aboutsummaryrefslogtreecommitdiffstats
path: root/spec/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'spec/controllers')
-rw-r--r--spec/controllers/admin_incoming_message_controller_spec.rb144
-rw-r--r--spec/controllers/admin_outgoing_message_controller_spec.rb105
-rw-r--r--spec/controllers/admin_request_controller_spec.rb91
-rw-r--r--spec/controllers/request_controller_spec.rb374
4 files changed, 453 insertions, 261 deletions
diff --git a/spec/controllers/admin_incoming_message_controller_spec.rb b/spec/controllers/admin_incoming_message_controller_spec.rb
new file mode 100644
index 000000000..b969a8a3f
--- /dev/null
+++ b/spec/controllers/admin_incoming_message_controller_spec.rb
@@ -0,0 +1,144 @@
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
+
+describe AdminIncomingMessageController, "when administering incoming messages" do
+
+ describe 'when destroying an incoming message' do
+
+ before(:each) do
+ basic_auth_login @request
+ load_raw_emails_data
+ end
+
+ before do
+ @im = incoming_messages(:useless_incoming_message)
+ @controller.stub!(:expire_for_request)
+ end
+
+ it "destroys the raw email file" do
+ raw_email = @im.raw_email.filepath
+ assert_equal File.exists?(raw_email), true
+ post :destroy, :incoming_message_id => @im.id
+ assert_equal File.exists?(raw_email), false
+ end
+
+ it 'asks the incoming message to fully destroy itself' do
+ IncomingMessage.stub!(:find).and_return(@im)
+ @im.should_receive(:fully_destroy)
+ post :destroy, :incoming_message_id => @im.id
+ end
+
+ it 'expires the file cache for the associated info_request' do
+ @controller.should_receive(:expire_for_request).with(@im.info_request)
+ post :destroy, :incoming_message_id => @im.id
+ end
+
+ end
+
+ describe 'when redelivering an incoming message' do
+
+ before(:each) do
+ basic_auth_login @request
+ load_raw_emails_data
+ end
+
+ it 'expires the file cache for the previous request' do
+ current_info_request = info_requests(:fancy_dog_request)
+ destination_info_request = info_requests(:naughty_chicken_request)
+ incoming_message = incoming_messages(:useless_incoming_message)
+ @controller.should_receive(:expire_for_request).with(current_info_request)
+ post :redeliver, :redeliver_incoming_message_id => incoming_message.id,
+ :url_title => destination_info_request.url_title
+ end
+
+
+ end
+
+ describe 'when editing an incoming message' do
+
+ before do
+ @incoming = FactoryGirl.create(:incoming_message)
+ end
+
+ it 'should be successful' do
+ get :edit, :id => @incoming.id
+ response.should be_success
+ end
+
+ it 'should assign the incoming message to the view' do
+ get :edit, :id => @incoming.id
+ assigns[:incoming_message].should == @incoming
+ end
+
+ end
+
+ describe 'when updating an incoming message' do
+
+ before do
+ @incoming = FactoryGirl.create(:incoming_message, :prominence => 'normal')
+ @default_params = {:id => @incoming.id,
+ :incoming_message => {:prominence => 'hidden',
+ :prominence_reason => 'dull'} }
+ end
+
+ def make_request(params=@default_params)
+ post :update, params
+ end
+
+ it 'should save the prominence of the message' do
+ make_request
+ @incoming.reload
+ @incoming.prominence.should == 'hidden'
+ end
+
+ it 'should save a prominence reason for the message' do
+ make_request
+ @incoming.reload
+ @incoming.prominence_reason.should == 'dull'
+ end
+
+ it 'should log an "edit_incoming" event on the info_request' do
+ @controller.stub!(:admin_current_user).and_return("Admin user")
+ make_request
+ @incoming.reload
+ last_event = @incoming.info_request_events.last
+ last_event.event_type.should == 'edit_incoming'
+ last_event.params.should == { :incoming_message_id => @incoming.id,
+ :editor => "Admin user",
+ :old_prominence => "normal",
+ :prominence => "hidden",
+ :old_prominence_reason => nil,
+ :prominence_reason => "dull" }
+ end
+
+ it 'should expire the file cache for the info request' do
+ @controller.should_receive(:expire_for_request).with(@incoming.info_request)
+ make_request
+ end
+
+ context 'if the incoming message saves correctly' do
+
+ it 'should redirect to the admin info request view' do
+ make_request
+ response.should redirect_to admin_request_show_url(@incoming.info_request)
+ end
+
+ it 'should show a message that the incoming message has been updated' do
+ make_request
+ flash[:notice].should == 'Incoming message successfully updated.'
+ end
+
+ end
+
+ context 'if the incoming message is not valid' do
+
+ it 'should render the edit template' do
+ make_request({:id => @incoming.id,
+ :incoming_message => {:prominence => 'fantastic',
+ :prominence_reason => 'dull'}})
+ response.should render_template("edit")
+ end
+
+ end
+ end
+
+end
diff --git a/spec/controllers/admin_outgoing_message_controller_spec.rb b/spec/controllers/admin_outgoing_message_controller_spec.rb
new file mode 100644
index 000000000..0dde53b86
--- /dev/null
+++ b/spec/controllers/admin_outgoing_message_controller_spec.rb
@@ -0,0 +1,105 @@
+require File.expand_path(File.dirname(__FILE__) + '/../spec_helper')
+
+describe AdminOutgoingMessageController do
+
+ describe 'when editing an outgoing message' do
+
+ before do
+ @info_request = FactoryGirl.create(:info_request)
+ @outgoing = @info_request.outgoing_messages.first
+ end
+
+ it 'should be successful' do
+ get :edit, :id => @outgoing.id
+ response.should be_success
+ end
+
+ it 'should assign the incoming message to the view' do
+ get :edit, :id => @outgoing.id
+ assigns[:outgoing_message].should == @outgoing
+ end
+
+ end
+
+ describe 'when updating an outgoing message' do
+
+ before do
+ @info_request = FactoryGirl.create(:info_request)
+ @outgoing = @info_request.outgoing_messages.first
+ @default_params = {:id => @outgoing.id,
+ :outgoing_message => {:prominence => 'hidden',
+ :prominence_reason => 'dull',
+ :body => 'changed body'} }
+ end
+
+ def make_request(params=@default_params)
+ post :update, params
+ end
+
+ it 'should save a change to the body of the message' do
+ make_request
+ @outgoing.reload
+ @outgoing.body.should == 'changed body'
+ end
+
+ it 'should save the prominence of the message' do
+ make_request
+ @outgoing.reload
+ @outgoing.prominence.should == 'hidden'
+ end
+
+ it 'should save a prominence reason for the message' do
+ make_request
+ @outgoing.reload
+ @outgoing.prominence_reason.should == 'dull'
+ end
+
+ it 'should log an "edit_outgoing" event on the info_request' do
+ @controller.stub!(:admin_current_user).and_return("Admin user")
+ make_request
+ @info_request.reload
+ last_event = @info_request.info_request_events.last
+ last_event.event_type.should == 'edit_outgoing'
+ last_event.params.should == { :outgoing_message_id => @outgoing.id,
+ :editor => "Admin user",
+ :old_prominence => "normal",
+ :prominence => "hidden",
+ :old_prominence_reason => nil,
+ :old_body => 'Some information please',
+ :body => 'changed body',
+ :prominence_reason => "dull" }
+ end
+
+ it 'should expire the file cache for the info request' do
+ @controller.should_receive(:expire_for_request).with(@info_request)
+ make_request
+ end
+
+ context 'if the outgoing message saves correctly' do
+
+ it 'should redirect to the admin info request view' do
+ make_request
+ response.should redirect_to admin_request_show_url(@info_request)
+ end
+
+ it 'should show a message that the incoming message has been updated' do
+ make_request
+ flash[:notice].should == 'Outgoing message successfully updated.'
+ end
+
+ end
+
+ context 'if the incoming message is not valid' do
+
+ it 'should render the edit template' do
+ make_request({:id => @outgoing.id,
+ :outgoing_message => {:prominence => 'fantastic',
+ :prominence_reason => 'dull',
+ :body => 'Some information please'}})
+ response.should render_template("edit")
+ end
+
+ end
+ end
+
+end
diff --git a/spec/controllers/admin_request_controller_spec.rb b/spec/controllers/admin_request_controller_spec.rb
index b7b726507..c374ff90d 100644
--- a/spec/controllers/admin_request_controller_spec.rb
+++ b/spec/controllers/admin_request_controller_spec.rb
@@ -52,18 +52,6 @@ describe AdminRequestController, "when administering requests" do
end
- it "edits an outgoing message" do
- get :edit_outgoing, :id => outgoing_messages(:useless_outgoing_message)
- end
-
- it "saves edits to an outgoing_message" do
- outgoing_messages(:useless_outgoing_message).body.should include("fancy dog")
- post :update_outgoing, { :id => outgoing_messages(:useless_outgoing_message), :outgoing_message => { :body => "Why do you have such a delicious cat?" } }
- request.flash[:notice].should include('successful')
- ir = OutgoingMessage.find(outgoing_messages(:useless_outgoing_message).id)
- ir.body.should include("delicious cat")
- end
-
describe 'when fully destroying a request' do
it 'expires the file cache for that request' do
@@ -89,59 +77,10 @@ describe AdminRequestController, "when administering the holding pen" do
ir.handle_rejected_responses = 'holding_pen'
ir.save!
receive_incoming_mail('incoming-request-plain.email', ir.incoming_email, "frob@nowhere.com")
- get :show_raw_email, :id => InfoRequest.holding_pen_request.get_last_response.raw_email.id
+ get :show_raw_email, :id => InfoRequest.holding_pen_request.get_last_public_response.raw_email.id
response.should contain "Only the authority can reply to this request"
end
- it "allows redelivery even to a closed request" do
- ir = info_requests(:fancy_dog_request)
- ir.allow_new_responses_from = 'nobody'
- ir.handle_rejected_responses = 'holding_pen'
- ir.save!
- InfoRequest.holding_pen_request.incoming_messages.length.should == 0
- ir.incoming_messages.length.should == 1
- receive_incoming_mail('incoming-request-plain.email', ir.incoming_email, "frob@nowhere.com")
- InfoRequest.holding_pen_request.incoming_messages.length.should == 1
- new_im = InfoRequest.holding_pen_request.incoming_messages[0]
- ir.incoming_messages.length.should == 1
- post :redeliver_incoming, :redeliver_incoming_message_id => new_im.id, :url_title => ir.url_title
- ir = InfoRequest.find_by_url_title(ir.url_title)
- ir.incoming_messages.length.should == 2
- response.should redirect_to(:controller=>'admin_request', :action=>'show', :id=>101)
- InfoRequest.holding_pen_request.incoming_messages.length.should == 0
- end
-
- it "allows redelivery to more than one request" do
- ir1 = info_requests(:fancy_dog_request)
- ir1.allow_new_responses_from = 'nobody'
- ir1.handle_rejected_responses = 'holding_pen'
- ir1.save!
- ir1.incoming_messages.length.should == 1
- ir2 = info_requests(:another_boring_request)
- ir2.incoming_messages.length.should == 1
-
- receive_incoming_mail('incoming-request-plain.email', ir1.incoming_email, "frob@nowhere.com")
- InfoRequest.holding_pen_request.incoming_messages.length.should == 1
-
- new_im = InfoRequest.holding_pen_request.incoming_messages[0]
- post :redeliver_incoming, :redeliver_incoming_message_id => new_im.id, :url_title => "#{ir1.url_title},#{ir2.url_title}"
- ir1.reload
- ir1.incoming_messages.length.should == 2
- ir2.reload
- ir2.incoming_messages.length.should == 2
- response.should redirect_to(:controller=>'admin_request', :action=>'show', :id=>ir2.id)
- InfoRequest.holding_pen_request.incoming_messages.length.should == 0
- end
-
- it 'expires the file cache for the previous request' do
- current_info_request = info_requests(:fancy_dog_request)
- destination_info_request = info_requests(:naughty_chicken_request)
- incoming_message = incoming_messages(:useless_incoming_message)
- @controller.should_receive(:expire_for_request).with(current_info_request)
- post :redeliver_incoming, :redeliver_incoming_message_id => incoming_message.id,
- :url_title => destination_info_request.url_title
- end
-
it "guesses a misdirected request" do
ir = info_requests(:fancy_dog_request)
ir.handle_rejected_responses = 'holding_pen'
@@ -149,7 +88,8 @@ describe AdminRequestController, "when administering the holding pen" do
ir.save!
mail_to = "request-#{ir.id}-asdfg@example.com"
receive_incoming_mail('incoming-request-plain.email', mail_to)
- interesting_email = InfoRequest.holding_pen_request.get_last_response.raw_email.id
+ interesting_email = InfoRequest.holding_pen_request.get_last_public_response
+.raw_email.id
# now we add another message to the queue, which we're not interested in
receive_incoming_mail('incoming-request-plain.email', ir.incoming_email, "")
InfoRequest.holding_pen_request.incoming_messages.length.should == 2
@@ -158,32 +98,7 @@ describe AdminRequestController, "when administering the holding pen" do
assigns[:info_requests][0].should == ir
end
- describe 'when destroying an incoming message' do
-
- before do
- @im = incoming_messages(:useless_incoming_message)
- @controller.stub!(:expire_for_request)
- end
-
- it "destroys the raw email file" do
- raw_email = @im.raw_email.filepath
- assert_equal File.exists?(raw_email), true
- post :destroy_incoming, :incoming_message_id => @im.id
- assert_equal File.exists?(raw_email), false
- end
-
- it 'asks the incoming message to fully destroy itself' do
- IncomingMessage.stub!(:find).and_return(@im)
- @im.should_receive(:fully_destroy)
- post :destroy_incoming, :incoming_message_id => @im.id
- end
- it 'expires the file cache for the associated info_request' do
- @controller.should_receive(:expire_for_request).with(@im.info_request)
- post :destroy_incoming, :incoming_message_id => @im.id
- end
-
- end
it "shows a suitable default 'your email has been hidden' message" do
ir = info_requests(:fancy_dog_request)
diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb
index 9c4e16c67..d190b0db7 100644
--- a/spec/controllers/request_controller_spec.rb
+++ b/spec/controllers/request_controller_spec.rb
@@ -191,7 +191,6 @@ describe RequestController, "when showing one request" do
before(:each) do
load_raw_emails_data
- FileUtils.rm_rf File.join(File.dirname(__FILE__), "../../cache/zips")
end
it "should be successful" do
@@ -768,194 +767,221 @@ describe RequestController, "when showing one request" do
end
end
- describe 'when making a zipfile available' do
- it 'should return a 410 for a request that is hidden' do
- title = 'why_do_you_have_such_a_fancy_dog'
- ir = info_requests(:fancy_dog_request)
- ir.prominence = 'hidden'
- ir.save!
- get :download_entire_request, {:url_title => title}, { :user_id => ir.user.id }
- response.should render_template('request/hidden')
- response.code.should == '410'
- end
-
- it "should have a different zipfile URL when the request changes" do
- title = 'why_do_you_have_such_a_fancy_dog'
- ir = info_requests(:fancy_dog_request)
- session[:user_id] = ir.user.id # bob_smith_user
- get :download_entire_request, :url_title => title
- assigns[:url_path].should contain /#{title}.zip$/
- old_path = assigns[:url_path]
- response.location.should contain /#{assigns[:url_path]}$/
- zipfile = Zip::ZipFile.open(File.join(File.dirname(__FILE__), "../../cache/zips", old_path)) { |zipfile|
- zipfile.count.should == 1 # just the message
- }
- receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email)
- get :download_entire_request, :url_title => title
- assigns[:url_path].should contain /#{title}.zip$/
- old_path = assigns[:url_path]
- response.location.should contain /#{assigns[:url_path]}$/
- zipfile = Zip::ZipFile.open(File.join(File.dirname(__FILE__), "../../cache/zips", old_path)) { |zipfile|
- zipfile.count.should == 3 # the message plus two "hello-world.txt" files
- }
-
- # The path of the zip file is based on the hash of the timestamp of the last request
- # in the thread, so we wait for a second to make sure this one will have a different
- # timestamp than the previous.
- sleep 1
- receive_incoming_mail('incoming-request-attachment-unknown-extension.email', ir.incoming_email)
- get :download_entire_request, :url_title => title
- assigns[:url_path].should contain /#{title}.zip$/
- assigns[:url_path].should_not == old_path
- response.location.should contain assigns[:url_path]
- zipfile = Zip::ZipFile.open(File.join(File.dirname(__FILE__), "../../cache/zips", assigns[:url_path])) { |zipfile|
- zipfile.count.should == 4 # the message, two hello-world.txt plus the unknown attachment
- }
- end
-
- it 'should successfully make a zipfile for an external request' do
- info_request = info_requests(:external_request)
- get :download_entire_request, { :url_title => info_request.url_title },
- { :user_id => users(:bob_smith_user) }
- response.location.should contain /#{assigns[:url_path]}$/
- end
- end
end
end
-describe RequestController, "when changing prominence of a request" do
- before(:each) do
- load_raw_emails_data
+describe RequestController, "when handling prominence" do
+
+ def expect_hidden(hidden_template)
+ response.content_type.should == "text/html"
+ response.should render_template(hidden_template)
+ response.code.should == '403'
end
- it "should not show hidden requests" do
- ir = info_requests(:fancy_dog_request)
- ir.prominence = 'hidden'
- ir.save!
+ context 'when the request is hidden' do
- get :show, :url_title => 'why_do_you_have_such_a_fancy_dog'
- response.should render_template('hidden')
- end
+ before(:each) do
+ @info_request = FactoryGirl.create(:info_request_with_incoming_attachments,
+ :prominence => 'hidden')
+ end
- it "should not show hidden requests even if logged in as their owner" do
- ir = info_requests(:fancy_dog_request)
- ir.prominence = 'hidden'
- ir.save!
+ it "should not show request if you're not logged in" do
+ get :show, :url_title => @info_request.url_title
+ expect_hidden('hidden')
+ end
- session[:user_id] = ir.user.id # bob_smith_user
- get :show, :url_title => 'why_do_you_have_such_a_fancy_dog'
- response.should render_template('hidden')
- end
+ it "should not show request even if logged in as their owner" do
+ session[:user_id] = @info_request.user.id
+ get :show, :url_title => @info_request.url_title
+ expect_hidden('hidden')
+ end
- it 'should not show hidden requests if requested using json' do
- ir = info_requests(:fancy_dog_request)
- ir.prominence = 'hidden'
- ir.save!
+ it 'should not show request if requested using json' do
+ session[:user_id] = @info_request.user.id
+ get :show, :url_title => @info_request.url_title, :format => 'json'
+ response.code.should == '403'
+ end
- session[:user_id] = ir.user.id # bob_smith_user
- get :show, :url_title => 'why_do_you_have_such_a_fancy_dog', :format => 'json'
- response.code.should == '410'
- end
+ it "should show request if logged in as super user" do
+ session[:user_id] = FactoryGirl.create(:admin_user)
+ get :show, :url_title => @info_request.url_title
+ response.should render_template('show')
+ end
- it "should show hidden requests if logged in as super user" do
- ir = info_requests(:fancy_dog_request)
- ir.prominence = 'hidden'
- ir.save!
+ it "should not download attachments" do
+ incoming_message = @info_request.incoming_messages.first
+ get :get_attachment, :incoming_message_id => incoming_message.id,
+ :id => @info_request.id,
+ :part => 2,
+ :file_name => 'interesting.pdf',
+ :skip_cache => 1
+ expect_hidden('request/hidden')
+ end
+
+ it 'should not generate an HTML version of an attachment for a request whose prominence
+ is hidden even for an admin but should return a 404' do
+ session[:user_id] = FactoryGirl.create(:admin_user)
+ incoming_message = @info_request.incoming_messages.first
+ lambda do
+ get :get_attachment_as_html, :incoming_message_id => incoming_message.id,
+ :id => @info_request.id,
+ :part => 2,
+ :file_name => 'interesting.pdf'
+ end.should raise_error(ActiveRecord::RecordNotFound)
+ end
- session[:user_id] = users(:admin_user)
- get :show, :url_title => 'why_do_you_have_such_a_fancy_dog'
- response.should render_template('show')
end
- it "should not show requester_only requests if you're not logged in" do
- ir = info_requests(:fancy_dog_request)
- ir.prominence = 'requester_only'
- ir.save!
+ context 'when the request is requester_only' do
- get :show, :url_title => 'why_do_you_have_such_a_fancy_dog'
- response.should render_template('hidden')
- end
+ before(:each) do
+ @info_request = FactoryGirl.create(:info_request_with_incoming_attachments,
+ :prominence => 'requester_only')
+ end
- it "should show requester_only requests to requester and admin if logged in" do
- ir = info_requests(:fancy_dog_request)
- ir.prominence = 'requester_only'
- ir.save!
+ it "should not show request if you're not logged in" do
+ get :show, :url_title => @info_request.url_title
+ expect_hidden('hidden')
+ end
- session[:user_id] = users(:silly_name_user).id
- get :show, :url_title => 'why_do_you_have_such_a_fancy_dog'
- response.should render_template('hidden')
+ it "should show request to requester and admin if logged in" do
+ session[:user_id] = FactoryGirl.create(:user).id
+ get :show, :url_title => @info_request.url_title
+ expect_hidden('hidden')
- session[:user_id] = ir.user.id # bob_smith_user
- get :show, :url_title => 'why_do_you_have_such_a_fancy_dog'
- response.should render_template('show')
+ session[:user_id] = @info_request.user.id
+ get :show, :url_title => @info_request.url_title
+ response.should render_template('show')
- session[:user_id] = users(:admin_user).id
- get :show, :url_title => 'why_do_you_have_such_a_fancy_dog'
- response.should render_template('show')
- end
+ session[:user_id] = FactoryGirl.create(:admin_user).id
+ get :show, :url_title => @info_request.url_title
+ response.should render_template('show')
+ end
- it 'should not cache an attachment on a request whose prominence is requester_only when showing
- the request to the requester or admin' do
- ir = info_requests(:fancy_dog_request)
- ir.prominence = 'requester_only'
- ir.save!
- session[:user_id] = ir.user.id # bob_smith_user
- @controller.should_not_receive(:foi_fragment_cache_write)
- get :show, :url_title => 'why_do_you_have_such_a_fancy_dog'
+ it 'should not cache an attachment when showing an attachment to the requester or admin' do
+ session[:user_id] = @info_request.user.id
+ incoming_message = @info_request.incoming_messages.first
+ @controller.should_not_receive(:foi_fragment_cache_write)
+ get :get_attachment, :incoming_message_id => incoming_message.id,
+ :id => @info_request.id,
+ :part => 2,
+ :file_name => 'interesting.pdf'
+ end
end
- it "should not download attachments if hidden" do
- ir = info_requests(:fancy_dog_request)
- ir.prominence = 'hidden'
- ir.save!
- receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email)
+ context 'when the incoming message has prominence hidden' do
+
+ before(:each) do
+ @incoming_message = FactoryGirl.create(:incoming_message_with_attachments,
+ :prominence => 'hidden')
+ @info_request = @incoming_message.info_request
+ end
+
+ it "should not download attachments for a non-logged in user" do
+ get :get_attachment, :incoming_message_id => @incoming_message.id,
+ :id => @info_request.id,
+ :part => 2,
+ :file_name => 'interesting.pdf',
+ :skip_cache => 1
+ expect_hidden('request/hidden_correspondence')
+ end
+
+ it 'should not download attachments for the request owner' do
+ session[:user_id] = @info_request.user.id
+ get :get_attachment, :incoming_message_id => @incoming_message.id,
+ :id => @info_request.id,
+ :part => 2,
+ :file_name => 'interesting.pdf',
+ :skip_cache => 1
+ expect_hidden('request/hidden_correspondence')
+ end
+
+ it 'should download attachments for an admin user', :focus => true do
+ session[:user_id] = FactoryGirl.create(:admin_user).id
+ get :get_attachment, :incoming_message_id => @incoming_message.id,
+ :id => @info_request.id,
+ :part => 2,
+ :file_name => 'interesting.pdf',
+ :skip_cache => 1
+ response.content_type.should == 'application/pdf'
+ response.should be_success
+ end
+
+ it 'should not generate an HTML version of an attachment for a request whose prominence
+ is hidden even for an admin but should return a 404' do
+ session[:user_id] = FactoryGirl.create(:admin_user).id
+ lambda do
+ get :get_attachment_as_html, :incoming_message_id => @incoming_message.id,
+ :id => @info_request.id,
+ :part => 2,
+ :file_name => 'interesting.pdf',
+ :skip_cache => 1
+ end.should raise_error(ActiveRecord::RecordNotFound)
+ end
+
+ it 'should not cache an attachment when showing an attachment to the requester or admin' do
+ session[:user_id] = @info_request.user.id
+ @controller.should_not_receive(:foi_fragment_cache_write)
+ get :get_attachment, :incoming_message_id => @incoming_message.id,
+ :id => @info_request.id,
+ :part => 2,
+ :file_name => 'interesting.pdf'
+ end
- get :get_attachment, :incoming_message_id => ir.incoming_messages[1].id,
- :id => ir.id,
- :part => 2,
- :skip_cache => 1
- response.content_type.should == "text/html"
- response.should_not contain "Second hello"
- response.should render_template('request/hidden')
- get :get_attachment, :incoming_message_id => ir.incoming_messages[1].id,
- :id => ir.id,
- :part => 3,
- :skip_cache => 1
- response.content_type.should == "text/html"
- response.should_not contain "First hello"
- response.should render_template('request/hidden')
- response.code.should == '410'
end
- it 'should not generate an HTML version of an attachment whose prominence is hidden/requester
- only even for the requester or an admin but should return a 404' do
- ir = info_requests(:fancy_dog_request)
- ir.prominence = 'hidden'
- ir.save!
- receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email)
- session[:user_id] = users(:admin_user).id
- lambda do
- get :get_attachment_as_html, :incoming_message_id => ir.incoming_messages[1].id,
- :id => ir.id,
- :part => 2,
- :file_name => 'hello world.txt'
- end.should raise_error(ActiveRecord::RecordNotFound)
- end
-
- it 'should not generate an HTML version of an attachment whose prominence is hidden/requester
- only even for the requester or an admin but should return a 404' do
- ir = info_requests(:fancy_dog_request)
- ir.prominence = 'hidden'
- ir.save!
- receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email)
- session[:user_id] = users(:admin_user).id
- lambda do
- get :get_attachment_as_html, :incoming_message_id => ir.incoming_messages[1].id,
- :id => ir.id,
- :part => 2,
- :file_name => 'hello world.txt'
- end.should raise_error(ActiveRecord::RecordNotFound)
+ context 'when the incoming message has prominence requester_only' do
+
+ before(:each) do
+ @incoming_message = FactoryGirl.create(:incoming_message_with_attachments,
+ :prominence => 'requester_only')
+ @info_request = @incoming_message.info_request
+ end
+
+ it "should not download attachments for a non-logged in user" do
+ get :get_attachment, :incoming_message_id => @incoming_message.id,
+ :id => @info_request.id,
+ :part => 2,
+ :file_name => 'interesting.pdf',
+ :skip_cache => 1
+ expect_hidden('request/hidden_correspondence')
+ end
+
+ it 'should download attachments for the request owner' do
+ session[:user_id] = @info_request.user.id
+ get :get_attachment, :incoming_message_id => @incoming_message.id,
+ :id => @info_request.id,
+ :part => 2,
+ :file_name => 'interesting.pdf',
+ :skip_cache => 1
+ response.content_type.should == 'application/pdf'
+ response.should be_success
+ end
+
+ it 'should download attachments for an admin user', :focus => true do
+ session[:user_id] = FactoryGirl.create(:admin_user).id
+ get :get_attachment, :incoming_message_id => @incoming_message.id,
+ :id => @info_request.id,
+ :part => 2,
+ :file_name => 'interesting.pdf',
+ :skip_cache => 1
+ response.content_type.should == 'application/pdf'
+ response.should be_success
+ end
+
+ it 'should not generate an HTML version of an attachment for a request whose prominence
+ is hidden even for an admin but should return a 404' do
+ session[:user_id] = FactoryGirl.create(:admin_user)
+ lambda do
+ get :get_attachment_as_html, :incoming_message_id => @incoming_message.id,
+ :id => @info_request.id,
+ :part => 2,
+ :file_name => 'interesting.pdf',
+ :skip_cache => 1
+ end.should raise_error(ActiveRecord::RecordNotFound)
+ end
+
end
end
@@ -1293,12 +1319,12 @@ describe RequestController, "when viewing an individual response for reply/follo
response.should render_template('request/hidden')
end
- it 'should respond to a json request for a hidden request with a 410 code and no body' do
+ it 'should respond to a json request for a hidden request with a 403 code and no body' do
get :show_response, :id => info_requests(:fancy_dog_request).id,
:incoming_message_id => incoming_messages(:useless_incoming_message),
:format => 'json'
- response.code.should == '410'
+ response.code.should == '403'
end
end
@@ -1572,7 +1598,7 @@ describe RequestController, "when classifying an information request" do
@dog_request.reload
@dog_request.awaiting_description.should == false
@dog_request.described_state.should == 'rejected'
- @dog_request.get_last_response_event.should == info_request_events(:useless_incoming_message_event)
+ @dog_request.get_last_public_response_event.should == info_request_events(:useless_incoming_message_event)
@dog_request.info_request_events.last.event_type.should == "status_update"
@dog_request.info_request_events.last.calculated_state.should == 'rejected'
end
@@ -1725,13 +1751,13 @@ describe RequestController, "when classifying an information request" do
it 'should redirect to the "response url" when there is a last response' do
incoming_message = mock_model(IncomingMessage)
- @dog_request.stub!(:get_last_response).and_return(incoming_message)
+ @dog_request.stub!(:get_last_public_response).and_return(incoming_message)
expect_redirect('waiting_clarification', "request/#{@dog_request.id}/response/#{incoming_message.id}")
end
it 'should redirect to the "response no followup url" when there are no events
needing description' do
- @dog_request.stub!(:get_last_response).and_return(nil)
+ @dog_request.stub!(:get_last_public_response).and_return(nil)
expect_redirect('waiting_clarification', "request/#{@dog_request.id}/response")
end
@@ -1770,7 +1796,7 @@ describe RequestController, "when classifying an information request" do
context 'when status is updated to "gone postal"' do
it 'should redirect to the "respond to last url"' do
- expect_redirect('gone_postal', "request/#{@dog_request.id}/response/#{@dog_request.get_last_response.id}?gone_postal=1")
+ expect_redirect('gone_postal', "request/#{@dog_request.id}/response/#{@dog_request.get_last_public_response.id}?gone_postal=1")
end
end
@@ -1812,7 +1838,7 @@ describe RequestController, "when classifying an information request" do
context 'when status is updated to "user_withdrawn"' do
it 'should redirect to the "respond to last url url" ' do
- expect_redirect('user_withdrawn', "request/#{@dog_request.id}/response/#{@dog_request.get_last_response.id}")
+ expect_redirect('user_withdrawn', "request/#{@dog_request.id}/response/#{@dog_request.get_last_public_response.id}")
end
end
@@ -1865,7 +1891,7 @@ describe RequestController, "when sending a followup message" do
# fake that this is a clarification
info_requests(:fancy_dog_request).set_described_state('waiting_clarification')
info_requests(:fancy_dog_request).described_state.should == 'waiting_clarification'
- info_requests(:fancy_dog_request).get_last_response_event.calculated_state.should == 'waiting_clarification'
+ info_requests(:fancy_dog_request).get_last_public_response_event.calculated_state.should == 'waiting_clarification'
# make the followup
session[:user_id] = users(:bob_smith_user).id
@@ -1883,7 +1909,7 @@ describe RequestController, "when sending a followup message" do
# and that the status changed
info_requests(:fancy_dog_request).reload
info_requests(:fancy_dog_request).described_state.should == 'waiting_response'
- info_requests(:fancy_dog_request).get_last_response_event.calculated_state.should == 'waiting_clarification'
+ info_requests(:fancy_dog_request).get_last_public_response_event.calculated_state.should == 'waiting_clarification'
end
it "should give an error if the same followup is submitted twice" do
@@ -2456,7 +2482,9 @@ describe RequestController, "when caching fragments" do
:info_request_id => 132,
:id => 44,
:get_attachments_for_display => nil,
- :html_mask_stuff! => nil)
+ :html_mask_stuff! => nil,
+ :user_can_view? => true,
+ :all_can_view? => true)
attachment = mock(FoiAttachment, :display_filename => long_name,
:body_as_html => ['some text', 'wrapper'])
IncomingMessage.stub!(:find).with("44").and_return(incoming_message)
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-21 01:39:22 +0000