nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
diaspora/spec/integration/api/search_controller_spec.rb
Hank Grabowski f07912ebdd API Branch Final Cleanup Before PR
2018-12-30 11:50:58 -05:00

221 lines
6.3 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
require "spec_helper"
describe Api::V1::SearchController do
let(:auth) {
FactoryGirl.create(
:auth_with_default_scopes,
scopes: %w[openid public:read public:modify private:read private:modify]
)
}
let(:auth_read_only) {
FactoryGirl.create(
:auth_with_default_scopes,
scopes: %w[openid public:read private:read]
)
}
let(:auth_public_only_read_only) {
FactoryGirl.create(
:auth_with_default_scopes,
scopes: %w[openid public:read]
)
}
let!(:access_token) { auth.create_access_token.to_s }
let!(:access_token_read_only) { auth_read_only.create_access_token.to_s }
let!(:access_token_public_only_read_only) { auth_public_only_read_only.create_access_token.to_s }
let(:invalid_token) { SecureRandom.hex(9) }
describe "#user_index" do
before do
@searchable_user = FactoryGirl.create(
:person,
diaspora_handle: "findable@example.org",
profile: FactoryGirl.build(:profile, first_name: "Terry", last_name: "Smith")
)
@closed_user = FactoryGirl.create(
:person,
closed_account: true,
profile: FactoryGirl.build(:profile, first_name: "Closed", last_name: "Account")
)
@unsearchable_user = FactoryGirl.create(
:person,
diaspora_handle: "unsearchable@example.org",
profile: FactoryGirl.build(
:profile,
first_name: "Unsearchable",
last_name: "Person",
searchable: false
)
)
end
it "succeeds by tag" do
get(
"/api/v1/search/users",
params: {tag: "one", access_token: access_token}
)
expect(response.status).to eq(200)
users = response_body_data(response)
expect(users.length).to eq(15)
end
it "succeeds by name" do
get(
"/api/v1/search/users",
params: {name_or_handle: "Terry", access_token: access_token}
)
expect(response.status).to eq(200)
users = response_body_data(response)
expect(users.length).to eq(1)
end
it "succeeds by handle" do
get(
"/api/v1/search/users",
params: {name_or_handle: "findable", access_token: access_token}
)
expect(response.status).to eq(200)
users = response_body_data(response)
expect(users.length).to eq(1)
end
it "doesn't return closed accounts" do
get(
"/api/v1/search/users",
params: {name_or_handle: "Closed", access_token: access_token}
)
expect(response.status).to eq(200)
users = response_body_data(response)
expect(users.length).to eq(0)
end
it "doesn't return hidden accounts" do
get(
"/api/v1/search/users",
params: {name_or_handle: "unsearchable@example.org", access_token: access_token}
)
expect(response.status).to eq(200)
users = response_body_data(response)
expect(users.length).to eq(0)
end
it "doesn't return hidden accounts who are linked without contacts:read token" do
aspect_to = auth_public_only_read_only.user.aspects.create(name: "shared aspect")
auth_public_only_read_only.user.share_with(@unsearchable_user, aspect_to)
get(
"/api/v1/search/users",
params: {name_or_handle: "unsearchable@example.org", access_token: access_token_public_only_read_only}
)
expect(response.status).to eq(200)
users = response_body_data(response)
expect(users.length).to eq(0)
end
it "fails if ask for both" do
get(
"/api/v1/search/users",
params: {tag: "tag1", name_or_handle: "name", access_token: access_token}
)
expect(response.status).to eq(422)
expect(response.body).to eq(I18n.t("api.endpoint_errors.search.cant_process"))
end
it "fails with no fields" do
get(
"/api/v1/search/users",
params: {access_token: access_token}
)
expect(response.status).to eq(422)
expect(response.body).to eq(I18n.t("api.endpoint_errors.search.cant_process"))
end
it "fails with bad credentials" do
get(
"/api/v1/search/users",
params: {tag: "tag1", access_token: invalid_token}
)
expect(response.status).to eq(401)
end
end
describe "post_index" do
before do
@user_post = auth.user.post(
:status_message,
text: "This is a status message #tag1 #tag2",
public: true
)
@eve_post = eve.post(
:status_message,
text: "This is Eve's status message #tag2 #tag3",
public: true
)
aspect = eve.aspects.create(name: "shared aspect")
eve.share_with(auth_public_only_read_only.user.person, aspect)
eve.share_with(auth.user.person, aspect)
@eve_private_post = eve.post(
:status_message,
text: "This is Eve's status message #tag2 #tag3",
public: false,
to: aspect.id
)
end
it "succeeds by tag" do
get(
"/api/v1/search/posts",
params: {tag: "tag2", access_token: access_token_public_only_read_only}
)
expect(response.status).to eq(200)
posts = response_body_data(response)
expect(posts.length).to eq(2)
end
it "only returns public posts without private scope" do
get(
"/api/v1/search/posts",
params: {tag: "tag2", access_token: access_token_public_only_read_only}
)
expect(response.status).to eq(200)
posts = response_body_data(response)
expect(posts.length).to eq(2)
get(
"/api/v1/search/posts",
params: {tag: "tag2", access_token: access_token}
)
expect(response.status).to eq(200)
posts = response_body_data(response)
expect(posts.length).to eq(3)
end
it "fails with missing parameters" do
get(
"/api/v1/search/posts",
params: {access_token: access_token}
)
expect(response.status).to eq(422)
expect(response.body).to eq(I18n.t("api.endpoint_errors.search.cant_process"))
end
it "fails with bad credentials" do
get(
"/api/v1/search/users",
params: {tag: "tag1", access_token: invalid_token}
)
expect(response.status).to eq(401)
end
end
def response_body_data(response)
JSON.parse(response.body)["data"]
end
end
Reference in a new issue View git blame Copy permalink