Version 1.5.2.v1.5.2

Includes:
* [UK] Don't show topic form field when reporting abuse.
* Use token in moderation response URL to prevent hidden report leak.
* Make sure successful submission page is full width.

1 files changed, 12 insertions, 0 deletions

diff --git a/t/app/controller/moderate.t b/t/app/controller/moderate.t
index 84e8670b7..cd4c742bb 100644
--- a/t/app/controller/moderate.t
+++ b/t/app/controller/moderate.t
@@ -68,6 +68,9 @@ subtest 'Auth' => sub {
 
         $mech->get_ok($REPORT_URL);
         $mech->content_lacks('Moderat');
+
+        $mech->get_ok('/contact?m=1&id=' . $report->id);
+        $mech->content_lacks('Good bad bad bad');
     };
 
     subtest 'Affiliated and permissioned user can see moderation' => sub {
@@ -158,6 +161,8 @@ subtest 'Problem moderation' => sub {
     };
 
     subtest 'Hide report' => sub {
+        $mech->clear_emails_ok;
+
         my $resp = $mech->post('/moderate/report/' . $report->id, {
             %problem_prepopulated,
             problem_hide => 1,
@@ -167,6 +172,13 @@ subtest 'Problem moderation' => sub {
         $report->discard_changes;
         is $report->state, 'hidden', 'Is hidden';
 
+        my $email = $mech->get_email;
+        my ($url) = $email->body =~ m{(http://\S+)};
+        ok $url, "extracted complain url '$url'";
+
+        $mech->get_ok($url);
+        $mech->content_contains('Good bad bad bad');
+
         # reset
         $report->update({ state => 'confirmed' });
     };