require File.dirname(__FILE__) + '/../test_helper' class UserBlocksTest < ActionController::IntegrationTest fixtures :users, :user_blocks, :user_roles def auth_header(user, pass) {"HTTP_AUTHORIZATION" => "Basic %s" % Base64.encode64("#{user}:#{pass}")} end def test_api_blocked blocked_user = users(:public_user) get "/api/#{API_VERSION}/user/details" assert_response :unauthorized get "/api/#{API_VERSION}/user/details", nil, auth_header(blocked_user.display_name, "test") assert_response :success # now block the user UserBlock.create(:user_id => blocked_user.id, :creator_id => users(:moderator_user).id, :reason => "testing", :ends_at => Time.now.getutc + 5.minutes) get "/api/#{API_VERSION}/user/details", nil, auth_header(blocked_user.display_name, "test") assert_response :forbidden end def test_api_revoke blocked_user = users(:public_user) moderator = users(:moderator_user) block = UserBlock.create(:user_id => blocked_user.id, :creator_id => moderator.id, :reason => "testing", :ends_at => Time.now.getutc + 5.minutes) get "/api/#{API_VERSION}/user/details", nil, auth_header(blocked_user.display_name, "test") assert_response :forbidden # revoke the ban get '/login' assert_response :redirect assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true" follow_redirect! assert_response :success post '/login', {'user[email]' => moderator.email, 'user[password]' => "test", :referer => "/blocks/#{block.id}/revoke"} assert_response :redirect follow_redirect! assert_response :success assert_template 'user_blocks/revoke' post "/blocks/#{block.id}/revoke", {'confirm' => "yes"} assert_response :redirect follow_redirect! assert_response :success assert_template 'user_blocks/show' reset! # access the API again. this time it should work get "/api/#{API_VERSION}/user/details", nil, auth_header(blocked_user.display_name, "test") assert_response :success end end