diff options
| -rw-r--r-- | app/controllers/admin_controller.rb | 2 | ||||
| -rw-r--r-- | app/controllers/admin_request_controller.rb | 23 | ||||
| -rw-r--r-- | app/controllers/application_controller.rb | 3 | ||||
| -rw-r--r-- | app/controllers/request_controller.rb | 15 | ||||
| -rw-r--r-- | app/models/foi_attachment.rb | 23 | ||||
| -rw-r--r-- | app/models/info_request.rb | 6 | ||||
| -rw-r--r-- | app/views/request/show.rhtml | 42 | ||||
| m--------- | commonlib | 0 | ||||
| -rw-r--r-- | config/general.yml-example | 5 | ||||
| -rw-r--r-- | config/httpd.conf | 13 | ||||
| -rw-r--r-- | lib/tasks/temp.rake | 69 | ||||
| l--------- | public/views_cache | 1 | ||||
| -rwxr-xr-x | script/load-exim-logs | 5 | ||||
| -rw-r--r-- | spec/controllers/admin_request_controller_spec.rb | 105 | ||||
| -rw-r--r-- | spec/controllers/request_controller_spec.rb | 417 | ||||
| -rw-r--r-- | spec/models/info_request_spec.rb | 27 |
16 files changed, 492 insertions, 264 deletions
diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index d8fda9c01..08528f8a8 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -36,7 +36,7 @@ class AdminController < ApplicationController # also force a search reindexing (so changed text reflected in search) info_request.reindex_request_events - # and remove from varnsi + # and remove from varnish info_request.purge_in_cache end diff --git a/app/controllers/admin_request_controller.rb b/app/controllers/admin_request_controller.rb index ae4bb511a..0b58a95e5 100644 --- a/app/controllers/admin_request_controller.rb +++ b/app/controllers/admin_request_controller.rb @@ -28,8 +28,8 @@ class AdminRequestController < AdminController @info_request = InfoRequest.find(params[:id]) # XXX is this *really* the only way to render a template to a # variable, rather than to the response? - vars = OpenStruct.new(:name_to => @info_request.user_name, - :name_from => MySociety::Config.get("CONTACT_NAME", 'Alaveteli'), + vars = OpenStruct.new(:name_to => @info_request.user_name, + :name_from => MySociety::Config.get("CONTACT_NAME", 'Alaveteli'), :info_request => @info_request, :reason => params[:reason], :info_request_url => 'http://' + MySociety::Config.get('DOMAIN') + request_url(@info_request), :site_name => site_name) @@ -81,6 +81,8 @@ class AdminRequestController < AdminController :old_handle_rejected_responses => old_handle_rejected_responses, :handle_rejected_responses => @info_request.handle_rejected_responses, :old_tag_string => old_tag_string, :tag_string => @info_request.tag_string }) + # expire cached files + expire_for_request(@info_request) flash[:notice] = 'Request successfully updated.' redirect_to request_admin_url(@info_request) else @@ -95,7 +97,8 @@ class AdminRequestController < AdminController url_title = @info_request.url_title @info_request.fully_destroy - + # expire cached files + expire_for_request(@info_request) flash[:notice] = "Request #{url_title} has been completely destroyed. Email of user who made request: " + user.email redirect_to admin_url('request/list') end @@ -166,7 +169,8 @@ class AdminRequestController < AdminController @incoming_message.fully_destroy @incoming_message.info_request.log_event("destroy_incoming", { :editor => admin_http_auth_user(), :deleted_incoming_message_id => incoming_message_id }) - + # expire cached files + expire_for_request(@info_request) flash[:notice] = 'Incoming message successfully destroyed.' redirect_to request_admin_url(@info_request) end @@ -174,6 +178,7 @@ class AdminRequestController < AdminController def redeliver_incoming incoming_message = IncomingMessage.find(params[:redeliver_incoming_message_id]) message_ids = params[:url_title].split(",").each {|x| x.strip} + previous_request = incoming_message.info_request destination_request = nil ActiveRecord::Base.transaction do for m in message_ids @@ -184,7 +189,7 @@ class AdminRequestController < AdminController end if destination_request.nil? flash[:error] = "Failed to find destination request '" + m + "'" - return redirect_to request_admin_url(incoming_message.info_request) + return redirect_to request_admin_url(previous_request) end raw_email_data = incoming_message.raw_email.data @@ -201,6 +206,8 @@ class AdminRequestController < AdminController flash[:notice] = "Message has been moved to request(s). Showing the last one:" end + # expire cached files + expire_for_request(previous_request) incoming_message.fully_destroy end redirect_to request_admin_url(destination_request) @@ -344,14 +351,14 @@ class AdminRequestController < AdminController explanation = params[:explanation] info_request = InfoRequest.find(params[:id]) info_request.prominence = "requester_only" - + info_request.log_event("hide", { :editor => admin_http_auth_user(), :reason => params[:reason], :subject => subject, :explanation => explanation }) - + info_request.set_described_state(params[:reason]) info_request.save! @@ -360,6 +367,8 @@ class AdminRequestController < AdminController subject, params[:explanation] ) + # expire cached files + expire_for_request(info_request) flash[:notice] = _("Your message to {{recipient_user_name}} has been sent",:recipient_user_name=>CGI.escapeHTML(info_request.user.name)) redirect_to request_admin_url(info_request) end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 11f21025c..40fa018aa 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -206,13 +206,16 @@ class ApplicationController < ActionController::Base foi_cache_path = File.expand_path(File.join(File.dirname(__FILE__), '../../cache')) return File.join(foi_cache_path, path) end + def foi_fragment_cache_exists?(key_path) return File.exists?(key_path) end + def foi_fragment_cache_read(key_path) logger.info "Reading from fragment cache #{key_path}" return File.read(key_path) end + def foi_fragment_cache_write(key_path, content) FileUtils.mkdir_p(File.dirname(key_path)) logger.info "Writing to fragment cache #{key_path}" diff --git a/app/controllers/request_controller.rb b/app/controllers/request_controller.rb index 7f42eeb7e..b28252ce4 100644 --- a/app/controllers/request_controller.rb +++ b/app/controllers/request_controller.rb @@ -313,7 +313,7 @@ class RequestController < ApplicationController # case the list of errors will also contain a more specific error # describing the reason it is invalid. @info_request.errors.delete("outgoing_messages") - + render :action => 'new' return end @@ -659,6 +659,11 @@ class RequestController < ApplicationController @info_request = incoming_message.info_request # used by view render :template => 'request/hidden', :status => 410 # gone end + # Is this a completely public request that we can cache attachments for + # to be served up without authentication? + if incoming_message.info_request.all_can_view? + @files_can_be_cached = true + end end def report_request @@ -668,7 +673,7 @@ class RequestController < ApplicationController :email => _("Then you can report the request '{{title}}'", :title => info_request.title), :email_subject => _("Report an offensive or unsuitable request") ) - + if !info_request.attention_requested info_request.set_described_state('attention_requested', @user) info_request.attention_requested = true # tells us if attention has ever been requested @@ -689,6 +694,7 @@ class RequestController < ApplicationController key = params.merge(:only_path => true) key_path = foi_fragment_cache_path(key) if foi_fragment_cache_exists?(key_path) + logger.info("Reading cache for #{key_path}") raise PermissionDenied.new("Directory listing not allowed") if File.directory?(key_path) cached = foi_fragment_cache_read(key_path) response.content_type = AlaveteliFileTypes.filename_to_mimetype(params[:file_name].join("/")) || 'application/octet-stream' @@ -703,7 +709,10 @@ class RequestController < ApplicationController # various fragment cache functions using Ruby Marshall to write the file # which adds a header, so isnt compatible with images that have been # extracted elsewhere from PDFs) - foi_fragment_cache_write(key_path, response.body) + if @files_can_be_cached == true + logger.info("Writing cache for #{key_path}") + foi_fragment_cache_write(key_path, response.body) + end end end end diff --git a/app/models/foi_attachment.rb b/app/models/foi_attachment.rb index 9bbf0988f..a40898aef 100644 --- a/app/models/foi_attachment.rb +++ b/app/models/foi_attachment.rb @@ -1,3 +1,5 @@ +# encoding: UTF-8 + # == Schema Information # Schema version: 114 # @@ -14,8 +16,6 @@ # hexdigest :string(32) # -# encoding: UTF-8 - # models/foi_attachment.rb: # An attachment to an email (IncomingMessage) # @@ -315,14 +315,21 @@ class FoiAttachment < ActiveRecord::Base tempfile.print self.body tempfile.flush + html = nil if self.content_type == 'application/pdf' - html = AlaveteliExternalCommand.run("pdftohtml", "-nodrm", "-zoom", "1.0", "-stdout", "-enc", "UTF-8", "-noframes", tempfile.path) + # We set a timeout here, because pdftohtml can spiral out of control + # on some PDF files and we don’t want to crash the whole server. + html = AlaveteliExternalCommand.run("pdftohtml", "-nodrm", "-zoom", "1.0", "-stdout", "-enc", "UTF-8", "-noframes", tempfile.path, :timeout => 30) elsif self.content_type == 'application/rtf' - html = AlaveteliExternalCommand.run("unrtf", "--html", tempfile.path) - elsif self.has_google_docs_viewer? - html = '' # force error and using Google docs viewer - else - raise "No HTML conversion available for type " + self.content_type + html = AlaveteliExternalCommand.run("unrtf", "--html", tempfile.path, :timeout => 120) + end + + if html.nil? + if self.has_google_docs_viewer? + html = '' # force error and using Google docs viewer + else + raise "No HTML conversion available for type " + self.content_type + end end tempfile.close diff --git a/app/models/info_request.rb b/app/models/info_request.rb index dfaa524b2..a7d09401b 100644 --- a/app/models/info_request.rb +++ b/app/models/info_request.rb @@ -1036,6 +1036,12 @@ public return true end + # Is this request visible to everyone? + def all_can_view? + return true if ['normal', 'backpage'].include?(self.prominence) + return false + end + def indexed_by_search? if self.prominence == 'backpage' || self.prominence == 'hidden' || self.prominence == 'requester_only' return false diff --git a/app/views/request/show.rhtml b/app/views/request/show.rhtml index a7760ab19..b4795fc21 100644 --- a/app/views/request/show.rhtml +++ b/app/views/request/show.rhtml @@ -27,6 +27,7 @@ <div id="left_column"> <h1><%=h(@info_request.title)%></h1> + <% if !@info_request.is_external? && @info_request.user.profile_photo %> <p class="user_photo_on_request"> <img src="<%= get_profile_photo_url(:url_name => @info_request.user.url_name) %>" alt=""> @@ -43,49 +44,54 @@ :public_body_link => public_body_link(@info_request.public_body), :public_body_admin_url => public_body_admin_url(@info_request.public_body)) %> <% else %> + + <%= _('{{user}} made this {{law_used_full}} request',:user=>@info_request.user.nil? ? @info_request.user_name : user_link(@info_request.user), :law_used_full=>h(@info_request.law_used_full)) %> - <%= _('to {{public_body}}',:public_body=>public_body_link(@info_request.public_body)) %> + <%= _('to {{public_body}}',:public_body=>public_body_link(@info_request.public_body)) %> + <% end %> </p> <p id="request_status" class="request_icon_line icon_<%= @info_request.calculate_status %>"> <% if @info_request.awaiting_description %> <% if @is_owning_user %> - <%= _('Please <strong>answer the question above</strong> so we know whether the ')%> + <%= _('Please <strong>answer the question above</strong> so we know whether the ')%> <%= MySociety::Format.fancy_pluralize(@new_responses_count, 'recent response contains', 'recent responses contain') %> <%= _('useful information.') %> <% else %> <%= _('This request has an <strong>unknown status</strong>.') %> <% if @old_unclassified %> - <%= _('We\'re waiting for someone to read') %> + <%= _('We\'re waiting for someone to read') %> <%= MySociety::Format.fancy_pluralize(@new_responses_count, 'a recent response', 'recent responses') %> <%= _('and update the status accordingly. Perhaps <strong>you</strong> might like to help out by doing that?') %> <% else %> <%= _('We\'re waiting for') %> - <%= user_link_for_request(@info_request) %> <%= _('to read') %> - <%= MySociety::Format.fancy_pluralize(@new_responses_count, 'a recent response', 'recent responses') %> + + <%= user_link_for_request(@info_request) %> <%= _('to read') %> + <%= MySociety::Format.fancy_pluralize(@new_responses_count, 'a recent response', 'recent responses') %> + <%= _('and update the status.') %> <% end %> <% end %> <% elsif @status == 'waiting_response' %> - <%= _('Currently <strong>waiting for a response</strong> from {{public_body_link}}, they must respond promptly and', :public_body_link=> public_body_link(@info_request.public_body)) %> + <%= _('Currently <strong>waiting for a response</strong> from {{public_body_link}}, they must respond promptly and', :public_body_link=> public_body_link(@info_request.public_body)) %> <% if @info_request.public_body.is_school? %> <%= _('in term time') %> <% else %> - <%= _('normally') %> + <%= _('normally') %> <% end %> <%= _('no later than') %> <strong><%= simple_date(@info_request.date_response_required_by) %></strong> (<%= link_to _("details"), "/help/requesting#quickly_response" %>). <% elsif @status == 'waiting_response_overdue' %> <%= _('Response to this request is <strong>delayed</strong>.') %> - <%= _('By law, {{public_body_link}} should normally have responded <strong>promptly</strong> and',:public_body_link=>public_body_link(@info_request.public_body)) %> + <%= _('By law, {{public_body_link}} should normally have responded <strong>promptly</strong> and',:public_body_link=>public_body_link(@info_request.public_body)) %> <% if @info_request.public_body.is_school? %> - <%= _('in term time') %> + <%= _('in term time') %> <% end %> <%= _('by') %> <strong><%= simple_date(@info_request.date_response_required_by) %></strong> - (<%= _('<a href="%s">details</a>') % [help_requesting_path + '#quickly_response'] %>) + (<%= _('<a href="%s">details</a>') % [help_requesting_path + '#quickly_response'] %>) <% elsif @status == 'waiting_response_very_overdue' %> - <%= _('Response to this request is <strong>long overdue</strong>.') %> - <%= _('By law, under all circumstances, {{public_body_link}} should have responded by now',:public_body_link => public_body_link(@info_request.public_body)) %> + <%= _('Response to this request is <strong>long overdue</strong>.') %> + <%= _('By law, under all circumstances, {{public_body_link}} should have responded by now',:public_body_link => public_body_link(@info_request.public_body)) %> (<%= _('<a href="%s">details</a>') % [help_requesting_path + '#quickly_response'] %>). <%= _('You can <strong>complain</strong> by') %> <%= link_to _("requesting an internal review"), show_response_no_followup_url(:id => @info_request.id, :incoming_message_id => nil) + "?internal_review=1#followup" %>. @@ -99,25 +105,25 @@ <%= _('The request was <strong>partially successful</strong>.') %> <% elsif @status == 'waiting_clarification' %> <% if @is_owning_user %> - <%=h @info_request.public_body.name %> <%= _('is <strong>waiting for your clarification</strong>.') %> + <%=h @info_request.public_body.name %> <%= _('is <strong>waiting for your clarification</strong>.') %> <%= _('Please') %> <%= link_to _("send a follow up message"), respond_to_last_url(@info_request) + '#followup' %>. <% else %> - <%= _('The request is <strong>waiting for clarification</strong>.') %> - <%= _('If you are {{user_link}}, please',:user_link=>user_link_for_request(@info_request)) %> + <%= _('The request is <strong>waiting for clarification</strong>.') %> + <%= _('If you are {{user_link}}, please',:user_link=>user_link_for_request(@info_request)) %> <%= link_to _("sign in"), signin_url(:r => request.request_uri) %> <%= _('to send a follow up message.') %> <% end %> <% elsif @status == 'gone_postal' %> <%= _('The authority would like to / has <strong>responded by post</strong> to this request.') %> <% elsif @status == 'internal_review' %> - <%= _('Waiting for an <strong>internal review</strong> by {{public_body_link}} of their handling of this request.',:public_body_link=>public_body_link(@info_request.public_body)) %> + <%= _('Waiting for an <strong>internal review</strong> by {{public_body_link}} of their handling of this request.',:public_body_link=>public_body_link(@info_request.public_body)) %> <% elsif @status == 'error_message' %> <%= _('There was a <strong>delivery error</strong> or similar, which needs fixing by the {{site_name}} team.', :site_name=>site_name) %> <% elsif @status == 'requires_admin' %> <%= _('This request has had an unusual response, and <strong>requires attention</strong> from the {{site_name}} team.', :site_name=>site_name) %> <% elsif @status == 'user_withdrawn' %> - <%= _('This request has been <strong>withdrawn</strong> by the person who made it. - There may be an explanation in the correspondence below.') %> + <%= _('This request has been <strong>withdrawn</strong> by the person who made it. + There may be an explanation in the correspondence below.') %> <% elsif @status == 'attention_requested' %> <%= _('This request has been <strong>reported</strong> as needing administrator attention (perhaps because it is vexatious, or a request for personal information)') %> <% elsif @status == 'vexatious' %> diff --git a/commonlib b/commonlib -Subproject 9e1d29721b9dba232c251ef4b8b79f8505422de +Subproject 131375c752c02aa20f1644240fe69720275da42 diff --git a/config/general.yml-example b/config/general.yml-example index 019eb7ada..5653f89bc 100644 --- a/config/general.yml-example +++ b/config/general.yml-example @@ -157,3 +157,8 @@ VARNISH_HOST: localhost # Adding a value here will enable Google Analytics on all non-admin pages. GA_CODE: '' + +# We need to add the WDTK survey variables here, or else the deployment +# system will cry. +SURVEY_SECRET: '' +SURVEY_URL: '' diff --git a/config/httpd.conf b/config/httpd.conf index 3bbe50fb3..6428a2006 100644 --- a/config/httpd.conf +++ b/config/httpd.conf @@ -32,6 +32,19 @@ RequestHeader add X-Forwarded-User %{RU}e # files for archiving. RewriteRule /files/(.+) http://files.whatdotheyknow.com/$1 +# Serve attachments directly from the cache, if possible. +# +# The file names are URL-encoded on disk, and sharded by the first +# three digits of the request id, which is why this is as complicated +# as it is. The RewriteMap directive makes the URL-escaping function +# available to use in the other directives. +# +# The condition means that the rule will fire only if the cached +# file exists. +RewriteMap escape int:escape +RewriteCond %{DOCUMENT_ROOT}/views_cache/request/$2/$1/${escape:$3} -f +RewriteRule ^/request/((\d{1,3})\d*)/(response/\d+/attach/\d+/.+) /views_cache/request/$2/$1/${escape:$3} [L] + <IfModule mod_passenger.c> # Set this to something like 100 if you have memory leak issues PassengerMaxRequests 20 diff --git a/lib/tasks/temp.rake b/lib/tasks/temp.rake index ce04c7ddd..669cdf989 100644 --- a/lib/tasks/temp.rake +++ b/lib/tasks/temp.rake @@ -1,15 +1,64 @@ namespace :temp do - desc "Remove plaintext passwords from post_redirect params" - task :remove_post_redirect_passwords => :environment do - PostRedirect.find_each(:conditions => ['post_params_yaml is not null']) do |post_redirect| - if post_redirect.post_params && post_redirect.post_params[:signchangeemail] && post_redirect.post_params[:signchangeemail][:password] - params = post_redirect.post_params - params[:signchangeemail].delete(:password) - post_redirect.post_params = params - post_redirect.save! - end + desc "Remove plaintext passwords from post_redirect params" + task :remove_post_redirect_passwords => :environment do + PostRedirect.find_each(:conditions => ['post_params_yaml is not null']) do |post_redirect| + if post_redirect.post_params && post_redirect.post_params[:signchangeemail] && post_redirect.post_params[:signchangeemail][:password] + params = post_redirect.post_params + params[:signchangeemail].delete(:password) + post_redirect.post_params = params + post_redirect.save! + end + end + end + + desc 'Remove file caches for requests that are not publicly visible or have been destroyed' + task :remove_obsolete_info_request_caches => :environment do + dryrun = ENV['DRYRUN'] == '0' ? false : true + verbose = ENV['VERBOSE'] == '0' ? false : true + if dryrun + puts "Running in dryrun mode" + end + request_cache_path = File.join(Rails.root, 'cache', 'views', 'request', '*', '*') + Dir.glob(request_cache_path) do |request_subdir| + info_request_id = File.basename(request_subdir) + puts "Looking for InfoRequest with id #{info_request_id}" if verbose + begin + info_request = InfoRequest.find(info_request_id) + puts "Got InfoRequest #{info_request_id}" if verbose + if ! info_request.all_can_view? + puts "Deleting cache at #{request_subdir} for hidden/requester_only InfoRequest #{info_request_id}" + if ! dryrun + FileUtils.rm_rf(request_subdir) + end + else + Dir.glob(File.join(request_subdir, 'response', '*')) do |response_subdir| + incoming_message_id = File.basename(response_subdir) + puts "Looking for IncomingMessage with id #{incoming_message_id}" if verbose + begin + incoming_message = IncomingMessage.find(incoming_message_id) + puts "Got IncomingMessage #{incoming_message_id}" if verbose + if incoming_message.info_request != info_request + puts "Deleting cache at #{response_subdir}: IncomingMessage #{incoming_message_id} has been moved from InfoRequest #{info_request_id}" + if ! dryrun + FileUtils.rm_rf(response_subdir) + end + end + rescue ActiveRecord::RecordNotFound + puts "Deleting cache at #{response_subdir} for deleted IncomingMessage #{incoming_message_id}" + if ! dryrun + FileUtils.rm_rf(response_subdir) + end + end + end + end + rescue ActiveRecord::RecordNotFound + puts "Deleting cache at #{request_subdir} for deleted InfoRequest #{info_request_id}" + if ! dryrun + FileUtils.rm_rf(request_subdir) + end + end + end end - end end diff --git a/public/views_cache b/public/views_cache new file mode 120000 index 000000000..ea65934d2 --- /dev/null +++ b/public/views_cache @@ -0,0 +1 @@ +../cache/views
\ No newline at end of file diff --git a/script/load-exim-logs b/script/load-exim-logs index 5ca0c66f8..00b6b9825 100755 --- a/script/load-exim-logs +++ b/script/load-exim-logs @@ -5,7 +5,10 @@ LOC=`dirname "$0"` # Specific file if specified if [ x$1 != x ] then - f=`abspath "$1"` + case "$1" in + /*) f=$1 ;; + *) f=$(pwd)/$1 ;; + esac cd "$LOC" bundle exec ./runner 'EximLog.load_file("'$f'")' exit diff --git a/spec/controllers/admin_request_controller_spec.rb b/spec/controllers/admin_request_controller_spec.rb index b0468822a..eb6f7aebc 100644 --- a/spec/controllers/admin_request_controller_spec.rb +++ b/spec/controllers/admin_request_controller_spec.rb @@ -27,12 +27,31 @@ describe AdminRequestController, "when administering requests" do it "saves edits to a request" do info_requests(:fancy_dog_request).title.should == "Why do you have & such a fancy dog?" - post :update, { :id => info_requests(:fancy_dog_request), :info_request => { :title => "Renamed", :prominence => "normal", :described_state => "waiting_response", :awaiting_description => false, :allow_new_responses_from => 'anybody', :handle_rejected_responses => 'bounce' } } + post :update, { :id => info_requests(:fancy_dog_request), + :info_request => { :title => "Renamed", + :prominence => "normal", + :described_state => "waiting_response", + :awaiting_description => false, + :allow_new_responses_from => 'anybody', + :handle_rejected_responses => 'bounce' } } response.flash[:notice].should include('successful') ir = InfoRequest.find(info_requests(:fancy_dog_request).id) ir.title.should == "Renamed" end + it 'expires the request cache when saving edits to it' do + info_request = info_requests(:fancy_dog_request) + @controller.should_receive(:expire_for_request).with(info_request) + post :update, { :id => info_request, + :info_request => { :title => "Renamed", + :prominence => "normal", + :described_state => "waiting_response", + :awaiting_description => false, + :allow_new_responses_from => 'anybody', + :handle_rejected_responses => 'bounce' } } + + end + it "edits an outgoing message" do get :edit_outgoing, :id => outgoing_messages(:useless_outgoing_message) end @@ -45,6 +64,16 @@ describe AdminRequestController, "when administering requests" do ir.body.should include("delicious cat") end + describe 'when fully destroying a request' do + + it 'expires the file cache for that request' do + info_request = info_requests(:badger_request) + @controller.should_receive(:expire_for_request).with(info_request) + get :fully_destroy, { :id => info_request } + end + + end + end describe AdminRequestController, "when administering the holding pen" do @@ -80,12 +109,13 @@ describe AdminRequestController, "when administering the holding pen" do InfoRequest.holding_pen_request.incoming_messages.length.should == 1 new_im = InfoRequest.holding_pen_request.incoming_messages[0] ir.incoming_messages.length.should == 1 - post :redeliver_incoming, :redeliver_incoming_message_id => new_im.id, :url_title => ir.url_title + post :redeliver_incoming, :redeliver_incoming_message_id => new_im.id, :url_title => ir.url_title ir = InfoRequest.find_by_url_title(ir.url_title) ir.incoming_messages.length.should == 2 response.should redirect_to(:controller=>'admin_request', :action=>'show', :id=>101) InfoRequest.holding_pen_request.incoming_messages.length.should == 0 end + it "allows redelivery to more than one request" do ir1 = info_requests(:fancy_dog_request) ir1.allow_new_responses_from = 'nobody' @@ -99,7 +129,7 @@ describe AdminRequestController, "when administering the holding pen" do InfoRequest.holding_pen_request.incoming_messages.length.should == 1 new_im = InfoRequest.holding_pen_request.incoming_messages[0] - post :redeliver_incoming, :redeliver_incoming_message_id => new_im.id, :url_title => "#{ir1.url_title},#{ir2.url_title}" + post :redeliver_incoming, :redeliver_incoming_message_id => new_im.id, :url_title => "#{ir1.url_title},#{ir2.url_title}" ir1.reload ir1.incoming_messages.length.should == 2 ir2.reload @@ -108,6 +138,15 @@ describe AdminRequestController, "when administering the holding pen" do InfoRequest.holding_pen_request.incoming_messages.length.should == 0 end + it 'expires the file cache for the previous request' do + current_info_request = info_requests(:fancy_dog_request) + destination_info_request = info_requests(:naughty_chicken_request) + incoming_message = incoming_messages(:useless_incoming_message) + @controller.should_receive(:expire_for_request).with(current_info_request) + post :redeliver_incoming, :redeliver_incoming_message_id => incoming_message.id, + :url_title => destination_info_request.url_title + end + it "guesses a misdirected request" do ir = info_requests(:fancy_dog_request) ir.handle_rejected_responses = 'holding_pen' @@ -124,11 +163,31 @@ describe AdminRequestController, "when administering the holding pen" do assigns[:info_requests][0].should == ir end - it "destroys an incoming message" do - im = incoming_messages(:useless_incoming_message) - raw_email = im.raw_email.filepath - post :destroy_incoming, :incoming_message_id => im.id - assert_equal File.exists?(raw_email), false + describe 'when destroying an incoming message' do + + before do + @im = incoming_messages(:useless_incoming_message) + @controller.stub!(:expire_for_request) + end + + it "destroys the raw email file" do + raw_email = @im.raw_email.filepath + assert_equal File.exists?(raw_email), true + post :destroy_incoming, :incoming_message_id => @im.id + assert_equal File.exists?(raw_email), false + end + + it 'asks the incoming message to fully destroy itself' do + IncomingMessage.stub!(:find).and_return(@im) + @im.should_receive(:fully_destroy) + post :destroy_incoming, :incoming_message_id => @im.id + end + + it 'expires the file cache for the associated info_request' do + @controller.should_receive(:expire_for_request).with(@im.info_request) + post :destroy_incoming, :incoming_message_id => @im.id + end + end it "shows a suitable default 'your email has been hidden' message" do @@ -141,16 +200,26 @@ describe AdminRequestController, "when administering the holding pen" do assigns[:request_hidden_user_explanation].should include("not a valid FOI") end - it "hides requests and sends a notification email that it has done so" do - ir = info_requests(:fancy_dog_request) - post :hide_request, :id => ir.id, :explanation => "Foo", :reason => "vexatious" - ir.reload - ir.prominence.should == "requester_only" - ir.described_state.should == "vexatious" - deliveries = ActionMailer::Base.deliveries - deliveries.size.should == 1 - mail = deliveries[0] - mail.body.should =~ /Foo/ + describe 'when hiding requests' do + + it "hides requests and sends a notification email that it has done so" do + ir = info_requests(:fancy_dog_request) + post :hide_request, :id => ir.id, :explanation => "Foo", :reason => "vexatious" + ir.reload + ir.prominence.should == "requester_only" + ir.described_state.should == "vexatious" + deliveries = ActionMailer::Base.deliveries + deliveries.size.should == 1 + mail = deliveries[0] + mail.body.should =~ /Foo/ + end + + it 'expires the file cache for the request' do + ir = info_requests(:fancy_dog_request) + @controller.should_receive(:expire_for_request).with(ir) + post :hide_request, :id => ir.id, :explanation => "Foo", :reason => "vexatious" + end + end end diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb index 530e9b2c3..8cadbd238 100644 --- a/spec/controllers/request_controller_spec.rb +++ b/spec/controllers/request_controller_spec.rb @@ -7,7 +7,7 @@ describe RequestController, "when listing recent requests" do load_raw_emails_data rebuild_xapian_index end - + it "should be successful" do get :list, :view => 'all' response.should be_success @@ -21,7 +21,7 @@ describe RequestController, "when listing recent requests" do it "should filter requests" do get :list, :view => 'all' assigns[:list_results].map(&:info_request).should =~ InfoRequest.all - + # default sort order is the request with the most recently created event first assigns[:list_results].map(&:info_request).should == InfoRequest.all( :order => "(select max(info_request_events.created_at) from info_request_events where info_request_events.info_request_id = info_requests.id) DESC") @@ -45,15 +45,15 @@ describe RequestController, "when listing recent requests" do it "should filter requests by date" do # The semantics of the search are that it finds any InfoRequest # that has any InfoRequestEvent created in the specified range - + get :list, :view => 'all', :request_date_before => '13/10/2007' assigns[:list_results].map(&:info_request).should =~ InfoRequest.all( :conditions => "id in (select info_request_id from info_request_events where created_at < '2007-10-13'::date)") - + get :list, :view => 'all', :request_date_after => '13/10/2007' assigns[:list_results].map(&:info_request).should =~ InfoRequest.all( :conditions => "id in (select info_request_id from info_request_events where created_at > '2007-10-13'::date)") - + get :list, :view => 'all', :request_date_after => '13/10/2007', :request_date_before => '01/11/2007' assigns[:list_results].map(&:info_request).should =~ InfoRequest.all( :conditions => "id in (select info_request_id from info_request_events where created_at between '2007-10-13'::date and '2007-11-01'::date)") @@ -74,7 +74,7 @@ describe RequestController, "when listing recent requests" do it "should list internal_review requests as unresolved ones" do get :list, :view => 'awaiting' - + # This doesn’t precisely duplicate the logic of the actual # query, but it is close enough to give the same result with # the current set of test data. @@ -88,22 +88,22 @@ describe RequestController, "when listing recent requests" do where later_events.created_at > info_request_events.created_at and later_events.info_request_id = info_request_events.info_request_id )") - - + + get :list, :view => 'awaiting' assigns[:list_results].map(&:info_request).include?(info_requests(:fancy_dog_request)).should == false - + event = info_request_events(:useless_incoming_message_event) event.described_state = event.calculated_state = "internal_review" event.save! rebuild_xapian_index - + get :list, :view => 'awaiting' assigns[:list_results].map(&:info_request).include?(info_requests(:fancy_dog_request)).should == true end it "should assign the first page of results" do - xap_results = mock_model(ActsAsXapian::Search, + xap_results = mock_model(ActsAsXapian::Search, :results => (1..25).to_a.map { |m| { :model => m } }, :matches_estimated => 1000000) @@ -115,7 +115,7 @@ describe RequestController, "when listing recent requests" do assigns[:show_no_more_than].should == RequestController::MAX_RESULTS end it "should return 404 for pages we don't want to serve up" do - xap_results = mock_model(ActsAsXapian::Search, + xap_results = mock_model(ActsAsXapian::Search, :results => (1..25).to_a.map { |m| { :model => m } }, :matches_estimated => 1000000) lambda { @@ -172,7 +172,7 @@ describe RequestController, "when changing things that appear on the request pag # XXX really, CensorRules should execute expiry logic as part # of the after_save of the model. Currently this is part of # the AdminCensorRuleController logic, so must be tested from - # there. Leaving this stub test in place as a reminder + # there. Leaving this stub test in place as a reminder end it "should purge the downstream cache when something is hidden by an admin" do ir = info_requests(:fancy_dog_request) @@ -194,7 +194,7 @@ end describe RequestController, "when showing one request" do integrate_views - + before(:each) do load_raw_emails_data FileUtils.rm_rf File.join(File.dirname(__FILE__), "../../cache/zips") @@ -226,7 +226,7 @@ describe RequestController, "when showing one request" do response.should redirect_to(:action => 'show', :url_title => info_requests(:naughty_chicken_request).url_title) end - + describe 'when handling an update_status parameter' do it 'should assign the "update status" flag to the view as true if the parameter is present' do get :show, :url_title => 'why_do_you_have_such_a_fancy_dog', :update_status => 1 @@ -237,26 +237,26 @@ describe RequestController, "when showing one request" do get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' assigns[:update_status].should be_false end - + it 'should require login' do session[:user_id] = nil get :show, :url_title => 'why_do_you_have_such_a_fancy_dog', :update_status => 1 post_redirect = PostRedirect.get_last_post_redirect response.should redirect_to(:controller => 'user', :action => 'signin', :token => post_redirect.token) end - + it 'should work if logged in as the requester' do session[:user_id] = users(:bob_smith_user).id get :show, :url_title => 'why_do_you_have_such_a_fancy_dog', :update_status => 1 response.should render_template "request/show" end - + it 'should not work if logged in as not the requester' do session[:user_id] = users(:silly_name_user).id get :show, :url_title => 'why_do_you_have_such_a_fancy_dog', :update_status => 1 response.should render_template "user/wrong_user" end - + it 'should work if logged in as an admin user' do session[:user_id] = users(:admin_user).id get :show, :url_title => 'why_do_you_have_such_a_fancy_dog', :update_status => 1 @@ -264,8 +264,8 @@ describe RequestController, "when showing one request" do end end - describe 'when handling incoming mail' do - + describe 'when handling incoming mail' do + integrate_views it "should receive incoming messages, send email to creator, and show them" do @@ -284,7 +284,7 @@ describe RequestController, "when showing one request" do get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' (assigns[:info_request_events].size - size_before).should == 1 end - + it "should download attachments" do ir = info_requests(:fancy_dog_request) ir.incoming_messages.each { |x| x.parse_raw_email!(true) } @@ -293,31 +293,43 @@ describe RequestController, "when showing one request" do response.content_type.should == "text/html" size_before = assigns[:info_request_events].size - ir = info_requests(:fancy_dog_request) + ir = info_requests(:fancy_dog_request) receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' (assigns[:info_request_events].size - size_before).should == 1 ir.reload - + get :get_attachment, :incoming_message_id => ir.incoming_messages[1].id, :id => ir.id, :part => 2, :file_name => ['hello.txt'], :skip_cache => 1 response.content_type.should == "text/plain" response.should have_text(/Second hello/) - + get :get_attachment, :incoming_message_id => ir.incoming_messages[1].id, :id => ir.id, :part => 3, :file_name => ['hello.txt'], :skip_cache => 1 response.content_type.should == "text/plain" response.should have_text(/First hello/) end + it 'should cache an attachment on a request with normal prominence' do + ir = info_requests(:fancy_dog_request) + receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) + ir.reload + @controller.should_receive(:foi_fragment_cache_write) + get :get_attachment, :incoming_message_id => ir.incoming_messages[1].id, + :id => ir.id, + :part => 2, + :file_name => ['hello.txt'] + + end + it "should convert message body to UTF8" do - ir = info_requests(:fancy_dog_request) + ir = info_requests(:fancy_dog_request) receive_incoming_mail('iso8859_2_raw_email.email', ir.incoming_email) get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' response.should have_text(/tënde/u) end it "should generate valid HTML verson of plain text attachments" do - ir = info_requests(:fancy_dog_request) + ir = info_requests(:fancy_dog_request) receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) ir.reload get :get_attachment_as_html, :incoming_message_id => ir.incoming_messages[1].id, :id => ir.id, :part => 2, :file_name => ['hello.txt.html'], :skip_cache => 1 @@ -336,7 +348,7 @@ describe RequestController, "when showing one request" do # # https://github.com/sebbacon/alaveteli/issues/351 it "should return 404 for ugly URLs containing a request id that isn't an integer" do - ir = info_requests(:fancy_dog_request) + ir = info_requests(:fancy_dog_request) receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) ir.reload ugly_id = "55195" @@ -362,7 +374,7 @@ describe RequestController, "when showing one request" do receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) ir.reload ugly_id = "%d95" % [info_requests(:naughty_chicken_request).id] - + lambda { get :get_attachment, :incoming_message_id => ir.incoming_messages[1].id, :id => ugly_id, :part => 2, :file_name => ['hello.txt.html'], :skip_cache => 1 }.should raise_error(ActiveRecord::RecordNotFound) @@ -382,7 +394,7 @@ describe RequestController, "when showing one request" do end it "should generate valid HTML verson of PDF attachments" do - ir = info_requests(:fancy_dog_request) + ir = info_requests(:fancy_dog_request) receive_incoming_mail('incoming-request-pdf-attachment.email', ir.incoming_email) ir.reload get :get_attachment_as_html, :incoming_message_id => ir.incoming_messages[1].id, :id => ir.id, :part => 2, :file_name => ['fs_50379341.pdf.html'], :skip_cache => 1 @@ -391,7 +403,7 @@ describe RequestController, "when showing one request" do end it "should not cause a reparsing of the raw email, even when the result would be a 404" do - ir = info_requests(:fancy_dog_request) + ir = info_requests(:fancy_dog_request) receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) ir.reload attachment = IncomingMessage.get_attachment_by_url_part_number(ir.incoming_messages[1].get_attachments_for_display, 2) @@ -405,14 +417,14 @@ describe RequestController, "when showing one request" do lambda { get :get_attachment_as_html, :incoming_message_id => ir.incoming_messages[1].id, :id => ir.id, :part => 2, :file_name => ['hello.txt.baz.html'], :skip_cache => 1 }.should raise_error(ActiveRecord::RecordNotFound) - + attachment = IncomingMessage.get_attachment_by_url_part_number(ir.incoming_messages[1].get_attachments_for_display, 2) attachment.body.should have_text(/Second hello/) # ...nor should asking for it by its correct filename... get :get_attachment_as_html, :incoming_message_id => ir.incoming_messages[1].id, :id => ir.id, :part => 2, :file_name => ['hello.txt.html'], :skip_cache => 1 response.should_not have_text(/Third hello/) - + # ...but if we explicitly ask for attachments to be extracted, then they should be force = true ir.incoming_messages[1].parse_raw_email!(force) @@ -426,14 +438,14 @@ describe RequestController, "when showing one request" do ir = info_requests(:fancy_dog_request) receive_incoming_mail('incoming-request-attachment-unknown-extension.email', ir.incoming_email) ir.reload - + get :get_attachment, :incoming_message_id => ir.incoming_messages[1].id, :id => ir.id, :part => 2, :file_name => ['hello.qwglhm'], :skip_cache => 1 response.content_type.should == "application/octet-stream" response.should have_text(/an unusual sort of file/) end it "should not download attachments with wrong file name" do - ir = info_requests(:fancy_dog_request) + ir = info_requests(:fancy_dog_request) receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) lambda { @@ -443,7 +455,7 @@ describe RequestController, "when showing one request" do end it "should censor attachments downloaded as binary" do - ir = info_requests(:fancy_dog_request) + ir = info_requests(:fancy_dog_request) censor_rule = CensorRule.new() censor_rule.text = "Second" @@ -451,7 +463,7 @@ describe RequestController, "when showing one request" do censor_rule.last_edit_editor = "unknown" censor_rule.last_edit_comment = "none" ir.censor_rules << censor_rule - + begin receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) @@ -464,7 +476,7 @@ describe RequestController, "when showing one request" do end it "should censor with rules on the user (rather than the request)" do - ir = info_requests(:fancy_dog_request) + ir = info_requests(:fancy_dog_request) censor_rule = CensorRule.new() censor_rule.text = "Second" @@ -486,7 +498,7 @@ describe RequestController, "when showing one request" do end it "should censor attachment names" do - ir = info_requests(:fancy_dog_request) + ir = info_requests(:fancy_dog_request) receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) # XXX this is horrid, but don't know a better way. If we @@ -505,7 +517,7 @@ describe RequestController, "when showing one request" do # so at this point, assigns[:info_request].incoming_messages[1].get_attachments_for_display is returning stuff, but the equivalent thing in the template isn't. # but something odd is that the above is return a whole load of attachments which aren't there in the controller - response.body.should have_tag("p.attachment strong", /hello.txt/m) + response.body.should have_tag("p.attachment strong", /hello.txt/m) censor_rule = CensorRule.new() censor_rule.text = "hello.txt" @@ -523,7 +535,7 @@ describe RequestController, "when showing one request" do it "should make a zipfile available, which has a different URL when it changes" do title = 'why_do_you_have_such_a_fancy_dog' - ir = info_requests(:fancy_dog_request) + ir = info_requests(:fancy_dog_request) session[:user_id] = ir.user.id # bob_smith_user get :download_entire_request, :url_title => title assigns[:url_path].should have_text(/#{title}.zip$/) @@ -540,7 +552,7 @@ describe RequestController, "when showing one request" do zipfile = Zip::ZipFile.open(File.join(File.dirname(__FILE__), "../../cache/zips", old_path)) { |zipfile| zipfile.count.should == 3 # the message plus two "hello.txt" files } - + # The path of the zip file is based on the hash of the timestamp of the last request # in the thread, so we wait for a second to make sure this one will have a different # timestamp than the previous. @@ -617,11 +629,20 @@ describe RequestController, "when changing prominence of a request" do session[:user_id] = users(:admin_user).id get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' response.should render_template('show') + end + it 'should not cache an attachment on a request whose prominence is requester_only when showing + the request to the requester or admin' do + ir = info_requests(:fancy_dog_request) + ir.prominence = 'requester_only' + ir.save! + session[:user_id] = ir.user.id # bob_smith_user + @controller.should_not_receive(:foi_fragment_cache_write) + get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' end it "should not download attachments if hidden" do - ir = info_requests(:fancy_dog_request) + ir = info_requests(:fancy_dog_request) ir.prominence = 'hidden' ir.save! receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) @@ -637,7 +658,7 @@ describe RequestController, "when changing prominence of a request" do end end - + # XXX do this for invalid ids # it "should render 404 file" do # response.should render_template("#{Rails.root}/public/404.html") @@ -651,11 +672,11 @@ describe RequestController, "when searching for an authority" do before do @user = users(:bob_smith_user) end - + it "should return nothing for the empty query string" do session[:user_id] = @user.id get :select_authority, :query => "" - + response.should render_template('select_authority') assigns[:xapian_requests].should == nil end @@ -663,7 +684,7 @@ describe RequestController, "when searching for an authority" do it "should return matching bodies" do session[:user_id] = @user.id get :select_authority, :query => "Quango" - + response.should render_template('select_authority') assigns[:xapian_requests].results.size == 1 assigns[:xapian_requests].results[0][:model].name.should == public_bodies(:geraldine_public_body).name @@ -691,7 +712,7 @@ describe RequestController, "when creating a new request" do @user = users(:bob_smith_user) @body = public_bodies(:geraldine_public_body) end - + it "should redirect to front page if no public body specified" do get :new response.should redirect_to(:controller => 'general', :action => 'frontpage') @@ -725,7 +746,7 @@ describe RequestController, "when creating a new request" do end it "should redirect to sign in page when input is good and nobody is logged in" do - params = { :info_request => { :public_body_id => @body.id, + params = { :info_request => { :public_body_id => @body.id, :title => "Why is your quango called Geraldine?", :tag_string => "" }, :outgoing_message => { :body => "This is a silly letter. It is too short to be interesting." }, :submitted_new_request => 1, :preview => 0 @@ -738,7 +759,7 @@ describe RequestController, "when creating a new request" do it "should show preview when input is good" do session[:user_id] = @user.id - post :new, { :info_request => { :public_body_id => @body.id, + post :new, { :info_request => { :public_body_id => @body.id, :title => "Why is your quango called Geraldine?", :tag_string => "" }, :outgoing_message => { :body => "This is a silly letter. It is too short to be interesting." }, :submitted_new_request => 1, :preview => 1 @@ -757,7 +778,7 @@ describe RequestController, "when creating a new request" do it "should create the request and outgoing message, and send the outgoing message by email, and redirect to request page when input is good and somebody is logged in" do session[:user_id] = @user.id - post :new, :info_request => { :public_body_id => @body.id, + post :new, :info_request => { :public_body_id => @body.id, :title => "Why is your quango called Geraldine?", :tag_string => "" }, :outgoing_message => { :body => "This is a silly letter. It is too short to be interesting." }, :submitted_new_request => 1, :preview => 0 @@ -784,7 +805,7 @@ describe RequestController, "when creating a new request" do session[:user_id] = @user.id # We use raw_body here, so white space is the same - post :new, :info_request => { :public_body_id => info_requests(:fancy_dog_request).public_body_id, + post :new, :info_request => { :public_body_id => info_requests(:fancy_dog_request).public_body_id, :title => info_requests(:fancy_dog_request).title }, :outgoing_message => { :body => info_requests(:fancy_dog_request).outgoing_messages[0].raw_body}, :submitted_new_request => 1, :preview => 0, :mouse_house => 1 @@ -794,12 +815,12 @@ describe RequestController, "when creating a new request" do it "should let you submit another request with the same title" do session[:user_id] = @user.id - post :new, :info_request => { :public_body_id => @body.id, + post :new, :info_request => { :public_body_id => @body.id, :title => "Why is your quango called Geraldine?", :tag_string => "" }, :outgoing_message => { :body => "This is a silly letter. It is too short to be interesting." }, :submitted_new_request => 1, :preview => 0 - post :new, :info_request => { :public_body_id => @body.id, + post :new, :info_request => { :public_body_id => @body.id, :title => "Why is your quango called Geraldine?", :tag_string => "" }, :outgoing_message => { :body => "This is a sensible letter. It is too long to be boring." }, :submitted_new_request => 1, :preview => 0 @@ -814,32 +835,32 @@ describe RequestController, "when creating a new request" do response.should redirect_to(:action => 'show', :url_title => ir2.url_title) end - + it 'should respect the rate limit' do # Try to create three requests in succession. # (The limit set in config/test.yml is two.) session[:user_id] = users(:robin_user) - post :new, :info_request => { :public_body_id => @body.id, + post :new, :info_request => { :public_body_id => @body.id, :title => "What is the answer to the ultimate question?", :tag_string => "" }, :outgoing_message => { :body => "Please supply the answer from your files." }, :submitted_new_request => 1, :preview => 0 response.should redirect_to(:action => 'show', :url_title => 'what_is_the_answer_to_the_ultima') - - post :new, :info_request => { :public_body_id => @body.id, + + post :new, :info_request => { :public_body_id => @body.id, :title => "Why did the chicken cross the road?", :tag_string => "" }, :outgoing_message => { :body => "Please send me all the relevant documents you hold." }, :submitted_new_request => 1, :preview => 0 response.should redirect_to(:action => 'show', :url_title => 'why_did_the_chicken_cross_the_ro') - post :new, :info_request => { :public_body_id => @body.id, + post :new, :info_request => { :public_body_id => @body.id, :title => "What's black and white and red all over?", :tag_string => "" }, :outgoing_message => { :body => "Please send all minutes of meetings and email records that address this question." }, :submitted_new_request => 1, :preview => 0 response.should render_template('user/rate_limited') end - + it 'should ignore the rate limit for specified users' do # Try to create three requests in succession. # (The limit set in config/test.yml is two.) @@ -847,20 +868,20 @@ describe RequestController, "when creating a new request" do users(:robin_user).no_limit = true users(:robin_user).save! - post :new, :info_request => { :public_body_id => @body.id, + post :new, :info_request => { :public_body_id => @body.id, :title => "What is the answer to the ultimate question?", :tag_string => "" }, :outgoing_message => { :body => "Please supply the answer from your files." }, :submitted_new_request => 1, :preview => 0 response.should redirect_to(:action => 'show', :url_title => 'what_is_the_answer_to_the_ultima') - - post :new, :info_request => { :public_body_id => @body.id, + + post :new, :info_request => { :public_body_id => @body.id, :title => "Why did the chicken cross the road?", :tag_string => "" }, :outgoing_message => { :body => "Please send me all the relevant documents you hold." }, :submitted_new_request => 1, :preview => 0 response.should redirect_to(:action => 'show', :url_title => 'why_did_the_chicken_cross_the_ro') - post :new, :info_request => { :public_body_id => @body.id, + post :new, :info_request => { :public_body_id => @body.id, :title => "What's black and white and red all over?", :tag_string => "" }, :outgoing_message => { :body => "Please send all minutes of meetings and email records that address this question." }, :submitted_new_request => 1, :preview => 0 @@ -869,7 +890,7 @@ describe RequestController, "when creating a new request" do end -# These go with the previous set, but use mocks instead of fixtures. +# These go with the previous set, but use mocks instead of fixtures. # TODO harmonise these describe RequestController, "when making a new request" do @@ -956,7 +977,7 @@ describe RequestController, "when viewing an individual response for reply/follo end it "should not show individual responses if request hidden, even if request owner" do - ir = info_requests(:fancy_dog_request) + ir = info_requests(:fancy_dog_request) ir.prominence = 'hidden' ir.save! @@ -968,7 +989,7 @@ end describe RequestController, "when classifying an information request" do - before(:each) do + before(:each) do @dog_request = info_requests(:fancy_dog_request) @dog_request.stub!(:is_old_unclassified?).and_return(false) InfoRequest.stub!(:find).and_return(@dog_request) @@ -976,9 +997,9 @@ describe RequestController, "when classifying an information request" do end def post_status(status) - post :describe_state, :incoming_message => { :described_state => status }, - :id => @dog_request.id, - :last_info_request_event_id => @dog_request.last_event_id_needing_description, + post :describe_state, :incoming_message => { :described_state => status }, + :id => @dog_request.id, + :last_info_request_event_id => @dog_request.last_event_id_needing_description, :submitted_describe_state => 1 end @@ -988,79 +1009,79 @@ describe RequestController, "when classifying an information request" do response.should redirect_to(:controller => 'user', :action => 'signin', :token => post_redirect.token) end - it 'should ask whether the request is old and unclassified' do + it 'should ask whether the request is old and unclassified' do @dog_request.should_receive(:is_old_unclassified?) post_status('rejected') end - + it "should not classify the request if logged in as the wrong user" do session[:user_id] = users(:silly_name_user).id post_status('rejected') response.should render_template('user/wrong_user') end - - describe 'when the request is old and unclassified' do - - before do + + describe 'when the request is old and unclassified' do + + before do @dog_request.stub!(:is_old_unclassified?).and_return(true) RequestMailer.stub!(:deliver_old_unclassified_updated) end - - describe 'when the user is not logged in' do - - it 'should require login' do + + describe 'when the user is not logged in' do + + it 'should require login' do session[:user_id] = nil post_status('rejected') post_redirect = PostRedirect.get_last_post_redirect response.should redirect_to(:controller => 'user', :action => 'signin', :token => post_redirect.token) end - + end - - describe 'when the user is logged in as a different user' do - + + describe 'when the user is logged in as a different user' do + before do @other_user = mock_model(User) session[:user_id] = users(:silly_name_user).id end - + it 'should classify the request' do - @dog_request.stub!(:calculate_status).and_return('rejected') + @dog_request.stub!(:calculate_status).and_return('rejected') @dog_request.should_receive(:set_described_state).with('rejected') post_status('rejected') end - - it 'should log a status update event' do - expected_params = {:user_id => users(:silly_name_user).id, - :old_described_state => 'waiting_response', + + it 'should log a status update event' do + expected_params = {:user_id => users(:silly_name_user).id, + :old_described_state => 'waiting_response', :described_state => 'rejected'} @dog_request.should_receive(:log_event).with("status_update", expected_params) post_status('rejected') end - - it 'should send an email to the requester letting them know someone has updated the status of their request' do + + it 'should send an email to the requester letting them know someone has updated the status of their request' do RequestMailer.should_receive(:deliver_old_unclassified_updated) post_status('rejected') end - - it 'should redirect to the request page' do + + it 'should redirect to the request page' do post_status('rejected') response.should redirect_to(:action => 'show', :controller => 'request', :url_title => @dog_request.url_title) end - - it 'should show a message thanking the user for a good deed' do + + it 'should show a message thanking the user for a good deed' do post_status('rejected') flash[:notice].should == 'Thank you for updating this request!' end - + end end - - describe 'when logged in as an admin user who is not the actual requester' do - - before do + + describe 'when logged in as an admin user who is not the actual requester' do + + before do @admin_user = users(:admin_user) session[:user_id] = @admin_user.id @dog_request = info_requests(:fancy_dog_request) @@ -1068,39 +1089,39 @@ describe RequestController, "when classifying an information request" do @dog_request.stub!(:each).and_return([@dog_request]) end - it 'should update the status of the request' do + it 'should update the status of the request' do @dog_request.stub!(:calculate_status).and_return('rejected') @dog_request.should_receive(:set_described_state).with('rejected') post_status('rejected') end - - it 'should log a status update event' do - expected_params = {:user_id => @admin_user.id, - :old_described_state => 'waiting_response', + + it 'should log a status update event' do + expected_params = {:user_id => @admin_user.id, + :old_described_state => 'waiting_response', :described_state => 'rejected'} @dog_request.should_receive(:log_event).with("status_update", expected_params) post_status('rejected') end - it 'should send an email to the requester letting them know someone has updated the status of their request' do + it 'should send an email to the requester letting them know someone has updated the status of their request' do RequestMailer.should_receive(:deliver_old_unclassified_updated) post_status('rejected') end - it 'should redirect to the request page' do + it 'should redirect to the request page' do post_status('rejected') response.should redirect_to(:action => 'show', :controller => 'request', :url_title => @dog_request.url_title) end - it 'should show a message thanking the user for a good deed' do + it 'should show a message thanking the user for a good deed' do post_status('rejected') flash[:notice].should == 'Thank you for updating this request!' end end - describe 'when logged in as an admin user who is also the actual requester' do - - before do + describe 'when logged in as an admin user who is also the actual requester' do + + before do @admin_user = users(:admin_user) session[:user_id] = @admin_user.id @dog_request = info_requests(:fancy_dog_request) @@ -1110,43 +1131,43 @@ describe RequestController, "when classifying an information request" do @dog_request.stub!(:each).and_return([@dog_request]) end - it 'should update the status of the request' do + it 'should update the status of the request' do @dog_request.stub!(:calculate_status).and_return('rejected') @dog_request.should_receive(:set_described_state).with('rejected') post_status('rejected') end - - it 'should not log a status update event' do + + it 'should not log a status update event' do @dog_request.should_not_receive(:log_event) post_status('rejected') end - it 'should not send an email to the requester letting them know someone has updated the status of their request' do + it 'should not send an email to the requester letting them know someone has updated the status of their request' do RequestMailer.should_not_receive(:deliver_old_unclassified_updated) post_status('rejected') end - - it 'should say it is showing advice as to what to do next' do + + it 'should say it is showing advice as to what to do next' do post_status('rejected') - flash[:notice].should match(/Here is what to do now/) + flash[:notice].should match(/Here is what to do now/) end - - it 'should redirect to the unhappy page' do + + it 'should redirect to the unhappy page' do post_status('rejected') response.should redirect_to(:controller => 'help', :action => 'unhappy', :url_title => @dog_request.url_title) end end - - describe 'when logged in as the requestor' do - - before do + + describe 'when logged in as the requestor' do + + before do @request_owner = users(:bob_smith_user) session[:user_id] = @request_owner.id @dog_request.awaiting_description.should == true @dog_request.stub!(:each).and_return([@dog_request]) end - + it "should successfully classify response if logged in as user controlling request" do post_status('rejected') response.should redirect_to(:controller => 'help', :action => 'unhappy', :url_title => @dog_request.url_title) @@ -1157,16 +1178,16 @@ describe RequestController, "when classifying an information request" do @dog_request.get_last_response_event.calculated_state.should == 'rejected' end - it 'should not log a status update event' do + it 'should not log a status update event' do @dog_request.should_not_receive(:log_event) post_status('rejected') end - - it 'should not send an email to the requester letting them know someone has updated the status of their request' do + + it 'should not send an email to the requester letting them know someone has updated the status of their request' do RequestMailer.should_not_receive(:deliver_old_unclassified_updated) post_status('rejected') end - + it "should send email when classified as requires_admin" do post :describe_state, :incoming_message => { :described_state => "requires_admin" }, :id => @dog_request.id, :incoming_message_id => incoming_messages(:useless_incoming_message), :last_info_request_event_id => @dog_request.last_event_id_needing_description, :submitted_describe_state => 1 response.should redirect_to(:controller => 'help', :action => 'contact') @@ -1183,12 +1204,12 @@ describe RequestController, "when classifying an information request" do mail.from_addrs.first.to_s.should == @request_owner.name_and_email end - it 'should say it is showing advice as to what to do next' do + it 'should say it is showing advice as to what to do next' do post_status('rejected') - flash[:notice].should match(/Here is what to do now/) + flash[:notice].should match(/Here is what to do now/) end - - it 'should redirect to the unhappy page' do + + it 'should redirect to the unhappy page' do post_status('rejected') response.should redirect_to(:controller => 'help', :action => 'unhappy', :url_title => @dog_request.url_title) end @@ -1200,15 +1221,15 @@ describe RequestController, "when classifying an information request" do RequestController.send(:require, File.expand_path(File.join(File.dirname(__FILE__), '..', 'models', 'customstates'))) RequestController.send(:include, RequestControllerCustomStates) RequestController.class_eval('@@custom_states_loaded = true') - Time.stub!(:now).and_return(Time.utc(2007, 11, 10, 00, 01)) + Time.stub!(:now).and_return(Time.utc(2007, 11, 10, 00, 01)) post_status('deadline_extended') flash[:notice].should == 'Authority has requested extension of the deadline.' end end - - describe 'when redirecting after a successful status update by the request owner' do - - before do + + describe 'when redirecting after a successful status update by the request owner' do + + before do @request_owner = users(:bob_smith_user) session[:user_id] = @request_owner.id @dog_request = info_requests(:fancy_dog_request) @@ -1228,12 +1249,12 @@ describe RequestController, "when classifying an information request" do def unhappy_url "help/unhappy/#{@dog_request.url_title}" end - + def expect_redirect(status, redirect_path) post_status(status) response.should redirect_to("http://test.host/#{redirect_path}") end - + it 'should redirect to the "request url" with a message in the right tense when status is updated to "waiting response" and the response is not overdue' do @dog_request.stub!(:date_response_required_by).and_return(Time.now.to_date+1) @dog_request.stub!(:date_very_overdue_after).and_return(Time.now.to_date+40) @@ -1241,15 +1262,15 @@ describe RequestController, "when classifying an information request" do expect_redirect("waiting_response", "request/#{@dog_request.url_title}") flash[:notice].should match(/should get a response/) end - - it 'should redirect to the "request url" with a message in the right tense when status is updated to "waiting response" and the response is overdue' do + + it 'should redirect to the "request url" with a message in the right tense when status is updated to "waiting response" and the response is overdue' do @dog_request.stub!(:date_response_required_by).and_return(Time.now.to_date-1) @dog_request.stub!(:date_very_overdue_after).and_return(Time.now.to_date+40) expect_redirect('waiting_response', request_url) flash[:notice].should match(/should have got a response/) end - it 'should redirect to the "request url" with a message in the right tense when status is updated to "waiting response" and the response is overdue' do + it 'should redirect to the "request url" with a message in the right tense when status is updated to "waiting response" and the response is overdue' do @dog_request.stub!(:date_response_required_by).and_return(Time.now.to_date-2) @dog_request.stub!(:date_very_overdue_after).and_return(Time.now.to_date-1) expect_redirect('waiting_response', unhappy_url) @@ -1257,54 +1278,54 @@ describe RequestController, "when classifying an information request" do flash[:notice].should match(/by more than 40 working days/) flash[:notice].should match(/within 20 working days/) end - - it 'should redirect to the "request url" when status is updated to "not held"' do + + it 'should redirect to the "request url" when status is updated to "not held"' do expect_redirect('not_held', request_url) end - - it 'should redirect to the "request url" when status is updated to "successful"' do + + it 'should redirect to the "request url" when status is updated to "successful"' do expect_redirect('successful', request_url) end - - it 'should redirect to the "unhappy url" when status is updated to "rejected"' do + + it 'should redirect to the "unhappy url" when status is updated to "rejected"' do expect_redirect('rejected', "help/unhappy/#{@dog_request.url_title}") end - - it 'should redirect to the "unhappy url" when status is updated to "partially successful"' do + + it 'should redirect to the "unhappy url" when status is updated to "partially successful"' do expect_redirect('partially_successful', "help/unhappy/#{@dog_request.url_title}") end - - it 'should redirect to the "response url" when status is updated to "waiting clarification" and there is a last response' do + + it 'should redirect to the "response url" when status is updated to "waiting clarification" and there is a last response' do incoming_message = mock_model(IncomingMessage) @dog_request.stub!(:get_last_response).and_return(incoming_message) expect_redirect('waiting_clarification', "request/#{@dog_request.id}/response/#{incoming_message.id}") end - - it 'should redirect to the "response no followup url" when status is updated to "waiting clarification" and there are no events needing description' do + + it 'should redirect to the "response no followup url" when status is updated to "waiting clarification" and there are no events needing description' do @dog_request.stub!(:get_last_response).and_return(nil) expect_redirect('waiting_clarification', "request/#{@dog_request.id}/response") end - it 'should redirect to the "respond to last url" when status is updated to "gone postal"' do + it 'should redirect to the "respond to last url" when status is updated to "gone postal"' do expect_redirect('gone_postal', "request/#{@dog_request.id}/response/#{@dog_request.get_last_response.id}?gone_postal=1") end - - it 'should redirect to the "request url" when status is updated to "internal review"' do + + it 'should redirect to the "request url" when status is updated to "internal review"' do expect_redirect('internal_review', request_url) end - - it 'should redirect to the "help general url" when status is updated to "requires admin"' do + + it 'should redirect to the "help general url" when status is updated to "requires admin"' do expect_redirect('requires_admin', "help/contact") end - - it 'should redirect to the "help general url" when status is updated to "error message"' do + + it 'should redirect to the "help general url" when status is updated to "error message"' do expect_redirect('error_message', "help/contact") end - - it 'should redirect to the "respond to last url url" when status is updated to "user_withdrawn"' do + + it 'should redirect to the "respond to last url url" when status is updated to "user_withdrawn"' do expect_redirect('user_withdrawn', "request/#{@dog_request.id}/response/#{@dog_request.get_last_response.id}") end - + end end @@ -1346,7 +1367,7 @@ describe RequestController, "when sending a followup message" do post :show_response, :outgoing_message => { :body => "What a useless response! You suck.", :what_doing => 'normal_sort'}, :id => info_requests(:fancy_dog_request).id, :incoming_message_id => incoming_messages(:useless_incoming_message), :submitted_followup => 1, :preview => 0, :reedit => "Re-edit this request" response.should render_template('show_response') end - + it "should send the follow up message if you are the right user" do # fake that this is a clarification info_requests(:fancy_dog_request).set_described_state('waiting_clarification') @@ -1378,7 +1399,7 @@ describe RequestController, "when sending a followup message" do # make the followup once post :show_response, :outgoing_message => { :body => "Stop repeating yourself!", :what_doing => 'normal_sort' }, :id => info_requests(:fancy_dog_request).id, :incoming_message_id => incoming_messages(:useless_incoming_message), :submitted_followup => 1 response.should redirect_to(:action => 'show', :url_title => info_requests(:fancy_dog_request).url_title) - + # second time should give an error post :show_response, :outgoing_message => { :body => "Stop repeating yourself!", :what_doing => 'normal_sort' }, :id => info_requests(:fancy_dog_request).id, :incoming_message_id => incoming_messages(:useless_incoming_message), :submitted_followup => 1 # XXX how do I check the error message here? @@ -1392,7 +1413,7 @@ end describe RequestController, "sending overdue request alerts" do integrate_views - + before(:each) do load_raw_emails_data end @@ -1407,7 +1428,7 @@ describe RequestController, "sending overdue request alerts" do chicken_mails = ActionMailer::Base.deliveries.select{|x| x.body =~ /chickens/} chicken_mails.size.should == 1 mail = chicken_mails[0] - + mail.body.should =~ /promptly, as normally/ mail.to_addrs.first.to_s.should == info_requests(:naughty_chicken_request).user.name_and_email @@ -1436,7 +1457,7 @@ describe RequestController, "sending overdue request alerts" do chicken_mails = ActionMailer::Base.deliveries.select{|x| x.body =~ /chickens/} chicken_mails.size.should == 1 mail = chicken_mails[0] - + mail.body.should =~ /promptly, as normally/ mail.to_addrs.first.to_s.should == info_requests(:naughty_chicken_request).user.name_and_email end @@ -1462,7 +1483,7 @@ describe RequestController, "sending overdue request alerts" do chicken_mails = ActionMailer::Base.deliveries.select{|x| x.body =~ /chickens/} chicken_mails.size.should == 1 mail = chicken_mails[0] - + mail.body.should =~ /required by law/ mail.to_addrs.first.to_s.should == info_requests(:naughty_chicken_request).user.name_and_email @@ -1568,7 +1589,7 @@ describe RequestController, "comment alerts" do before(:each) do load_raw_emails_data end - + it "should send an alert (once and once only)" do # delete ficture comment and make new one, so is in last month (as # alerts are only for comments in last month, see @@ -1590,7 +1611,7 @@ describe RequestController, "comment alerts" do # XXX check mail_url here somehow, can't call comment_url like this: # mail_url.should == comment_url(comments(:silly_comment)) - + # check if we send again, no more go out deliveries.clear RequestMailer.alert_comment_on_request @@ -1646,15 +1667,15 @@ describe RequestController, "when viewing comments" do it "should link to the user who submitted it" do session[:user_id] = users(:bob_smith_user).id get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' - response.body.should have_tag("div#comment-1 h2", /Silly.*left an annotation/m) - response.body.should_not have_tag("div#comment-1 h2", /You.*left an annotation/m) + response.body.should have_tag("div#comment-1 h2", /Silly.*left an annotation/m) + response.body.should_not have_tag("div#comment-1 h2", /You.*left an annotation/m) end it "should link to the user who submitted to it, even if it is you" do session[:user_id] = users(:silly_name_user).id get :show, :url_title => 'why_do_you_have_such_a_fancy_dog' - response.body.should have_tag("div#comment-1 h2", /Silly.*left an annotation/m) - response.body.should_not have_tag("div#comment-1 h2", /You.*left an annotation/m) + response.body.should have_tag("div#comment-1 h2", /Silly.*left an annotation/m) + response.body.should_not have_tag("div#comment-1 h2", /You.*left an annotation/m) end end @@ -1666,17 +1687,17 @@ describe RequestController, "authority uploads a response from the web interface before(:each) do # domain after the @ is used for authentication of FOI officers, so to test it # we need a user which isn't at localhost. - @normal_user = User.new(:name => "Mr. Normal", :email => "normal-user@flourish.org", + @normal_user = User.new(:name => "Mr. Normal", :email => "normal-user@flourish.org", :password => PostRedirect.generate_random_token) @normal_user.save! - @foi_officer_user = User.new(:name => "The Geraldine Quango", :email => "geraldine-requests@localhost", + @foi_officer_user = User.new(:name => "The Geraldine Quango", :email => "geraldine-requests@localhost", :password => PostRedirect.generate_random_token) @foi_officer_user.save! end - + it "should require login to view the form to upload" do - @ir = info_requests(:fancy_dog_request) + @ir = info_requests(:fancy_dog_request) @ir.public_body.is_foi_officer?(@normal_user).should == false session[:user_id] = @normal_user.id @@ -1685,7 +1706,7 @@ describe RequestController, "authority uploads a response from the web interface end it "should let you view upload form if you are an FOI officer" do - @ir = info_requests(:fancy_dog_request) + @ir = info_requests(:fancy_dog_request) @ir.public_body.is_foi_officer?(@foi_officer_user).should == true session[:user_id] = @foi_officer_user.id @@ -1694,7 +1715,7 @@ describe RequestController, "authority uploads a response from the web interface end it "should prevent uploads if you are not a requester" do - @ir = info_requests(:fancy_dog_request) + @ir = info_requests(:fancy_dog_request) incoming_before = @ir.incoming_messages.size session[:user_id] = @normal_user.id @@ -1718,7 +1739,7 @@ describe RequestController, "authority uploads a response from the web interface # How do I test a file upload in rails? # http://stackoverflow.com/questions/1178587/how-do-i-test-a-file-upload-in-rails it "should let the authority upload a file" do - @ir = info_requests(:fancy_dog_request) + @ir = info_requests(:fancy_dog_request) incoming_before = @ir.incoming_messages.size session[:user_id] = @foi_officer_user.id @@ -1774,7 +1795,7 @@ describe RequestController, "when doing type ahead searches" do response.should render_template('request/_search_ahead.rhtml') assigns[:xapian_requests].should be_nil end - + it "should return a request matching the given keyword, but not users with a matching description" do get :search_typeahead, :q => "chicken" response.should render_template('request/_search_ahead.rhtml') @@ -1793,13 +1814,13 @@ describe RequestController, "when doing type ahead searches" do end it "should not return matches for short words" do - get :search_typeahead, :q => "a" + get :search_typeahead, :q => "a" response.should render_template('request/_search_ahead.rhtml') assigns[:xapian_requests].should be_nil end it "should do partial matches for longer words" do - get :search_typeahead, :q => "chick" + get :search_typeahead, :q => "chick" response.should render_template('request/_search_ahead.rhtml') assigns[:xapian_requests].results.size.should ==1 end @@ -1836,7 +1857,7 @@ describe RequestController, "when showing similar requests" do it "should show similar requests" do badger_request = info_requests(:badger_request) get :similar, :url_title => badger_request.url_title - + # Xapian seems to think *all* the requests are similar assigns[:xapian_object].results.map{|x|x[:model].info_request}.should =~ InfoRequest.all.reject {|x| x == badger_request} end @@ -1860,7 +1881,7 @@ end describe RequestController, "when reporting a request (logged in)" do integrate_views - + before do @user = users(:robin_user) session[:user_id] = @user.id @@ -1871,10 +1892,10 @@ describe RequestController, "when reporting a request (logged in)" do title = ir.url_title get :show, :url_title => title assigns[:info_request].attention_requested.should == false - + post :report_request, :url_title => title response.should redirect_to(:action => :show, :url_title => title) - + get :show, :url_title => title response.should be_success assigns[:info_request].attention_requested.should == true @@ -1883,13 +1904,13 @@ describe RequestController, "when reporting a request (logged in)" do it "should not allow a request to be reported twice" do title = info_requests(:badger_request).url_title - + post :report_request, :url_title => title response.should redirect_to(:action => :show, :url_title => title) get :show, :url_title => title response.should be_success response.body.should include("has been reported") - + post :report_request, :url_title => title response.should redirect_to(:action => :show, :url_title => title) get :show, :url_title => title @@ -1901,14 +1922,14 @@ describe RequestController, "when reporting a request (logged in)" do title = info_requests(:badger_request).url_title get :show, :url_title => title response.body.should include("Offensive?") - + post :report_request, :url_title => title response.should redirect_to(:action => :show, :url_title => title) - + get :show, :url_title => title - response.body.should_not include("Offensive?") + response.body.should_not include("Offensive?") response.body.should include("This request has been reported") - + info_requests(:badger_request).set_described_state("successful") get :show, :url_title => title response.body.should_not include("This request has been reported") diff --git a/spec/models/info_request_spec.rb b/spec/models/info_request_spec.rb index 2a738fa4c..6de6e1d25 100644 --- a/spec/models/info_request_spec.rb +++ b/spec/models/info_request_spec.rb @@ -401,6 +401,33 @@ describe InfoRequest do end + describe 'when an instance is asked if all can view it' do + + before do + @info_request = InfoRequest.new + end + + it 'should return true if its prominence is normal' do + @info_request.prominence = 'normal' + @info_request.all_can_view?.should == true + end + + it 'should return true if its prominence is backpage' do + @info_request.prominence = 'backpage' + @info_request.all_can_view?.should == true + end + + it 'should return false if its prominence is hidden' do + @info_request.prominence = 'hidden' + @info_request.all_can_view?.should == false + end + + it 'should return false if its prominence is requester_only' do + @info_request.prominence = 'requester_only' + @info_request.all_can_view?.should == false + end + end + describe 'when applying censor rules' do before do |