diff options
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/controllers/user_controller_spec.rb | 10 | ||||
| -rw-r--r-- | spec/integration/alaveteli_dsl.rb | 9 | ||||
| -rw-r--r-- | spec/integration/view_request_spec.rb | 22 | ||||
| -rw-r--r-- | spec/models/censor_rule_spec.rb | 33 | ||||
| -rw-r--r-- | spec/models/info_request_spec.rb | 17 |
5 files changed, 85 insertions, 6 deletions
diff --git a/spec/controllers/user_controller_spec.rb b/spec/controllers/user_controller_spec.rb index 6ecdf1ad4..e4854fe6b 100644 --- a/spec/controllers/user_controller_spec.rb +++ b/spec/controllers/user_controller_spec.rb @@ -327,6 +327,16 @@ describe UserController, "when signing up" do deliveries[0].body.should match(/when\s+you\s+already\s+have\s+an/) end + it 'accepts only whitelisted parameters' do + post :signup, { :user_signup => { :email => 'silly@localhost', + :name => 'New Person', + :password => 'sillypassword', + :password_confirmation => 'sillypassword', + :admin_level => 'super' } } + + expect(assigns(:user_signup).admin_level).to eq('none') + end + # TODO: need to do bob@localhost signup and check that sends different email end diff --git a/spec/integration/alaveteli_dsl.rb b/spec/integration/alaveteli_dsl.rb index 119bb05a0..1d56abbdf 100644 --- a/spec/integration/alaveteli_dsl.rb +++ b/spec/integration/alaveteli_dsl.rb @@ -64,5 +64,14 @@ def close_request(request) request.save! end +def cache_directories_exist?(request) + cache_path = File.join(Rails.root, 'cache', 'views') + paths = [File.join(cache_path, 'request', request.request_dirs)] + I18n.available_locales.each do |locale| + paths << File.join(cache_path, locale.to_s, 'request', request.request_dirs) + end + paths.any?{ |path| File.exist?(path) } +end + diff --git a/spec/integration/view_request_spec.rb b/spec/integration/view_request_spec.rb index 814e20fb3..eecb984f5 100644 --- a/spec/integration/view_request_spec.rb +++ b/spec/integration/view_request_spec.rb @@ -19,6 +19,28 @@ describe "When viewing requests" do @unregistered.browses_request("#{@info_request.url_title}?action=add") end + context "when a request is hidden by an admin" do + + it 'should not retain any cached attachments to be served up by the webserver' do + admin = login(FactoryGirl.create(:admin_user)) + non_owner = login(FactoryGirl.create(:user)) + info_request = FactoryGirl.create(:info_request_with_incoming_attachments) + incoming_message = info_request.incoming_messages.first + attachment_url = "/es/request/#{info_request.id}/response/#{incoming_message.id}/attach/2/interesting.pdf" + non_owner.get(attachment_url) + cache_directories_exist?(info_request).should be_true + + # Admin makes the incoming message requester only + post_data = {:incoming_message => {:prominence => 'hidden', + :prominence_reason => 'boring'}} + admin.post_via_redirect "/admin/incoming/update/#{info_request.incoming_messages.first.id}", post_data + admin.response.should be_success + + cache_directories_exist?(info_request).should be_false + end + + end + context 'when a response has prominence "normal"' do before do diff --git a/spec/models/censor_rule_spec.rb b/spec/models/censor_rule_spec.rb index 5b41cc0d4..4ecd2d3e1 100644 --- a/spec/models/censor_rule_spec.rb +++ b/spec/models/censor_rule_spec.rb @@ -90,17 +90,32 @@ end describe 'when validating rules' do - it 'should be invalid without text' do + it 'must have the text to redact' do censor_rule = CensorRule.new - censor_rule.valid?.should == false - censor_rule.errors[:text].should == ["can't be blank"] + expect(censor_rule).to have(1).error_on(:text) + expect(censor_rule.errors[:text]).to eql(["can't be blank"]) + end + + it 'must have a replacement' do + expect(CensorRule.new).to have(1).error_on(:replacement) + end + + it 'must have a last_edit_editor' do + expect(CensorRule.new).to have(1).error_on(:last_edit_editor) + end + + it 'must have a last_edit_comment' do + expect(CensorRule.new).to have(1).error_on(:last_edit_comment) end describe 'when validating a regexp rule' do before do @censor_rule = CensorRule.new(:regexp => true, - :text => '*') + :text => '*', + :replacement => '---', + :last_edit_comment => 'test', + :last_edit_editor => 'rspec') end it 'should try to create a regexp from the text' do @@ -133,7 +148,10 @@ describe 'when validating rules' do describe 'when the allow_global flag has been set' do before do - @censor_rule = CensorRule.new(:text => 'some text') + @censor_rule = CensorRule.new(:text => 'some text', + :replacement => '---', + :last_edit_comment => 'test', + :last_edit_editor => 'rspec') @censor_rule.allow_global = true end @@ -146,7 +164,10 @@ describe 'when validating rules' do describe 'when the allow_global flag has not been set' do before do - @censor_rule = CensorRule.new(:text => '/./') + @censor_rule = CensorRule.new(:text => '/./', + :replacement => '---', + :last_edit_comment => 'test', + :last_edit_editor => 'rspec') end it 'should not allow a global text censor rule (without user_id, request_id or public_body_id)' do diff --git a/spec/models/info_request_spec.rb b/spec/models/info_request_spec.rb index 12499f50a..afb8e0949 100644 --- a/spec/models/info_request_spec.rb +++ b/spec/models/info_request_spec.rb @@ -147,6 +147,23 @@ describe InfoRequest do end + describe 'when managing the cache directories' do + before do + @info_request = info_requests(:fancy_dog_request) + end + + it 'should return the default locale cache path without locale parts' do + default_locale_path = File.join(Rails.root, 'cache', 'views', 'request', '101', '101') + @info_request.foi_fragment_cache_directories.include?(default_locale_path).should == true + end + + it 'should return the cache path for any other locales' do + other_locale_path = File.join(Rails.root, 'cache', 'views', 'es', 'request', '101', '101') + @info_request.foi_fragment_cache_directories.include?(other_locale_path).should == true + end + + end + describe " when emailing" do before do |