require 'rails_helper' RSpec.describe TopicsController do let(:topic) { Fabricate(:topic) } let(:user) { Fabricate(:user) } describe '#update' do it "won't allow us to update a topic when we're not logged in" do put "/t/1.json", params: { slug: 'xyz' } expect(response.status).to eq(403) end describe 'when logged in' do let(:topic) { Fabricate(:topic, user: user) } before do Fabricate(:post, topic: topic) sign_in(user) end it 'can not change category to a disallowed category' do category = Fabricate(:category) category.set_permissions(staff: :full) category.save! put "/t/#{topic.id}.json", params: { category_id: category.id } expect(response.status).not_to eq(200) expect(topic.category_id).not_to eq(category.id) end describe 'without permission' do it "raises an exception when the user doesn't have permission to update the topic" do topic.update!(archived: true) put "/t/#{topic.slug}/#{topic.id}.json" expect(response.status).to eq(403) end end describe 'with permission' do it 'succeeds' do put "/t/#{topic.slug}/#{topic.id}.json" expect(response.status).to eq(200) expect(::JSON.parse(response.body)['basic_topic']).to be_present end it "can update a topic to an uncategorized topic" do topic.update!(category: Fabricate(:category)) put "/t/#{topic.slug}/#{topic.id}.json", params: { category_id: "" } expect(response.status).to eq(200) expect(topic.reload.category_id).to eq(SiteSetting.uncategorized_category_id) end it 'allows a change of title' do put "/t/#{topic.slug}/#{topic.id}.json", params: { title: 'This is a new title for the topic' } topic.reload expect(topic.title).to eq('This is a new title for the topic') end it "returns errors with invalid titles" do put "/t/#{topic.slug}/#{topic.id}.json", params: { title: 'asdf' } expect(response.status).to eq(422) expect(JSON.parse(response.body)['errors']).to be_present end it "returns errors when the rate limit is exceeded" do EditRateLimiter.any_instance.expects(:performed!).raises(RateLimiter::LimitExceeded.new(60)) put "/t/#{topic.slug}/#{topic.id}.json", params: { title: 'This is a new title for the topic' } expect(response.status).to eq(429) end it "returns errors with invalid categories" do put "/t/#{topic.slug}/#{topic.id}.json", params: { category_id: -1 } expect(response.status).to eq(422) end it "doesn't call the PostRevisor when there is no changes" do PostRevisor.any_instance.expects(:revise!).never put "/t/#{topic.slug}/#{topic.id}.json", params: { category_id: topic.category_id } expect(response.status).to eq(200) end context 'when topic is private' do before do topic.update!( archetype: Archetype.private_message, category: nil, allowed_users: [topic.user] ) end context 'when there are no changes' do it 'does not call the PostRevisor' do PostRevisor.any_instance.expects(:revise!).never put "/t/#{topic.slug}/#{topic.id}.json", params: { category_id: topic.category_id } expect(response.status).to eq(200) end end end context "allow_uncategorized_topics is false" do before do SiteSetting.allow_uncategorized_topics = false end it "can add a category to an uncategorized topic" do category = Fabricate(:category) put "/t/#{topic.slug}/#{topic.id}.json", params: { category_id: category.id } expect(response.status).to eq(200) expect(topic.reload.category).to eq(category) end end end end end describe '#show' do let(:private_topic) { Fabricate(:private_message_topic) } describe 'when topic is not allowed' do it 'should return the right response' do sign_in(user) get "/t/#{private_topic.id}.json" expect(response.status).to eq(403) expect(response.body).to eq(I18n.t('invalid_access')) end end end describe '#timings' do let(:post_1) { Fabricate(:post, topic: topic) } it 'should record the timing' do sign_in(user) post "/topics/timings.json", params: { topic_id: topic.id, topic_time: 5, timings: { post_1.post_number => 2 } } expect(response).to be_success post_timing = PostTiming.first expect(post_timing.topic).to eq(topic) expect(post_timing.user).to eq(user) expect(post_timing.msecs).to eq(2) end end describe '#timer' do context 'when a user is not logged in' do it 'should return the right response' do post "/t/#{topic.id}/timer.json", params: { time: '24', status_type: TopicTimer.types[1] } expect(response.status).to eq(403) end end context 'when does not have permission' do it 'should return the right response' do sign_in(user) post "/t/#{topic.id}/timer.json", params: { time: '24', status_type: TopicTimer.types[1] } expect(response.status).to eq(403) expect(JSON.parse(response.body)["error_type"]).to eq('invalid_access') end end context 'when logged in as an admin' do let(:admin) { Fabricate(:admin) } before do sign_in(admin) end it 'should be able to create a topic status update' do post "/t/#{topic.id}/timer.json", params: { time: 24, status_type: TopicTimer.types[1] } expect(response).to be_success topic_status_update = TopicTimer.last expect(topic_status_update.topic).to eq(topic) expect(topic_status_update.execute_at) .to be_within(1.second).of(24.hours.from_now) json = JSON.parse(response.body) expect(DateTime.parse(json['execute_at'])) .to be_within(1.seconds).of(DateTime.parse(topic_status_update.execute_at.to_s)) expect(json['duration']).to eq(topic_status_update.duration) expect(json['closed']).to eq(topic.reload.closed) end it 'should be able to delete a topic status update' do Fabricate(:topic_timer, topic: topic) post "/t/#{topic.id}/timer.json", params: { time: nil, status_type: TopicTimer.types[1] } expect(response).to be_success expect(topic.reload.public_topic_timer).to eq(nil) json = JSON.parse(response.body) expect(json['execute_at']).to eq(nil) expect(json['duration']).to eq(nil) expect(json['closed']).to eq(topic.closed) end describe 'publishing topic to category in the future' do it 'should be able to create the topic status update' do SiteSetting.queue_jobs = true post "/t/#{topic.id}/timer.json", params: { time: 24, status_type: TopicTimer.types[3], category_id: topic.category_id } expect(response).to be_success topic_status_update = TopicTimer.last expect(topic_status_update.topic).to eq(topic) expect(topic_status_update.execute_at) .to be_within(1.second).of(24.hours.from_now) expect(topic_status_update.status_type) .to eq(TopicTimer.types[:publish_to_category]) json = JSON.parse(response.body) expect(json['category_id']).to eq(topic.category_id) end end describe 'invalid status type' do it 'should raise the right error' do post "/t/#{topic.id}/timer.json", params: { time: 10, status_type: 'something' } expect(response.status).to eq(400) expect(response.body).to include('status_type') end end end end describe '#invite' do describe 'when not logged in' do it "should return the right response" do post "/t/#{topic.id}/invite.json", params: { email: 'jake@adventuretime.ooo' } expect(response.status).to eq(403) end end describe 'when logged in' do before do sign_in(user) end describe 'as a valid user' do let(:topic) { Fabricate(:topic, user: user) } it 'should return the right response' do user.update!(trust_level: TrustLevel[2]) expect do post "/t/#{topic.id}/invite.json", params: { email: 'someguy@email.com' } end.to change { Invite.where(invited_by_id: user.id).count }.by(1) expect(response.status).to eq(200) end end describe 'when user is a group manager' do let(:group) { Fabricate(:group).tap { |g| g.add_owner(user) } } let(:private_category) { Fabricate(:private_category, group: group) } let(:group_private_topic) do Fabricate(:topic, category: private_category, user: user) end let(:recipient) { 'jake@adventuretime.ooo' } it "should attach group to the invite" do post "/t/#{group_private_topic.id}/invite.json", params: { user: recipient } expect(response.status).to eq(200) expect(Invite.find_by(email: recipient).groups).to eq([group]) end end describe 'when topic id is invalid' do it 'should return the right response' do post "/t/999/invite.json", params: { email: Fabricate(:user).email } expect(response.status).to eq(400) end end it 'requires an email parameter' do post "/t/#{topic.id}/invite.json" expect(response.status).to eq(400) end describe 'when user does not have permission to invite to the topic' do let(:topic) { Fabricate(:private_message_topic) } it "should return the right response" do post "/t/#{topic.id}/invite.json", params: { user: user.username } expect(response.status).to eq(403) end end end describe "when inviting a group to a topic" do let(:group) { Fabricate(:group) } before do sign_in(Fabricate(:admin)) end it "should work correctly" do email = 'hiro@from.heros' post "/t/#{topic.id}/invite.json", params: { email: email, group_ids: group.id } expect(response.status).to eq(200) groups = Invite.find_by(email: email).groups expect(groups.count).to eq(1) expect(groups.first.id).to eq(group.id) end end end describe 'invite_group' do let(:admins) { Group[:admins] } let(:pm) { Fabricate(:private_message_topic) } def invite_group(topic, expected_status) post "/t/#{topic.id}/invite-group.json", params: { group: admins.name } expect(response.status).to eq(expected_status) end before do admins.update!(messageable_level: Group::ALIAS_LEVELS[:everyone]) end describe 'as an anon user' do it 'should be forbidden' do invite_group(pm, 403) end end describe 'as a normal user' do let!(:user) { sign_in(Fabricate(:user)) } describe 'when user does not have permission to view the topic' do it 'should be forbidden' do invite_group(pm, 403) end end describe 'when user has permission to view the topic' do before do pm.allowed_users << user end it 'should allow user to invite group to topic' do invite_group(pm, 200) expect(pm.allowed_groups.first.id).to eq(admins.id) end end end describe 'as an admin user' do let!(:admin) { sign_in(Fabricate(:admin)) } it "disallows inviting a group to a topic" do topic = Fabricate(:topic) invite_group(topic, 422) end it "allows inviting a group to a PM" do invite_group(pm, 200) expect(pm.allowed_groups.first.id).to eq(admins.id) end end end describe 'shared drafts' do let(:shared_drafts_category) { Fabricate(:category) } let(:category) { Fabricate(:category) } before do SiteSetting.shared_drafts_category = shared_drafts_category.id end describe "#update_shared_draft" do let(:other_cat) { Fabricate(:category) } let(:category) { Fabricate(:category) } let(:topic) { Fabricate(:topic, category: shared_drafts_category, visible: false) } context "anonymous" do it "doesn't allow staff to update the shared draft" do put "/t/#{topic.id}/shared-draft.json", params: { category_id: other_cat.id } expect(response.code.to_i).to eq(403) end end context "as a moderator" do let(:moderator) { Fabricate(:moderator) } before do sign_in(moderator) end context "with a shared draft" do let!(:shared_draft) { Fabricate(:shared_draft, topic: topic, category: category) } it "allows staff to update the category id" do put "/t/#{topic.id}/shared-draft.json", params: { category_id: other_cat.id } expect(response).to be_success topic.reload expect(topic.shared_draft.category_id).to eq(other_cat.id) end end context "without a shared draft" do it "allows staff to update the category id" do put "/t/#{topic.id}/shared-draft.json", params: { category_id: other_cat.id } expect(response).to be_success topic.reload expect(topic.shared_draft.category_id).to eq(other_cat.id) end end end end describe "#publish" do let(:category) { Fabricate(:category) } let(:topic) { Fabricate(:topic, category: shared_drafts_category, visible: false) } let(:shared_draft) { Fabricate(:shared_draft, topic: topic, category: category) } let(:moderator) { Fabricate(:moderator) } it "fails for anonymous users" do put "/t/#{topic.id}/publish.json", params: { destination_category_id: category.id } expect(response.status).to eq(403) end it "fails as a regular user" do sign_in(Fabricate(:user)) put "/t/#{topic.id}/publish.json", params: { destination_category_id: category.id } expect(response.status).to eq(403) end context "as staff" do before do sign_in(moderator) end it "will publish the topic" do put "/t/#{topic.id}/publish.json", params: { destination_category_id: category.id } expect(response.status).to eq(200) json = ::JSON.parse(response.body)['basic_topic'] result = Topic.find(json['id']) expect(result.category_id).to eq(category.id) expect(result.visible).to eq(true) end end end end end