jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
aea3837f9af9f83dd82c1915213490101de5413d
danbooru/test/unit/user_deletion_test.rb
evazion aea3837f9a users: delete accounts with invalid names. 
Add a fix script to delete all accounts with invalid usernames. Also
change it so the owner-level user can delete accounts belonging to other
users.

Users who have logged in in the last year and who have a valid email
address will be given a one week warning. After that all accounts with
invalid names will be deleted. Anyone who has visited the site in the
last 6 months will have already seen a warning page that their name must
be changed to keep using the site.
2022-09-19 05:09:44 -05:00

106 lines
3.2 KiB
Ruby
Raw Blame History

require 'test_helper'
class UserDeletionTest < ActiveSupport::TestCase
setup do
@request = mock
@request.stubs(:remote_ip).returns("1.1.1.1")
@request.stubs(:user_agent).returns("Firefox")
@request.stubs(:session).returns(session_id: "1234")
end
context "an invalid user deletion" do
context "for an invalid password" do
should "fail" do
@user = create(:user)
@deletion = UserDeletion.new(user: @user, password: "wrongpassword", request: @request)
@deletion.delete!
assert_includes(@deletion.errors[:base], "Password is incorrect")
end
end
context "for an admin" do
should "fail" do
@user = create(:admin_user)
@deletion = UserDeletion.new(user: @user, password: "password", request: @request)
@deletion.delete!
assert_includes(@deletion.errors[:base], "Admins cannot delete their account")
end
end
context "for a banned user" do
should "fail" do
@user = create(:banned_user)
@deletion = UserDeletion.new(user: @user, password: "password", request: @request)
@deletion.delete!
assert_includes(@deletion.errors[:base], "You cannot delete your account if you are banned")
end
end
end
context "a valid user deletion" do
setup do
@user = create(:user, name: "foo", email_address: build(:email_address))
@deletion = UserDeletion.new(user: @user, password: "password", request: @request)
end
should "blank out the email" do
@deletion.delete!
assert_nil(@user.reload.email_address)
end
should "rename the user" do
@deletion.delete!
assert_equal("user_#{@user.id}", @user.reload.name)
end
should "generate a user name change request" do
assert_difference("UserNameChangeRequest.count") do
@deletion.delete!
end
assert_equal("foo", UserNameChangeRequest.last.original_name)
assert_equal("user_#{@user.id}", UserNameChangeRequest.last.desired_name)
end
should "reset the password" do
@deletion.delete!
assert_equal(false, @user.authenticate_password("password"))
end
should "generate a modaction" do
@deletion.delete!
assert_match(/deleted user ##{@user.id}/, ModAction.last.description)
end
should "remove any favorites" do
@post = create(:post)
Favorite.create!(post: @post, user: @user)
perform_enqueued_jobs { @deletion.delete! }
assert_equal(0, Favorite.count)
assert_equal(0, @post.reload.fav_count)
end
end
context "deleting another user's account" do
should "work for the owner-level user" do
@user = create(:user)
@deletion = UserDeletion.new(user: @user, deleter: create(:owner_user))
@deletion.delete!
assert_equal("user_#{@user.id}", @user.reload.name)
assert_equal(true, ModAction.exists?(description: "deleted user ##{@user.id}", creator: @deletion.deleter))
end
should "not work for other users" do
@user = create(:user)
@deletion = UserDeletion.new(user: @user, deleter: create(:admin_user))
@deletion.delete!
assert_not_equal("user_#{@user.id}", @user.reload.name)
assert_equal(0, ModAction.count)
end
end
end
Reference in New Issue View Git Blame Copy Permalink