59dd8ca549
In order for model ordering to work as expected in tests, we need to
keep two properties:
- Fixtures are all created in the past
- Models sort in the order that they were created
This allows us to do things like this:
post cards_path, params: { ... }
created_card = Card.last
When using UUIDv7 PKs rather than sequential integers, we have to make
sure a couple of things happen in order for this still to be true:
- Fixtures should generate deterministic IDs that translate to UUIDs
that would have been created in the past (i.e. before today)
- Newly created objects must have enough precision in their timestamps
so that they sort in the order they were created, and their random
component doesn't come into play.
To solve this, we use the deterministic numeric ID as a number of
milliseconds after an early year. And we ensure that the new timestamps
we create have sub-millisecond precision.
140 lines
3.8 KiB
Ruby
140 lines
3.8 KiB
Ruby
require "test_helper"
|
|
|
|
class BoardsControllerTest < ActionDispatch::IntegrationTest
|
|
setup do
|
|
sign_in_as :kevin
|
|
end
|
|
|
|
test "new" do
|
|
get new_board_path
|
|
assert_response :success
|
|
end
|
|
|
|
test "show" do
|
|
get board_path(boards(:writebook))
|
|
assert_response :success
|
|
end
|
|
|
|
test "create" do
|
|
assert_difference -> { Board.count }, +1 do
|
|
post boards_path, params: { board: { name: "Remodel Punch List" } }
|
|
end
|
|
|
|
board = Board.last
|
|
assert_redirected_to board_path(board)
|
|
assert_includes board.users, users(:kevin)
|
|
assert_equal "Remodel Punch List", board.name
|
|
end
|
|
|
|
test "edit" do
|
|
get edit_board_path(boards(:writebook))
|
|
assert_response :success
|
|
end
|
|
|
|
test "update" do
|
|
patch board_path(boards(:writebook)), params: {
|
|
board: {
|
|
name: "Writebook bugs",
|
|
all_access: false,
|
|
auto_postpone_period: 1.day
|
|
},
|
|
user_ids: users(:kevin, :jz).pluck(:id)
|
|
}
|
|
|
|
assert_redirected_to edit_board_path(boards(:writebook))
|
|
assert_equal "Writebook bugs", boards(:writebook).reload.name
|
|
assert_equal users(:kevin, :jz).sort, boards(:writebook).users.sort
|
|
assert_equal 1.day, entropies(:writebook_board).auto_postpone_period
|
|
assert_not boards(:writebook).all_access?
|
|
end
|
|
|
|
test "update redirects to root when user removes themselves from board" do
|
|
board = boards(:writebook)
|
|
|
|
patch board_path(board), params: {
|
|
board: { name: "Updated name", all_access: false },
|
|
user_ids: users(:david, :jz).pluck(:id)
|
|
}
|
|
|
|
assert_redirected_to root_path
|
|
assert_not board.reload.users.include?(users(:kevin))
|
|
end
|
|
|
|
test "update board with granular permissions, submitting no user ids" do
|
|
assert_not boards(:private).all_access?
|
|
|
|
boards(:private).users = [ users(:kevin) ]
|
|
boards(:private).save!
|
|
|
|
patch board_path(boards(:private)), params: {
|
|
board: { name: "Renamed" }
|
|
}
|
|
|
|
assert_redirected_to edit_board_path(boards(:private))
|
|
assert_equal "Renamed", boards(:private).reload.name
|
|
assert_equal [ users(:kevin) ], boards(:private).users
|
|
assert_not boards(:private).all_access?
|
|
end
|
|
|
|
test "update all access" do
|
|
board = Current.set(account: accounts("37s"), session: sessions(:kevin), user: users(:kevin)) do
|
|
Board.create! name: "New board", all_access: false
|
|
end
|
|
assert_equal [ users(:kevin) ], board.users
|
|
|
|
patch board_path(board), params: { board: { name: "Bugs", all_access: true } }
|
|
|
|
assert_redirected_to edit_board_path(board)
|
|
assert board.reload.all_access?
|
|
assert_equal accounts("37s").users.active.sort, board.users.sort
|
|
end
|
|
|
|
test "destroy" do
|
|
board = boards(:writebook)
|
|
delete board_path(board)
|
|
assert_redirected_to root_path
|
|
assert_raises(ActiveRecord::RecordNotFound) { board.reload }
|
|
end
|
|
|
|
test "non-admin cannot change all_access on board they don't own" do
|
|
logout_and_sign_in_as :jz
|
|
|
|
board = boards(:writebook)
|
|
original_all_access = board.all_access
|
|
|
|
patch board_path(board), params: { board: { all_access: !original_all_access } }
|
|
|
|
assert_response :forbidden
|
|
assert_equal original_all_access, board.reload.all_access
|
|
end
|
|
|
|
test "non-admin cannot change individual user accesses on board they don't own" do
|
|
logout_and_sign_in_as :jz
|
|
|
|
board = boards(:writebook)
|
|
original_users = board.users.sort
|
|
|
|
patch board_path(board), params: {
|
|
board: { name: board.name },
|
|
user_ids: [ users(:jz).id ]
|
|
}
|
|
|
|
assert_response :forbidden
|
|
assert_equal original_users, board.reload.users.sort
|
|
end
|
|
|
|
test "non-admin cannot change board name on board they don't own" do
|
|
logout_and_sign_in_as :jz
|
|
|
|
board = boards(:writebook)
|
|
original_name = board.name
|
|
|
|
patch board_path(board), params: {
|
|
board: { name: "Hacked Board Name" }
|
|
}
|
|
|
|
assert_response :forbidden
|
|
assert_equal original_name, board.reload.name
|
|
end
|
|
end
|