Add unlisted-public tag/circle/list tests

kmycode · Sep 14, 2023 · 258a29f · 258a29f
1 parent 1e62ee4
commit 258a29f
Show file tree

Hide file tree

Showing 7 changed files with 360 additions and 3 deletions.
diff --git a/app/models/public_feed.rb b/app/models/public_feed.rb
@@ -28,7 +28,8 @@ def get(limit, max_id = nil, since_id = nil, min_id = nil)
     scope.merge!(account_filters_scope) if account?
     scope.merge!(media_only_scope) if media_only?
     scope.merge!(language_scope) if account&.chosen_languages.present?
-    scope.merge!(anonymous_scope) unless account?
+    # scope.merge!(anonymous_scope) unless account?
+    scope = to_anonymous_scope(scope) unless account?
 
     scope.cache_ids.to_a_paginated_by_id(limit, max_id: max_id, since_id: since_id, min_id: min_id)
   end
@@ -105,6 +106,10 @@ def anonymous_scope
     local_only? ? Status.where(visibility: [:public, :public_unlisted]) : Status.where(visibility: :public)
   end
 
+  def to_anonymous_scope(scope)
+    scope.where.not(visibility: :login)
+  end
+
   def account_filters_scope
     Status.not_excluded_by_account(account).tap do |scope|
       scope.merge!(Status.not_domain_blocked_by_account(account)) unless local_only?

diff --git a/app/models/tag_feed.rb b/app/models/tag_feed.rb
@@ -32,7 +32,8 @@ def get(limit, max_id = nil, since_id = nil, min_id = nil)
     scope.merge!(remote_only_scope) if remote_only? || hide_local_users?
     scope.merge!(account_filters_scope) if account?
     scope.merge!(media_only_scope) if media_only?
-    scope.merge!(anonymous_scope) unless account?
+    # scope.merge!(anonymous_scope) unless account?
+    scope = to_anonymous_scope(scope) unless account?
 
     scope.cache_ids.to_a_paginated_by_id(limit, max_id: max_id, since_id: since_id, min_id: min_id)
   end

diff --git a/spec/controllers/api/v1/circles/accounts_controller_spec.rb b/spec/controllers/api/v1/circles/accounts_controller_spec.rb
@@ -0,0 +1,92 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe Api::V1::Circles::AccountsController do
+  render_views
+
+  let(:user)  { Fabricate(:user) }
+  let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: scopes) }
+  let(:circle)  { Fabricate(:circle, account: user.account) }
+  let(:follow) { Fabricate(:follow, target_account: user.account) }
+
+  before do
+    circle.accounts << follow.account
+    allow(controller).to receive(:doorkeeper_token) { token }
+  end
+
+  describe 'GET #index' do
+    let(:scopes) { 'read:lists' }
+
+    it 'returns http success' do
+      get :show, params: { circle_id: circle.id }
+
+      expect(response).to have_http_status(200)
+    end
+  end
+
+  describe 'POST #create' do
+    let(:scopes) { 'write:lists' }
+    let(:bob) { Fabricate(:account, username: 'bob') }
+
+    context 'when the added account is followed' do
+      before do
+        bob.follow!(user.account)
+        post :create, params: { circle_id: circle.id, account_ids: [bob.id] }
+      end
+
+      it 'returns http success' do
+        expect(response).to have_http_status(200)
+      end
+
+      it 'adds account to the circle' do
+        expect(circle.accounts.include?(bob)).to be true
+      end
+    end
+
+    context 'when the added account has been sent a follow request' do
+      before do
+        bob.follow_requests.create!(target_account: user.account)
+        post :create, params: { circle_id: circle.id, account_ids: [bob.id] }
+      end
+
+      it 'returns http success' do
+        expect(response).to have_http_status(404)
+      end
+
+      it 'adds account to the circle' do
+        expect(circle.accounts.include?(bob)).to be false
+      end
+    end
+
+    context 'when the added account is not followed' do
+      before do
+        post :create, params: { circle_id: circle.id, account_ids: [bob.id] }
+      end
+
+      it 'returns http not found' do
+        expect(response).to have_http_status(404)
+      end
+
+      it 'does not add the account to the circle' do
+        expect(circle.accounts.include?(bob)).to be false
+      end
+    end
+  end
+
+  describe 'DELETE #destroy' do
+    let(:scopes) { 'write:lists' }
+
+    before do
+      delete :destroy, params: { circle_id: circle.id, account_ids: [circle.accounts.first.id] }
+    end
+
+    it 'returns http success' do
+      expect(response).to have_http_status(200)
+    end
+
+    it 'removes account from the circle' do
+      expect(circle.accounts.count).to eq 0
+    end
+  end
+end
diff --git a/spec/controllers/api/v1/circles_controller_spec.rb b/spec/controllers/api/v1/circles_controller_spec.rb
@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe Api::V1::CirclesController do
+  render_views
+
+  let(:user) { Fabricate(:user) }
+  let(:circle) { Fabricate(:circle, account: user.account) }
+
+  before do
+    allow(controller).to receive(:doorkeeper_token) { token }
+  end
+
+  context 'with a user context' do
+    let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read:lists') }
+
+    describe 'GET #show' do
+      it 'returns http success' do
+        get :show, params: { id: circle.id }
+        expect(response).to have_http_status(200)
+      end
+    end
+  end
+
+  context 'with the wrong user context' do
+    let(:other_user) { Fabricate(:user) }
+    let(:token)      { Fabricate(:accessible_access_token, resource_owner_id: other_user.id, scopes: 'read') }
+
+    describe 'GET #show' do
+      it 'returns http not found' do
+        get :show, params: { id: circle.id }
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+
+  context 'without a user context' do
+    let(:token) { Fabricate(:accessible_access_token, resource_owner_id: nil, scopes: 'read') }
+
+    describe 'GET #show' do
+      it 'returns http unprocessable entity' do
+        get :show, params: { id: circle.id }
+
+        expect(response).to have_http_status(422)
+        expect(response.headers['Link']).to be_nil
+      end
+    end
+  end
+end
diff --git a/spec/controllers/api/v1/lists_controller_spec.rb b/spec/controllers/api/v1/lists_controller_spec.rb
@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+describe Api::V1::ListsController do
+  render_views
+
+  let(:user) { Fabricate(:user) }
+  let(:list) { Fabricate(:list, account: user.account) }
+
+  before do
+    allow(controller).to receive(:doorkeeper_token) { token }
+  end
+
+  context 'with a user context' do
+    let(:token) { Fabricate(:accessible_access_token, resource_owner_id: user.id, scopes: 'read:lists') }
+
+    describe 'GET #show' do
+      it 'returns http success' do
+        get :show, params: { id: list.id }
+        expect(response).to have_http_status(200)
+      end
+    end
+  end
+
+  context 'with the wrong user context' do
+    let(:other_user) { Fabricate(:user) }
+    let(:token)      { Fabricate(:accessible_access_token, resource_owner_id: other_user.id, scopes: 'read') }
+
+    describe 'GET #show' do
+      it 'returns http not found' do
+        get :show, params: { id: list.id }
+        expect(response).to have_http_status(404)
+      end
+    end
+  end
+
+  context 'without a user context' do
+    let(:token) { Fabricate(:accessible_access_token, resource_owner_id: nil, scopes: 'read') }
+
+    describe 'GET #show' do
+      it 'returns http unprocessable entity' do
+        get :show, params: { id: list.id }
+
+        expect(response).to have_http_status(422)
+        expect(response.headers['Link']).to be_nil
+      end
+    end
+  end
+end
diff --git a/spec/models/tag_feed_spec.rb b/spec/models/tag_feed_spec.rb
@@ -66,5 +66,47 @@
       results = described_class.new(tag_cats, nil).get(20)
       expect(results).to include(status)
     end
+
+    it 'public_unlisted post returns' do
+      status_tagged_with_cats.update(visibility: :public_unlisted)
+      results = described_class.new(tag_cats, nil).get(20)
+      expect(results).to include status_tagged_with_cats
+    end
+
+    it 'unlisted post not returns' do
+      status_tagged_with_cats.update(visibility: :unlisted)
+      results = described_class.new(tag_cats, nil).get(20)
+      expect(results).to_not include status_tagged_with_cats
+    end
+
+    it 'unlisted post not returns with account' do
+      status_tagged_with_cats.update(visibility: :unlisted)
+      results = described_class.new(tag_cats, account).get(20)
+      expect(results).to_not include status_tagged_with_cats
+    end
+
+    it 'unlisted/public_searchability post returns' do
+      status_tagged_with_cats.update(visibility: :unlisted, searchability: :public)
+      results = described_class.new(tag_cats, nil).get(20)
+      expect(results).to include status_tagged_with_cats
+    end
+
+    it 'unlisted/public_searchability post returns with account' do
+      status_tagged_with_cats.update(visibility: :unlisted, searchability: :public)
+      results = described_class.new(tag_cats, account).get(20)
+      expect(results).to include status_tagged_with_cats
+    end
+
+    it 'private post not returns' do
+      status_tagged_with_cats.update(visibility: :private, searchability: :public)
+      results = described_class.new(tag_cats, nil).get(20)
+      expect(results).to_not include status_tagged_with_cats
+    end
+
+    it 'private post not returns with account' do
+      status_tagged_with_cats.update(visibility: :private, searchability: :public)
+      results = described_class.new(tag_cats, account).get(20)
+      expect(results).to_not include status_tagged_with_cats
+    end
   end
 end