logo

mastofe

My custom branche(s) on git.pleroma.social/pleroma/mastofe git clone https://hacktivis.me/git/mastofe.git

status_policy_spec.rb (3002B)


  1. require 'rails_helper'
  2. require 'pundit/rspec'
  3. RSpec.describe StatusPolicy, type: :model do
  4. subject { described_class }
  5. let(:admin) { Fabricate(:user, admin: true) }
  6. let(:alice) { Fabricate(:account, username: 'alice') }
  7. let(:bob) { Fabricate(:account, username: 'bob') }
  8. let(:status) { Fabricate(:status, account: alice) }
  9. permissions :show?, :reblog? do
  10. it 'grants access when no viewer' do
  11. expect(subject).to permit(nil, status)
  12. end
  13. it 'denies access when viewer is blocked' do
  14. block = Fabricate(:block)
  15. status.visibility = :private
  16. status.account = block.target_account
  17. expect(subject).to_not permit(block.account, status)
  18. end
  19. end
  20. permissions :show? do
  21. it 'grants access when direct and account is viewer' do
  22. status.visibility = :direct
  23. expect(subject).to permit(status.account, status)
  24. end
  25. it 'grants access when direct and viewer is mentioned' do
  26. status.visibility = :direct
  27. status.mentions = [Fabricate(:mention, account: alice)]
  28. expect(subject).to permit(alice, status)
  29. end
  30. it 'denies access when direct and viewer is not mentioned' do
  31. viewer = Fabricate(:account)
  32. status.visibility = :direct
  33. expect(subject).to_not permit(viewer, status)
  34. end
  35. it 'grants access when private and account is viewer' do
  36. status.visibility = :private
  37. expect(subject).to permit(status.account, status)
  38. end
  39. it 'grants access when private and account is following viewer' do
  40. follow = Fabricate(:follow)
  41. status.visibility = :private
  42. status.account = follow.target_account
  43. expect(subject).to permit(follow.account, status)
  44. end
  45. it 'grants access when private and viewer is mentioned' do
  46. status.visibility = :private
  47. status.mentions = [Fabricate(:mention, account: alice)]
  48. expect(subject).to permit(alice, status)
  49. end
  50. it 'denies access when private and viewer is not mentioned or followed' do
  51. viewer = Fabricate(:account)
  52. status.visibility = :private
  53. expect(subject).to_not permit(viewer, status)
  54. end
  55. end
  56. permissions :reblog? do
  57. it 'denies access when private' do
  58. viewer = Fabricate(:account)
  59. status.visibility = :private
  60. expect(subject).to_not permit(viewer, status)
  61. end
  62. it 'denies access when direct' do
  63. viewer = Fabricate(:account)
  64. status.visibility = :direct
  65. expect(subject).to_not permit(viewer, status)
  66. end
  67. end
  68. permissions :destroy?, :unreblog? do
  69. it 'grants access when account is deleter' do
  70. expect(subject).to permit(status.account, status)
  71. end
  72. it 'grants access when account is admin' do
  73. expect(subject).to permit(admin.account, status)
  74. end
  75. it 'denies access when account is not deleter' do
  76. expect(subject).to_not permit(bob, status)
  77. end
  78. it 'denies access when no deleter' do
  79. expect(subject).to_not permit(nil, status)
  80. end
  81. end
  82. end