gitea/nas
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 17

Merge remote-tracking branch 'parent/main' into upstream-20250210

Browse source
This commit is contained in:
KMY 2025-02-17 08:57:56 +09:00
commit 935bea989d
69 changed files with 1646 additions and 1363 deletions
Download patch file Download diff file Expand all files Collapse all files

18
spec/requests/admin/instances_spec.rb Normal file
View file

@ -0,0 +1,18 @@
# frozen_string_literal: true
require 'rails_helper'
RSpec.describe 'Admin Instances' do
describe 'GET /admin/instances/:id' do
context 'with an unknown domain' do
before { sign_in Fabricate(:admin_user) }
it 'returns http success' do
get admin_instance_path(id: 'unknown.example')
expect(response)
.to have_http_status(200)
end
end
end
end

20
spec/requests/settings/featured_tags_spec.rb
View file

@ -2,15 +2,23 @@
require 'rails_helper'
RSpec.describe 'Settings Aliases' do
RSpec.describe 'Settings Featured Tags' do
describe 'POST /settings/featured_tags' do
before { sign_in Fabricate(:user) }
context 'when signed in' do
before { sign_in Fabricate(:user) }
it 'gracefully handles invalid nested params' do
post settings_featured_tags_path(featured_tag: 'invalid')
it 'gracefully handles invalid nested params' do
post settings_featured_tags_path(featured_tag: 'invalid')
expect(response)
.to have_http_status(400)
expect(response)
.to have_http_status(400)
end
end
context 'when not signed in' do
subject { post settings_featured_tags_path }
it { is_expected.to redirect_to new_user_session_path }
end
end
end

16
spec/requests/settings/two_factor_authentication/recovery_codes_spec.rb Normal file
View file

@ -0,0 +1,16 @@
# frozen_string_literal: true
require 'rails_helper'
RSpec.describe 'Settings TwoFactorAuthentication RecoveryCodes' do
describe 'POST /settings/two_factor_authentication/recovery_codes' do
context 'when signed out' do
it 'redirects to sign in page' do
post settings_two_factor_authentication_recovery_codes_path
expect(response)
.to redirect_to(new_user_session_path)
end
end
end
end

35
spec/requests/settings/two_factor_authentication_methods_spec.rb Normal file
View file

@ -0,0 +1,35 @@
# frozen_string_literal: true
require 'rails_helper'
RSpec.describe 'Settings TwoFactorAuthenticationMethods' do
context 'when not signed in' do
describe 'GET to /settings/two_factor_authentication_methods' do
it 'redirects to sign in page' do
get settings_two_factor_authentication_methods_path
expect(response)
.to redirect_to(new_user_session_path)
end
end
end
context 'when signed in' do
let(:user) { Fabricate(:user) }
before { sign_in user }
describe 'GET to /settings/two_factor_authentication_methods' do
describe 'when user has not enabled otp' do
before { user.update(otp_required_for_login: false) }
it 'redirects to enable otp' do
get settings_two_factor_authentication_methods_path
expect(response)
.to redirect_to(settings_otp_authentication_path)
end
end
end
end
end

246
spec/requests/statuses_spec.rb
View file

@ -45,6 +45,72 @@ RSpec.describe 'Statuses' do
.to redirect_to(original_status.url)
end
end
context 'when status visibility is public' do
subject { get short_account_status_path(account_username: account.username, id: status.id, format: format) }
let(:status) { Fabricate(:status, account: account, visibility: :public) }
context 'with HTML' do
let(:format) { 'html' }
it 'renders status successfully', :aggregate_failures do
subject
expect(response)
.to have_http_status(200)
.and render_template(:show)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('public'),
'Link' => include('activity+json')
)
expect(response.body)
.to include(status.text)
end
end
context 'with JSON' do
let(:format) { 'json' }
it 'renders ActivityPub Note object successfully', :aggregate_failures do
subject
expect(response)
.to have_http_status(200)
.and have_cacheable_headers.with_vary('Accept, Accept-Language, Cookie')
expect(response.headers).to include(
'Content-Type' => include('application/activity+json'),
'Link' => include('activity+json')
)
expect(response.parsed_body)
.to include(content: include(status.text))
end
end
end
context 'when status visibility is private' do
let(:status) { Fabricate(:status, account: account, visibility: :private) }
it 'returns http not found' do
get short_account_status_path(account_username: account.username, id: status.id)
expect(response)
.to have_http_status(404)
end
end
context 'when status visibility is direct' do
let(:status) { Fabricate(:status, account: account, visibility: :direct) }
it 'returns http not found' do
get short_account_status_path(account_username: account.username, id: status.id)
expect(response)
.to have_http_status(404)
end
end
end
context 'when signed in' do
@ -63,5 +129,185 @@ RSpec.describe 'Statuses' do
end
end
end
context 'with "HTTP Signature" access signed by a remote account' do
subject do
get short_account_status_path(account_username: status.account.username, id: status.id, format: format),
headers: nil,
sign_with: remote_account
end
let(:format) { 'html' }
let(:remote_account) { Fabricate(:account, domain: 'host.example') }
context 'when account blocks the remote account' do
before { account.block!(remote_account) }
it 'returns http not found' do
subject
expect(response)
.to have_http_status(404)
end
end
context 'when account domain blocks the domain of the remote account' do
before { account.block_domain!(remote_account.domain) }
it 'returns http not found' do
subject
expect(response)
.to have_http_status(404)
end
end
context 'when status has public visibility' do
context 'with HTML' do
let(:format) { 'html' }
it 'renders status successfully', :aggregate_failures do
subject
expect(response)
.to have_http_status(200)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Link' => include('activity+json')
)
expect(response.body)
.to include(status.text)
end
end
context 'with JSON' do
let(:format) { 'json' }
it 'renders ActivityPub Note object successfully', :aggregate_failures do
subject
expect(response)
.to have_http_status(200)
.and have_cacheable_headers.with_vary('Accept, Accept-Language, Cookie')
expect(response.headers).to include(
'Content-Type' => include('application/activity+json'),
'Link' => include('activity+json')
)
expect(response.parsed_body)
.to include(content: include(status.text))
end
end
end
context 'when status has private visibility' do
let(:status) { Fabricate(:status, account: account, visibility: :private) }
context 'when user is authorized to see it' do
before { remote_account.follow!(account) }
context 'with HTML' do
let(:format) { 'html' }
it 'renders status successfully', :aggregate_failures do
subject
expect(response)
.to have_http_status(200)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Link' => include('activity+json')
)
expect(response.body)
.to include(status.text)
end
end
context 'with JSON' do
let(:format) { 'json' }
it 'renders ActivityPub Note object successfully' do
subject
expect(response)
.to have_http_status(200)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Content-Type' => include('application/activity+json'),
'Link' => include('activity+json')
)
expect(response.parsed_body)
.to include(content: include(status.text))
end
end
end
context 'when user is not authorized to see it' do
it 'returns http not found' do
subject
expect(response)
.to have_http_status(404)
end
end
end
context 'when status is direct' do
let(:status) { Fabricate(:status, account: account, visibility: :direct) }
context 'when user is authorized to see it' do
before { Fabricate(:mention, account: remote_account, status: status) }
context 'with HTML' do
let(:format) { 'html' }
it 'renders status successfully', :aggregate_failures do
subject
expect(response)
.to have_http_status(200)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Link' => include('activity+json')
)
expect(response.body)
.to include(status.text)
end
end
context 'with JSON' do
let(:format) { 'json' }
it 'renders ActivityPub Note object', :aggregate_failures do
subject
expect(response)
.to have_http_status(200)
expect(response.headers).to include(
'Vary' => 'Accept, Accept-Language, Cookie',
'Cache-Control' => include('private'),
'Content-Type' => include('application/activity+json'),
'Link' => include('activity+json')
)
expect(response.parsed_body)
.to include(content: include(status.text))
end
end
end
context 'when user is not authorized to see it' do
it 'returns http not found' do
subject
expect(response)
.to have_http_status(404)
end
end
end
end
end
end