BigW Consortium Gitlab

snippets_controller_spec.rb 15.2 KB
Newer Older
1 2 3
require 'spec_helper'

describe SnippetsController do
4
  let(:user) { create(:user) }
5

6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
  describe 'GET #new' do
    context 'when signed in' do
      before do
        sign_in(user)
      end

      it 'responds with status 200' do
        get :new

        expect(response).to have_http_status(200)
      end
    end

    context 'when not signed in' do
      it 'redirects to the sign in page' do
        get :new

        expect(response).to redirect_to(new_user_session_path)
      end
    end
  end

28
  describe 'GET #show' do
29 30 31 32 33 34 35 36 37 38 39 40 41 42 43
    context 'when the personal snippet is private' do
      let(:personal_snippet) { create(:personal_snippet, :private, author: user) }

      context 'when signed in' do
        before do
          sign_in(user)
        end

        context 'when signed in user is not the author' do
          let(:other_author) { create(:author) }
          let(:other_personal_snippet) { create(:personal_snippet, :private, author: other_author) }

          it 'responds with status 404' do
            get :show, id: other_personal_snippet.to_param

44
            expect(response).to have_http_status(404)
45 46 47 48 49 50 51 52
          end
        end

        context 'when signed in user is the author' do
          it 'renders the snippet' do
            get :show, id: personal_snippet.to_param

            expect(assigns(:snippet)).to eq(personal_snippet)
53
            expect(response).to have_http_status(200)
54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78
          end
        end
      end

      context 'when not signed in' do
        it 'redirects to the sign in page' do
          get :show, id: personal_snippet.to_param

          expect(response).to redirect_to(new_user_session_path)
        end
      end
    end

    context 'when the personal snippet is internal' do
      let(:personal_snippet) { create(:personal_snippet, :internal, author: user) }

      context 'when signed in' do
        before do
          sign_in(user)
        end

        it 'renders the snippet' do
          get :show, id: personal_snippet.to_param

          expect(assigns(:snippet)).to eq(personal_snippet)
79
          expect(response).to have_http_status(200)
80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
        end
      end

      context 'when not signed in' do
        it 'redirects to the sign in page' do
          get :show, id: personal_snippet.to_param

          expect(response).to redirect_to(new_user_session_path)
        end
      end
    end

    context 'when the personal snippet is public' do
      let(:personal_snippet) { create(:personal_snippet, :public, author: user) }

      context 'when signed in' do
        before do
          sign_in(user)
        end

        it 'renders the snippet' do
          get :show, id: personal_snippet.to_param

          expect(assigns(:snippet)).to eq(personal_snippet)
104
          expect(response).to have_http_status(200)
105 106 107 108 109 110 111 112
        end
      end

      context 'when not signed in' do
        it 'renders the snippet' do
          get :show, id: personal_snippet.to_param

          expect(assigns(:snippet)).to eq(personal_snippet)
113
          expect(response).to have_http_status(200)
114 115 116 117 118 119 120 121 122 123 124 125 126
        end
      end
    end

    context 'when the personal snippet does not exist' do
      context 'when signed in' do
        before do
          sign_in(user)
        end

        it 'responds with status 404' do
          get :show, id: 'doesntexist'

127
          expect(response).to have_http_status(404)
128 129 130 131 132 133 134
        end
      end

      context 'when not signed in' do
        it 'responds with status 404' do
          get :show, id: 'doesntexist'

135
          expect(response).to have_http_status(404)
136 137 138 139
        end
      end
    end
  end
140

141
  describe 'POST #create' do
142
    def create_snippet(snippet_params = {}, additional_params = {})
143 144 145 146
      sign_in(user)

      post :create, {
        personal_snippet: { title: 'Title', content: 'Content' }.merge(snippet_params)
147 148 149
      }.merge(additional_params)

      Snippet.last
150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173
    end

    context 'when the snippet is spam' do
      before do
        allow_any_instance_of(AkismetService).to receive(:is_spam?).and_return(true)
      end

      context 'when the snippet is private' do
        it 'creates the snippet' do
          expect { create_snippet(visibility_level: Snippet::PRIVATE) }.
            to change { Snippet.count }.by(1)
        end
      end

      context 'when the snippet is public' do
        it 'rejects the shippet' do
          expect { create_snippet(visibility_level: Snippet::PUBLIC) }.
            not_to change { Snippet.count }
        end

        it 'creates a spam log' do
          expect { create_snippet(visibility_level: Snippet::PUBLIC) }.
            to change { SpamLog.count }.by(1)
        end
174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325

        it 'renders :new with recaptcha disabled' do
          stub_application_setting(recaptcha_enabled: false)

          create_snippet(visibility_level: Snippet::PUBLIC)

          expect(response).to render_template(:new)
        end

        context 'recaptcha enabled' do
          before do
            stub_application_setting(recaptcha_enabled: true)
          end

          it 'renders :verify with recaptcha enabled' do
            create_snippet(visibility_level: Snippet::PUBLIC)

            expect(response).to render_template(:verify)
          end

          it 'renders snippet page when recaptcha verified' do
            spammy_title = 'Whatever'

            spam_logs = create_list(:spam_log, 2, user: user, title: spammy_title)
            snippet = create_snippet({ title: spammy_title },
                                     { spam_log_id: spam_logs.last.id,
                                       recaptcha_verification: true })

            expect(response).to redirect_to(snippet_path(snippet))
          end
        end
      end
    end
  end

  describe 'PUT #update' do
    let(:project) { create :project }
    let(:snippet) { create :personal_snippet, author: user, project: project, visibility_level: visibility_level }

    def update_snippet(snippet_params = {}, additional_params = {})
      sign_in(user)

      put :update, {
        id: snippet.id,
        personal_snippet: { title: 'Title', content: 'Content' }.merge(snippet_params)
      }.merge(additional_params)

      snippet.reload
    end

    context 'when the snippet is spam' do
      before do
        allow_any_instance_of(AkismetService).to receive(:is_spam?).and_return(true)
      end

      context 'when the snippet is private' do
        let(:visibility_level) { Snippet::PRIVATE }

        it 'updates the snippet' do
          expect { update_snippet(title: 'Foo') }.
            to change { snippet.reload.title }.to('Foo')
        end
      end

      context 'when a private snippet is made public' do
        let(:visibility_level) { Snippet::PRIVATE }

        it 'rejects the snippet' do
          expect { update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC) }.
            not_to change { snippet.reload.title }
        end

        it 'creates a spam log' do
          expect { update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC) }.
            to change { SpamLog.count }.by(1)
        end

        it 'renders :edit with recaptcha disabled' do
          stub_application_setting(recaptcha_enabled: false)

          update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC)

          expect(response).to render_template(:edit)
        end

        context 'recaptcha enabled' do
          before do
            stub_application_setting(recaptcha_enabled: true)
          end

          it 'renders :verify with recaptcha enabled' do
            update_snippet(title: 'Foo', visibility_level: Snippet::PUBLIC)

            expect(response).to render_template(:verify)
          end

          it 'renders snippet page when recaptcha verified' do
            spammy_title = 'Whatever'

            spam_logs = create_list(:spam_log, 2, user: user, title: spammy_title)
            snippet = update_snippet({ title: spammy_title, visibility_level: Snippet::PUBLIC },
                                     { spam_log_id: spam_logs.last.id,
                                       recaptcha_verification: true })

            expect(response).to redirect_to(snippet)
          end
        end
      end

      context 'when the snippet is public' do
        let(:visibility_level) { Snippet::PUBLIC }

        it 'rejects the shippet' do
          expect { update_snippet(title: 'Foo') }.
            not_to change { snippet.reload.title }
        end

        it 'creates a spam log' do
          expect { update_snippet(title: 'Foo') }.
            to change { SpamLog.count }.by(1)
        end

        it 'renders :edit with recaptcha disabled' do
          stub_application_setting(recaptcha_enabled: false)

          update_snippet(title: 'Foo')

          expect(response).to render_template(:edit)
        end

        context 'recaptcha enabled' do
          before do
            stub_application_setting(recaptcha_enabled: true)
          end

          it 'renders :verify with recaptcha enabled' do
            update_snippet(title: 'Foo')

            expect(response).to render_template(:verify)
          end

          it 'renders snippet page when recaptcha verified' do
            spammy_title = 'Whatever'

            spam_logs = create_list(:spam_log, 2, user: user, title: spammy_title)
            snippet = update_snippet({ title: spammy_title },
                                     { spam_log_id: spam_logs.last.id,
                                       recaptcha_verification: true })

            expect(response).to redirect_to(snippet_path(snippet))
          end
        end
326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352
      end
    end
  end

  describe 'POST #mark_as_spam' do
    let(:snippet) { create(:personal_snippet, :public, author: user) }

    before do
      allow_any_instance_of(AkismetService).to receive_messages(submit_spam: true)
      stub_application_setting(akismet_enabled: true)
    end

    def mark_as_spam
      admin = create(:admin)
      create(:user_agent_detail, subject: snippet)
      sign_in(admin)

      post :mark_as_spam, id: snippet.id
    end

    it 'updates the snippet' do
      mark_as_spam

      expect(snippet.reload).not_to be_submittable_as_spam
    end
  end

353 354 355 356 357 358 359 360 361
  %w(raw download).each do |action|
    describe "GET #{action}" do
      context 'when the personal snippet is private' do
        let(:personal_snippet) { create(:personal_snippet, :private, author: user) }

        context 'when signed in' do
          before do
            sign_in(user)
          end
362

363 364 365
          context 'when signed in user is not the author' do
            let(:other_author) { create(:author) }
            let(:other_personal_snippet) { create(:personal_snippet, :private, author: other_author) }
366

367 368
            it 'responds with status 404' do
              get action, id: other_personal_snippet.to_param
369

370 371 372
              expect(response).to have_http_status(404)
            end
          end
373

374 375
          context 'when signed in user is the author' do
            before { get action, id: personal_snippet.to_param }
376

377 378 379 380
            it 'responds with status 200' do
              expect(assigns(:snippet)).to eq(personal_snippet)
              expect(response).to have_http_status(200)
            end
381

382 383
            it 'has expected headers' do
              expect(response.header['Content-Type']).to eq('text/plain; charset=utf-8')
384

385 386 387 388 389 390
              if action == :download
                expect(response.header['Content-Disposition']).to match(/attachment/)
              elsif action == :raw
                expect(response.header['Content-Disposition']).to match(/inline/)
              end
            end
391 392 393
          end
        end

394 395 396
        context 'when not signed in' do
          it 'redirects to the sign in page' do
            get action, id: personal_snippet.to_param
397

398 399
            expect(response).to redirect_to(new_user_session_path)
          end
400 401 402
        end
      end

403 404
      context 'when the personal snippet is internal' do
        let(:personal_snippet) { create(:personal_snippet, :internal, author: user) }
405

406 407 408 409
        context 'when signed in' do
          before do
            sign_in(user)
          end
410

411 412
          it 'responds with status 200' do
            get action, id: personal_snippet.to_param
413

414 415 416
            expect(assigns(:snippet)).to eq(personal_snippet)
            expect(response).to have_http_status(200)
          end
417 418
        end

419 420 421
        context 'when not signed in' do
          it 'redirects to the sign in page' do
            get action, id: personal_snippet.to_param
422

423 424
            expect(response).to redirect_to(new_user_session_path)
          end
425 426 427
        end
      end

428 429
      context 'when the personal snippet is public' do
        let(:personal_snippet) { create(:personal_snippet, :public, author: user) }
430

431 432 433 434
        context 'when signed in' do
          before do
            sign_in(user)
          end
435

436 437
          it 'responds with status 200' do
            get action, id: personal_snippet.to_param
438

439 440 441
            expect(assigns(:snippet)).to eq(personal_snippet)
            expect(response).to have_http_status(200)
          end
442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459

          context 'CRLF line ending' do
            let(:personal_snippet) do
              create(:personal_snippet, :public, author: user, content: "first line\r\nsecond line\r\nthird line")
            end

            it 'returns LF line endings by default' do
              get action, id: personal_snippet.to_param

              expect(response.body).to eq("first line\nsecond line\nthird line")
            end

            it 'does not convert line endings when parameter present' do
              get action, id: personal_snippet.to_param, line_ending: :raw

              expect(response.body).to eq("first line\r\nsecond line\r\nthird line")
            end
          end
460 461
        end

462 463 464
        context 'when not signed in' do
          it 'responds with status 200' do
            get action, id: personal_snippet.to_param
465

466 467 468
            expect(assigns(:snippet)).to eq(personal_snippet)
            expect(response).to have_http_status(200)
          end
469 470 471
        end
      end

472 473 474 475 476
      context 'when the personal snippet does not exist' do
        context 'when signed in' do
          before do
            sign_in(user)
          end
477

478 479
          it 'responds with status 404' do
            get action, id: 'doesntexist'
480

481 482
            expect(response).to have_http_status(404)
          end
483 484
        end

485 486 487
        context 'when not signed in' do
          it 'responds with status 404' do
            get action, id: 'doesntexist'
488

489 490
            expect(response).to have_http_status(404)
          end
491 492 493 494
        end
      end
    end
  end
495 496

  context 'award emoji on snippets' do
497 498
    let(:personal_snippet) { create(:personal_snippet, :public, author: user) }
    let(:another_user) { create(:user) }
499 500

    before do
501
      sign_in(another_user)
502 503 504 505 506 507
    end

    describe 'POST #toggle_award_emoji' do
      it "toggles the award emoji" do
        expect do
          post(:toggle_award_emoji, id: personal_snippet.to_param, name: "thumbsup")
508
        end.to change { personal_snippet.award_emoji.count }.from(0).to(1)
509 510 511 512 513 514

        expect(response.status).to eq(200)
      end

      it "removes the already awarded emoji" do
        post(:toggle_award_emoji, id: personal_snippet.to_param, name: "thumbsup")
515

516 517
        expect do
          post(:toggle_award_emoji, id: personal_snippet.to_param, name: "thumbsup")
518
        end.to change { personal_snippet.award_emoji.count }.from(1).to(0)
519 520 521 522 523

        expect(response.status).to eq(200)
      end
    end
  end
524
end