2019-07-31 22:56:46 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2015-10-24 18:46:33 +05:30
|
|
|
require 'spec_helper'
|
|
|
|
|
2023-03-17 16:20:25 +05:30
|
|
|
RSpec.describe AbuseReportsController, feature_category: :insider_threat do
|
2016-01-14 18:37:52 +05:30
|
|
|
let(:reporter) { create(:user) }
|
|
|
|
let(:user) { create(:user) }
|
2023-04-23 21:23:45 +05:30
|
|
|
let(:abuse_category) { 'spam' }
|
|
|
|
|
2016-01-14 18:37:52 +05:30
|
|
|
let(:attrs) do
|
|
|
|
attributes_for(:abuse_report) do |hash|
|
|
|
|
hash[:user_id] = user.id
|
2023-04-23 21:23:45 +05:30
|
|
|
hash[:category] = abuse_category
|
2023-06-20 00:43:36 +05:30
|
|
|
hash[:screenshot] = fixture_file_upload('spec/fixtures/dk.png')
|
2016-01-14 18:37:52 +05:30
|
|
|
end
|
|
|
|
end
|
2015-10-24 18:46:33 +05:30
|
|
|
|
|
|
|
before do
|
|
|
|
sign_in(reporter)
|
|
|
|
end
|
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
describe 'GET new' do
|
2023-03-17 16:20:25 +05:30
|
|
|
let(:ref_url) { 'http://example.com' }
|
|
|
|
|
|
|
|
it 'sets the instance variables' do
|
|
|
|
get new_abuse_report_path(user_id: user.id, ref_url: ref_url)
|
|
|
|
|
|
|
|
expect(assigns(:abuse_report)).to be_kind_of(AbuseReport)
|
|
|
|
expect(assigns(:abuse_report)).to have_attributes(
|
|
|
|
user_id: user.id,
|
|
|
|
reported_from_url: ref_url
|
|
|
|
)
|
|
|
|
end
|
|
|
|
|
2017-09-10 17:25:29 +05:30
|
|
|
context 'when the user has already been deleted' do
|
|
|
|
it 'redirects the reporter to root_path' do
|
2023-06-20 00:43:36 +05:30
|
|
|
user_id = user.id
|
2022-01-26 12:08:38 +05:30
|
|
|
user.destroy!
|
2017-09-10 17:25:29 +05:30
|
|
|
|
2023-06-20 00:43:36 +05:30
|
|
|
get new_abuse_report_path(user_id: user_id)
|
2017-09-10 17:25:29 +05:30
|
|
|
|
|
|
|
expect(response).to redirect_to root_path
|
2020-01-01 13:55:28 +05:30
|
|
|
expect(flash[:alert]).to eq(_('Cannot create the abuse report. The user has been deleted.'))
|
2017-09-10 17:25:29 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the user has already been blocked' do
|
|
|
|
it 'redirects the reporter to the user\'s profile' do
|
|
|
|
user.block
|
|
|
|
|
2023-06-20 00:43:36 +05:30
|
|
|
get new_abuse_report_path(user_id: user.id)
|
2017-09-10 17:25:29 +05:30
|
|
|
|
|
|
|
expect(response).to redirect_to user
|
2020-01-01 13:55:28 +05:30
|
|
|
expect(flash[:alert]).to eq(_('Cannot create the abuse report. This user has been blocked.'))
|
2017-09-10 17:25:29 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2023-03-17 16:20:25 +05:30
|
|
|
describe 'POST add_category', :aggregate_failures do
|
|
|
|
subject(:request) { post add_category_abuse_reports_path, params: request_params }
|
|
|
|
|
|
|
|
context 'when user is reported for abuse' do
|
|
|
|
let(:ref_url) { 'http://example.com' }
|
|
|
|
let(:request_params) do
|
|
|
|
{ user_id: user.id, abuse_report: { category: abuse_category, reported_from_url: ref_url } }
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders new template' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to have_gitlab_http_status(:ok)
|
|
|
|
expect(response).to render_template(:new)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'sets the instance variables' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(assigns(:abuse_report)).to be_kind_of(AbuseReport)
|
|
|
|
expect(assigns(:abuse_report)).to have_attributes(
|
|
|
|
user_id: user.id,
|
|
|
|
category: abuse_category,
|
|
|
|
reported_from_url: ref_url
|
|
|
|
)
|
|
|
|
end
|
2023-04-23 21:23:45 +05:30
|
|
|
|
|
|
|
it 'tracks the snowplow event' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect_snowplow_event(
|
|
|
|
category: 'ReportAbuse',
|
|
|
|
action: 'select_abuse_category',
|
|
|
|
property: abuse_category,
|
|
|
|
user: user
|
|
|
|
)
|
|
|
|
end
|
2023-03-17 16:20:25 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
context 'when abuse_report is missing in params' do
|
|
|
|
let(:request_params) { { user_id: user.id } }
|
|
|
|
|
|
|
|
it 'raises an error' do
|
|
|
|
expect { subject }.to raise_error(ActionController::ParameterMissing)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when user_id is missing in params' do
|
|
|
|
let(:request_params) { { abuse_report: { category: abuse_category } } }
|
|
|
|
|
|
|
|
it 'redirects the reporter to root_path' do
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to redirect_to root_path
|
|
|
|
expect(flash[:alert]).to eq(_('Cannot create the abuse report. The user has been deleted.'))
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the user has already been deleted' do
|
|
|
|
let(:request_params) { { user_id: user.id, abuse_report: { category: abuse_category } } }
|
|
|
|
|
|
|
|
it 'redirects the reporter to root_path' do
|
|
|
|
user.destroy!
|
|
|
|
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to redirect_to root_path
|
|
|
|
expect(flash[:alert]).to eq(_('Cannot create the abuse report. The user has been deleted.'))
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when the user has already been blocked' do
|
|
|
|
let(:request_params) { { user_id: user.id, abuse_report: { category: abuse_category } } }
|
|
|
|
|
|
|
|
it 'redirects the reporter to the user\'s profile' do
|
|
|
|
user.block
|
|
|
|
|
|
|
|
subject
|
|
|
|
|
|
|
|
expect(response).to redirect_to user
|
|
|
|
expect(flash[:alert]).to eq(_('Cannot create the abuse report. This user has been blocked.'))
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-01-14 18:37:52 +05:30
|
|
|
describe 'POST create' do
|
|
|
|
context 'with valid attributes' do
|
|
|
|
it 'saves the abuse report' do
|
|
|
|
expect do
|
2022-04-04 11:22:00 +05:30
|
|
|
post abuse_reports_path(abuse_report: attrs)
|
2016-01-14 18:37:52 +05:30
|
|
|
end.to change { AbuseReport.count }.by(1)
|
2015-10-24 18:46:33 +05:30
|
|
|
end
|
|
|
|
|
2016-01-14 18:37:52 +05:30
|
|
|
it 'calls notify' do
|
2019-12-26 22:10:19 +05:30
|
|
|
expect_next_instance_of(AbuseReport) do |instance|
|
|
|
|
expect(instance).to receive(:notify)
|
|
|
|
end
|
2015-12-23 02:04:40 +05:30
|
|
|
|
2022-04-04 11:22:00 +05:30
|
|
|
post abuse_reports_path(abuse_report: attrs)
|
2015-12-23 02:04:40 +05:30
|
|
|
end
|
|
|
|
|
2021-09-30 23:02:18 +05:30
|
|
|
it 'redirects back to root' do
|
2022-04-04 11:22:00 +05:30
|
|
|
post abuse_reports_path(abuse_report: attrs)
|
2015-10-24 18:46:33 +05:30
|
|
|
|
2021-09-04 01:27:46 +05:30
|
|
|
expect(response).to redirect_to root_path
|
2015-10-24 18:46:33 +05:30
|
|
|
end
|
2023-04-23 21:23:45 +05:30
|
|
|
|
|
|
|
it 'tracks the snowplow event' do
|
|
|
|
post abuse_reports_path(abuse_report: attrs)
|
|
|
|
|
|
|
|
expect_snowplow_event(
|
|
|
|
category: 'ReportAbuse',
|
|
|
|
action: 'submit_form',
|
|
|
|
property: abuse_category,
|
|
|
|
user: user
|
|
|
|
)
|
|
|
|
end
|
2016-01-14 18:37:52 +05:30
|
|
|
end
|
2015-10-24 18:46:33 +05:30
|
|
|
|
2016-01-14 18:37:52 +05:30
|
|
|
context 'with invalid attributes' do
|
2023-04-23 21:23:45 +05:30
|
|
|
before do
|
2016-01-14 18:37:52 +05:30
|
|
|
attrs.delete(:user_id)
|
2023-04-23 21:23:45 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
it 'redirects back to root' do
|
2022-04-04 11:22:00 +05:30
|
|
|
post abuse_reports_path(abuse_report: attrs)
|
2015-10-24 18:46:33 +05:30
|
|
|
|
2022-04-04 11:22:00 +05:30
|
|
|
expect(response).to redirect_to root_path
|
2015-10-24 18:46:33 +05:30
|
|
|
end
|
2023-04-23 21:23:45 +05:30
|
|
|
|
|
|
|
it 'does not track the snowplow event' do
|
|
|
|
post abuse_reports_path(abuse_report: attrs)
|
|
|
|
|
|
|
|
expect_no_snowplow_event
|
|
|
|
end
|
2015-10-24 18:46:33 +05:30
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|