X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/15b550182cd893468d4f12f89e94dedc95097e0c..ea610c8c3c006555cac91b8c238c82938f33aef7:/test/controllers/diary_entry_controller_test.rb diff --git a/test/controllers/diary_entry_controller_test.rb b/test/controllers/diary_entry_controller_test.rb index b953edd7c..d8e3f2946 100644 --- a/test/controllers/diary_entry_controller_test.rb +++ b/test/controllers/diary_entry_controller_test.rb @@ -1,7 +1,7 @@ require "test_helper" class DiaryEntryControllerTest < ActionController::TestCase - fixtures :users, :user_roles, :diary_entries, :diary_comments, :languages + fixtures :users, :user_roles, :diary_entries, :diary_comments, :languages, :friends include ActionView::Helpers::NumberHelper @@ -106,7 +106,7 @@ class DiaryEntryControllerTest < ActionController::TestCase assert_select "select#diary_entry_language_code", :count => 1 assert_select "input#latitude[name='diary_entry[latitude]']", :count => 1 assert_select "input#longitude[name='diary_entry[longitude]']", :count => 1 - assert_select "input[name=commit][type=submit][value=Save]", :count => 1 + assert_select "input[name=commit][type=submit][value=Publish]", :count => 1 assert_select "input[name=commit][type=submit][value=Edit]", :count => 1 assert_select "input[name=commit][type=submit][value=Preview]", :count => 1 assert_select "input", :count => 7 @@ -129,6 +129,8 @@ class DiaryEntryControllerTest < ActionController::TestCase assert_response :success assert_template :edit + assert_nil UserPreference.where(:user_id => users(:normal_user).id, :k => "diary.default_language").first + # Now try creating a diary entry assert_difference "DiaryEntry.count", 1 do post :new, { :commit => "save", @@ -145,6 +147,55 @@ class DiaryEntryControllerTest < ActionController::TestCase assert_equal new_latitude.to_f, entry.latitude assert_equal new_longitude.to_f, entry.longitude assert_equal new_language_code, entry.language_code + + assert_equal new_language_code, UserPreference.where(:user_id => users(:normal_user).id, :k => "diary.default_language").first.v + + new_language_code = "de" + + # Now try creating a diary entry in a different language + assert_difference "DiaryEntry.count", 1 do + post :new, { :commit => "save", + :diary_entry => { :title => new_title, :body => new_body, :latitude => new_latitude, + :longitude => new_longitude, :language_code => new_language_code } }, + { :user => users(:normal_user).id } + end + assert_response :redirect + assert_redirected_to :action => :list, :display_name => users(:normal_user).display_name + entry = DiaryEntry.order(:id).last + assert_equal users(:normal_user).id, entry.user_id + assert_equal new_title, entry.title + assert_equal new_body, entry.body + assert_equal new_latitude.to_f, entry.latitude + assert_equal new_longitude.to_f, entry.longitude + assert_equal new_language_code, entry.language_code + + assert_equal new_language_code, UserPreference.where(:user_id => users(:normal_user).id, :k => "diary.default_language").first.v + end + + def test_new_spammy + # Generate some spammy content + spammy_title = "Spam Spam Spam Spam Spam" + spammy_body = 1.upto(50).map { |n| "http://example.com/spam#{n}" }.join(" ") + + # Try creating a spammy diary entry + assert_difference "DiaryEntry.count", 1 do + post :new, { :commit => "save", + :diary_entry => { :title => spammy_title, :body => spammy_body, :language_code => "en" } }, + { :user => users(:normal_user).id } + end + assert_response :redirect + assert_redirected_to :action => :list, :display_name => users(:normal_user).display_name + entry = DiaryEntry.order(:id).last + assert_equal users(:normal_user).id, entry.user_id + assert_equal spammy_title, entry.title + assert_equal spammy_body, entry.body + assert_equal "en", entry.language_code + assert_equal "suspended", User.find(users(:normal_user).id).status + + # Follow the redirect + get :list, { :display_name => users(:normal_user).display_name }, { :user => users(:normal_user).id } + assert_response :redirect + assert_redirected_to :controller => :user, :action => :suspended end def test_edit @@ -287,7 +338,7 @@ class DiaryEntryControllerTest < ActionController::TestCase assert_match /New comment/, email.text_part.decoded assert_match /New comment/, email.html_part.decoded ActionMailer::Base.deliveries.clear - comment = DiaryComment.find(5) + comment = DiaryComment.order(:id).last assert_equal entry.id, comment.diary_entry_id assert_equal users(:public_user).id, comment.user_id assert_equal "New comment", comment.body @@ -296,13 +347,51 @@ class DiaryEntryControllerTest < ActionController::TestCase get :view, :display_name => entry.user.display_name, :id => entry.id assert_response :success assert_select ".diary-comment", :count => 1 do - assert_select "#comment5", :count => 1 do + assert_select "#comment#{comment.id}", :count => 1 do assert_select "a[href='/user/#{users(:public_user).display_name}']", :text => users(:public_user).display_name, :count => 1 end assert_select ".richtext", :text => /New comment/, :count => 1 end end + def test_comment_spammy + # Find the entry to comment on + entry = diary_entries(:normal_user_entry_1) + + # Generate some spammy content + spammy_text = 1.upto(50).map { |n| "http://example.com/spam#{n}" }.join(" ") + + # Try creating a spammy comment + assert_difference "ActionMailer::Base.deliveries.size", 1 do + assert_difference "DiaryComment.count", 1 do + post :comment, { :display_name => entry.user.display_name, :id => entry.id, :diary_comment => { :body => spammy_text } }, { :user => users(:public_user).id } + end + end + assert_response :redirect + assert_redirected_to :action => :view, :display_name => entry.user.display_name, :id => entry.id + email = ActionMailer::Base.deliveries.first + assert_equal [users(:normal_user).email], email.to + assert_equal "[OpenStreetMap] #{users(:public_user).display_name} commented on your diary entry", email.subject + assert_match %r{http://example.com/spam}, email.text_part.decoded + assert_match %r{http://example.com/spam}, email.html_part.decoded + ActionMailer::Base.deliveries.clear + comment = DiaryComment.order(:id).last + assert_equal entry.id, comment.diary_entry_id + assert_equal users(:public_user).id, comment.user_id + assert_equal spammy_text, comment.body + assert_equal "suspended", User.find(users(:public_user).id).status + + # Follow the redirect + get :list, { :display_name => users(:normal_user).display_name }, { :user => users(:public_user).id } + assert_response :redirect + assert_redirected_to :controller => :user, :action => :suspended + + # Now view the diary entry, and check the new comment is not present + get :view, :display_name => entry.user.display_name, :id => entry.id + assert_response :success + assert_select ".diary-comment", :count => 0 + end + def test_list_all # Try a list of all diary entries get :list @@ -430,34 +519,41 @@ class DiaryEntryControllerTest < ActionController::TestCase def test_view_hidden_comments # Get a diary entry that has hidden comments - get :view, :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_geo_entry).id + diary_entry = create(:diary_entry) + visible_comment = create(:diary_comment, :diary_entry => diary_entry) + suspended_user_comment = create(:diary_comment, :diary_entry => diary_entry, :user_id => users(:suspended_user).id) + deleted_user_comment = create(:diary_comment, :diary_entry => diary_entry, :user_id => users(:deleted_user).id) + hidden_comment = create(:diary_comment, :diary_entry => diary_entry, :visible => false) + + get :view, :display_name => users(:normal_user).display_name, :id => diary_entry.id assert_response :success assert_template :view assert_select "div.comments" do - assert_select "p#comment1", :count => 1 # visible comment - assert_select "p#comment2", :count => 0 # comment by suspended user - assert_select "p#comment3", :count => 0 # comment by deleted user - assert_select "p#comment4", :count => 0 # hidden comment + assert_select "p#comment#{visible_comment.id}", :count => 1 + assert_select "p#comment#{suspended_user_comment.id}", :count => 0 + assert_select "p#comment#{deleted_user_comment.id}", :count => 0 + assert_select "p#comment#{hidden_comment.id}", :count => 0 end end def test_hide # Try without logging in - post :hide, :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_entry_1).id + diary_entry = create(:diary_entry) + post :hide, :display_name => users(:normal_user).display_name, :id => diary_entry.id assert_response :forbidden - assert_equal true, DiaryEntry.find(diary_entries(:normal_user_entry_1).id).visible + assert_equal true, DiaryEntry.find(diary_entry.id).visible # Now try as a normal user - post :hide, { :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_entry_1).id }, { :user => users(:normal_user).id } + post :hide, { :display_name => users(:normal_user).display_name, :id => diary_entry.id }, { :user => users(:normal_user).id } assert_response :redirect - assert_redirected_to :action => :view, :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_entry_1).id - assert_equal true, DiaryEntry.find(diary_entries(:normal_user_entry_1).id).visible + assert_redirected_to :action => :view, :display_name => users(:normal_user).display_name, :id => diary_entry.id + assert_equal true, DiaryEntry.find(diary_entry.id).visible # Finally try as an administrator - post :hide, { :display_name => users(:normal_user).display_name, :id => diary_entries(:normal_user_entry_1).id }, { :user => users(:administrator_user).id } + post :hide, { :display_name => users(:normal_user).display_name, :id => diary_entry.id }, { :user => users(:administrator_user).id } assert_response :redirect assert_redirected_to :action => :list, :display_name => users(:normal_user).display_name - assert_equal false, DiaryEntry.find(diary_entries(:normal_user_entry_1).id).visible + assert_equal false, DiaryEntry.find(diary_entry.id).visible end def test_hidecomment