Fix moderator rights inconsistencies (#26729)

2023-09-06 16:40:19 +02:00 · 2023-09-06 16:40:19 +02:00 · b83e487502
commit b83e487502
parent 93d051e47d
6 changed files with 47 additions and 9 deletions
--- a/spec/controllers/admin/statuses_controller_spec.rb
+++ b/spec/controllers/admin/statuses_controller_spec.rb
@ -52,24 +52,36 @@ describe Admin::StatusesController do
  end

  describe 'POST #batch' do
-    before do
-      post :batch, params: { :account_id => account.id, action => '', :admin_status_batch_action => { status_ids: status_ids } }
-    end
+    subject { post :batch, params: { :account_id => account.id, action => '', :admin_status_batch_action => { status_ids: status_ids } } }

    let(:status_ids) { [media_attached_status.id] }

-    context 'when action is report' do
+    shared_examples 'when action is report' do
      let(:action) { 'report' }

      it 'creates a report' do
+        subject
+
        report = Report.last
        expect(report.target_account_id).to eq account.id
        expect(report.status_ids).to eq status_ids
      end

      it 'redirects to report page' do
+        subject
+
        expect(response).to redirect_to(admin_report_path(Report.last.id))
      end
    end
+
+    it_behaves_like 'when action is report'
+
+    context 'when the moderator is blocked by the author' do
+      before do
+        account.block!(user.account)
+      end
+
+      it_behaves_like 'when action is report'
+    end
  end
 end
--- a/spec/policies/admin/status_policy_spec.rb
+++ b/spec/policies/admin/status_policy_spec.rb
@ -7,7 +7,8 @@ describe Admin::StatusPolicy do
  let(:policy) { described_class }
  let(:admin)   { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account }
  let(:john)    { Fabricate(:account) }
-  let(:status) { Fabricate(:status) }
+  let(:status) { Fabricate(:status, visibility: status_visibility) }
+  let(:status_visibility) { :public }

  permissions :index?, :update?, :review?, :destroy? do
    context 'with an admin' do
@ -26,7 +27,7 @@ describe Admin::StatusPolicy do
  permissions :show? do
    context 'with an admin' do
      context 'with a public visible status' do
-        before { allow(status).to receive(:public_visibility?).and_return(true) }
+        let(:status_visibility) { :public }

        it 'permits' do
          expect(policy).to permit(admin, status)
@ -34,11 +35,21 @@ describe Admin::StatusPolicy do
      end

      context 'with a not public visible status' do
-        before { allow(status).to receive(:public_visibility?).and_return(false) }
+        let(:status_visibility) { :direct }

        it 'denies' do
          expect(policy).to_not permit(admin, status)
        end
+
+        context 'when the status mentions the admin' do
+          before do
+            status.mentions.create!(account: admin)
+          end
+
+          it 'permits' do
+            expect(policy).to permit(admin, status)
+          end
+        end
      end
    end