Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

DEV: Minor improvements to SidebarSectionsController spec (#21734) 

1. '#reorder' specs where serializing objects when it is not needed.

2. Add tests for anon user to `#reorder` specs
This commit is contained in:
Alan Guo Xiang Tan 2023-05-25 11:08:10 +09:00 committed by GitHub
parent 038318bffc
commit e8b138e24f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 46 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/sidebar_sections_controller.rb
View File

@ -85,7 +85,7 @@ class SidebarSectionsController < ApplicationController
order = reorder_params["links_order"].map(&:to_i).each_with_index.to_h
set_order(sidebar_section, order)
render_serialized_sidebar_section(sidebar_section)
render_serialized(sidebar_section, SidebarSectionSerializer)
rescue Discourse::InvalidAccess
render json: failed_json, status: 403
end

56
spec/requests/sidebar_sections_controller_spec.rb
View File

@ -89,6 +89,7 @@ RSpec.describe SidebarSectionsController do
it "does not allow regular user to create public section" do
sign_in(user)
post "/sidebar_sections.json",
params: {
title: "custom section",
@ -98,11 +99,13 @@ RSpec.describe SidebarSectionsController do
{ icon: "address-book", name: "tags", value: "/tags" },
],
}
expect(response.status).to eq(403)
end
it "does not allow moderator to create public section" do
sign_in(moderator)
post "/sidebar_sections.json",
params: {
title: "custom section",
@ -112,11 +115,13 @@ RSpec.describe SidebarSectionsController do
{ icon: "address-book", name: "tags", value: "/tags" },
],
}
expect(response.status).to eq(403)
end
it "allows admin to create public section" do
sign_in(admin)
post "/sidebar_sections.json",
params: {
title: "custom section",
@ -126,6 +131,7 @@ RSpec.describe SidebarSectionsController do
{ icon: "address-book", name: "tags", value: "/tags" },
],
}
expect(response.status).to eq(200)
sidebar_section = SidebarSection.last
@ -144,18 +150,22 @@ RSpec.describe SidebarSectionsController do
fab!(:sidebar_section) { Fabricate(:sidebar_section, user: user) }
fab!(:sidebar_url_1) { Fabricate(:sidebar_url, name: "tags", value: "/tags") }
fab!(:sidebar_url_2) { Fabricate(:sidebar_url, name: "categories", value: "/categories") }
fab!(:section_link_1) do
Fabricate(:sidebar_section_link, sidebar_section: sidebar_section, linkable: sidebar_url_1)
end
fab!(:section_link_2) do
Fabricate(:sidebar_section_link, sidebar_section: sidebar_section, linkable: sidebar_url_2)
end
let(:community_section) do
SidebarSection.find_by(section_type: SidebarSection.section_types[:community])
end
it "allows user to update their own section and links" do
sign_in(user)
put "/sidebar_sections/#{sidebar_section.id}.json",
params: {
title: "custom section edited",
@ -178,6 +188,7 @@ RSpec.describe SidebarSectionsController do
it "allows admin to update public section and links" do
sign_in(admin)
sidebar_section.update!(public: true)
put "/sidebar_sections/#{sidebar_section.id}.json",
params: {
title: "custom section edited",
@ -230,6 +241,7 @@ RSpec.describe SidebarSectionsController do
sidebar_url_3 = Fabricate(:sidebar_url, name: "other_tags", value: "/tags")
Fabricate(:sidebar_section_link, sidebar_section: sidebar_section_2, linkable: sidebar_url_3)
sign_in(user)
put "/sidebar_sections/#{sidebar_section_2.id}.json",
params: {
title: "custom section edited",
@ -242,6 +254,7 @@ RSpec.describe SidebarSectionsController do
it "doesn't allow to edit public sections" do
sign_in(user)
sidebar_section.update!(public: true)
put "/sidebar_sections/#{sidebar_section.id}.json",
params: {
title: "custom section edited",
@ -250,17 +263,21 @@ RSpec.describe SidebarSectionsController do
{ icon: "link", id: sidebar_url_2.id, name: "tags", value: "/tags", _destroy: "1" },
],
}
expect(response.status).to eq(403)
end
it "doesn't allow to edit other's links" do
sidebar_url_3 = Fabricate(:sidebar_url, name: "other_tags", value: "/tags")
Fabricate(
:sidebar_section_link,
sidebar_section: Fabricate(:sidebar_section),
linkable: sidebar_url_3,
)
sign_in(user)
put "/sidebar_sections/#{sidebar_section.id}.json",
params: {
title: "custom section edited",
@ -268,12 +285,12 @@ RSpec.describe SidebarSectionsController do
}
expect(response.status).to eq(404)
expect(sidebar_url_3.reload.name).to eq("other_tags")
end
it "doesn't allow users to edit community section" do
sign_in(user)
put "/sidebar_sections/#{community_section.id}.json",
params: {
title: "custom section edited",
@ -285,8 +302,10 @@ RSpec.describe SidebarSectionsController do
it "allows admin to edit community section" do
sign_in(admin)
everything_link = community_section.sidebar_urls.find_by(name: "Everything")
my_posts_link = community_section.sidebar_urls.find_by(name: "My Posts")
community_section
.sidebar_section_links
.where.not(linkable_id: [everything_link.id, my_posts_link.id])
@ -317,58 +336,74 @@ RSpec.describe SidebarSectionsController do
end
describe "#reorder" do
fab!(:user2) { Fabricate(:user) }
fab!(:sidebar_section) { Fabricate(:sidebar_section, user: user) }
fab!(:sidebar_url_1) { Fabricate(:sidebar_url, name: "tags", value: "/tags") }
fab!(:sidebar_url_2) { Fabricate(:sidebar_url, name: "categories", value: "/categories") }
fab!(:sidebar_url_3) { Fabricate(:sidebar_url, name: "topic", value: "/t/1") }
fab!(:section_link_1) do
Fabricate(:sidebar_section_link, sidebar_section: sidebar_section, linkable: sidebar_url_1)
end
fab!(:section_link_2) do
Fabricate(:sidebar_section_link, sidebar_section: sidebar_section, linkable: sidebar_url_2)
end
fab!(:section_link_3) do
Fabricate(:sidebar_section_link, sidebar_section: sidebar_section, linkable: sidebar_url_3)
end
it "sorts links" do
serializer = SidebarSectionSerializer.new(sidebar_section, root: false).as_json
expect(serializer[:links].map(&:id)).to eq(
expect(sidebar_section.sidebar_urls.pluck(:id)).to eq(
[sidebar_url_1.id, sidebar_url_2.id, sidebar_url_3.id],
)
sign_in(user)
post "/sidebar_sections/reorder.json",
params: {
sidebar_section_id: sidebar_section.id,
links_order: [sidebar_url_2.id, sidebar_url_3.id, sidebar_url_1.id],
}
serializer = SidebarSectionSerializer.new(sidebar_section.reload, root: false).as_json
expect(serializer[:links].map(&:id)).to eq(
expect(response.status).to eq(200)
expect(sidebar_section.reload.sidebar_urls.pluck(:id)).to eq(
[sidebar_url_2.id, sidebar_url_3.id, sidebar_url_1.id],
)
end
it "is not allowed for not own sections" do
sidebar_section_2 = Fabricate(:sidebar_section)
it "returns 403 when a user tries to reorder a section that doesn't belong to them" do
sign_in(user2)
post "/sidebar_sections/reorder.json",
params: {
sidebar_section_id: sidebar_section_2.id,
sidebar_section_id: sidebar_section.id,
links_order: [sidebar_url_2.id, sidebar_url_3.id, sidebar_url_1.id],
}
expect(response.status).to eq(403)
serializer = SidebarSectionSerializer.new(sidebar_section, root: false).as_json
expect(serializer[:links].map(&:id)).to eq(
expect(sidebar_section.reload.sidebar_urls.pluck(:id)).to eq(
[sidebar_url_1.id, sidebar_url_2.id, sidebar_url_3.id],
)
end
it "returns 403 for an non user" do
post "/sidebar_sections/reorder.json",
params: {
sidebar_section_id: sidebar_section.id,
links_order: [sidebar_url_2.id, sidebar_url_3.id, sidebar_url_1.id],
}
expect(response.status).to eql(403)
end
end
describe "#destroy" do
fab!(:sidebar_section) { Fabricate(:sidebar_section, user: user) }
let(:community_section) do
SidebarSection.find_by(section_type: SidebarSection.section_types[:community])
end
@ -380,7 +415,6 @@ RSpec.describe SidebarSectionsController do
expect(response.status).to eq(200)
expect { sidebar_section.reload }.to raise_error(ActiveRecord::RecordNotFound)
expect(UserHistory.count).to eq(0)
end