discourse/spec/serializers/post_serializer_spec.rb

235 lines
8.2 KiB
Ruby

# frozen_string_literal: true
require 'rails_helper'
describe PostSerializer do
fab!(:post) { Fabricate(:post) }
context "a post with lots of actions" do
fab!(:actor) { Fabricate(:user) }
fab!(:admin) { Fabricate(:admin) }
let(:acted_ids) {
PostActionType.public_types.values
.concat([:notify_user, :spam].map { |k| PostActionType.types[k] })
}
def visible_actions_for(user)
serializer = PostSerializer.new(post, scope: Guardian.new(user), root: false)
# NOTE this is messy, we should extract all this logic elsewhere
serializer.post_actions = PostAction.counts_for([post], actor)[post.id] if user.try(:id) == actor.id
actions = serializer.as_json[:actions_summary]
lookup = PostActionType.types.invert
actions.keep_if { |a| (a[:count] || 0) > 0 }.map { |a| lookup[a[:id]] }
end
before do
acted_ids.each do |id|
PostActionCreator.new(actor, post, id).perform
end
post.reload
end
it "displays the correct info" do
expect(visible_actions_for(actor).sort).to eq([:like, :notify_user, :spam])
expect(visible_actions_for(post.user).sort).to eq([:like])
expect(visible_actions_for(nil).sort).to eq([:like])
expect(visible_actions_for(admin).sort).to eq([:like, :notify_user, :spam])
end
it "can't flag your own post to notify yourself" do
serializer = PostSerializer.new(post, scope: Guardian.new(post.user), root: false)
notify_user_action = serializer.actions_summary.find { |a| a[:id] == PostActionType.types[:notify_user] }
expect(notify_user_action).to be_blank
end
it "should not allow user to flag post and notify non human user" do
post.update!(user: Discourse.system_user)
serializer = PostSerializer.new(post,
scope: Guardian.new(actor),
root: false
)
notify_user_action = serializer.actions_summary.find do |a|
a[:id] == PostActionType.types[:notify_user]
end
expect(notify_user_action).to eq(nil)
end
end
context "a post with reviewable content" do
let!(:reviewable) { PostActionCreator.spam(Fabricate(:user), post).reviewable }
it "includes the reviewable data" do
json = PostSerializer.new(post, scope: Guardian.new(Fabricate(:moderator)), root: false).as_json
expect(json[:reviewable_id]).to eq(reviewable.id)
expect(json[:reviewable_score_count]).to eq(1)
expect(json[:reviewable_score_pending_count]).to eq(1)
end
end
context "a post by a nuked user" do
before do
post.update!(
user_id: nil,
deleted_at: Time.zone.now
)
end
subject { PostSerializer.new(post, scope: Guardian.new(Fabricate(:admin)), root: false).as_json }
it "serializes correctly" do
[:name, :username, :display_username, :avatar_template, :user_title, :trust_level].each do |attr|
expect(subject[attr]).to be_nil
end
[:moderator, :staff, :yours].each do |attr|
expect(subject[attr]).to eq(false)
end
end
end
context "display_username" do
let(:user) { post.user }
let(:serializer) { PostSerializer.new(post, scope: Guardian.new, root: false) }
let(:json) { serializer.as_json }
it "returns the display_username it when `enable_names` is on" do
SiteSetting.enable_names = true
expect(json[:display_username]).to be_present
end
it "doesn't return the display_username it when `enable_names` is off" do
SiteSetting.enable_names = false
expect(json[:display_username]).to be_blank
end
end
context "a hidden post with add_raw enabled" do
let(:user) { Fabricate.build(:user, id: 101) }
let(:raw) { "Raw contents of the post." }
def serialized_post_for_user(u)
s = PostSerializer.new(post, scope: Guardian.new(u), root: false)
s.add_raw = true
s.as_json
end
context "a public post" do
let(:post) { Fabricate.build(:post, raw: raw, user: user) }
it "includes the raw post for everyone" do
[nil, user, Fabricate(:user), Fabricate(:moderator), Fabricate(:admin)].each do |user|
expect(serialized_post_for_user(user)[:raw]).to eq(raw)
end
end
end
context "a hidden post" do
let(:post) { Fabricate.build(:post, raw: raw, user: user, hidden: true, hidden_reason_id: Post.hidden_reasons[:flag_threshold_reached]) }
it "shows the raw post only if authorized to see it" do
expect(serialized_post_for_user(nil)[:raw]).to eq(nil)
expect(serialized_post_for_user(Fabricate(:user))[:raw]).to eq(nil)
expect(serialized_post_for_user(user)[:raw]).to eq(raw)
expect(serialized_post_for_user(Fabricate(:moderator))[:raw]).to eq(raw)
expect(serialized_post_for_user(Fabricate(:admin))[:raw]).to eq(raw)
end
it "can view edit history only if authorized" do
expect(serialized_post_for_user(nil)[:can_view_edit_history]).to eq(false)
expect(serialized_post_for_user(Fabricate(:user))[:can_view_edit_history]).to eq(false)
expect(serialized_post_for_user(user)[:can_view_edit_history]).to eq(true)
expect(serialized_post_for_user(Fabricate(:moderator))[:can_view_edit_history]).to eq(true)
expect(serialized_post_for_user(Fabricate(:admin))[:can_view_edit_history]).to eq(true)
end
end
context "a hidden revised post" do
fab!(:post) { Fabricate(:post, raw: 'Hello world!', hidden: true) }
before do
SiteSetting.editing_grace_period_max_diff = 1
revisor = PostRevisor.new(post)
revisor.revise!(post.user, raw: 'Hello, everyone!')
end
it "will not leak version to users" do
json = PostSerializer.new(post, scope: Guardian.new(user), root: false).as_json
expect(json[:version]).to eq(1)
end
it "will show real version to staff" do
json = PostSerializer.new(post, scope: Guardian.new(Fabricate(:admin)), root: false).as_json
expect(json[:version]).to eq(2)
end
end
context "a public wiki post" do
let(:post) { Fabricate.build(:post, raw: raw, user: user, wiki: true) }
it "can view edit history" do
[nil, user, Fabricate(:user), Fabricate(:moderator), Fabricate(:admin)].each do |user|
expect(serialized_post_for_user(user)[:can_view_edit_history]).to eq(true)
end
end
end
context "a hidden wiki post" do
let(:post) {
Fabricate.build(
:post,
raw: raw,
user: user,
wiki: true,
hidden: true,
hidden_reason_id: Post.hidden_reasons[:flag_threshold_reached])
}
it "can view edit history only if authorized" do
expect(serialized_post_for_user(nil)[:can_view_edit_history]).to eq(false)
expect(serialized_post_for_user(Fabricate(:user))[:can_view_edit_history]).to eq(false)
expect(serialized_post_for_user(user)[:can_view_edit_history]).to eq(true)
expect(serialized_post_for_user(Fabricate(:moderator))[:can_view_edit_history]).to eq(true)
expect(serialized_post_for_user(Fabricate(:admin))[:can_view_edit_history]).to eq(true)
end
end
end
context "a post with notices" do
fab!(:user) { Fabricate(:user, trust_level: 1) }
fab!(:user_tl1) { Fabricate(:user, trust_level: 1) }
fab!(:user_tl2) { Fabricate(:user, trust_level: 2) }
let(:post) {
post = Fabricate(:post, user: user)
post.custom_fields[Post::NOTICE_TYPE] = Post.notices[:returning_user]
post.custom_fields[Post::NOTICE_ARGS] = 1.day.ago
post.save_custom_fields
post
}
def json_for_user(user)
PostSerializer.new(post, scope: Guardian.new(user), root: false).as_json
end
it "is visible for TL2+ users (except poster)" do
expect(json_for_user(nil)[:notice_type]).to eq(nil)
expect(json_for_user(user)[:notice_type]).to eq(nil)
SiteSetting.returning_user_notice_tl = 2
expect(json_for_user(user_tl1)[:notice_type]).to eq(nil)
expect(json_for_user(user_tl2)[:notice_type]).to eq(Post.notices[:returning_user])
SiteSetting.returning_user_notice_tl = 1
expect(json_for_user(user_tl1)[:notice_type]).to eq(Post.notices[:returning_user])
expect(json_for_user(user_tl2)[:notice_type]).to eq(Post.notices[:returning_user])
end
end
end