blocks_test.rb
5.72 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
require_relative 'test_helper'
class BlocksTest < ActiveSupport::TestCase
def setup
create_and_activate_user
login_api
@environment = Environment.default
@profile = fast_create(Profile)
end
attr_accessor :environment, :profile
should 'get an environment block' do
box = fast_create(Box, :owner_id => environment.id, :owner_type => Environment.name)
block = fast_create(Block, box_id: box.id)
get "/api/v1/blocks/#{block.id}?#{params.to_query}"
json = JSON.parse(last_response.body)
assert_equal block.id, json["block"]["id"]
end
should 'get a profile block' do
box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
block = fast_create(Block, box_id: box.id)
get "/api/v1/blocks/#{block.id}?#{params.to_query}"
json = JSON.parse(last_response.body)
assert_equal block.id, json["block"]["id"]
end
should 'get a profile block for a not logged in user' do
logout_api
box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
block = fast_create(Block, box_id: box.id)
get "/api/v1/blocks/#{block.id}?#{params.to_query}"
json = JSON.parse(last_response.body)
assert_equal block.id, json["block"]["id"]
end
should 'not get a profile block for a not logged in user' do
logout_api
profile = fast_create(Profile, public_profile: false)
box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
block = fast_create(Block, box_id: box.id)
get "/api/v1/blocks/#{block.id}?#{params.to_query}"
assert_equal 403, last_response.status
end
should 'not get a profile block for an user without permission' do
profile = fast_create(Profile, public_profile: false)
box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
block = fast_create(Block, box_id: box.id)
get "/api/v1/blocks/#{block.id}?#{params.to_query}"
assert_equal 403, last_response.status
end
should 'get an invisible profile block for an user with permission' do
profile = fast_create(Profile, public_profile: false)
profile.add_admin(person)
box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
block = fast_create(Block, box_id: box.id)
get "/api/v1/blocks/#{block.id}?#{params.to_query}"
json = JSON.parse(last_response.body)
assert_equal block.id, json["block"]["id"]
end
should 'get a block for an user with permission in a private profile' do
profile = fast_create(Profile, public_profile: false)
profile.add_admin(person)
box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
block = fast_create(Block, box_id: box.id)
get "/api/v1/blocks/#{block.id}?#{params.to_query}"
json = JSON.parse(last_response.body)
assert_equal block.id, json["block"]["id"]
end
should 'display api content by default' do
box = fast_create(Box, :owner_id => environment.id, :owner_type => Environment.name)
block = fast_create(Block, box_id: box.id)
get "/api/v1/blocks/#{block.id}?#{params.to_query}"
json = JSON.parse(last_response.body)
assert json["block"].key?('api_content')
end
should 'display api content of a specific block' do
class SomeBlock < Block
def api_content
{some_content: { name: 'test'} }
end
end
box = fast_create(Box, :owner_id => environment.id, :owner_type => Environment.name)
block = fast_create(SomeBlock, box_id: box.id)
get "/api/v1/blocks/#{block.id}?#{params.to_query}"
json = JSON.parse(last_response.body)
assert_equal "test", json["block"]["api_content"]["some_content"]["name"]
end
should 'display api content of raw html block' do
box = fast_create(Box, :owner_id => environment.id, :owner_type => Environment.name)
block = fast_create(RawHTMLBlock, box_id: box.id)
block.html = '<div>test</div>'
block.save!
get "/api/v1/blocks/#{block.id}?#{params.to_query}"
json = JSON.parse(last_response.body)
assert_equal "<div>test</div>", json["block"]["api_content"]["html"]
end
should 'not allow block edition when user has not the permission for profile' do
box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
block = fast_create(Block, box_id: box.id)
post "/api/v1/blocks/#{block.id}?#{params.to_query}"
assert_equal 403, last_response.status
end
should 'allow block edition when user has permission to edit profile design' do
box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
block = fast_create(Block, box_id: box.id)
give_permission(person, 'edit_profile_design', profile)
params[:block] = {title: 'block title'}
post "/api/v1/blocks/#{block.id}?#{params.to_query}"
json = JSON.parse(last_response.body)
assert_equal 201, last_response.status
assert_equal 'block title', json['block']['title']
end
should 'save custom block parameters' do
box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
block = fast_create(RawHTMLBlock, box_id: box.id)
Environment.default.add_admin(person)
params[:block] = {title: 'block title', html: "block content"}
post "/api/v1/blocks/#{block.id}?#{params.to_query}"
json = JSON.parse(last_response.body)
assert_equal 201, last_response.status
assert_equal 'block content', json['block']['api_content']['html']
end
should 'list block permissions when get a block' do
box = fast_create(Box, :owner_id => profile.id, :owner_type => Profile.name)
block = fast_create(Block, box_id: box.id)
give_permission(person, 'edit_profile_design', profile)
get "/api/v1/blocks/#{block.id}?#{params.to_query}"
json = JSON.parse(last_response.body)
assert_includes json["block"]["permissions"], 'allow_edit'
end
end