another silly malicious friend spec

2010-10-28 17:02:55 -07:00 · 2010-10-28 17:02:55 -07:00 · f5d54ff6f8
commit f5d54ff6f8
parent 55b38585d6
1 changed files with 16 additions and 0 deletions
--- a/spec/models/user/attack_vectors_spec.rb
+++ b/spec/models/user/attack_vectors_spec.rb
@ -79,5 +79,21 @@ describe "attack vectors" do
      user2.reload
      user2.profile.first_name.should == first_name
    end
+
+    it 'can send retractions on post you do not own' do
+      pending
+      original_message = user2.post :status_message, :message => 'store this!', :to => aspect2.id
+      user.receive_salmon(user2.salmon(original_message).xml_for(user.person))
+      user.raw_visible_posts.count.should be 1
+
+      ret = Retraction.new
+      ret.post_id = original_message.id
+      ret.person_id = user3.person.id
+      ret.type = original_message.class.to_s
+
+      user.receive_salmon(user3.salmon(ret).xml_for(user.person))
+      StatusMessage.count.should be 1
+      user.reload.raw_visible_posts.count.should be 1
+    end
  end
 end