Skip to content

Commit

Permalink
Blog publish tests and fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
symkat committed Nov 27, 2021
1 parent fb22b06 commit a239a0c
Show file tree
Hide file tree
Showing 5 changed files with 143 additions and 1 deletion.
2 changes: 1 addition & 1 deletion Web/lib/BlogDB/Web.pm
Expand Up @@ -95,7 +95,7 @@ sub startup ($self) {
$r->post ( '/blog/new' )->to( 'Blog#post_new_blog' )->name( 'do_new_blog' ); # Create a new blog.
$r->get ( '/blog/new/:id' )->to( 'Blog#get_edit_new_blog' )->name( 'edit_new_blog' ); # Show edit a new blog page.
$r->post ( '/blog/new/:id' )->to( 'Blog#post_edit_new_blog' )->name( 'do_edit_new_blog' ); # Update a new blog.
$r->post ( '/blog/publish/:id' )->to( 'Blog#post_publish_new_blog')->name( 'do_publish_new_blog' ); # Publish (PendingBlog -> Blog.)
$auth->post( '/blog/publish/:id' )->to( 'Blog#post_publish_new_blog')->name( 'do_publish_new_blog' ); # Publish (PendingBlog -> Blog.)

$r->get ( '/blog/v/:slug' )->to( 'Blog#get_view_blog' )->name( 'view_blog');
$r->get ( '/blog/e/:slug' )->to( 'Blog#get_edit_blog' )->name( 'edit_blog');
Expand Down
11 changes: 11 additions & 0 deletions Web/lib/BlogDB/Web/Controller/Blog.pm
Expand Up @@ -289,6 +289,17 @@ sub post_edit_new_blog ($c) {
sub post_publish_new_blog ($c) {
my $pb = $c->db->resultset('PendingBlog')->find( $c->param('id') );

push @{$c->stash->{errors}}, 'No such blog id.'
unless $pb;

push @{$c->stash->{errors}}, 'Not Authorized.'
unless $c->stash->{person}->setting( 'can_manage_blogs' );

if ( @{$c->stash->{errors} || []} ) {
$c->redirect_to( $c->url_for( 'homepage' ) );
return 0;
}

my $blog = $c->db->resultset('Blog')->create({
title => $pb->title,
url => $pb->url,
Expand Down
52 changes: 52 additions & 0 deletions Web/t/01_endpoints/03_blog/03_publish_new_blog.t
@@ -0,0 +1,52 @@
#!/usr/bin/env perl
use Mojo::Base '-signatures';
use BlogDB::Web::Test;

my $t = Test::Mojo::BlogDB->new('BlogDB::Web');

# Post a new blog as a logged in user.
$t->create_user->post_ok( '/blog/new',
form => {
url => 'https://modfoss.com/',
})->code_block( sub {
my ( $t ) = @_;
$t->_ss($t->app->db->resultset('PendingBlog')->find( { url => 'https://modfoss.com/'}));
ok $t->_sg, "Created blog entry.";
});

my $blog_id = $t->_sg->id;

# New Session, update the blog as a can_manage_blogs user..
$t = Test::Mojo::BlogDB->new('BlogDB::Web');

$t->create_user({ can_manage_blogs => 1 })->post_ok( "/blog/new/$blog_id", form => {
title => 'modFoss',
url => 'https://modfoss.com/',
rss_url => 'https://modfoss.com/feed',
tagline => 'Articles on technical matters.',
about => 'A technical blog.'
})->code_block( sub {
my ( $t ) = @_;
$t->_ss($t->app->db->resultset('PendingBlog')->find( { url => 'https://modfoss.com/'}));
ok $t->_sg, "Found blog entry";
is $t->_sg->title, 'modFoss', 'Title updated.';
is $t->_sg->url, 'https://modfoss.com/', 'URL updated.';
is $t->_sg->rss_url , 'https://modfoss.com/feed', 'RSS URL updated.';
is $t->_sg->tagline , 'Articles on technical matters.', 'Tagline updated.';
is $t->_sg->about , 'A technical blog.', 'About updated.';
})->stash_has( { authorization => [ 'setting:can_manage_blogs' ] } );

# Now we publish the blog, we're still in the user account with can_manage_blogs
$t->post_ok( "/blog/publish/$blog_id", form => {})
->code_block( sub {
my ( $t ) = @_;
$t->_ss($t->app->db->resultset('Blog')->find( { url => 'https://modfoss.com/'}));
ok $t->_sg, "Found published blog";
is $t->_sg->title, 'modFoss', 'Blog has correct title.';


$t->_ss($t->app->db->resultset('PendingBlog')->find( { url => 'https://modfoss.com/'}));
is $t->_sg, undef, "Blog has been deleted from PendingBlogs.";
});

done_testing;
40 changes: 40 additions & 0 deletions Web/t/01_endpoints/03_blog/03_publish_new_blog_no_perm.t
@@ -0,0 +1,40 @@
#!/usr/bin/env perl
# Test to make sure that a normal user (w/o can_manage_blogs) cannot approve a blog.
use Mojo::Base '-signatures';
use BlogDB::Web::Test;

my $t = Test::Mojo::BlogDB->new('BlogDB::Web');

# Post a new blog as a logged in user.
$t->create_user->post_ok( '/blog/new',
form => {
url => 'https://modfoss.com/',
})->code_block( sub {
my ( $t ) = @_;
$t->_ss($t->app->db->resultset('PendingBlog')->find( { url => 'https://modfoss.com/'}));
ok $t->_sg, "Created blog entry.";
});

my $blog_id = $t->_sg->id;

# Update the blog as the same user.
$t->post_ok( "/blog/new/$blog_id", form => {
title => 'modFoss',
url => 'https://modfoss.com/',
rss_url => 'https://modfoss.com/feed',
tagline => 'Articles on technical matters.',
about => 'A technical blog.'
})->code_block( sub {
my ( $t ) = @_;
$t->_ss($t->app->db->resultset('PendingBlog')->find( { url => 'https://modfoss.com/'}));
ok $t->_sg, "Found blog entry";
is $t->_sg->title, 'modFoss', 'Title updated.';
})->stash_has( { authorization => [ 'submitter' ] } );

# Now we try to publish the blog, it should fail for no user account.
$t->post_ok( "/blog/publish/$blog_id", form => {})
->stash_has( { errors => [ 'Not Authorized.' ] });



done_testing;
39 changes: 39 additions & 0 deletions Web/t/01_endpoints/03_blog/03_publish_new_blog_no_user.t
@@ -0,0 +1,39 @@
#!/usr/bin/env perl
# Test to make sure that an anonymous user cannot approve a blog.
use Mojo::Base '-signatures';
use BlogDB::Web::Test;

my $t = Test::Mojo::BlogDB->new('BlogDB::Web');

# Post a new blog as a logged in user.
$t->create_user->post_ok( '/blog/new',
form => {
url => 'https://modfoss.com/',
})->code_block( sub {
my ( $t ) = @_;
$t->_ss($t->app->db->resultset('PendingBlog')->find( { url => 'https://modfoss.com/'}));
ok $t->_sg, "Created blog entry.";
});

my $blog_id = $t->_sg->id;

# Update the blog as the same user.
$t->post_ok( "/blog/new/$blog_id", form => {
title => 'modFoss',
url => 'https://modfoss.com/',
rss_url => 'https://modfoss.com/feed',
tagline => 'Articles on technical matters.',
about => 'A technical blog.'
})->code_block( sub {
my ( $t ) = @_;
$t->_ss($t->app->db->resultset('PendingBlog')->find( { url => 'https://modfoss.com/'}));
ok $t->_sg, "Found blog entry";
is $t->_sg->title, 'modFoss', 'Title updated.';
})->stash_has( { authorization => [ 'submitter' ] } );

# Now we try to publish the blog, it should fail because no logged in user.
$t = Test::Mojo::BlogDB->new('BlogDB::Web');
$t->post_ok( "/blog/publish/$blog_id", form => {})
->stash_has( { errors => [ 'Login required.']}, 'Thrown out for no login.');

done_testing;

0 comments on commit a239a0c

Please sign in to comment.