logo

mastofe

My custom branche(s) on git.pleroma.social/pleroma/mastofe git clone https://hacktivis.me/git/mastofe.git

status_policy_spec.rb (3002B)

    

  1. require 'rails_helper'

  2. require 'pundit/rspec'

  3. 

  4. RSpec.describe StatusPolicy, type: :model do

  5.   subject { described_class }

  6. 

  7.   let(:admin) { Fabricate(:user, admin: true) }

  8.   let(:alice) { Fabricate(:account, username: 'alice') }

  9.   let(:bob) { Fabricate(:account, username: 'bob') }

  10.   let(:status) { Fabricate(:status, account: alice) }

  11. 

  12.   permissions :show?, :reblog? do

  13.     it 'grants access when no viewer' do

  14.       expect(subject).to permit(nil, status)

  15.     end

  16. 

  17.     it 'denies access when viewer is blocked' do

  18.       block = Fabricate(:block)

  19.       status.visibility = :private

  20.       status.account = block.target_account

  21. 

  22.       expect(subject).to_not permit(block.account, status)

  23.     end

  24.   end

  25. 

  26.   permissions :show? do

  27.     it 'grants access when direct and account is viewer' do

  28.       status.visibility = :direct

  29. 

  30.       expect(subject).to permit(status.account, status)

  31.     end

  32. 

  33.     it 'grants access when direct and viewer is mentioned' do

  34.       status.visibility = :direct

  35.       status.mentions = [Fabricate(:mention, account: alice)]

  36. 

  37.       expect(subject).to permit(alice, status)

  38.     end

  39. 

  40.     it 'denies access when direct and viewer is not mentioned' do

  41.       viewer = Fabricate(:account)

  42.       status.visibility = :direct

  43. 

  44.       expect(subject).to_not permit(viewer, status)

  45.     end

  46. 

  47.     it 'grants access when private and account is viewer' do

  48.       status.visibility = :private

  49. 

  50.       expect(subject).to permit(status.account, status)

  51.     end

  52. 

  53.     it 'grants access when private and account is following viewer' do

  54.       follow = Fabricate(:follow)

  55.       status.visibility = :private

  56.       status.account = follow.target_account

  57. 

  58.       expect(subject).to permit(follow.account, status)

  59.     end

  60. 

  61.     it 'grants access when private and viewer is mentioned' do

  62.       status.visibility = :private

  63.       status.mentions = [Fabricate(:mention, account: alice)]

  64. 

  65.       expect(subject).to permit(alice, status)

  66.     end

  67. 

  68.     it 'denies access when private and viewer is not mentioned or followed' do

  69.       viewer = Fabricate(:account)

  70.       status.visibility = :private

  71. 

  72.       expect(subject).to_not permit(viewer, status)

  73.     end

  74.   end

  75. 

  76.   permissions :reblog? do

  77.     it 'denies access when private' do

  78.       viewer = Fabricate(:account)

  79.       status.visibility = :private

  80. 

  81.       expect(subject).to_not permit(viewer, status)

  82.     end

  83. 

  84.     it 'denies access when direct' do

  85.       viewer = Fabricate(:account)

  86.       status.visibility = :direct

  87. 

  88.       expect(subject).to_not permit(viewer, status)

  89.     end

  90.   end

  91. 

  92.   permissions :destroy?, :unreblog? do

  93.     it 'grants access when account is deleter' do

  94.       expect(subject).to permit(status.account, status)

  95.     end

  96. 

  97.     it 'grants access when account is admin' do

  98.       expect(subject).to permit(admin.account, status)

  99.     end

  100. 

  101.     it 'denies access when account is not deleter' do

  102.       expect(subject).to_not permit(bob, status)

  103.     end

  104. 

  105.     it 'denies access when no deleter' do

  106.       expect(subject).to_not permit(nil, status)

  107.     end

  108.   end

  109. end