comment_controller_test.rb
25.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
require_relative "../test_helper"
require 'comment_controller'
class CommentControllerTest < ActionController::TestCase
  def setup
    @controller = CommentController.new
    @request    = ActionController::TestRequest.new
    @response   = ActionController::TestResponse.new
    @profile = create_user('testinguser').person
    @environment = @profile.environment
  end
  attr_reader :profile, :environment
  should "not be able to remove other people's comments if not moderator or admin" do
    create_user('normaluser')
    profile = create_user('testuser').person
    article = profile.articles.build(:name => 'test')
    article.save!
    commenter = create_user('otheruser').person
    comment = fast_create(Comment, :source_id => article, :title => 'a comment', :body => 'lalala')
    login_as 'normaluser' # normaluser cannot remove other people's comments
    assert_no_difference 'Comment.count' do
      post :destroy, :profile => profile.identifier, :id => comment.id
    end
  end
  should "not be able to remove other people's comments if not moderator or admin and return json if is an ajax request" do
    create_user('normaluser')
    profile = create_user('testuser').person
    article = profile.articles.build(:name => 'test')
    article.save!
    commenter = create_user('otheruser').person
    comment = fast_create(Comment, :source_id => article, :author_id => commenter, :title => 'a comment', :body => 'lalala')
    login_as 'normaluser' # normaluser cannot remove other people's comments
    assert_no_difference 'Comment.count' do
      xhr :post, :destroy, :profile => profile.identifier, :id => comment.id
      assert_response :success
    end
    assert_match /\{\"ok\":false\}/, @response.body
  end
  should 'be able to remove comments on their articles' do
    profile = create_user('testuser').person
    article = profile.articles.build(:name => 'test')
    article.save!
    commenter = create_user('otheruser').person
    comment = fast_create(Comment, :source_id => article, :author_id => commenter, :title => 'a comment', :body => 'lalala')
    login_as 'testuser' # testuser must be able to remove comments in his articles
    assert_difference 'Comment.count', -1 do
      xhr :post, :destroy, :profile => profile.identifier, :id => comment.id
      assert_response :success
    end
    assert_match /\{\"ok\":true\}/, @response.body
  end
  should 'be able to remove comments of their images' do
    profile = create_user('testuser').person
    image = UploadedFile.create!(:profile => profile, :uploaded_data => fixture_file_upload('/files/rails.png', 'image/png'))
    image.save!
    commenter = create_user('otheruser').person
    comment = fast_create(Comment, :source_id => image, :author_id => commenter, :title => 'a comment', :body => 'lalala')
    login_as 'testuser' # testuser must be able to remove comments in his articles
    assert_difference 'Comment.count', -1 do
      xhr :post, :destroy, :profile => profile.identifier, :id => comment.id
      assert_response :success
    end
  end
  should 'be able to remove comments if is moderator' do
    commenter = create_user('commenter_user').person
    community = Community.create!(:name => 'Community test', :identifier => 'community-test')
    article = community.articles.create!(:name => 'test', :profile => community)
    comment = fast_create(Comment, :source_id => article, :author_id => commenter, :title => 'a comment', :body => 'lalala')
    community.add_moderator(profile)
    login_as profile.identifier
    assert_difference 'Comment.count', -1 do
      xhr :post, :destroy, :profile => community.identifier, :id => comment.id
      assert_response :success
    end
    assert_match /\{\"ok\":true\}/, @response.body
  end
  should 'be able to remove comment' do
    profile = create_user('testuser').person
    article = profile.articles.build(:name => 'test')
    article.save!
    comment = fast_create(Comment, :source_id => article, :author_id => profile, :title => 'a comment', :body => 'lalala')
    login_as 'testuser'
    assert_difference 'Comment.count', -1 do
      xhr :post, :destroy, :profile => profile.identifier, :id => comment.id
      assert_response :success
    end
  end
  should 'display not found page if a user should try to make a cross comment' do
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    other_person = create_user('otheruser').person
    other_page = other_person.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    assert_no_difference 'Comment.count' do
      xhr :post, :create, :profile => profile.identifier, :id => other_page.id, :comment => { :title => 'crap!', :body => 'I think that this article is crap' }
    end
     assert_match /not found/, @response.body
  end
  should 'not be able to post comment if article do not accept it' do
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text', :accept_comments => false)
    assert_no_difference 'Comment.count' do
      xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'crap!', :body => 'I think that this article is crap' }
    end
     assert_match /Comment not allowed in this article/, @response.body
  end
  should "the author's comment be the logged user" do
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    login_as profile.identifier
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'crap!', :body => 'I think that this article is crap' }
    assert_equal profile, assigns(:comment).author
  end
  should "the articles's comment be the article passed as parameter" do
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    login_as profile.identifier
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'crap!', :body => 'I think that this article is crap' }
    assert_equal page, assigns(:comment).article
  end
  should 'show validation error when body comment is missing' do
    login_as @profile.identifier
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    xhr :post, :create, :profile => @profile.identifier, :id => page.id, :comment => { :title => '', :body => '' }, :confirm => 'true'
    response = ActiveSupport::JSON.decode @response.body
    assert_match /errorExplanation/, response["html"]
  end
  should 'not save a comment if a plugin rejects it' do
    class TestFilterPlugin < Noosfero::Plugin
      def filter_comment(c)
        c.reject!
      end
    end
    Noosfero::Plugin::Manager.any_instance.stubs(:enabled_plugins).returns([TestFilterPlugin.new])
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    assert_no_difference 'Comment.count' do
      xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'title', :body => 'body', :name => "Spammer", :email => 'damn@spammer.com' }, :confirm => 'true'
    end
  end
  should 'display a message if a plugin reject the comment' do
    class TestFilterPlugin < Noosfero::Plugin
      def filter_comment(c)
        c.reject!
      end
    end
    Noosfero::Plugin::Manager.any_instance.stubs(:enabled_plugins).returns([TestFilterPlugin.new])
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    assert_no_difference 'Comment.count' do
      xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'title', :body => 'body', :name => "Spammer", :email => 'damn@spammer.com' }, :confirm => 'true'
    end
    assert_match /rejected/, @response.body
  end
  should 'store IP address, user agent and referrer for comments' do
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    @request.stubs(:remote_ip).returns('33.44.55.66')
    @request.stubs(:referrer).returns('http://example.com')
    @request.stubs(:user_agent).returns('MyBrowser')
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'title', :body => 'body', :name => "Spammer", :email => 'damn@spammer.com' }, :confirm => 'true'
    comment = Comment.last
    assert_equal '33.44.55.66', comment.ip_address
    assert_equal 'MyBrowser', comment.user_agent
    assert_equal 'http://example.com', comment.referrer
  end
  should 'invalid comment display the comment form open' do
    article = profile.articles.build(:name => 'test')
    article.save!
    login_as('testinguser')
    assert_no_difference 'Comment.count' do
      xhr :post, :create, :profile => profile.identifier, :id =>article.id, :comment => {:body => ""}, :confirm => 'true'
    end
    assert_match /post_comment_box opened/, @response.body
  end
  should 'invalid captcha display the comment form open' do
    article = profile.articles.build(:name => 'test')
    article.save!
    login_as('testinguser')
    @controller.stubs(:verify_recaptcha).returns(false)
    environment.enable('captcha_for_logged_users')
    environment.save!
    xhr :post, :create, :profile => profile.identifier, :id =>article.id, :comment => {:body => "Some comment..."}, :confirm => 'true'
    assert_match /post_comment_box opened/, @response.body
  end
  should 'ask for captcha if environment defines even with logged user' do
    article = profile.articles.build(:name => 'test')
    article.save!
    login_as('testinguser')
    @controller.stubs(:verify_recaptcha).returns(false)
    assert_difference 'Comment.count', 1 do
      xhr :post, :create, :profile => profile.identifier, :id => article.id, :comment => {:body => "Some comment..."}, :confirm => 'true'
    end
    environment.enable('captcha_for_logged_users')
    environment.save!
    assert_no_difference 'Comment.count' do
      xhr :post, :create, :profile => profile.identifier, :id =>article.id, :comment => {:body => "Some comment..."}, :confirm => 'true'
    end
    assert_not_nil assigns(:comment)
  end
  should 'ask for captcha if user not logged' do
    article = profile.articles.build(:name => 'test')
    article.save!
    @controller.stubs(:verify_recaptcha).returns(false)
    logout
    assert_no_difference 'Comment.count' do
      xhr :post, :create, :profile => profile.identifier, :id => article.id, :comment => {:body => "Some comment..."}, :confirm => 'true'
    end
    @controller.stubs(:verify_recaptcha).returns(true)
    login_as profile.identifier
    assert_difference 'Comment.count', 1 do
      xhr :post, :create, :profile => profile.identifier, :id => article.id, :comment => {:body => "Some comment..."}, :confirm => 'true'
    end
  end
  should 'create ApproveComment task when adding a comment in a moderated article' do
    login_as @profile.identifier
    community = Community.create!(:name => 'testcomm')
    page = community.articles.create!(:name => 'myarticle', :moderate_comments => true)
    commenter = create_user('otheruser').person
    login_as(commenter.identifier)
    assert_difference 'ApproveComment.count', 1 do
      xhr :post, :create, :profile => community.identifier, :id => page.id, :comment => {:body => 'Some comment...'}, :confirm => 'true'
    end
  end
  should 'not create ApproveComment task when the comment author is the same of article author' do
    login_as @profile.identifier
    community = Community.create!(:name => 'testcomm')
    page = create(Article, :profile => community, :name => 'myarticle', :moderate_comments => true, :author => @profile)
    community.add_moderator(@profile)
    assert_no_difference 'ApproveComment.count' do
      xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...'}, :confirm => 'true'
    end
  end
  should 'create ApproveComment task with the comment author as requestor' do
    community = Community.create!(:name => 'testcomm')
    page = community.articles.create!(:name => 'myarticle', :moderate_comments => true)
    commenter = create_user('otheruser').person
    login_as(commenter.identifier)
    assert_difference 'ApproveComment.count', 1 do
      xhr :post, :create, :profile => community.identifier, :id => page.id, :comment => {:body => 'Some comment...'}, :confirm => 'true'
    end
    task = Task.last
    assert_equal commenter, task.requestor
  end
  should "create ApproveComment task with the articles's owner profile as the target" do
    login_as @profile.identifier
    community = Community.create!(:name => 'testcomm')
    page = community.articles.create!(:name => 'myarticle', :moderate_comments => true)
    commenter = create_user('otheruser').person
    login_as(commenter.identifier)
    assert_difference 'ApproveComment.count', 1 do
      xhr :post, :create, :profile => community.identifier, :id => page.id, :comment => {:body => 'Some comment...'}, :confirm => 'true'
    end
    task = Task.last
    assert_equal community, task.target
  end
  should "create ApproveComment task with the comment created_at attribute defined to now" do
    login_as @profile.identifier
    community = Community.create!(:name => 'testcomm')
    page = community.articles.create!(:name => 'myarticle', :moderate_comments => true)
    now = Time.now
    Time.stubs(:now).returns(now)
    xhr :post, :create, :profile => community.identifier, :id => page.id, :comment => {:body => 'Some comment...'}, :confirm => 'true'
    task = Task.last
    assert_equal now.utc.to_s, task.comment.created_at.utc.to_s
  end
  should "render_target be nil in article with moderation" do
    page = profile.articles.create!(:name => 'myarticle', :moderate_comments => true)
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...', :name => 'some name', :email => 'some@test.com.br'}, :confirm => 'true'
    assert_nil ActiveSupport::JSON.decode(@response.body)['render_target']
  end
  should "display message 'waitting for approval' of comments in article with moderation" do
    page = profile.articles.create!(:name => 'myarticle', :moderate_comments => true)
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...', :name => 'some name', :email => 'some@test.com.br'}, :confirm => 'true'
    assert_match /waiting for approval/, @response.body
  end
  should "render_target be the comment anchor if everithing is fine" do
    login_as profile.identifier
    page = profile.articles.create!(:name => 'myarticle')
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...'}, :confirm => 'true'
    assert_match /#{Comment.last.id}/, ActiveSupport::JSON.decode(@response.body)['render_target']
  end
  should "display message 'successfully created' if the comment was saved with success" do
    login_as profile.identifier
    page = profile.articles.create!(:name => 'myarticle')
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...'}, :confirm => 'true'
    assert_match /successfully created/, @response.body
  end
  should "render partial comment if everithing is fine" do
    login_as profile.identifier
    page = profile.articles.create!(:name => 'myarticle')
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...'}, :confirm => 'true'
    assert_match /id="#{Comment.last.anchor}" class="article-comment"/, ActiveSupport::JSON.decode(@response.body)['html']
  end
  should "render the root comment when a reply is made" do
    login_as profile.identifier
    page = profile.articles.create!(:name => 'myarticle')
    comment = fast_create(Comment, :body => 'some content', :source_id => page.id, :source_type => 'Article')
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:body => 'Some comment...', :reply_of_id => comment.id}, :confirm => 'true'
    assert_match /id="#{comment.anchor}" class="article-comment"/, ActiveSupport::JSON.decode(@response.body)['html']
  end
  should 'filter html content from body' do
    login_as @profile.identifier
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => 'html comment', :body => "this is a <strong id='html_test_comment'>html comment</strong>"}
    assert Comment.last.body.match(/this is a html comment/)
    assert_no_tag :tag => 'strong', :attributes => { :id => 'html_test_comment' }
  end
  should 'filter html content from title' do
    login_as @profile.identifier
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => { :title => "html <strong id='html_test_comment'>comment</strong>", :body => "this is a comment"}
    assert Comment.last.title.match(/html comment/)
    assert_no_tag :tag => 'strong', :attributes => { :id => 'html_test_comment' }
  end
  should 'touch article after adding a comment' do
    yesterday = Time.now.yesterday
    Article.record_timestamps = false
    page = create(Article, :profile => profile, :name => 'myarticle', :body => 'the body of the text', :created_at => yesterday, :updated_at => yesterday)
    Article.record_timestamps = true
    login_as @profile.identifier
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:title => 'crap!', :body => 'I think that this article is crap' }, :confirm => 'true'
    assert_not_equal yesterday, page.reload.updated_at
  end
  should 'follow article when commenting' do
    page = create(Article, :profile => profile, :name => 'myarticle', :body => 'the body of the text')
    login_as @profile.identifier
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:title => 'crap!', :body => 'I think that this article is crap', :follow_article => true}, :confirm => 'true'
    assert_includes page.person_followers, @profile
  end
  should 'not follow article when commenting' do
    page = create(Article, :profile => profile, :name => 'myarticle', :body => 'the body of the text')
    login_as @profile.identifier
    xhr :post, :create, :profile => profile.identifier, :id => page.id, :comment => {:title => 'crap!', :body => 'I think that this article is crap', :follow_article => false }, :confirm => 'true'
    assert_not_includes page.person_followers, @profile
  end
  should 'be able to mark comments as spam' do
    login_as profile.identifier
    article = fast_create(Article, :profile_id => profile.id)
    spam = fast_create(Comment, :name => 'foo', :email => 'foo@example.com', :source_id => article.id, :source_type => 'Article')
    xhr :post, :mark_as_spam, :profile => profile.identifier, :id => spam.id
    spam.reload
    assert spam.spam?
  end
  should "not be able to mark as spam other people's comments if not moderator or admin" do
    create_user('normaluser')
    profile = create_user('testuser').person
    article = profile.articles.build(:name => 'test')
    article.save!
    commenter = create_user('otheruser').person
    comment = fast_create(Comment, :source_id => article, :title => 'a comment', :body => 'lalala')
    login_as 'normaluser' # normaluser cannot remove other people's comments
    xhr :post, :mark_as_spam, :profile => profile.identifier, :id => comment.id
    comment.reload
    refute comment.spam?
  end
  should "not be able to mark as spam other people's comments if not moderator or admin and return json if is an ajax request" do
    create_user('normaluser')
    profile = create_user('testuser').person
    article = profile.articles.build(:name => 'test')
    article.save!
    commenter = create_user('otheruser').person
    comment = fast_create(Comment, :source_id => article, :author_id => commenter, :title => 'a comment', :body => 'lalala')
    login_as 'normaluser' # normaluser cannot remove other people's comments
    xhr :post, :mark_as_spam, :profile => profile.identifier, :id => comment.id
    assert_response :success
    comment.reload
    refute comment.spam?
    assert_match /\{\"ok\":false\}/, @response.body
  end
  should 'be able to mark as spam  comments on their articles' do
    profile = create_user('testuser').person
    article = profile.articles.build(:name => 'test')
    article.save!
    commenter = create_user('otheruser').person
    comment = fast_create(Comment, :source_id => article, :author_id => commenter, :title => 'a comment', :body => 'lalala')
    login_as 'testuser' # testuser must be able to remove comments in his articles
    xhr :post, :mark_as_spam, :profile => profile.identifier, :id => comment.id
    assert_response :success
    comment.reload
    assert comment.spam?
    assert_match /\{\"ok\":true\}/, @response.body
  end
  should 'be able to mark comments as spam if is moderator' do
    commenter = create_user('commenter_user').person
    community = Community.create!(:name => 'Community test', :identifier => 'community-test')
    article = community.articles.create!(:name => 'test', :profile => community)
    comment = fast_create(Comment, :source_id => article, :author_id => commenter, :title => 'a comment', :body => 'lalala')
    community.add_moderator(profile)
    login_as profile.identifier
    xhr :post, :mark_as_spam, :profile => community.identifier, :id => comment.id
    assert_response :success
    comment.reload
    assert comment.spam?
    assert_match /\{\"ok\":true\}/, @response.body
  end
  should 'edit comment from a page' do
    login_as profile.identifier
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article', :author_id => profile.id)
    get :edit, :id => comment.id, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
    assert_tag :tag => 'textarea', :attributes => {:id => 'comment_body'}, :content => /Original comment/
  end
   should 'not crash on edit comment if comment does not exist' do
    login_as profile.identifier
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    get :edit, :id => 1000, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
    assert_response 404
  end
  should 'not be able to edit comment not logged' do
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article')
    get :edit, :id => comment.id, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
    assert_response 404
  end
  should 'not be able to edit comment if does not have the permission to' do
    user = create_user('any_guy').person
    login_as user.identifier
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article')
    get :edit, :id => comment.id, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
    assert_response 404
  end
  should 'be able to update a comment' do
    login_as profile.identifier
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text', :accept_comments => false)
    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article', :author_id => profile)
    xhr :post, :update, :id => comment.id, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
    assert ActiveSupport::JSON.decode(@response.body)["ok"], "attribute ok expected to be true"
    assert_equal 'Comment edited', Comment.find(comment.id).body
  end
  should 'not crash on update comment if comment does not exist' do
    login_as profile.identifier
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    xhr :post, :update, :id => 1000, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
    assert_response 404
  end
  should 'not be able to update comment not logged' do
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article')
    xhr :post, :update, :id => comment.id, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
    assert_response 404
  end
  should 'not be able to update comment if does not have the permission to' do
    user = create_user('any_guy').person
    login_as user.identifier
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article')
    xhr :post, :update, :id => comment.id, :profile => profile.identifier, :comment => { :body => 'Comment edited' }
    assert_response 404
  end
  should 'returns ids of menu items that has to be displayed' do
    class TestActionPlugin < Noosfero::Plugin
      def check_comment_actions(c)
        ['action1', 'action2']
      end
    end
    Noosfero::Plugin::Manager.any_instance.stubs(:enabled_plugins).returns([TestActionPlugin.new])
    login_as profile.identifier
    page = profile.articles.create!(:name => 'myarticle', :body => 'the body of the text')
    comment = fast_create(Comment, :body => 'Original comment', :source_id => page.id, :source_type => 'Article')
    xhr :post, :check_actions, :profile => profile.identifier, :id => comment.id
    assert_match /\{\"ids\":\[\"action1\",\"action2\"\]\}/, @response.body
  end
end