Added better messages and error handling in a couple of places. Added integration...
[rails.git] / test / integration / user_blocks_test.rb
1 require File.dirname(__FILE__) + '/../test_helper'
2
3 class UserBlocksTest < ActionController::IntegrationTest
4   fixtures :users, :user_blocks
5
6   def auth_header(user, pass)
7     {"HTTP_AUTHORIZATION" => "Basic %s" % Base64.encode64("#{user}:#{pass}")}
8   end
9
10   def test_api_blocked
11     blocked_user = users(:public_user)
12
13     get "/api/#{API_VERSION}/user/details"
14     assert_response :unauthorized
15
16     get "/api/#{API_VERSION}/user/details", nil, auth_header(blocked_user.display_name, "test")
17     assert_response :success
18
19     # now block the user
20     UserBlock.create(:user_id => blocked_user.id,
21                      :creator_id => users(:moderator_user).id,
22                      :reason => "testing",
23                      :ends_at => Time.now.getutc + 5.minutes)
24     get "/api/#{API_VERSION}/user/details", nil, auth_header(blocked_user.display_name, "test")
25     assert_response :forbidden
26   end
27
28   def test_api_revoke
29     blocked_user = users(:public_user)
30     moderator = users(:moderator_user)
31
32     block = UserBlock.create(:user_id => blocked_user.id,
33                              :creator_id => moderator.id,
34                              :reason => "testing",
35                              :ends_at => Time.now.getutc + 5.minutes)
36     get "/api/#{API_VERSION}/user/details", nil, auth_header(blocked_user.display_name, "test")
37     assert_response :forbidden
38
39     # revoke the ban
40     post '/login', {'user[email]' => moderator.email, 'user[password]' => "test", :referer => "/blocks/#{block.id}/revoke"}
41     assert_response :redirect
42     follow_redirect!
43     assert_response :success
44     assert_template 'user_blocks/revoke'
45     post "/blocks/#{block.id}/revoke", {'confirm' => "yes"}
46     assert_response :redirect
47     follow_redirect!
48     assert_response :success
49     assert_template 'user_blocks/show'
50     reset!
51
52     # access the API again. this time it should work
53     get "/api/#{API_VERSION}/user/details", nil, auth_header(blocked_user.display_name, "test")
54     assert_response :success
55   end
56 end