title) { Fabricate(:active_user) }
fab!(:badge) { Fabricate(:badge, name: "Oathbreaker", allow_title: true) }
before do
BadgeGranter.grant(badge, user_with_badge_title)
user_with_badge_title.update(title: "Oathbreaker")
end
it "updates the user title in a job" do
Update rubocop to 2.3.1.
2020-07-24 05:16:52 -04:00
expect_enqueued_with(
job: :bulk_user_title_update,
args: {
FIX: Badge and user title interaction fixes (#8282) * Fix user title logic when badge name customized * Fix an issue where a user's title was not considered a badge granted title when the user used a badge for their title and the badge name was customized. this affected the effectiveness of revoke_ungranted_titles! which only operates on badge_granted_titles. * When a user's title is set now it is considered a badge_granted_title if the badge name OR the badge custom name from TranslationOverride is the same as the title * When a user's badge is revoked we now also revoke their title if the user's title matches the badge name OR the badge custom name from TranslationOverride * Add a user history log when the title is revoked to remove confusion about why titles are revoked * Add granted_title_badge_id to user_profile, now when we set badge_granted_title on a user profile when updating a user's title based on a badge, we also remember which badge matched the title * When badge name (or custom text) changes update titles of users in a background job * When the name of a badge changes, or in the case of system badges when their custom translation text changes, then we need to update the title of all corresponding users who have a badge_granted_title and matching granted_title_badge_id. In the case of system badges we need to first get the proper badge ID based on the translation key e.g. badges.regular.name * Add migration to backfill all granted_title_badge_ids for both normal badge name titles and titles using custom badge text.
2019-11-08 00:34:24 -05:00
new_title: "Shieldbearer",
granted_badge_id: badge.id,
action: Jobs::BulkUserTitleUpdate::UPDATE_ACTION,
Update rubocop to 2.3.1.
2020-07-24 05:16:52 -04:00
},
) { put "/admin/badges/#{badge.id}.json", params: { name: "Shieldbearer" } }
FIX: Badge and user title interaction fixes (#8282) * Fix user title logic when badge name customized * Fix an issue where a user's title was not considered a badge granted title when the user used a badge for their title and the badge name was customized. this affected the effectiveness of revoke_ungranted_titles! which only operates on badge_granted_titles. * When a user's title is set now it is considered a badge_granted_title if the badge name OR the badge custom name from TranslationOverride is the same as the title * When a user's badge is revoked we now also revoke their title if the user's title matches the badge name OR the badge custom name from TranslationOverride * Add a user history log when the title is revoked to remove confusion about why titles are revoked * Add granted_title_badge_id to user_profile, now when we set badge_granted_title on a user profile when updating a user's title based on a badge, we also remember which badge matched the title * When badge name (or custom text) changes update titles of users in a background job * When the name of a badge changes, or in the case of system badges when their custom translation text changes, then we need to update the title of all corresponding users who have a badge_granted_title and matching granted_title_badge_id. In the case of system badges we need to first get the proper badge ID based on the translation key e.g. badges.regular.name * Add migration to backfill all granted_title_badge_ids for both normal badge name titles and titles using custom badge text.
2019-11-08 00:34:24 -05:00
end
end
Initial badge system implementation.
2014-03-05 07:52:20 -05:00
end
Feature: Mass award badge (#8694) * UI: Mass grant a badge from the admin ui * Send the uploaded CSV and badge ID to the backend * Read the CSV and grant badge in batches * UX: Communicate the result to the user * Don't award if badge is disabled * Create a 'send_notification' method to remove duplicated code, slightly shrink badge image. Replace router transition with href. * Dynamically discover current route
2020-01-13 09:20:26 -05:00
DEV: Extend specs coverage for non-admin access to admin endpoints (#18833) Replace base controller class inheritance specs with explicit specs for non-staff and moderator access to admin resources
2022-11-02 23:42:44 -04:00
shared_examples "badge update not allowed" do
it "prevents badge update with a 404 response" do
SiteSetting.enable_badge_sql = true
sql = "select id user_id, created_at granted_at from users"
image = Fabricate(:upload)
put "/admin/badges/#{badge.id}.json",
params: {
name: "123456",
query: sql,
badge_type_id: badge.badge_type_id,
allow_title: false,
multiple_grant: false,
enabled: true,
image_upload_id: image.id,
icon: "fa-rocket",
}
badge.reload
expect(response.status).to eq(404)
expect(response.parsed_body["errors"]).to include(I18n.t("not_found"))
expect(badge.name).not_to eq("123456")
expect(badge.query).not_to eq(sql)
expect(badge.icon).not_to eq("fa-rocket")
end
end
context "when logged in as a moderator" do
before { sign_in(moderator) }
include_examples "badge update not allowed"
end
context "when logged in as a non-staff user" do
before { sign_in(user) }
include_examples "badge update not allowed"
end
end
describe "#mass_award" do
context "when logged in as an admin" do
before { sign_in(admin) }
FIX: Bulk badge awards should work even if the CSV has nil values
2020-02-27 09:07:46 -05:00
Feature: Mass award badge (#8694) * UI: Mass grant a badge from the admin ui * Send the uploaded CSV and badge ID to the backend * Read the CSV and grant badge in batches * UX: Communicate the result to the user * Don't award if badge is disabled * Create a 'send_notification' method to remove duplicated code, slightly shrink badge image. Replace router transition with href. * Dynamically discover current route
2020-01-13 09:20:26 -05:00
it "does nothing when there is no file" do
post "/admin/badges/award/#{badge.id}.json", params: { file: "" }
expect(response.status).to eq(400)
end
it "does nothing when the badge id is not valid" do
post "/admin/badges/award/fake_id.json", params: { file: fixture_file_upload(Tempfile.new) }
expect(response.status).to eq(400)
end
it "does nothing when the file is not a csv" do
file = file_from_fixtures("cropped.png")
post "/admin/badges/award/#{badge.id}.json", params: { file: fixture_file_upload(file) }
expect(response.status).to eq(400)
end
FEATURE: Support uploading a csv with either user emails or usernames (#8971)
2020-02-18 08:53:12 -05:00
it "awards the badge using a list of user emails" do
Feature: Mass award badge (#8694) * UI: Mass grant a badge from the admin ui * Send the uploaded CSV and badge ID to the backend * Read the CSV and grant badge in batches * UX: Communicate the result to the user * Don't award if badge is disabled * Create a 'send_notification' method to remove duplicated code, slightly shrink badge image. Replace router transition with href. * Dynamically discover current route
2020-01-13 09:20:26 -05:00
Jobs.run_immediately!
file = file_from_fixtures("user_emails.csv", "csv")
FEATURE: Add option to grant badge multiple times to users using Bulk Award (#13571) Currently when bulk-awarding a badge that can be granted multiple times, users in the CSV file are granted the badge once no matter how many times they're listed in the file and only if they don't have the badge already. This PR adds a new option to the Badge Bulk Award feature so that it's possible to grant users a badge even if they already have the badge and as many times as they appear in the CSV file.
2021-07-14 22:53:26 -04:00
UserBadge.destroy_all
Feature: Mass award badge (#8694) * UI: Mass grant a badge from the admin ui * Send the uploaded CSV and badge ID to the backend * Read the CSV and grant badge in batches * UX: Communicate the result to the user * Don't award if badge is disabled * Create a 'send_notification' method to remove duplicated code, slightly shrink badge image. Replace router transition with href. * Dynamically discover current route
2020-01-13 09:20:26 -05:00
post "/admin/badges/award/#{badge.id}.json", params: { file: fixture_file_upload(file) }
FEATURE: Add option to grant badge multiple times to users using Bulk Award (#13571) Currently when bulk-awarding a badge that can be granted multiple times, users in the CSV file are granted the badge once no matter how many times they're listed in the file and only if they don't have the badge already. This PR adds a new option to the Badge Bulk Award feature so that it's possible to grant users a badge even if they already have the badge and as many times as they appear in the CSV file.
2021-07-14 22:53:26 -04:00
expect(response.status).to eq(200)
expect(UserBadge.where(user: user, badge: badge).count).to eq(1)
expect(UserBadge.where(user: user, badge: badge).first.seq).to eq(0)
Feature: Mass award badge (#8694) * UI: Mass grant a badge from the admin ui * Send the uploaded CSV and badge ID to the backend * Read the CSV and grant badge in batches * UX: Communicate the result to the user * Don't award if badge is disabled * Create a 'send_notification' method to remove duplicated code, slightly shrink badge image. Replace router transition with href. * Dynamically discover current route
2020-01-13 09:20:26 -05:00
end
FEATURE: Support uploading a csv with either user emails or usernames (#8971)
2020-02-18 08:53:12 -05:00
it "awards the badge using a list of usernames" do
Jobs.run_immediately!
file = file_from_fixtures("usernames.csv", "csv")
post "/admin/badges/award/#{badge.id}.json", params: { file: fixture_file_upload(file) }
FEATURE: Add option to grant badge multiple times to users using Bulk Award (#13571) Currently when bulk-awarding a badge that can be granted multiple times, users in the CSV file are granted the badge once no matter how many times they're listed in the file and only if they don't have the badge already. This PR adds a new option to the Badge Bulk Award feature so that it's possible to grant users a badge even if they already have the badge and as many times as they appear in the CSV file.
2021-07-14 22:53:26 -04:00
expect(response.status).to eq(200)
expect(UserBadge.where(user: user, badge: badge).count).to eq(1)
FIX: Bulk badge awards should work even if the CSV has nil values
2020-02-27 09:07:46 -05:00
end
it "works with a CSV containing nil values" do
Jobs.run_immediately!
file = file_from_fixtures("usernames_with_nil_values.csv", "csv")
post "/admin/badges/award/#{badge.id}.json", params: { file: fixture_file_upload(file) }
FEATURE: Add option to grant badge multiple times to users using Bulk Award (#13571) Currently when bulk-awarding a badge that can be granted multiple times, users in the CSV file are granted the badge once no matter how many times they're listed in the file and only if they don't have the badge already. This PR adds a new option to the Badge Bulk Award feature so that it's possible to grant users a badge even if they already have the badge and as many times as they appear in the CSV file.
2021-07-14 22:53:26 -04:00
expect(response.status).to eq(200)
expect(UserBadge.where(user: user, badge: badge).count).to eq(1)
end
it "does not grant the badge again to a user if they already have the badge" do
Jobs.run_immediately!
badge.update!(multiple_grant: true)
BadgeGranter.grant(badge, user)
user.reload
file = file_from_fixtures("usernames_with_nil_values.csv", "csv")
post "/admin/badges/award/#{badge.id}.json", params: { file: fixture_file_upload(file) }
expect(response.status).to eq(200)
expect(UserBadge.where(user: user, badge: badge).count).to eq(1)
FEATURE: Support uploading a csv with either user emails or usernames (#8971)
2020-02-18 08:53:12 -05:00
end
FIX: Show a proper error message when trying to bulk award a disabled badge. (#12384)
2021-03-12 12:28:27 -05:00
it "fails when the badge is disabled" do
badge.update!(enabled: false)
file = file_from_fixtures("usernames_with_nil_values.csv", "csv")
post "/admin/badges/award/#{badge.id}.json", params: { file: fixture_file_upload(file) }
expect(response.status).to eq(422)
end
FEATURE: Add option to grant badge multiple times to users using Bulk Award (#13571) Currently when bulk-awarding a badge that can be granted multiple times, users in the CSV file are granted the badge once no matter how many times they're listed in the file and only if they don't have the badge already. This PR adds a new option to the Badge Bulk Award feature so that it's possible to grant users a badge even if they already have the badge and as many times as they appear in the CSV file.
2021-07-14 22:53:26 -04:00
context "when grant_existing_holders is true" do
it "fails when the badge cannot be granted multiple times" do
file = file_from_fixtures("user_emails.csv", "csv")
badge.update!(multiple_grant: false)
post "/admin/badges/award/#{badge.id}.json",
params: {
file: fixture_file_upload(file),
grant_existing_holders: true,
}
expect(response.status).to eq(422)
expect(response.parsed_body["errors"]).to eq(
[I18n.t("badges.mass_award.errors.cant_grant_multiple_times", badge_name: badge.name)],
)
end
it "fails when CSV file contains more entries that it's allowed" do
badge.update!(multiple_grant: true)
csv = Tempfile.new
csv.write("#{user.username}\n" * 11)
csv.rewind
stub_const(Admin::BadgesController, "MAX_CSV_LINES", 10) do
post "/admin/badges/award/#{badge.id}.json",
params: {
file: fixture_file_upload(csv),
grant_existing_holders: true,
}
end
expect(response.status).to eq(400)
expect(response.parsed_body["errors"]).to include(
I18n.t("badges.mass_award.errors.too_many_csv_entries", count: 10),
)
ensure
csv&.close
csv&.unlink
end
it "includes unmatched entries and the number of users who will receive the badge in the response" do
Jobs.run_immediately!
badge.update!(multiple_grant: true)
csv = Tempfile.new
content = %w[nonexistentuser nonexistentuser nonexistentemail@discourse.fake]
content << user.username
content << user.username
csv.write(content.join("\n"))
csv.rewind
post "/admin/badges/award/#{badge.id}.json",
params: {
file: fixture_file_upload(csv),
grant_existing_holders: true,
}
expect(response.status).to eq(200)
expect(response.parsed_body["unmatched_entries"]).to contain_exactly(
"nonexistentuser",
"nonexistentemail@discourse.fake",
)
expect(response.parsed_body["matched_users_count"]).to eq(1)
expect(response.parsed_body["unmatched_entries_count"]).to eq(2)
expect(UserBadge.where(user: user, badge: badge).count).to eq(2)
ensure
csv&.close
csv&.unlink
end
it "grants the badge to the users in the CSV as many times as they appear in it" do
Jobs.run_immediately!
badge.update!(multiple_grant: true)
user_without_badge = Fabricate(:user)
user_with_badge = Fabricate(:user).tap { |u| BadgeGranter.grant(badge, u) }
csv_content =
[
user_with_badge.email.titlecase,
user_with_badge.username.titlecase,
user_without_badge.email.titlecase,
user_without_badge.username.titlecase,
] * 20
csv = Tempfile.new
csv.write(csv_content.join("\n"))
csv.rewind
post "/admin/badges/award/#{badge.id}.json",
params: {
file: fixture_file_upload(csv),
grant_existing_holders: true,
}
expect(response.status).to eq(200)
expect(response.parsed_body["unmatched_entries"]).to eq([])
expect(response.parsed_body["matched_users_count"]).to eq(2)
expect(response.parsed_body["unmatched_entries_count"]).to eq(0)
sequence = UserBadge.where(user: user_with_badge, badge: badge).pluck(:seq)
expect(sequence.sort).to eq((0...(40 + 1)).to_a)
sequence = UserBadge.where(user: user_without_badge, badge: badge).pluck(:seq)
expect(sequence.sort).to eq((0...40).to_a)
ensure
csv&.close
csv&.unlink
end
end
Feature: Mass award badge (#8694) * UI: Mass grant a badge from the admin ui * Send the uploaded CSV and badge ID to the backend * Read the CSV and grant badge in batches * UX: Communicate the result to the user * Don't award if badge is disabled * Create a 'send_notification' method to remove duplicated code, slightly shrink badge image. Replace router transition with href. * Dynamically discover current route
2020-01-13 09:20:26 -05:00
end
DEV: Extend specs coverage for non-admin access to admin endpoints (#18833) Replace base controller class inheritance specs with explicit specs for non-staff and moderator access to admin resources
2022-11-02 23:42:44 -04:00
shared_examples "mass badge award not allowed" do
it "prevents mass badge award with a 404 response" do
file = file_from_fixtures("user_emails.csv", "csv")
post "/admin/badges/award/#{badge.id}.json", params: { file: fixture_file_upload(file) }
expect(response.status).to eq(404)
expect(response.parsed_body["errors"]).to include(I18n.t("not_found"))
expect(UserBadge.where(user: user, badge: badge).count).to eq(0)
end
end
context "when logged in as a moderator" do
before { sign_in(moderator) }
include_examples "mass badge award not allowed"
end
context "when logged in as a non-staff user" do
before { sign_in(user) }
include_examples "mass badge award not allowed"
end
Initial badge system implementation.
2014-03-05 07:52:20 -05:00
end
end