jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

pundit: convert user feedbacks to pundit.

Browse Source 
Allow users to delete feedbacks they've given to other users, not just
mods.
This commit is contained in:
evazion
2020-03-17 05:52:38 -05:00
parent 565a6572a7
commit 4cd0b2cbfe
9 changed files with 95 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
test/functional/user_feedbacks_controller_test.rb
View File

@@ -23,12 +23,33 @@ class UserFeedbacksControllerTest < ActionDispatch::IntegrationTest
end
end
context "show action" do
should "allow all users to see undeleted feedbacks" do
get user_feedback_path(@user_feedback)
assert_response :success
end
should "allow moderators to see deleted feedbacks" do
as(@user) { @user_feedback.update!(is_deleted: true) }
get_auth user_feedback_path(@user_feedback), @mod
assert_response :success
end
end
context "index action" do
should "render" do
get_auth user_feedbacks_path, @user
assert_response :success
end
should "not allow members to see deleted feedbacks" do
as(@user) { @user_feedback.update!(is_deleted: true) }
get_auth user_feedbacks_path, @user
assert_response :success
assert_select "tr#user-feedback-#{@user_feedback.id}", false
end
context "with search parameters" do
should "render" do
get_auth user_feedbacks_path, @critic, params: {:search => {:user_id => @user.id}}
@@ -38,31 +59,53 @@ class UserFeedbacksControllerTest < ActionDispatch::IntegrationTest
end
context "create action" do
should "create a new feedback" do
should "allow gold users to create new feedbacks" do
assert_difference("UserFeedback.count", 1) do
post_auth user_feedbacks_path, @critic, params: {:user_feedback => {:category => "positive", :user_name => @user.name, :body => "xxx"}}
assert_response :redirect
end
end
should "not allow users to create feedbacks for themselves" do
assert_no_difference("UserFeedback.count") do
post_auth user_feedbacks_path, @critic, params: { user_feedback: { user_id: @critic.id, category: "positive", body: "xxx" }}
assert_response 403
end
end
end
context "update action" do
should "update the feedback" do
should "allow updating undeleted feedbacks" do
put_auth user_feedback_path(@user_feedback), @critic, params: { user_feedback: { category: "positive" }}
assert_redirected_to(@user_feedback)
assert("positive", @user_feedback.reload.category)
assert_equal("positive", @user_feedback.reload.category)
end
should "not allow updating deleted feedbacks" do
as(@user) { @user_feedback.update!(is_deleted: true) }
put_auth user_feedback_path(@user_feedback), @critic, params: { user_feedback: { body: "test" }}
assert_response 403
end
should "allow deleting feedbacks given to others" do
put_auth user_feedback_path(@user_feedback), @critic, params: { user_feedback: { is_deleted: true }}
assert_response :redirect
assert_equal(true, @user_feedback.reload.is_deleted)
end
context "by a moderator" do
should "allow deleting feedbacks given to other users" do
should "allow updating feedbacks given to other users" do
put_auth user_feedback_path(@user_feedback), @mod, params: { user_feedback: { is_deleted: "true" }}
assert_redirected_to @user_feedback
assert(@user_feedback.reload.is_deleted?)
end
should "not allow deleting feedbacks given to themselves" do
@user_feedback = as(@critic) { create(:user_feedback, user: @mod) }
should "not allow updating feedbacks given to themselves" do
@user_feedback = create(:user_feedback, user: @mod, creator: @mod)
put_auth user_feedback_path(@user_feedback), @mod, params: { id: @user_feedback.id, user_feedback: { is_deleted: "true" }}
assert_response 403