otwarchive-symphonyarchive/spec/controllers/known_issues_controller_spec.rb

# frozen_string_literal: true

require "spec_helper"

describe KnownIssuesController do
  include LoginMacros
  include RedirectExpectationHelper

  allowed_roles = %w[superadmin support]

  shared_examples "denies access to unauthorized admins" do
    context "when logged in as an admin with no role" do
      let(:admin) { create(:admin) }

      it "redirects with an error" do
        it_redirects_to_with_error(root_url, "Sorry, only an authorized admin can access the page you were trying to reach.")
      end
    end

    (Admin::VALID_ROLES - allowed_roles).each do |admin_role|
      context "when logged in as an admin with role #{admin_role}" do
        let(:admin) { create(:admin, roles: [admin_role]) }

        it "redirects with an error" do
          it_redirects_to_with_error(root_url, "Sorry, only an authorized admin can access the page you were trying to reach.")
        end
      end
    end
  end

  describe "GET #show" do
    let(:known_issue) { create(:known_issue) }

    it_behaves_like "denies access to unauthorized admins" do
      before do
        fake_login_admin(admin)
        get :show, params: { id: known_issue.id }
      end
    end

    allowed_roles.each do |admin_role|
      context "when logged in as an admin with role #{admin_role}" do
        let(:admin) { create(:admin, roles: [admin_role]) }

        before do
          fake_login_admin(admin)
        end

        it "allows access" do
          get :show, params: { id: known_issue.id }
          expect(response).to have_http_status(:success)
        end
      end
    end
  end

  describe "GET #new" do
    it_behaves_like "denies access to unauthorized admins" do
      before do
        fake_login_admin(admin)
        get :new
      end
    end

    allowed_roles.each do |admin_role|
      context "when logged in as an admin with role #{admin_role}" do
        let(:admin) { create(:admin, roles: [admin_role]) }

        before do
          fake_login_admin(admin)
        end

        it "allows access" do
          get :new
          expect(response).to have_http_status(:success)
        end
      end
    end
  end

  describe "GET #edit" do
    let(:known_issue) { create(:known_issue) }

    it_behaves_like "denies access to unauthorized admins" do
      before do
        fake_login_admin(admin)
        get :edit, params: { id: known_issue.id }
      end
    end

    allowed_roles.each do |admin_role|
      context "when logged in as an admin with role #{admin_role}" do
        let(:admin) { create(:admin, roles: [admin_role]) }

        before do
          fake_login_admin(admin)
        end

        it "allows access" do
          get :edit, params: { id: known_issue.id }
          expect(response).to have_http_status(:success)
        end
      end
    end
  end

  describe "POST #create" do
    let(:params) { { known_issue: attributes_for(:known_issue) } }

    it_behaves_like "denies access to unauthorized admins" do
      before do
        fake_login_admin(admin)
        post :create, params: params
      end
    end

    allowed_roles.each do |admin_role|
      context "when logged in as an admin with role #{admin_role}" do
        let(:admin) { create(:admin, roles: [admin_role]) }

        before do
          fake_login_admin(admin)
        end

        it "creates a known issue" do
          expect { post :create, params: params }
            .to change { KnownIssue.count }
            .by(1)
        end
      end
    end
  end

  describe "PUT #update" do
    let(:known_issue) { create(:known_issue) }
    let(:params) { { id: known_issue.id, known_issue: { title: "Brand new title" } } }

    it_behaves_like "denies access to unauthorized admins" do
      before do
        fake_login_admin(admin)
        put :update, params: params
      end
    end

    allowed_roles.each do |admin_role|
      context "when logged in as an admin with role #{admin_role}" do
        let(:admin) { create(:admin, roles: [admin_role]) }

        before do
          fake_login_admin(admin)
        end

        it "updates the known issue successfully" do
          put :update, params: params
          expect(known_issue.reload.title).to eq("Brand new title")
        end
      end
    end
  end

  describe "DELETE #destroy" do
    let(:known_issue) { create(:known_issue) }

    it_behaves_like "denies access to unauthorized admins" do
      before do
        fake_login_admin(admin)
        delete :destroy, params: { id: known_issue.id }
      end
    end

    allowed_roles.each do |admin_role|
      context "when logged in as an admin with role #{admin_role}" do
        let(:admin) { create(:admin, roles: [admin_role]) }

        before do
          fake_login_admin(admin)
        end

        it "deletes the known issue" do
          delete :destroy, params: { id: known_issue.id }
          expect { known_issue.reload }
            .to raise_exception(ActiveRecord::RecordNotFound)
        end
      end
    end
  end
end
first 2026-03-11 22:22:11 +00:00			`# frozen_string_literal: true`

			`require "spec_helper"`

			`describe KnownIssuesController do`
			`include LoginMacros`
			`include RedirectExpectationHelper`

			`allowed_roles = %w[superadmin support]`

			`shared_examples "denies access to unauthorized admins" do`
			`context "when logged in as an admin with no role" do`
			`let(:admin) { create(:admin) }`

			`it "redirects with an error" do`
			`it_redirects_to_with_error(root_url, "Sorry, only an authorized admin can access the page you were trying to reach.")`
			`end`
			`end`

			`(Admin::VALID_ROLES - allowed_roles).each do \|admin_role\|`
			`context "when logged in as an admin with role #{admin_role}" do`
			`let(:admin) { create(:admin, roles: [admin_role]) }`

			`it "redirects with an error" do`
			`it_redirects_to_with_error(root_url, "Sorry, only an authorized admin can access the page you were trying to reach.")`
			`end`
			`end`
			`end`
			`end`

			`describe "GET #show" do`
			`let(:known_issue) { create(:known_issue) }`

			`it_behaves_like "denies access to unauthorized admins" do`
			`before do`
			`fake_login_admin(admin)`
			`get :show, params: { id: known_issue.id }`
			`end`
			`end`

			`allowed_roles.each do \|admin_role\|`
			`context "when logged in as an admin with role #{admin_role}" do`
			`let(:admin) { create(:admin, roles: [admin_role]) }`

			`before do`
			`fake_login_admin(admin)`
			`end`

			`it "allows access" do`
			`get :show, params: { id: known_issue.id }`
			`expect(response).to have_http_status(:success)`
			`end`
			`end`
			`end`
			`end`

			`describe "GET #new" do`
			`it_behaves_like "denies access to unauthorized admins" do`
			`before do`
			`fake_login_admin(admin)`
			`get :new`
			`end`
			`end`

			`allowed_roles.each do \|admin_role\|`
			`context "when logged in as an admin with role #{admin_role}" do`
			`let(:admin) { create(:admin, roles: [admin_role]) }`

			`before do`
			`fake_login_admin(admin)`
			`end`

			`it "allows access" do`
			`get :new`
			`expect(response).to have_http_status(:success)`
			`end`
			`end`
			`end`
			`end`

			`describe "GET #edit" do`
			`let(:known_issue) { create(:known_issue) }`

			`it_behaves_like "denies access to unauthorized admins" do`
			`before do`
			`fake_login_admin(admin)`
			`get :edit, params: { id: known_issue.id }`
			`end`
			`end`

			`allowed_roles.each do \|admin_role\|`
			`context "when logged in as an admin with role #{admin_role}" do`
			`let(:admin) { create(:admin, roles: [admin_role]) }`

			`before do`
			`fake_login_admin(admin)`
			`end`

			`it "allows access" do`
			`get :edit, params: { id: known_issue.id }`
			`expect(response).to have_http_status(:success)`
			`end`
			`end`
			`end`
			`end`

			`describe "POST #create" do`
			`let(:params) { { known_issue: attributes_for(:known_issue) } }`

			`it_behaves_like "denies access to unauthorized admins" do`
			`before do`
			`fake_login_admin(admin)`
			`post :create, params: params`
			`end`
			`end`

			`allowed_roles.each do \|admin_role\|`
			`context "when logged in as an admin with role #{admin_role}" do`
			`let(:admin) { create(:admin, roles: [admin_role]) }`

			`before do`
			`fake_login_admin(admin)`
			`end`

			`it "creates a known issue" do`
			`expect { post :create, params: params }`
			`.to change { KnownIssue.count }`
			`.by(1)`
			`end`
			`end`
			`end`
			`end`

			`describe "PUT #update" do`
			`let(:known_issue) { create(:known_issue) }`
			`let(:params) { { id: known_issue.id, known_issue: { title: "Brand new title" } } }`

			`it_behaves_like "denies access to unauthorized admins" do`
			`before do`
			`fake_login_admin(admin)`
			`put :update, params: params`
			`end`
			`end`

			`allowed_roles.each do \|admin_role\|`
			`context "when logged in as an admin with role #{admin_role}" do`
			`let(:admin) { create(:admin, roles: [admin_role]) }`

			`before do`
			`fake_login_admin(admin)`
			`end`

			`it "updates the known issue successfully" do`
			`put :update, params: params`
			`expect(known_issue.reload.title).to eq("Brand new title")`
			`end`
			`end`
			`end`
			`end`

			`describe "DELETE #destroy" do`
			`let(:known_issue) { create(:known_issue) }`

			`it_behaves_like "denies access to unauthorized admins" do`
			`before do`
			`fake_login_admin(admin)`
			`delete :destroy, params: { id: known_issue.id }`
			`end`
			`end`

			`allowed_roles.each do \|admin_role\|`
			`context "when logged in as an admin with role #{admin_role}" do`
			`let(:admin) { create(:admin, roles: [admin_role]) }`

			`before do`
			`fake_login_admin(admin)`
			`end`

			`it "deletes the known issue" do`
			`delete :destroy, params: { id: known_issue.id }`
			`expect { known_issue.reload }`
			`.to raise_exception(ActiveRecord::RecordNotFound)`
			`end`
			`end`
			`end`
			`end`
			`end`