mirror of
https://framagit.org/framasoft/mobilizon.git
synced 2024-12-23 08:22:50 +00:00
4144e9ffd0
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
344 lines
8.9 KiB
Elixir
344 lines
8.9 KiB
Elixir
defmodule Mobilizon.Web.Resolvers.GroupTest do
|
|
use Mobilizon.Web.ConnCase
|
|
|
|
import Mobilizon.Factory
|
|
|
|
alias Mobilizon.GraphQL.AbsintheHelpers
|
|
|
|
@non_existent_username "nonexistent"
|
|
@new_group_params %{groupname: "new group"}
|
|
|
|
setup %{conn: conn} do
|
|
user = insert(:user)
|
|
actor = insert(:actor, user: user)
|
|
|
|
{:ok, conn: conn, actor: actor, user: user}
|
|
end
|
|
|
|
describe "create a group" do
|
|
test "create_group/3 should check the user owns the identity", %{conn: conn, user: user} do
|
|
another_actor = insert(:actor)
|
|
|
|
mutation = """
|
|
mutation {
|
|
createGroup(
|
|
preferred_username: "#{@new_group_params.groupname}",
|
|
creator_actor_id: #{another_actor.id}
|
|
) {
|
|
preferred_username,
|
|
type
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"Creator actor id is not owned by the current user"
|
|
end
|
|
|
|
test "create_group/3 creates a group and check a group with this name does not already exist",
|
|
%{conn: conn, user: user, actor: actor} do
|
|
mutation = """
|
|
mutation {
|
|
createGroup(
|
|
preferred_username: "#{@new_group_params.groupname}",
|
|
creator_actor_id: #{actor.id}
|
|
) {
|
|
preferred_username,
|
|
type
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["data"]["createGroup"]["preferred_username"] ==
|
|
@new_group_params.groupname
|
|
|
|
assert json_response(res, 200)["data"]["createGroup"]["type"] == "GROUP"
|
|
|
|
mutation = """
|
|
mutation {
|
|
createGroup(
|
|
preferred_username: "#{@new_group_params.groupname}",
|
|
creator_actor_id: #{actor.id},
|
|
) {
|
|
preferred_username,
|
|
type
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] ==
|
|
"A group with this name already exists"
|
|
end
|
|
end
|
|
|
|
describe "list groups" do
|
|
test "list_groups/3 returns all public or unlisted groups", %{conn: conn} do
|
|
group = insert(:group, visibility: :unlisted)
|
|
insert(:group, visibility: :private)
|
|
|
|
query = """
|
|
{
|
|
groups {
|
|
elements {
|
|
preferredUsername,
|
|
},
|
|
total
|
|
}
|
|
}
|
|
"""
|
|
|
|
res = AbsintheHelpers.graphql_query(conn, query: query)
|
|
|
|
assert res["data"]["groups"]["total"] == 1
|
|
|
|
assert hd(res["data"]["groups"]["elements"])["preferredUsername"] ==
|
|
group.preferred_username
|
|
end
|
|
end
|
|
|
|
describe "find a group" do
|
|
@group_query """
|
|
query Group($preferredUsername: String!) {
|
|
group(preferredUsername: $preferredUsername) {
|
|
preferredUsername,
|
|
members {
|
|
total,
|
|
elements {
|
|
role,
|
|
actor {
|
|
preferredUsername
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
test "find_group/3 returns a group by its username", %{conn: conn, actor: actor, user: user} do
|
|
group = insert(:group)
|
|
insert(:member, parent: group, actor: actor, role: :administrator)
|
|
insert(:member, parent: group, role: :member)
|
|
|
|
res =
|
|
conn
|
|
|> AbsintheHelpers.graphql_query(
|
|
query: @group_query,
|
|
variables: %{
|
|
preferredUsername: group.preferred_username
|
|
}
|
|
)
|
|
|
|
assert res["errors"] == nil
|
|
|
|
assert res["data"]["group"]["preferredUsername"] ==
|
|
group.preferred_username
|
|
|
|
assert res["data"]["group"]["members"]["total"] == 2
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> AbsintheHelpers.graphql_query(
|
|
query: @group_query,
|
|
variables: %{
|
|
preferredUsername: group.preferred_username,
|
|
actorId: actor.id
|
|
}
|
|
)
|
|
|
|
assert res["errors"] == nil
|
|
|
|
assert res["data"]["group"]["members"]["total"] == 2
|
|
assert hd(res["data"]["group"]["members"]["elements"])["role"] == "ADMINISTRATOR"
|
|
|
|
assert hd(res["data"]["group"]["members"]["elements"])["actor"]["preferredUsername"] ==
|
|
actor.preferred_username
|
|
|
|
res =
|
|
conn
|
|
|> AbsintheHelpers.graphql_query(
|
|
query: @group_query,
|
|
variables: %{preferredUsername: @non_existent_username}
|
|
)
|
|
|
|
assert res["data"]["group"] == nil
|
|
|
|
assert hd(res["errors"])["message"] ==
|
|
"Group with name #{@non_existent_username} not found"
|
|
end
|
|
|
|
test "find_group doesn't list group members access if group is private", %{
|
|
conn: conn,
|
|
actor: actor
|
|
} do
|
|
group = insert(:group, visibility: :private)
|
|
insert(:member, parent: group, actor: actor, role: :administrator)
|
|
|
|
res =
|
|
conn
|
|
|> AbsintheHelpers.graphql_query(
|
|
query: @group_query,
|
|
variables: %{
|
|
preferredUsername: group.preferred_username
|
|
}
|
|
)
|
|
|
|
assert res["errors"] == nil
|
|
|
|
assert res["data"]["group"]["preferredUsername"] ==
|
|
group.preferred_username
|
|
|
|
assert res["data"]["group"]["members"] == %{"elements" => [], "total" => 1}
|
|
end
|
|
end
|
|
|
|
describe "delete a group" do
|
|
test "delete_group/3 deletes a group", %{conn: conn, user: user, actor: actor} do
|
|
group = insert(:group)
|
|
insert(:member, parent: group, actor: actor, role: :administrator)
|
|
|
|
mutation = """
|
|
mutation {
|
|
deleteGroup(
|
|
actor_id: #{actor.id},
|
|
group_id: #{group.id}
|
|
) {
|
|
id
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert json_response(res, 200)["errors"] == nil
|
|
assert json_response(res, 200)["data"]["deleteGroup"]["id"] == to_string(group.id)
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] =~ "not found"
|
|
end
|
|
|
|
test "delete_group/3 should check user authentication", %{conn: conn, actor: actor} do
|
|
group = insert(:group)
|
|
insert(:member, parent: group, actor: actor, role: :member)
|
|
|
|
mutation = """
|
|
mutation {
|
|
deleteGroup(
|
|
actor_id: #{actor.id},
|
|
group_id: #{group.id}
|
|
) {
|
|
id
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] =~ "logged-in"
|
|
end
|
|
|
|
test "delete_group/3 should check the actor is owned by the user", %{
|
|
conn: conn,
|
|
user: user,
|
|
actor: actor
|
|
} do
|
|
group = insert(:group)
|
|
insert(:member, parent: group, actor: actor, role: :member)
|
|
|
|
mutation = """
|
|
mutation {
|
|
deleteGroup(
|
|
actor_id: 159,
|
|
group_id: #{group.id}
|
|
) {
|
|
id
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] =~ "not owned"
|
|
end
|
|
|
|
test "delete_group/3 should check the actor is a member of this group", %{
|
|
conn: conn,
|
|
user: user,
|
|
actor: actor
|
|
} do
|
|
group = insert(:group)
|
|
|
|
mutation = """
|
|
mutation {
|
|
deleteGroup(
|
|
actor_id: #{actor.id},
|
|
group_id: #{group.id}
|
|
) {
|
|
id
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] =~ "not a member"
|
|
end
|
|
|
|
test "delete_group/3 should check the actor is an administrator of this group", %{
|
|
conn: conn,
|
|
user: user,
|
|
actor: actor
|
|
} do
|
|
group = insert(:group)
|
|
insert(:member, parent: group, actor: actor, role: :member)
|
|
|
|
mutation = """
|
|
mutation {
|
|
deleteGroup(
|
|
actor_id: #{actor.id},
|
|
group_id: #{group.id}
|
|
) {
|
|
id
|
|
}
|
|
}
|
|
"""
|
|
|
|
res =
|
|
conn
|
|
|> auth_conn(user)
|
|
|> post("/api", AbsintheHelpers.mutation_skeleton(mutation))
|
|
|
|
assert hd(json_response(res, 200)["errors"])["message"] =~ "not an administrator"
|
|
end
|
|
end
|
|
end
|