mirror of
https://github.com/discourse/discourse.git
synced 2025-02-14 23:35:00 +00:00
8ebd5edd1e
This commit renames all secure_media related settings to secure_uploads_* along with the associated functionality. This is being done because "media" does not really cover it, we aren't just doing this for images and videos etc. but for all uploads in the site. Additionally, in future we want to secure more types of uploads, and enable a kind of "mixed mode" where some uploads are secure and some are not, so keeping media in the name is just confusing. This also keeps compatibility with the `secure-media-uploads` path, and changes new secure URLs to be `secure-uploads`. Deprecated settings: * secure_media -> secure_uploads * secure_media_allow_embed_images_in_emails -> secure_uploads_allow_embed_images_in_emails * secure_media_max_email_embed_image_size_kb -> secure_uploads_max_email_embed_image_size_kb
632 lines
19 KiB
Ruby
632 lines
19 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
RSpec.describe TopicViewSerializer do
|
|
def serialize_topic(topic, user_arg)
|
|
topic_view = TopicView.new(topic.id, user_arg)
|
|
serializer = TopicViewSerializer.new(topic_view, scope: Guardian.new(user_arg), root: false).as_json
|
|
JSON.parse(MultiJson.dump(serializer)).deep_symbolize_keys!
|
|
end
|
|
|
|
before do
|
|
# ensure no suggested ids are cached cause that can muck up suggested
|
|
RandomTopicSelector.clear_cache!
|
|
end
|
|
|
|
fab!(:topic) { Fabricate(:topic) }
|
|
fab!(:user) { Fabricate(:user) }
|
|
fab!(:user_2) { Fabricate(:user) }
|
|
fab!(:admin) { Fabricate(:admin) }
|
|
|
|
describe '#featured_link and #featured_link_root_domain' do
|
|
fab!(:featured_link) { 'http://meta.discourse.org' }
|
|
|
|
describe 'when topic featured link is disable' do
|
|
it 'should return the right attributes' do
|
|
topic.update!(featured_link: featured_link)
|
|
SiteSetting.topic_featured_link_enabled = false
|
|
|
|
json = serialize_topic(topic, user)
|
|
|
|
expect(json[:featured_link]).to eq(nil)
|
|
expect(json[:featured_link_root_domain]).to eq(nil)
|
|
end
|
|
end
|
|
|
|
describe 'when topic featured link is enabled' do
|
|
it 'should return the right attributes' do
|
|
topic.update!(featured_link: featured_link)
|
|
|
|
json = serialize_topic(topic, user)
|
|
|
|
expect(json[:featured_link]).to eq(featured_link)
|
|
expect(json[:featured_link_root_domain]).to eq('discourse.org')
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '#external_id' do
|
|
describe 'when a topic has an external_id' do
|
|
before { topic.update!(external_id: '42-asdf') }
|
|
|
|
it 'should return the external_id' do
|
|
json = serialize_topic(topic, user)
|
|
expect(json[:external_id]).to eq('42-asdf')
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '#image_url' do
|
|
fab!(:image_upload) { Fabricate(:image_upload, width: 5000, height: 5000) }
|
|
|
|
describe 'when a topic has an image' do
|
|
before { topic.update!(image_upload_id: image_upload.id) }
|
|
|
|
it 'should return the image url' do
|
|
json = serialize_topic(topic, user)
|
|
|
|
expect(json[:image_url]).to end_with(image_upload.url)
|
|
end
|
|
|
|
it 'should have thumbnail jobs enqueued' do
|
|
SiteSetting.create_thumbnails = true
|
|
|
|
Discourse.redis.del(topic.thumbnail_job_redis_key([]))
|
|
json = nil
|
|
|
|
expect do
|
|
json = serialize_topic(topic, user)
|
|
end.to change { Jobs::GenerateTopicThumbnails.jobs.size }.by(1)
|
|
|
|
topic.generate_thumbnails!
|
|
|
|
expect do
|
|
json = serialize_topic(topic, user)
|
|
end.not_to change { Jobs::GenerateTopicThumbnails.jobs.size }
|
|
end
|
|
end
|
|
|
|
describe 'when a topic does not contain an image' do
|
|
it 'should return a nil image url' do
|
|
|
|
json = serialize_topic(topic, user)
|
|
|
|
expect(json.has_key? :image_url).to eq(true)
|
|
expect(json[:image_url]).to eq(nil)
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '#suggested_topics' do
|
|
before do
|
|
SiteSetting.enable_personal_messages = false
|
|
Group.refresh_automatic_groups!
|
|
end
|
|
|
|
fab!(:topic2) { Fabricate(:topic) }
|
|
|
|
before do
|
|
TopicUser.update_last_read(user, topic2.id, 0, 0, 0)
|
|
end
|
|
|
|
describe 'when loading last chunk' do
|
|
it 'should include suggested topics' do
|
|
json = serialize_topic(topic, user)
|
|
|
|
expect(json[:suggested_topics].first[:id]).to eq(topic2.id)
|
|
end
|
|
end
|
|
|
|
describe 'when not loading last chunk' do
|
|
fab!(:post) { Fabricate(:post, topic: topic) }
|
|
fab!(:post2) { Fabricate(:post, topic: topic) }
|
|
|
|
it 'should not include suggested topics' do
|
|
post
|
|
post2
|
|
topic_view = TopicView.new(topic.id, user, post_ids: [post.id])
|
|
topic_view.next_page
|
|
json = described_class.new(topic_view, scope: Guardian.new(user), root: false).as_json
|
|
|
|
expect(json[:suggested_topics]).to eq(nil)
|
|
end
|
|
end
|
|
|
|
describe 'with private messages' do
|
|
before do
|
|
SiteSetting.enable_personal_messages = true
|
|
Group.refresh_automatic_groups!
|
|
end
|
|
|
|
fab!(:topic) do
|
|
Fabricate(:private_message_topic,
|
|
highest_post_number: 1,
|
|
topic_allowed_users: [
|
|
Fabricate.build(:topic_allowed_user, user: user)
|
|
]
|
|
)
|
|
end
|
|
|
|
fab!(:topic2) do
|
|
Fabricate(:private_message_topic,
|
|
highest_post_number: 1,
|
|
topic_allowed_users: [
|
|
Fabricate.build(:topic_allowed_user, user: user)
|
|
]
|
|
)
|
|
end
|
|
|
|
it 'includes suggested topics' do
|
|
TopicUser.change(user, topic2.id, notification_level: TopicUser.notification_levels[:tracking])
|
|
|
|
json = serialize_topic(topic, user)
|
|
expect(json[:suggested_topics].map { |t| t[:id] }).to contain_exactly(topic2.id)
|
|
end
|
|
|
|
it 'does not include suggested topics if all PMs are read' do
|
|
TopicUser.update_last_read(user, topic2.id, 1, 1, 0)
|
|
|
|
json = serialize_topic(topic, user)
|
|
expect(json[:suggested_topics]).to eq([])
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '#suggested_group_name' do
|
|
fab!(:pm) { Fabricate(:private_message_post).topic }
|
|
fab!(:group) { Fabricate(:group) }
|
|
|
|
before do
|
|
Group.refresh_automatic_groups!
|
|
end
|
|
|
|
it 'is nil for a regular topic' do
|
|
json = serialize_topic(topic, user)
|
|
|
|
expect(json[:suggested_group_name]).to eq(nil)
|
|
end
|
|
|
|
it 'is nil if user is an allowed user of the private message' do
|
|
pm.allowed_users << user
|
|
|
|
json = serialize_topic(pm, user)
|
|
|
|
expect(json[:suggested_group_name]).to eq(nil)
|
|
end
|
|
|
|
it 'returns the right group name if user is part of allowed group in the private message' do
|
|
pm.allowed_groups << group
|
|
group.add(user)
|
|
|
|
json = serialize_topic(pm, user)
|
|
|
|
expect(json[:suggested_group_name]).to eq(group.name)
|
|
end
|
|
end
|
|
|
|
describe 'when tags added to private message topics' do
|
|
fab!(:moderator) { Fabricate(:moderator) }
|
|
fab!(:tag) { Fabricate(:tag) }
|
|
fab!(:pm) do
|
|
Fabricate(:private_message_topic, tags: [tag], topic_allowed_users: [
|
|
Fabricate.build(:topic_allowed_user, user: moderator),
|
|
Fabricate.build(:topic_allowed_user, user: user)
|
|
])
|
|
end
|
|
|
|
fab!(:group) { Fabricate(:group) }
|
|
fab!(:pm_between_reg_users) do
|
|
Fabricate(:private_message_topic, tags: [tag], topic_allowed_users: [
|
|
Fabricate.build(:topic_allowed_user, user: user),
|
|
Fabricate.build(:topic_allowed_user, user: user_2)
|
|
])
|
|
end
|
|
|
|
before do
|
|
SiteSetting.tagging_enabled = true
|
|
SiteSetting.pm_tags_allowed_for_groups = "1|2|3|4"
|
|
end
|
|
|
|
it "should not include the tag for normal users" do
|
|
json = serialize_topic(pm, user)
|
|
expect(json[:tags]).to eq(nil)
|
|
end
|
|
|
|
it "should include the tag for staff users" do
|
|
[moderator, admin].each do |user|
|
|
json = serialize_topic(pm, user)
|
|
expect(json[:tags]).to eq([tag.name])
|
|
end
|
|
end
|
|
|
|
it "should include the tag for users in allowed groups" do
|
|
SiteSetting.pm_tags_allowed_for_groups = "1|2|3|#{group.id}"
|
|
|
|
user.group_users << Fabricate(:group_user, group: group, user: user)
|
|
json = serialize_topic(pm_between_reg_users, user)
|
|
expect(json[:tags]).to eq([tag.name])
|
|
|
|
json = serialize_topic(pm_between_reg_users, user_2)
|
|
expect(json[:tags]).to eq(nil)
|
|
end
|
|
|
|
it "should not include the tag if pm tags disabled" do
|
|
SiteSetting.pm_tags_allowed_for_groups = ""
|
|
|
|
[moderator, admin].each do |user|
|
|
json = serialize_topic(pm, user)
|
|
expect(json[:tags]).to eq(nil)
|
|
end
|
|
end
|
|
end
|
|
|
|
describe 'with hidden tags' do
|
|
fab!(:hidden_tag) { Fabricate(:tag, name: 'hidden') }
|
|
fab!(:staff_tag_group) { Fabricate(:tag_group, permissions: { "staff" => 1 }, tag_names: [hidden_tag.name]) }
|
|
|
|
before do
|
|
topic.tags << hidden_tag
|
|
end
|
|
|
|
it 'returns hidden tag to staff' do
|
|
json = serialize_topic(topic, admin)
|
|
expect(json[:tags]).to eq([hidden_tag.name])
|
|
end
|
|
|
|
it 'does not return hidden tag to non-staff' do
|
|
json = serialize_topic(topic, user)
|
|
expect(json[:tags]).to eq([])
|
|
end
|
|
end
|
|
|
|
describe 'tags order' do
|
|
fab!(:tag1) { Fabricate(:tag, name: 'ctag', description: "c description", topic_count: 5) }
|
|
fab!(:tag2) { Fabricate(:tag, name: 'btag', description: "b description", topic_count: 9) }
|
|
fab!(:tag3) { Fabricate(:tag, name: 'atag', description: "a description", topic_count: 3) }
|
|
|
|
before do
|
|
topic.tags << tag1
|
|
topic.tags << tag2
|
|
topic.tags << tag3
|
|
end
|
|
|
|
it 'tags are automatically sorted by tag popularity' do
|
|
json = serialize_topic(topic, user)
|
|
expect(json[:tags]).to eq(%w(btag ctag atag))
|
|
expect(json[:tags_descriptions]).to eq({ btag: "b description", ctag: "c description", atag: "a description" })
|
|
end
|
|
|
|
it 'tags can be sorted alphabetically' do
|
|
SiteSetting.tags_sort_alphabetically = true
|
|
json = serialize_topic(topic, user)
|
|
expect(json[:tags]).to eq(%w(atag btag ctag))
|
|
end
|
|
end
|
|
|
|
context "with flags" do
|
|
fab!(:post) { Fabricate(:post, topic: topic) }
|
|
fab!(:other_post) { Fabricate(:post, topic: topic) }
|
|
|
|
it "will return reviewable counts on posts" do
|
|
r = PostActionCreator.inappropriate(Fabricate(:user), post).reviewable
|
|
r.perform(admin, :agree_and_keep)
|
|
PostActionCreator.spam(Fabricate(:user), post)
|
|
|
|
json = serialize_topic(topic, admin)
|
|
p0 = json[:post_stream][:posts][0]
|
|
expect(p0[:id]).to eq(post.id)
|
|
expect(p0[:reviewable_score_count]).to eq(2)
|
|
expect(p0[:reviewable_score_pending_count]).to eq(1)
|
|
|
|
p1 = json[:post_stream][:posts][1]
|
|
expect(p1[:reviewable_score_count]).to eq(0)
|
|
expect(p1[:reviewable_score_pending_count]).to eq(0)
|
|
end
|
|
end
|
|
|
|
describe "pending posts" do
|
|
context "when the queue is enabled" do
|
|
before do
|
|
SiteSetting.approve_post_count = 1
|
|
end
|
|
|
|
fab!(:queued_post) do
|
|
ReviewableQueuedPost.needs_review!(
|
|
topic: topic,
|
|
payload: { raw: "hello my raw contents" },
|
|
created_by: user
|
|
)
|
|
end
|
|
|
|
it "returns a pending_posts_count when the queue is enabled" do
|
|
json = serialize_topic(topic, admin)
|
|
expect(json[:queued_posts_count]).to eq(1)
|
|
end
|
|
|
|
it "returns a user's pending posts" do
|
|
json = serialize_topic(topic, user)
|
|
expect(json[:queued_posts_count]).to be_nil
|
|
|
|
post = json[:pending_posts].find { |p| p[:id] = queued_post.id }
|
|
expect(post[:raw]).to eq("hello my raw contents")
|
|
expect(post).to be_present
|
|
end
|
|
end
|
|
end
|
|
|
|
context "without an enabled queue" do
|
|
it "returns nil for the count" do
|
|
json = serialize_topic(topic, admin)
|
|
expect(json[:queued_posts_count]).to be_nil
|
|
expect(json[:pending_posts]).to be_nil
|
|
end
|
|
end
|
|
|
|
context "with details" do
|
|
it "returns the details object" do
|
|
PostCreator.create!(user, topic_id: topic.id, raw: "this is my post content")
|
|
topic.topic_links.create!(user: user, url: 'https://discourse.org', domain: 'discourse.org', clicks: 100)
|
|
json = serialize_topic(topic, admin)
|
|
|
|
details = json[:details]
|
|
expect(details).to be_present
|
|
expect(details[:created_by][:id]).to eq(topic.user_id)
|
|
expect(details[:last_poster][:id]).to eq(user.id)
|
|
expect(details[:notification_level]).to be_present
|
|
expect(details[:can_move_posts]).to eq(true)
|
|
expect(details[:can_flag_topic]).to eq(true)
|
|
expect(details[:can_review_topic]).to eq(true)
|
|
expect(details[:links][0][:clicks]).to eq(100)
|
|
|
|
participant = details[:participants].find { |p| p[:id] == user.id }
|
|
expect(participant[:post_count]).to eq(1)
|
|
end
|
|
|
|
it "returns extra fields for a personal message" do
|
|
group = Fabricate(:group)
|
|
GroupUser.create(group: group, user: user)
|
|
GroupUser.create(group: group, user: admin)
|
|
|
|
group2 = Fabricate(:group)
|
|
GroupUser.create(group: group2, user: user)
|
|
|
|
pm = Fabricate(:private_message_topic)
|
|
pm.update(archetype: 'private_message')
|
|
pm.topic_allowed_groups.create!(group: group)
|
|
pm.topic_allowed_groups.create!(group: group2)
|
|
|
|
json = serialize_topic(pm, admin)
|
|
|
|
details = json[:details]
|
|
expect(details[:can_remove_self_id]).to eq(admin.id)
|
|
expect(details[:allowed_users].find { |au| au[:id] == pm.user_id }).to be_present
|
|
expect(details[:allowed_groups].find { |ag| ag[:id] == group.id }).to be_present
|
|
end
|
|
|
|
it "has can_publish_page if possible" do
|
|
SiteSetting.enable_page_publishing = true
|
|
|
|
json = serialize_topic(topic, user)
|
|
expect(json[:details][:can_publish_page]).to be_blank
|
|
|
|
json = serialize_topic(topic, admin)
|
|
expect(json[:details][:can_publish_page]).to eq(true)
|
|
end
|
|
|
|
context "with can_edit_tags" do
|
|
before do
|
|
SiteSetting.tagging_enabled = true
|
|
SiteSetting.min_trust_to_edit_wiki_post = 2
|
|
end
|
|
|
|
it "returns true when user can edit a wiki topic" do
|
|
post = Fabricate(:post, wiki: true)
|
|
topic = Fabricate(:topic, first_post: post)
|
|
|
|
json = serialize_topic(topic, user)
|
|
expect(json[:details][:can_edit_tags]).to be_nil
|
|
|
|
user.update!(trust_level: 2)
|
|
|
|
json = serialize_topic(topic, user)
|
|
expect(json[:details][:can_edit_tags]).to eq(true)
|
|
end
|
|
end
|
|
|
|
context "with can_edit" do
|
|
fab!(:group_user) { Fabricate(:group_user) }
|
|
fab!(:category) { Fabricate(:category, reviewable_by_group: group_user.group) }
|
|
fab!(:topic) { Fabricate(:topic, category: category) }
|
|
let(:user) { group_user.user }
|
|
|
|
before do
|
|
SiteSetting.enable_category_group_moderation = true
|
|
end
|
|
|
|
it 'explicitly returns can_edit' do
|
|
json = serialize_topic(topic, user)
|
|
expect(json[:details][:can_edit]).to eq(true)
|
|
|
|
topic.update!(category: nil)
|
|
|
|
json = serialize_topic(topic, user)
|
|
expect(json[:details][:can_edit]).to eq(false)
|
|
end
|
|
end
|
|
end
|
|
|
|
context "with published_page" do
|
|
fab!(:published_page) { Fabricate(:published_page, topic: topic) }
|
|
|
|
context "when page publishing is disabled" do
|
|
before do
|
|
SiteSetting.enable_page_publishing = false
|
|
end
|
|
|
|
it "doesn't return the published page if not enabled" do
|
|
json = serialize_topic(topic, admin)
|
|
expect(json[:published_page]).to be_blank
|
|
end
|
|
end
|
|
|
|
context "when page publishing is enabled" do
|
|
before do
|
|
SiteSetting.enable_page_publishing = true
|
|
end
|
|
|
|
context "when not staff" do
|
|
it "doesn't return the published page" do
|
|
json = serialize_topic(topic, user)
|
|
expect(json[:published_page]).to be_blank
|
|
end
|
|
end
|
|
|
|
context "when staff" do
|
|
it "returns the published page" do
|
|
json = serialize_topic(topic, admin)
|
|
expect(json[:published_page]).to be_present
|
|
expect(json[:published_page][:slug]).to eq(published_page.slug)
|
|
end
|
|
|
|
context "when secure uploads is enabled" do
|
|
before do
|
|
setup_s3
|
|
SiteSetting.secure_uploads = true
|
|
end
|
|
|
|
it "doesn't return the published page" do
|
|
json = serialize_topic(topic, admin)
|
|
expect(json[:published_page]).to be_blank
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
context "when viewing private messages when enable_category_group_moderation is enabled" do
|
|
fab!(:pm_topic) do
|
|
Fabricate(:private_message_topic, topic_allowed_users: [
|
|
Fabricate.build(:topic_allowed_user, user: user),
|
|
Fabricate.build(:topic_allowed_user, user: admin)
|
|
])
|
|
end
|
|
fab!(:post) { Fabricate(:post, topic: pm_topic) }
|
|
|
|
before do
|
|
SiteSetting.enable_category_group_moderation = true
|
|
end
|
|
|
|
# Ensure having enable_category_group_moderation turned on doesn't break private messages
|
|
it "should return posts" do
|
|
json = serialize_topic(pm_topic, user)
|
|
expect(json[:post_stream][:posts]).to be_present
|
|
end
|
|
end
|
|
|
|
describe '#user_last_posted_at' do
|
|
context 'when the slow mode is disabled' do
|
|
it 'returns nil' do
|
|
Fabricate(:topic_user, user: user, topic: topic, last_posted_at: 6.hours.ago)
|
|
|
|
json = serialize_topic(topic, user)
|
|
|
|
expect(json[:user_last_posted_at]).to be_nil
|
|
end
|
|
end
|
|
|
|
context 'when the slow mode is enabled' do
|
|
before { topic.update!(slow_mode_seconds: 1000) }
|
|
|
|
it 'returns nil if no user is given' do
|
|
json = serialize_topic(topic, nil)
|
|
|
|
expect(json[:user_last_posted_at]).to be_nil
|
|
end
|
|
|
|
it "returns nil if there's no topic_user association" do
|
|
json = serialize_topic(topic, user)
|
|
|
|
expect(json[:user_last_posted_at]).to be_nil
|
|
end
|
|
|
|
it 'returns the last time the user posted' do
|
|
Fabricate(:topic_user, user: user, topic: topic, last_posted_at: 6.hours.ago)
|
|
json = serialize_topic(topic, user)
|
|
|
|
expect(json[:user_last_posted_at]).to be_present
|
|
end
|
|
end
|
|
end
|
|
|
|
describe '#requested_group_name' do
|
|
fab!(:pm) { Fabricate(:private_message_post).topic }
|
|
fab!(:group) { Fabricate(:group) }
|
|
|
|
it 'should return the right group name when PM is a group membership request' do
|
|
pm.custom_fields[:requested_group_id] = group.id
|
|
pm.save!
|
|
|
|
user = pm.first_post.user
|
|
group.add_owner(user)
|
|
json = serialize_topic(pm, user)
|
|
|
|
expect(json[:requested_group_name]).to eq(group.name)
|
|
end
|
|
|
|
it 'should not include the attribute for a non group membership request PM' do
|
|
json = serialize_topic(pm, pm.first_post.user)
|
|
|
|
expect(json[:requested_group_name]).to eq(nil)
|
|
end
|
|
end
|
|
|
|
describe '#topic_timer' do
|
|
it 'does not include the attribute when topic does not have a topic timer' do
|
|
json = serialize_topic(topic, user)
|
|
|
|
expect(json[:topic_timer]).to eq(nil)
|
|
end
|
|
|
|
it 'includes the attribute when topic has a public topic timer' do
|
|
topic_timer = Fabricate(:topic_timer, topic: topic, execute_at: Time.utc(2022, 4, 6, 16, 23, 56))
|
|
json = serialize_topic(topic, user)
|
|
|
|
expect(json[:topic_timer][:id]).to eq(topic_timer.id)
|
|
expect(json[:topic_timer][:based_on_last_post]).to eq(false)
|
|
expect(json[:topic_timer][:category_id]).to eq(nil)
|
|
expect(json[:topic_timer][:duration_minutes]).to eq(nil)
|
|
expect(json[:topic_timer][:execute_at]).to eq('2022-04-06T16:23:56.000Z')
|
|
expect(json[:topic_timer][:status_type]).to eq("close")
|
|
end
|
|
|
|
it 'does not include the attribute for category topic timer where category is restricted to user' do
|
|
category = Fabricate(:category, read_restricted: true)
|
|
|
|
Fabricate(:topic_timer,
|
|
topic: topic,
|
|
category_id: category.id,
|
|
status_type:
|
|
TopicTimer.types[:publish_to_category]
|
|
)
|
|
|
|
json = serialize_topic(topic, user)
|
|
|
|
expect(json[:topic_timer]).to eq(nil)
|
|
end
|
|
|
|
it 'includes the attribute for category topic timer where category is not restricted to user' do
|
|
category = Fabricate(:category, read_restricted: false)
|
|
|
|
topic_timer = Fabricate(:topic_timer,
|
|
topic: topic,
|
|
category_id: category.id,
|
|
status_type:
|
|
TopicTimer.types[:publish_to_category]
|
|
)
|
|
|
|
json = serialize_topic(topic, user)
|
|
|
|
expect(json[:topic_timer][:id]).to eq(topic_timer.id)
|
|
end
|
|
end
|
|
end
|