diff options
Diffstat (limited to 'spec/controllers')
| -rw-r--r-- | spec/controllers/admin_censor_rule_controller_spec.rb | 19 | ||||
| -rw-r--r-- | spec/controllers/admin_public_body_controller_spec.rb | 66 | ||||
| -rw-r--r-- | spec/controllers/admin_request_controller_spec.rb | 43 | ||||
| -rw-r--r-- | spec/controllers/admin_user_controller_spec.rb | 3 | ||||
| -rw-r--r-- | spec/controllers/general_controller_spec.rb | 5 | ||||
| -rw-r--r-- | spec/controllers/public_body_controller_spec.rb | 2 | ||||
| -rw-r--r-- | spec/controllers/request_controller_spec.rb | 155 | ||||
| -rw-r--r-- | spec/controllers/services_controller_spec.rb | 8 | ||||
| -rw-r--r-- | spec/controllers/track_controller_spec.rb | 16 | ||||
| -rw-r--r-- | spec/controllers/user_controller_spec.rb | 37 |
10 files changed, 307 insertions, 47 deletions
diff --git a/spec/controllers/admin_censor_rule_controller_spec.rb b/spec/controllers/admin_censor_rule_controller_spec.rb new file mode 100644 index 000000000..8893a858b --- /dev/null +++ b/spec/controllers/admin_censor_rule_controller_spec.rb @@ -0,0 +1,19 @@ +require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') + +describe AdminCensorRuleController, "when making censor rules from the admin interface" do + integrate_views + before { basic_auth_login @request } + + it "should create a censor rule and purge the corresponding request from varnish" do + ir = info_requests(:fancy_dog_request) + post :create, :censor_rule => { + :text => "meat", + :replacement => "tofu", + :last_edit_comment => "none", + :info_request => ir + } + PurgeRequest.all().first.model_id.should == ir.id + end + + +end diff --git a/spec/controllers/admin_public_body_controller_spec.rb b/spec/controllers/admin_public_body_controller_spec.rb index 1e82a0ba4..171cb21b5 100644 --- a/spec/controllers/admin_public_body_controller_spec.rb +++ b/spec/controllers/admin_public_body_controller_spec.rb @@ -4,10 +4,6 @@ describe AdminPublicBodyController, "when administering public bodies" do integrate_views before do - username = MySociety::Config.get('ADMIN_USERNAME', '') - password = MySociety::Config.get('ADMIN_PASSWORD', '') - basic_auth_login @request - @old_filters = ActionController::Routing::Routes.filters ActionController::Routing::Routes.filters = RoutingFilter::Chain.new end @@ -80,19 +76,29 @@ describe AdminPublicBodyController, "when administering public bodies and paying integrate_views + before do + config = MySociety::Config.load_default() + config['SKIP_ADMIN_AUTH'] = false + basic_auth_login @request + end + after do + config = MySociety::Config.load_default() + config['SKIP_ADMIN_AUTH'] = true + end + + it "disallows non-authenticated users to do anything" do @request.env["HTTP_AUTHORIZATION"] = "" n = PublicBody.count post :destroy, { :id => 3 } - response.code.should == "401" + response.should redirect_to(:controller=>'user', :action=>'signin', :token=>PostRedirect.get_last_post_redirect.token) PublicBody.count.should == n session[:using_admin].should == nil end - it "skips admin authorisation when no username/password set" do + it "skips admin authorisation when SKIP_ADMIN_AUTH set" do config = MySociety::Config.load_default() - config['ADMIN_USERNAME'] = '' - config['ADMIN_PASSWORD'] = '' + config['SKIP_ADMIN_AUTH'] = true @request.env["HTTP_AUTHORIZATION"] = "" n = PublicBody.count @@ -101,30 +107,44 @@ describe AdminPublicBodyController, "when administering public bodies and paying session[:using_admin].should == 1 end - it "skips admin authorisation when no username set" do + it "doesn't let people with bad credentials log in" do config = MySociety::Config.load_default() - config['ADMIN_USERNAME'] = '' + config['SKIP_ADMIN_AUTH'] = false + config['ADMIN_USERNAME'] = 'biz' config['ADMIN_PASSWORD'] = 'fuz' @request.env["HTTP_AUTHORIZATION"] = "" - n = PublicBody.count + basic_auth_login(@request, "baduser", "badpassword") post :destroy, { :id => public_bodies(:forlorn_public_body).id } - PublicBody.count.should == n - 1 - session[:using_admin].should == 1 + response.should redirect_to(:controller=>'user', :action=>'signin', :token=>PostRedirect.get_last_post_redirect.token) + PublicBody.count.should == n + session[:using_admin].should == nil end - it "forces authorisation when password and username set" do + + it "allows people with good credentials log in using HTTP Basic Auth" do config = MySociety::Config.load_default() + config['SKIP_ADMIN_AUTH'] = false config['ADMIN_USERNAME'] = 'biz' config['ADMIN_PASSWORD'] = 'fuz' @request.env["HTTP_AUTHORIZATION"] = "" n = PublicBody.count - basic_auth_login(@request, "baduser", "badpassword") + basic_auth_login(@request, "biz", "fuz") + post :show, { :id => public_bodies(:humpadink_public_body).id, :emergency => 1} + session[:using_admin].should == 1 + n = PublicBody.count post :destroy, { :id => public_bodies(:forlorn_public_body).id } - response.code.should == "401" - PublicBody.count.should == n - session[:using_admin].should == nil + session[:using_admin].should == 1 + PublicBody.count.should == n - 1 end + it "allows superusers to do stuff" do + session[:user_id] = users(:admin_user).id + @request.env["HTTP_AUTHORIZATION"] = "" + n = PublicBody.count + post :destroy, { :id => public_bodies(:forlorn_public_body).id } + PublicBody.count.should == n - 1 + session[:using_admin].should == 1 + end end @@ -132,12 +152,6 @@ end describe AdminPublicBodyController, "when administering public bodies with i18n" do integrate_views - before do - username = MySociety::Config.get('ADMIN_USERNAME', '') - password = MySociety::Config.get('ADMIN_PASSWORD', '') - basic_auth_login @request - end - it "shows the index page" do get :index end @@ -201,10 +215,6 @@ describe AdminPublicBodyController, "when creating public bodies with i18n" do integrate_views before do - username = MySociety::Config.get('ADMIN_USERNAME', '') - password = MySociety::Config.get('ADMIN_PASSWORD', '') - basic_auth_login @request - @old_filters = ActionController::Routing::Routes.filters ActionController::Routing::Routes.filters = RoutingFilter::Chain.new end diff --git a/spec/controllers/admin_request_controller_spec.rb b/spec/controllers/admin_request_controller_spec.rb index ece1fe389..b0468822a 100644 --- a/spec/controllers/admin_request_controller_spec.rb +++ b/spec/controllers/admin_request_controller_spec.rb @@ -86,6 +86,27 @@ describe AdminRequestController, "when administering the holding pen" do response.should redirect_to(:controller=>'admin_request', :action=>'show', :id=>101) InfoRequest.holding_pen_request.incoming_messages.length.should == 0 end + it "allows redelivery to more than one request" do + ir1 = info_requests(:fancy_dog_request) + ir1.allow_new_responses_from = 'nobody' + ir1.handle_rejected_responses = 'holding_pen' + ir1.save! + ir1.incoming_messages.length.should == 1 + ir2 = info_requests(:another_boring_request) + ir2.incoming_messages.length.should == 1 + + receive_incoming_mail('incoming-request-plain.email', ir1.incoming_email, "frob@nowhere.com") + InfoRequest.holding_pen_request.incoming_messages.length.should == 1 + + new_im = InfoRequest.holding_pen_request.incoming_messages[0] + post :redeliver_incoming, :redeliver_incoming_message_id => new_im.id, :url_title => "#{ir1.url_title},#{ir2.url_title}" + ir1.reload + ir1.incoming_messages.length.should == 2 + ir2.reload + ir2.incoming_messages.length.should == 2 + response.should redirect_to(:controller=>'admin_request', :action=>'show', :id=>ir2.id) + InfoRequest.holding_pen_request.incoming_messages.length.should == 0 + end it "guesses a misdirected request" do ir = info_requests(:fancy_dog_request) @@ -110,4 +131,26 @@ describe AdminRequestController, "when administering the holding pen" do assert_equal File.exists?(raw_email), false end + it "shows a suitable default 'your email has been hidden' message" do + ir = info_requests(:fancy_dog_request) + get :show, :id => ir.id + assigns[:request_hidden_user_explanation].should include(ir.user.name) + assigns[:request_hidden_user_explanation].should include("vexatious") + get :show, :id => ir.id, :reason => "not_foi" + assigns[:request_hidden_user_explanation].should_not include("vexatious") + assigns[:request_hidden_user_explanation].should include("not a valid FOI") + end + + it "hides requests and sends a notification email that it has done so" do + ir = info_requests(:fancy_dog_request) + post :hide_request, :id => ir.id, :explanation => "Foo", :reason => "vexatious" + ir.reload + ir.prominence.should == "requester_only" + ir.described_state.should == "vexatious" + deliveries = ActionMailer::Base.deliveries + deliveries.size.should == 1 + mail = deliveries[0] + mail.body.should =~ /Foo/ + end + end diff --git a/spec/controllers/admin_user_controller_spec.rb b/spec/controllers/admin_user_controller_spec.rb index c2d645fd2..cf3665c9f 100644 --- a/spec/controllers/admin_user_controller_spec.rb +++ b/spec/controllers/admin_user_controller_spec.rb @@ -2,9 +2,6 @@ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe AdminUserController, "when administering users" do integrate_views - before do - basic_auth_login @request - end it "shows the index/list page" do get :index diff --git a/spec/controllers/general_controller_spec.rb b/spec/controllers/general_controller_spec.rb index 81f4ed6d5..8a08ab7d0 100644 --- a/spec/controllers/general_controller_spec.rb +++ b/spec/controllers/general_controller_spec.rb @@ -215,5 +215,10 @@ describe GeneralController, "when searching" do assigns[:xapian_users].results.map{|x|x[:model]}.should == [u] end + it "should show tracking links for requests-only searches" do + get :search, :combined => ['"bob"', "requests"] + response.body.should include('Track this search') + end + end diff --git a/spec/controllers/public_body_controller_spec.rb b/spec/controllers/public_body_controller_spec.rb index e6eca0781..9eca43aee 100644 --- a/spec/controllers/public_body_controller_spec.rb +++ b/spec/controllers/public_body_controller_spec.rb @@ -1,7 +1,5 @@ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') -require 'json' - describe PublicBodyController, "when showing a body" do integrate_views diff --git a/spec/controllers/request_controller_spec.rb b/spec/controllers/request_controller_spec.rb index 9add32f1e..c70284748 100644 --- a/spec/controllers/request_controller_spec.rb +++ b/spec/controllers/request_controller_spec.rb @@ -1,8 +1,6 @@ # -*- coding: utf-8 -*- require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') -require 'json' - describe RequestController, "when listing recent requests" do before(:each) do @@ -66,6 +64,14 @@ describe RequestController, "when listing recent requests" do assigns[:cache_tag].size.should <= 32 end + it "should vary the cache tag with locale" do + get :list, :view => 'all', :request_date_after => '13/10/2007', :request_date_before => '01/11/2007' + en_tag = assigns[:cache_tag] + session[:locale] = :es + get :list, :view => 'all', :request_date_after => '13/10/2007', :request_date_before => '01/11/2007' + assigns[:cache_tag].should_not == en_tag + end + it "should list internal_review requests as unresolved ones" do get :list, :view => 'awaiting' @@ -119,10 +125,72 @@ describe RequestController, "when listing recent requests" do end +describe RequestController, "when changing things that appear on the request page" do + + integrate_views + + it "should purge the downstream cache when mail is received" do + ir = info_requests(:fancy_dog_request) + receive_incoming_mail('incoming-request-plain.email', ir.incoming_email) + PurgeRequest.all().first.model_id.should == ir.id + end + it "should purge the downstream cache when a comment is added" do + ir = info_requests(:fancy_dog_request) + new_comment = info_requests(:fancy_dog_request).add_comment('I also love making annotations.', users(:bob_smith_user)) + PurgeRequest.all().first.model_id.should == ir.id + end + it "should purge the downstream cache when a followup is made" do + session[:user_id] = users(:bob_smith_user).id + ir = info_requests(:fancy_dog_request) + post :show_response, :outgoing_message => { :body => "What a useless response! You suck.", :what_doing => 'normal_sort' }, :id => ir.id, :incoming_message_id => incoming_messages(:useless_incoming_message), :submitted_followup => 1 + PurgeRequest.all().first.model_id.should == ir.id + end + it "should purge the downstream cache when the request is categorised" do + ir = info_requests(:fancy_dog_request) + ir.set_described_state('waiting_clarification') + PurgeRequest.all().first.model_id.should == ir.id + end + it "should purge the downstream cache when the authority data is changed" do + ir = info_requests(:fancy_dog_request) + ir.public_body.name = "Something new" + ir.public_body.save! + PurgeRequest.all().map{|x| x.model_id}.should =~ ir.public_body.info_requests.map{|x| x.id} + end + it "should purge the downstream cache when the user details are changed" do + ir = info_requests(:fancy_dog_request) + ir.user.name = "Something new" + ir.user.save! + PurgeRequest.all().map{|x| x.model_id}.should =~ ir.user.info_requests.map{|x| x.id} + end + it "should purge the downstream cache when censor rules have changed" do + # XXX really, CensorRules should execute expiry logic as part + # of the after_save of the model. Currently this is part of + # the AdminCensorRuleController logic, so must be tested from + # there. Leaving this stub test in place as a reminder + end + it "should purge the downstream cache when something is hidden by an admin" do + ir = info_requests(:fancy_dog_request) + ir.prominence = 'hidden' + ir.save! + PurgeRequest.all().first.model_id.should == ir.id + end + it "should not create more than one entry for any given resourcce" do + ir = info_requests(:fancy_dog_request) + ir.prominence = 'hidden' + ir.save! + PurgeRequest.all().count.should == 1 + ir = info_requests(:fancy_dog_request) + ir.prominence = 'hidden' + ir.save! + PurgeRequest.all().count.should == 1 + end +end + describe RequestController, "when showing one request" do before(:each) do load_raw_emails_data + FileUtils.rm_rf File.join(File.dirname(__FILE__), "../../cache/zips") end it "should be successful" do @@ -186,7 +254,7 @@ describe RequestController, "when showing one request" do describe 'when handling incoming mail' do integrate_views - + it "should receive incoming messages, send email to creator, and show them" do ir = info_requests(:fancy_dog_request) ir.incoming_messages.each { |x| x.parse_raw_email! } @@ -222,7 +290,6 @@ describe RequestController, "when showing one request" do get :get_attachment, :incoming_message_id => ir.incoming_messages[1].id, :id => ir.id, :part => 2, :file_name => ['hello.txt'], :skip_cache => 1 response.content_type.should == "text/plain" response.should have_text(/Second hello/) - get :get_attachment, :incoming_message_id => ir.incoming_messages[1].id, :id => ir.id, :part => 3, :file_name => ['hello.txt'], :skip_cache => 1 response.content_type.should == "text/plain" response.should have_text(/First hello/) @@ -351,6 +418,15 @@ describe RequestController, "when showing one request" do response.should have_text(/an unusual sort of file/) end + it "should apply a content-disposition header" do + ir = info_requests(:fancy_dog_request) + receive_incoming_mail('incoming-request-attachment-unknown-extension.email', ir.incoming_email) + ir.reload + get :get_attachment, :incoming_message_id => ir.incoming_messages[1].id, :id => ir.id, :part => 2, :file_name => ['hello.qwglhm'], :skip_cache => 1 + response.headers.should include("Content-Disposition") + response.headers["Content-Disposition"].should include('hello.qwglhm') + end + it "should not download attachments with wrong file name" do ir = info_requests(:fancy_dog_request) receive_incoming_mail('incoming-request-two-same-name.email', ir.incoming_email) @@ -559,7 +635,7 @@ end # XXX do this for invalid ids # it "should render 404 file" do -# response.should render_template("#{RAILS_ROOT}/public/404.html") +# response.should render_template("#{Rails.root}/public/404.html") # response.headers["Status"].should == "404 Not Found" # end @@ -984,6 +1060,7 @@ describe RequestController, "when classifying an information request" do session[:user_id] = @admin_user.id @dog_request = info_requests(:fancy_dog_request) InfoRequest.stub!(:find).and_return(@dog_request) + @dog_request.stub!(:each).and_return([@dog_request]) end it 'should update the status of the request' do @@ -1025,6 +1102,7 @@ describe RequestController, "when classifying an information request" do @dog_request.user = @admin_user @dog_request.save! InfoRequest.stub!(:find).and_return(@dog_request) + @dog_request.stub!(:each).and_return([@dog_request]) end it 'should update the status of the request' do @@ -1061,6 +1139,7 @@ describe RequestController, "when classifying an information request" do @request_owner = users(:bob_smith_user) session[:user_id] = @request_owner.id @dog_request.awaiting_description.should == true + @dog_request.stub!(:each).and_return([@dog_request]) end it "should successfully classify response if logged in as user controlling request" do @@ -1128,6 +1207,7 @@ describe RequestController, "when classifying an information request" do @request_owner = users(:bob_smith_user) session[:user_id] = @request_owner.id @dog_request = info_requests(:fancy_dog_request) + @dog_request.stub!(:each).and_return([@dog_request]) InfoRequest.stub!(:find).and_return(@dog_request) @old_filters = ActionController::Routing::Routes.filters ActionController::Routing::Routes.filters = RoutingFilter::Chain.new @@ -1737,6 +1817,71 @@ describe RequestController, "when doing type ahead searches" do get :search_typeahead, :q => "dog -chicken" assigns[:xapian_requests].results.size.should == 1 end +end + +describe RequestController, "when showing similar requests" do + integrate_views + + it "should work" do + get :similar, :url_title => info_requests(:badger_request).url_title + response.should render_template("request/similar") + assigns[:info_request].should == info_requests(:badger_request) + end + + it "should show similar requests" do + badger_request = info_requests(:badger_request) + get :similar, :url_title => badger_request.url_title + + # Xapian seems to think *all* the requests are similar + assigns[:xapian_object].results.map{|x|x[:model].info_request}.should =~ InfoRequest.all.reject {|x| x == badger_request} + end + + it "should 404 for non-existent paths" do + lambda { + get :similar, :url_title => "there_is_really_no_such_path_owNAFkHR" + }.should raise_error(ActiveRecord::RecordNotFound) + end + +end + + +describe RequestController, "when reporting a request" do + integrate_views + + it "should mark a request as having been reported" do + ir = info_requests(:badger_request) + title = ir.url_title + get :show, :url_title => title + assigns[:info_request].attention_requested.should == false + get :report_request, :url_title => title + get :show, :url_title => title + assigns[:info_request].attention_requested.should == true + assigns[:info_request].described_state.should == "attention_requested" + end + + it "should not allow a request to be reported twice" do + title = info_requests(:badger_request).url_title + get :report_request, :url_title => title + get :show, :url_title => title + response.body.should include("has been reported") + get :report_request, :url_title => title + get :show, :url_title => title + response.body.should include("has already been reported") + end + + it "should let users know a request has been reported" do + title = info_requests(:badger_request).url_title + get :show, :url_title => title + response.body.should include("Offensive?") + get :report_request, :url_title => title + get :show, :url_title => title + response.body.should_not include("Offensive?") + response.body.should include("This request has been reported") + info_requests(:badger_request).set_described_state("successful") + get :show, :url_title => title + response.body.should_not include("This request has been reported") + response.body.should include("The site administrators have reviewed this request") + end end diff --git a/spec/controllers/services_controller_spec.rb b/spec/controllers/services_controller_spec.rb index 1bafd0c8f..2be382258 100644 --- a/spec/controllers/services_controller_spec.rb +++ b/spec/controllers/services_controller_spec.rb @@ -1,3 +1,4 @@ +# -*- coding: utf-8 -*- require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') describe ServicesController, "when using web services" do @@ -16,15 +17,16 @@ describe ServicesController, "when using web services" do config['ISO_COUNTRY_CODE'] = "DE" controller.stub!(:country_from_ip).and_return('ZZ') get :other_country_message - response.body.should match(/outside Germany/) + response.body.should match(/outside Deutschland/) end it "should show link to other FOI website when not in the deployed country" do config = MySociety::Config.load_default() config['ISO_COUNTRY_CODE'] = "ZZ" - controller.stub!(:country_from_ip).and_return('DE') + controller.stub!(:country_from_ip).and_return('ES') + request.env['HTTP_ACCEPT_LANGUAGE'] = "es" get :other_country_message - response.body.should match(/within Germany/) + response.body.should match(/Puede hacer solicitudes de información en España/) end diff --git a/spec/controllers/track_controller_spec.rb b/spec/controllers/track_controller_spec.rb index 5d299caa5..1d38b3055 100644 --- a/spec/controllers/track_controller_spec.rb +++ b/spec/controllers/track_controller_spec.rb @@ -1,9 +1,7 @@ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') -require 'json' - describe TrackController, "when making a new track on a request" do - before do + before(:each) do @ir = mock_model(InfoRequest, :url_title => 'myrequest', :title => 'My request') @track_thing = mock_model(TrackThing, :save! => true, @@ -11,12 +9,15 @@ describe TrackController, "when making a new track on a request" do :track_medium= => nil, :tracking_user_id= => nil) TrackThing.stub!(:create_track_for_request).and_return(@track_thing) + TrackThing.stub!(:create_track_for_search_query).and_return(@track_thing) TrackThing.stub!(:find_by_existing_track).and_return(nil) InfoRequest.stub!(:find_by_url_title).and_return(@ir) @user = mock_model(User) User.stub!(:find).and_return(@user) @user.stub!(:locale).and_return("en") + @user.stub!(:receive_email_alerts).and_return(true) + @user.stub!(:url_name).and_return("bob") end it "should require login when making new track" do @@ -25,13 +26,20 @@ describe TrackController, "when making a new track on a request" do response.should redirect_to(:controller => 'user', :action => 'signin', :token => post_redirect.token) end - it "should save the track and redirect if you are logged in" do + it "should save a request track and redirect if you are logged in" do session[:user_id] = @user.id @track_thing.should_receive(:save!) get :track_request, :url_title => @ir.url_title, :feed => 'track' response.should redirect_to(:controller => 'request', :action => 'show', :url_title => @ir.url_title) end + it "should save a search track and redirect to the right place" do + session[:user_id] = @user.id + @track_thing.should_receive(:save!) + get :track_search_query, :query_array => ["bob variety:sent"], :feed => 'track' + response.should redirect_to(:controller => 'general', :action => 'search', :combined => ["bob", "requests"]) + end + end describe TrackController, "when sending alerts for a track" do diff --git a/spec/controllers/user_controller_spec.rb b/spec/controllers/user_controller_spec.rb index 40649b6e1..7a6c9ac0d 100644 --- a/spec/controllers/user_controller_spec.rb +++ b/spec/controllers/user_controller_spec.rb @@ -1,8 +1,6 @@ # coding: utf-8 require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') -require 'json' - # XXX Use route_for or params_from to check /c/ links better # http://rspec.rubyforge.org/rspec-rails/1.1.12/classes/Spec/Rails/Example/ControllerExampleGroup.html @@ -632,6 +630,41 @@ describe UserController, "when showing JSON version for API" do end +describe UserController, "when viewing the wall" do + integrate_views + + before(:each) do + rebuild_xapian_index + end + + it "should show users stuff on their wall, most recent first" do + user = users(:silly_name_user) + ire = info_request_events(:useless_incoming_message_event) + ire.created_at = DateTime.new(2001,1,1) + session[:user_id] = user.id + get :wall, :url_name => user.url_name + assigns[:feed_results][0].should_not == ire + + ire.created_at = Time.now + ire.save! + get :wall, :url_name => user.url_name + assigns[:feed_results][0].should == ire + end + it "should show other users' activities on their walls" do + user = users(:silly_name_user) + ire = info_request_events(:useless_incoming_message_event) + get :wall, :url_name => user.url_name + assigns[:feed_results][0].should_not == ire + end + it "should allow users to turn their own email alerts on and off" do + user = users(:silly_name_user) + session[:user_id] = user.id + user.receive_email_alerts.should == true + get :set_receive_email_alerts, :receive_email_alerts => 'false', :came_from => "/" + user.reload + user.receive_email_alerts.should_not == true + end +end |