IT4Change/Ocelot-Social
3
0
Fork 0
mirror of https://github.com/IT4Change/Ocelot-Social.git synced 2025-12-13 07:45:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Spec a new behaviour of softDisable

Browse Source 
If we have nested content, the content should be obfuscated instead of
being filtered.

cc @datenbrei
This commit is contained in:
Robert Schäfer 2019-03-13 20:57:50 +01:00
parent 7d82b27aaa
commit d71cb16a01
2 changed files with 192 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

165
src/middleware/softDeleteMiddleware.spec.js
View File

@ -7,40 +7,139 @@ let client
let query let query
let action let action
beforeEach(async () => { beforeAll(async () => {
// For performance reasons we do this only once
await Promise.all([ await Promise.all([
factory.create('User', { id: 'u1', role: 'user', email: 'user@example.org', password: '1234' }), factory.create('User', { id: 'u1', role: 'user', email: 'user@example.org', password: '1234' }),
factory.create('User', { id: 'm1', role: 'moderator', email: 'moderator@example.org', password: '1234' }) factory.create('User', { id: 'm1', role: 'moderator', email: 'moderator@example.org', password: '1234' }),
factory.create('User', { id: 'u2', role: 'user', avatar: '/some/offensive/avatar.jpg', about: 'This self description is very offensive', email: 'troll@example.org', password: '1234' })
]) ])
await factory.authenticateAs({ email: 'user@example.org', password: '1234' }) await factory.authenticateAs({ email: 'user@example.org', password: '1234' })
await Promise.all([ await Promise.all([
await factory.create('Post', { id: 'p1', title: 'Deleted post', deleted: true }), factory.follow({ id: 'u2', type: 'User' }),
await factory.create('Post', { id: 'p2', title: 'Disabled post', deleted: false }), factory.create('Post', { id: 'p1', title: 'Deleted post', deleted: true }),
await factory.create('Post', { id: 'p3', title: 'Publicly visible post', deleted: false }) factory.create('Post', { id: 'p3', title: 'Publicly visible post', deleted: false })
]) ])
const moderatorFactory = Factory()
await moderatorFactory.authenticateAs({ email: 'moderator@example.org', password: '1234' }) await Promise.all([
const disableMutation = ` factory.create('Comment', { id: 'c2', content: 'Enabled comment on public post' })
mutation { ])
disable(
id: "p2" await Promise.all([
) factory.relate('Comment', 'Author', { from: 'u1', to: 'c2' }),
} factory.relate('Comment', 'Post', { from: 'c2', to: 'p3' })
` ])
await moderatorFactory.mutate(disableMutation)
const asTroll = Factory()
await asTroll.authenticateAs({ email: 'troll@example.org', password: '1234' })
await asTroll.create('Post', { id: 'p2', title: 'Disabled post', content: 'This is an offensive post content', image: '/some/offensive/image.jpg', deleted: false })
await asTroll.create('Comment', { id: 'c1', content: 'Disabled comment' })
await Promise.all([
asTroll.relate('Comment', 'Author', { from: 'u2', to: 'c1' }),
asTroll.relate('Comment', 'Post', { from: 'c1', to: 'p3' })
])
const asModerator = Factory()
await asModerator.authenticateAs({ email: 'moderator@example.org', password: '1234' })
await asModerator.mutate('mutation { disable( id: "p2") }')
await asModerator.mutate('mutation { disable( id: "c1") }')
await asModerator.mutate('mutation { disable( id: "u2") }')
}) })
afterEach(async () => { afterAll(async () => {
await factory.cleanDatabase() await factory.cleanDatabase()
}) })
describe('softDeleteMiddleware', () => { describe('softDeleteMiddleware', () => {
describe('Post', () => { describe('read disabled content', () => {
let user
let post
let comment
const beforeComment = async () => {
query = '{ User(id: "u1") { following { comments { content contentExcerpt } } } }'
const response = await action()
comment = response.User[0].following[0].comments[0]
}
const beforeUser = async () => {
query = '{ User(id: "u1") { following { about avatar } } }'
const response = await action()
user = response.User[0].following[0]
}
const beforePost = async () => {
query = '{ User(id: "u1") { following { contributions { title image content contentExcerpt } } } }'
const response = await action()
post = response.User[0].following[0].contributions[0]
}
action = () => { action = () => {
return client.request(query) return client.request(query)
} }
beforeEach(() => { describe('as moderator', () => {
beforeEach(async () => {
const headers = await login({ email: 'moderator@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
describe('User', () => {
beforeEach(beforeUser)
it('displays about', () => expect(user.about).toEqual('This self description is very offensive'))
it('displays avatar', () => expect(user.avatar).toEqual('/some/offensive/avatar.jpg'))
})
describe('Post', () => {
beforeEach(beforePost)
it('displays title', () => expect(post.title).toEqual('Disabled post'))
it('displays content', () => expect(post.content).toEqual('This is an offensive post content'))
it('displays contentExcerpt', () => expect(post.contentExcerpt).toEqual('This is an offensive post content'))
it('displays image', () => expect(post.image).toEqual('/some/offensive/image.jpg'))
})
describe('Comment', () => {
beforeEach(beforeComment)
it('displays content', () => expect(comment.content).toEqual('Disabled comment'))
it('displays contentExcerpt', () => expect(comment.contentExcerpt).toEqual('Disabled comment'))
})
})
describe('as user', () => {
beforeEach(async () => {
const headers = await login({ email: 'user@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
describe('User', () => {
beforeEach(beforeUser)
it('obfuscates about', () => expect(user.about).toEqual('DELETED'))
it('obfuscates avatar', () => expect(user.avatar).toEqual('DELETED'))
})
describe('Post', () => {
beforeEach(beforePost)
it('obfuscates title', () => expect(post.title).toEqual('DELETED'))
it('obfuscates content', () => expect(post.content).toEqual('DELETED'))
it('obfuscates contentExcerpt', () => expect(post.contentExcerpt).toEqual('DELETED'))
it('obfuscates image', () => expect(post.image).toEqual('DELETED'))
})
describe('Comment', () => {
beforeEach(beforeComment)
it('obfuscates content', () => expect(comment.content).toEqual('DELETED'))
it('obfuscates contentExcerpt', () => expect(comment.contentExcerpt).toEqual('DELETED'))
})
})
})
describe('Query', () => {
describe('Post', () => {
beforeEach(async () => {
query = '{ Post { title } }' query = '{ Post { title } }'
}) })
@ -75,20 +174,6 @@ describe('softDeleteMiddleware', () => {
describe('.comments', () => { describe('.comments', () => {
beforeEach(async () => { beforeEach(async () => {
query = '{ Post(id: "p3") { title comments { content } } }' query = '{ Post(id: "p3") { title comments { content } } }'
const asModerator = Factory()
await asModerator.authenticateAs({ email: 'moderator@example.org', password: '1234' })
await Promise.all([
asModerator.create('Comment', { id: 'c1', content: 'Disabled comment' }),
asModerator.create('Comment', { id: 'c2', content: 'Enabled comment on public post' })
])
await Promise.all([
asModerator.relate('Comment', 'Author', { from: 'u1', to: 'c1' }),
asModerator.relate('Comment', 'Post', { from: 'c1', to: 'p3' }),
asModerator.relate('Comment', 'Author', { from: 'u1', to: 'c2' }),
asModerator.relate('Comment', 'Post', { from: 'c2', to: 'p3' })
])
await asModerator.mutate('mutation { disable( id: "c1") }')
}) })
describe('as user', () => { describe('as user', () => {
@ -97,15 +182,13 @@ describe('softDeleteMiddleware', () => {
client = new GraphQLClient(host, { headers }) client = new GraphQLClient(host, { headers })
}) })
it('hides disabled comments', async () => { it('conceals disabled comments', async () => {
const expected = { Post: [ { const expected = [
title: 'Publicly visible post', { content: 'Enabled comment on public post' },
comments: [ { content: 'DELETED' }
{ content: 'Enabled comment on public post' }
] ]
} const { Post: [{ comments }] } = await action()
] } await expect(comments).toEqual(expect.arrayContaining(expected))
await expect(action()).resolves.toEqual(expected)
}) })
}) })
@ -121,7 +204,6 @@ describe('softDeleteMiddleware', () => {
{ content: 'Disabled comment' } { content: 'Disabled comment' }
] ]
const { Post: [{ comments }] } = await action() const { Post: [{ comments }] } = await action()
await expect(comments).toEqual(expect.arrayContaining(expected)) await expect(comments).toEqual(expect.arrayContaining(expected))
}) })
}) })
@ -185,4 +267,5 @@ describe('softDeleteMiddleware', () => {
}) })
}) })
}) })
})
}) })

2
src/seed/factories/users.js
View File

@ -9,6 +9,7 @@ export default function create (params) {
password = '1234', password = '1234',
role = 'user', role = 'user',
avatar = faker.internet.avatar(), avatar = faker.internet.avatar(),
about = faker.lorem.paragraph(),
disabled = false, disabled = false,
deleted = false deleted = false
} = params } = params
@ -21,6 +22,7 @@ export default function create (params) {
password: "${password}", password: "${password}",
email: "${email}", email: "${email}",
avatar: "${avatar}", avatar: "${avatar}",
about: "${about}",
role: ${role}, role: ${role},
disabled: ${disabled}, disabled: ${disabled},
deleted: ${deleted} deleted: ${deleted}