mastodon/spec/controllers/api/v1/accounts/credentials_controller_spec.rb

require 'rails_helper'

describe Api::V1::Accounts::CredentialsController do
  render_views

  let(:user)  { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }
  let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }

  context 'with an oauth token' do
    before do
      allow(controller).to receive(:doorkeeper_token) { token }
    end

    describe 'GET #show' do
      let(:scopes) { 'read:accounts' }

      it 'returns http success' do
        get :show
        expect(response).to have_http_status(200)
      end
    end

    describe 'PATCH #update' do
      let(:scopes) { 'write:accounts' }

      describe 'with valid data' do
        before do
          allow(ActivityPub::UpdateDistributionWorker).to receive(:perform_async)

          patch :update, params: {
            display_name: "Alice Isn't Dead",
            note: "Hi!\n\nToot toot!",
            avatar: fixture_file_upload('files/avatar.gif', 'image/gif'),
            header: fixture_file_upload('files/attachment.jpg', 'image/jpeg'),
            source: {
              privacy: 'unlisted',
              sensitive: true,
            }
          }
        end

        it 'returns http success' do
          expect(response).to have_http_status(200)
        end

        it 'updates account info' do
          user.account.reload

          expect(user.account.display_name).to eq("Alice Isn't Dead")
          expect(user.account.note).to eq("Hi!\n\nToot toot!")
          expect(user.account.avatar).to exist
          expect(user.account.header).to exist
          expect(user.setting_default_privacy).to eq('unlisted')
          expect(user.setting_default_sensitive).to eq(true)
        end

        it 'queues up an account update distribution' do
          expect(ActivityPub::UpdateDistributionWorker).to have_received(:perform_async).with(user.account_id)
        end
      end

      describe 'with invalid data' do
        before do
          patch :update, params: { note: 'This is too long. ' * 30 }
        end

        it 'returns http unprocessable entity' do
          expect(response).to have_http_status(:unprocessable_entity)
        end
      end
    end
  end

  context 'without an oauth token' do
    before do
      allow(controller).to receive(:doorkeeper_token) { nil }
    end

    describe 'GET #show' do
      it 'returns http unauthorized' do
        get :show
        expect(response).to have_http_status(:unauthorized)
      end
    end

    describe 'PATCH #update' do
      it 'returns http unauthorized' do
        patch :update, params: { note: 'Foo' }
        expect(response).to have_http_status(:unauthorized)
      end
    end
  end
end
Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00			`require 'rails_helper'`

			`describe Api::V1::Accounts::CredentialsController do`
			`render_views`

			`let(:user) { Fabricate(:user, account: Fabricate(:account, username: 'alice')) }`
Add more granular OAuth scopes (#7929) * Add more granular OAuth scopes * Add human-readable descriptions of the new scopes * Ensure new scopes look good on the app UI * Add tests * Group scopes in screen and color-code dangerous ones * Fix wrong extra scope 2018-07-05 18:31:35 +02:00			`let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }`
Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`context 'with an oauth token' do`
			`before do`
			`allow(controller).to receive(:doorkeeper_token) { token }`
Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00			`end`

Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`describe 'GET #show' do`
Add more granular OAuth scopes (#7929) * Add more granular OAuth scopes * Add human-readable descriptions of the new scopes * Ensure new scopes look good on the app UI * Add tests * Group scopes in screen and color-code dangerous ones * Fix wrong extra scope 2018-07-05 18:31:35 +02:00			`let(:scopes) { 'read:accounts' }`

Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00			`it 'returns http success' do`
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`get :show`
Use raw status code on have_http_status (#7214) 2018-04-21 21:35:07 +02:00			`expect(response).to have_http_status(200)`
Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00			`end`
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`end`

			`describe 'PATCH #update' do`
Add more granular OAuth scopes (#7929) * Add more granular OAuth scopes * Add human-readable descriptions of the new scopes * Ensure new scopes look good on the app UI * Add tests * Group scopes in screen and color-code dangerous ones * Fix wrong extra scope 2018-07-05 18:31:35 +02:00			`let(:scopes) { 'write:accounts' }`

Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`describe 'with valid data' do`
			`before do`
			`allow(ActivityPub::UpdateDistributionWorker).to receive(:perform_async)`

			`patch :update, params: {`
			`display_name: "Alice Isn't Dead",`
			`note: "Hi!\n\nToot toot!",`
			`avatar: fixture_file_upload('files/avatar.gif', 'image/gif'),`
			`header: fixture_file_upload('files/attachment.jpg', 'image/jpeg'),`
Enable updating additional account information from user preferences via rest api (#6789) * Enable updating additional account information from user preferences via rest api Resolves #6553 * Pacify rubocop * Decoerce incoming settings in UserSettingsDecorator * Create user preferences hash directly from incoming credentials instead of going through ActionController::Parameters * Clean up user preferences update * Use ActiveModel::Type::Boolean instead of manually checking stringified number equivalence 2018-04-08 13:43:10 +02:00			`source: {`
			`privacy: 'unlisted',`
			`sensitive: true,`
			`}`
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`}`
			`end`
Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`it 'returns http success' do`
Use raw status code on have_http_status (#7214) 2018-04-21 21:35:07 +02:00			`expect(response).to have_http_status(200)`
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`end`
Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`it 'updates account info' do`
			`user.account.reload`

			`expect(user.account.display_name).to eq("Alice Isn't Dead")`
			`expect(user.account.note).to eq("Hi!\n\nToot toot!")`
			`expect(user.account.avatar).to exist`
			`expect(user.account.header).to exist`
Enable updating additional account information from user preferences via rest api (#6789) * Enable updating additional account information from user preferences via rest api Resolves #6553 * Pacify rubocop * Decoerce incoming settings in UserSettingsDecorator * Create user preferences hash directly from incoming credentials instead of going through ActionController::Parameters * Clean up user preferences update * Use ActiveModel::Type::Boolean instead of manually checking stringified number equivalence 2018-04-08 13:43:10 +02:00			`expect(user.setting_default_privacy).to eq('unlisted')`
			`expect(user.setting_default_sensitive).to eq(true)`
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`end`

			`it 'queues up an account update distribution' do`
			`expect(ActivityPub::UpdateDistributionWorker).to have_received(:perform_async).with(user.account_id)`
			`end`
Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00			`end`
ActivityPub delivery (#4566) * Deliver ActivityPub Like * Deliver ActivityPub Undo-Like * Deliver ActivityPub Create/Announce activities * Deliver ActivityPub creates from mentions * Deliver ActivityPub Block/Undo-Block * Deliver ActivityPub Accept/Reject-Follow * Deliver ActivityPub Undo-Follow * Deliver ActivityPub Follow * Deliver ActivityPub Delete activities Incidentally fix #889 * Adjust BatchedRemoveStatusService for ActivityPub * Add tests for ActivityPub workers * Add tests for FollowService * Add tests for FavouriteService, UnfollowService and PostStatusService * Add tests for ReblogService, BlockService, UnblockService, ProcessMentionsService * Add tests for AuthorizeFollowService, RejectFollowService, RemoveStatusService * Add tests for BatchedRemoveStatusService * Deliver updates to a local account to ActivityPub followers * Minor adjustments 2017-08-13 00:44:41 +02:00
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`describe 'with invalid data' do`
			`before do`
Change bio limit from 160 to 500 (#10790) * Change note_length validator from 160 to 500 * Change input maxlength from 160 to 500 * update bio test from 160 to 500 * Multiply a string 30 times instead of 10 2019-05-19 22:51:44 +02:00			`patch :update, params: { note: 'This is too long. ' * 30 }`
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`end`

			`it 'returns http unprocessable entity' do`
			`expect(response).to have_http_status(:unprocessable_entity)`
			`end`
ActivityPub delivery (#4566) * Deliver ActivityPub Like * Deliver ActivityPub Undo-Like * Deliver ActivityPub Create/Announce activities * Deliver ActivityPub creates from mentions * Deliver ActivityPub Block/Undo-Block * Deliver ActivityPub Accept/Reject-Follow * Deliver ActivityPub Undo-Follow * Deliver ActivityPub Follow * Deliver ActivityPub Delete activities Incidentally fix #889 * Adjust BatchedRemoveStatusService for ActivityPub * Add tests for ActivityPub workers * Add tests for FollowService * Add tests for FavouriteService, UnfollowService and PostStatusService * Add tests for ReblogService, BlockService, UnblockService, ProcessMentionsService * Add tests for AuthorizeFollowService, RejectFollowService, RemoveStatusService * Add tests for BatchedRemoveStatusService * Deliver updates to a local account to ActivityPub followers * Minor adjustments 2017-08-13 00:44:41 +02:00			`end`
Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00			`end`
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`end`
Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`context 'without an oauth token' do`
			`before do`
			`allow(controller).to receive(:doorkeeper_token) { nil }`
			`end`

			`describe 'GET #show' do`
			`it 'returns http unauthorized' do`
			`get :show`
			`expect(response).to have_http_status(:unauthorized)`
Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00			`end`
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`end`
Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00
Fix #4637 - Re-add missing doorkeeper_authorize for /api/v1/verify_credentials (#4650) 2017-08-21 00:41:08 +02:00			`describe 'PATCH #update' do`
			`it 'returns http unauthorized' do`
			`patch :update, params: { note: 'Foo' }`
			`expect(response).to have_http_status(:unauthorized)`
Spec coverage and refactor for the api/v1/accounts controllers (#3451) 2017-05-31 21:36:24 +02:00			`end`
			`end`
			`end`
			`end`