diff --git a/app/controllers/admin/account_actions_controller.rb b/app/controllers/admin/account_actions_controller.rb index e674bf55a02..91849811e36 100644 --- a/app/controllers/admin/account_actions_controller.rb +++ b/app/controllers/admin/account_actions_controller.rb @@ -34,7 +34,8 @@ module Admin end def resource_params - params.require(:admin_account_action).permit(:type, :report_id, :warning_preset_id, :text, :send_email_notification, :include_statuses) + params + .expect(admin_account_action: [:type, :report_id, :warning_preset_id, :text, :send_email_notification, :include_statuses]) end end end diff --git a/app/controllers/admin/account_moderation_notes_controller.rb b/app/controllers/admin/account_moderation_notes_controller.rb index a3c4adf59a7..7f65ced5177 100644 --- a/app/controllers/admin/account_moderation_notes_controller.rb +++ b/app/controllers/admin/account_moderation_notes_controller.rb @@ -29,10 +29,8 @@ module Admin private def resource_params - params.require(:account_moderation_note).permit( - :content, - :target_account_id - ) + params + .expect(account_moderation_note: [:content, :target_account_id]) end def set_account_moderation_note diff --git a/app/controllers/admin/accounts_controller.rb b/app/controllers/admin/accounts_controller.rb index 7b169ba26a3..10391aa3e21 100644 --- a/app/controllers/admin/accounts_controller.rb +++ b/app/controllers/admin/accounts_controller.rb @@ -158,7 +158,8 @@ module Admin end def form_account_batch_params - params.require(:form_account_batch).permit(:action, account_ids: []) + params + .expect(form_account_batch: [:action, account_ids: []]) end def action_from_button diff --git a/app/controllers/admin/announcements_controller.rb b/app/controllers/admin/announcements_controller.rb index 12230a6506d..eaf84aab25f 100644 --- a/app/controllers/admin/announcements_controller.rb +++ b/app/controllers/admin/announcements_controller.rb @@ -84,6 +84,7 @@ class Admin::AnnouncementsController < Admin::BaseController end def resource_params - params.require(:announcement).permit(:text, :scheduled_at, :starts_at, :ends_at, :all_day) + params + .expect(announcement: [:text, :scheduled_at, :starts_at, :ends_at, :all_day]) end end diff --git a/app/controllers/admin/change_emails_controller.rb b/app/controllers/admin/change_emails_controller.rb index a689d3a5301..c923b94b1a7 100644 --- a/app/controllers/admin/change_emails_controller.rb +++ b/app/controllers/admin/change_emails_controller.rb @@ -41,9 +41,8 @@ module Admin end def resource_params - params.require(:user).permit( - :unconfirmed_email - ) + params + .expect(user: [:unconfirmed_email]) end end end diff --git a/app/controllers/admin/custom_emojis_controller.rb b/app/controllers/admin/custom_emojis_controller.rb index 00d069cdfb0..e3da834fcd3 100644 --- a/app/controllers/admin/custom_emojis_controller.rb +++ b/app/controllers/admin/custom_emojis_controller.rb @@ -44,7 +44,8 @@ module Admin private def resource_params - params.require(:custom_emoji).permit(:shortcode, :image, :visible_in_picker) + params + .expect(custom_emoji: [:shortcode, :image, :visible_in_picker]) end def filtered_custom_emojis @@ -74,7 +75,8 @@ module Admin end def form_custom_emoji_batch_params - params.require(:form_custom_emoji_batch).permit(:action, :category_id, :category_name, custom_emoji_ids: []) + params + .expect(form_custom_emoji_batch: [:action, :category_id, :category_name, custom_emoji_ids: []]) end end end diff --git a/app/controllers/admin/domain_allows_controller.rb b/app/controllers/admin/domain_allows_controller.rb index b0f139e3a82..913c1a8246c 100644 --- a/app/controllers/admin/domain_allows_controller.rb +++ b/app/controllers/admin/domain_allows_controller.rb @@ -37,6 +37,7 @@ class Admin::DomainAllowsController < Admin::BaseController end def resource_params - params.require(:domain_allow).permit(:domain) + params + .expect(domain_allow: [:domain]) end end diff --git a/app/controllers/admin/domain_blocks_controller.rb b/app/controllers/admin/domain_blocks_controller.rb index 16a8cb9eeae..c3443b70776 100644 --- a/app/controllers/admin/domain_blocks_controller.rb +++ b/app/controllers/admin/domain_blocks_controller.rb @@ -25,7 +25,9 @@ module Admin rescue Mastodon::NotPermittedError flash[:alert] = I18n.t('admin.domain_blocks.not_permitted') else - redirect_to admin_instances_path(limited: '1'), notice: I18n.t('admin.domain_blocks.created_msg') + flash[:notice] = I18n.t('admin.domain_blocks.created_msg') + ensure + redirect_to admin_instances_path(limited: '1') end def new @@ -114,7 +116,12 @@ module Admin end def form_domain_block_batch_params - params.require(:form_domain_block_batch).permit(domain_blocks_attributes: [:enabled, :domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate]) + params + .expect( + form_domain_block_batch: [ + domain_blocks_attributes: [[:enabled, :domain, :severity, :reject_media, :reject_reports, :private_comment, :public_comment, :obfuscate]], + ] + ) end def action_from_button diff --git a/app/controllers/admin/email_domain_blocks_controller.rb b/app/controllers/admin/email_domain_blocks_controller.rb index 9501ebd63a0..12f221164fa 100644 --- a/app/controllers/admin/email_domain_blocks_controller.rb +++ b/app/controllers/admin/email_domain_blocks_controller.rb @@ -62,11 +62,13 @@ module Admin end def resource_params - params.require(:email_domain_block).permit(:domain, :allow_with_approval, other_domains: []) + params + .expect(email_domain_block: [:domain, :allow_with_approval, other_domains: []]) end def form_email_domain_block_batch_params - params.require(:form_email_domain_block_batch).permit(email_domain_block_ids: []) + params + .expect(form_email_domain_block_batch: [email_domain_block_ids: []]) end def action_from_button diff --git a/app/controllers/admin/follow_recommendations_controller.rb b/app/controllers/admin/follow_recommendations_controller.rb index a54e41bd8c1..b060cfbe949 100644 --- a/app/controllers/admin/follow_recommendations_controller.rb +++ b/app/controllers/admin/follow_recommendations_controller.rb @@ -37,7 +37,8 @@ module Admin end def form_account_batch_params - params.require(:form_account_batch).permit(:action, account_ids: []) + params + .expect(form_account_batch: [:action, account_ids: []]) end def filter_params diff --git a/app/controllers/admin/invites_controller.rb b/app/controllers/admin/invites_controller.rb index 614e2a32d00..ac4ee352712 100644 --- a/app/controllers/admin/invites_controller.rb +++ b/app/controllers/admin/invites_controller.rb @@ -39,7 +39,8 @@ module Admin private def resource_params - params.require(:invite).permit(:max_uses, :expires_in) + params + .expect(invite: [:max_uses, :expires_in]) end def filtered_invites diff --git a/app/controllers/admin/ip_blocks_controller.rb b/app/controllers/admin/ip_blocks_controller.rb index 1bd7ec80596..afabda1b886 100644 --- a/app/controllers/admin/ip_blocks_controller.rb +++ b/app/controllers/admin/ip_blocks_controller.rb @@ -44,7 +44,8 @@ module Admin private def resource_params - params.require(:ip_block).permit(:ip, :severity, :comment, :expires_in) + params + .expect(ip_block: [:ip, :severity, :comment, :expires_in]) end def action_from_button @@ -52,7 +53,8 @@ module Admin end def form_ip_block_batch_params - params.require(:form_ip_block_batch).permit(ip_block_ids: []) + params + .expect(form_ip_block_batch: [ip_block_ids: []]) end end end diff --git a/app/controllers/admin/relays_controller.rb b/app/controllers/admin/relays_controller.rb index f05255adb6d..9a796949dec 100644 --- a/app/controllers/admin/relays_controller.rb +++ b/app/controllers/admin/relays_controller.rb @@ -57,7 +57,8 @@ module Admin end def resource_params - params.require(:relay).permit(:inbox_url) + params + .expect(relay: [:inbox_url]) end def warn_signatures_not_enabled! diff --git a/app/controllers/admin/report_notes_controller.rb b/app/controllers/admin/report_notes_controller.rb index 6b16c29fc7d..10dbe846e4c 100644 --- a/app/controllers/admin/report_notes_controller.rb +++ b/app/controllers/admin/report_notes_controller.rb @@ -47,10 +47,8 @@ module Admin end def resource_params - params.require(:report_note).permit( - :content, - :report_id - ) + params + .expect(report_note: [:content, :report_id]) end def set_report_note diff --git a/app/controllers/admin/roles_controller.rb b/app/controllers/admin/roles_controller.rb index bcfc11159c1..2f9af8a6fc7 100644 --- a/app/controllers/admin/roles_controller.rb +++ b/app/controllers/admin/roles_controller.rb @@ -61,7 +61,8 @@ module Admin end def resource_params - params.require(:user_role).permit(:name, :color, :highlighted, :position, permissions_as_keys: []) + params + .expect(user_role: [:name, :color, :highlighted, :position, permissions_as_keys: []]) end end end diff --git a/app/controllers/admin/rules_controller.rb b/app/controllers/admin/rules_controller.rb index b8def22ba37..289b6a98c39 100644 --- a/app/controllers/admin/rules_controller.rb +++ b/app/controllers/admin/rules_controller.rb @@ -53,7 +53,8 @@ module Admin end def resource_params - params.require(:rule).permit(:text, :hint, :priority) + params + .expect(rule: [:text, :hint, :priority]) end end end diff --git a/app/controllers/admin/settings_controller.rb b/app/controllers/admin/settings_controller.rb index 338a3638c40..2ae5ec82556 100644 --- a/app/controllers/admin/settings_controller.rb +++ b/app/controllers/admin/settings_controller.rb @@ -28,7 +28,8 @@ module Admin end def settings_params - params.require(:form_admin_settings).permit(*Form::AdminSettings::KEYS) + params + .expect(form_admin_settings: [*Form::AdminSettings::KEYS]) end end end diff --git a/app/controllers/admin/statuses_controller.rb b/app/controllers/admin/statuses_controller.rb index 40d1a481b28..aeadb35e7a6 100644 --- a/app/controllers/admin/statuses_controller.rb +++ b/app/controllers/admin/statuses_controller.rb @@ -39,7 +39,8 @@ module Admin helper_method :batched_ordered_status_edits def admin_status_batch_action_params - params.require(:admin_status_batch_action).permit(status_ids: []) + params + .expect(admin_status_batch_action: [status_ids: []]) end def after_create_redirect_path diff --git a/app/controllers/admin/tags_controller.rb b/app/controllers/admin/tags_controller.rb index 4759d15bc4b..a7bfd647944 100644 --- a/app/controllers/admin/tags_controller.rb +++ b/app/controllers/admin/tags_controller.rb @@ -37,7 +37,8 @@ module Admin end def tag_params - params.require(:tag).permit(:name, :display_name, :trendable, :usable, :listable) + params + .expect(tag: [:name, :display_name, :trendable, :usable, :listable]) end def filtered_tags diff --git a/app/controllers/admin/terms_of_service/drafts_controller.rb b/app/controllers/admin/terms_of_service/drafts_controller.rb index 5d32c0bd830..02cb05946fb 100644 --- a/app/controllers/admin/terms_of_service/drafts_controller.rb +++ b/app/controllers/admin/terms_of_service/drafts_controller.rb @@ -31,6 +31,7 @@ class Admin::TermsOfService::DraftsController < Admin::BaseController end def resource_params - params.require(:terms_of_service).permit(:text, :changelog) + params + .expect(terms_of_service: [:text, :changelog]) end end diff --git a/app/controllers/admin/terms_of_service/generates_controller.rb b/app/controllers/admin/terms_of_service/generates_controller.rb index 28037674a37..0edc87893e6 100644 --- a/app/controllers/admin/terms_of_service/generates_controller.rb +++ b/app/controllers/admin/terms_of_service/generates_controller.rb @@ -32,6 +32,7 @@ class Admin::TermsOfService::GeneratesController < Admin::BaseController end def resource_params - params.require(:terms_of_service_generator).permit(*TermsOfService::Generator::VARIABLES) + params + .expect(terms_of_service_generator: [*TermsOfService::Generator::VARIABLES]) end end diff --git a/app/controllers/admin/trends/links/preview_card_providers_controller.rb b/app/controllers/admin/trends/links/preview_card_providers_controller.rb index 5e4b4084f80..5a650d5d8c0 100644 --- a/app/controllers/admin/trends/links/preview_card_providers_controller.rb +++ b/app/controllers/admin/trends/links/preview_card_providers_controller.rb @@ -31,7 +31,8 @@ class Admin::Trends::Links::PreviewCardProvidersController < Admin::BaseControll end def trends_preview_card_provider_batch_params - params.require(:trends_preview_card_provider_batch).permit(:action, preview_card_provider_ids: []) + params + .expect(trends_preview_card_provider_batch: [:action, preview_card_provider_ids: []]) end def action_from_button diff --git a/app/controllers/admin/trends/links_controller.rb b/app/controllers/admin/trends/links_controller.rb index 65eca11c7f3..68aa73c9923 100644 --- a/app/controllers/admin/trends/links_controller.rb +++ b/app/controllers/admin/trends/links_controller.rb @@ -31,7 +31,8 @@ class Admin::Trends::LinksController < Admin::BaseController end def trends_preview_card_batch_params - params.require(:trends_preview_card_batch).permit(:action, preview_card_ids: []) + params + .expect(trends_preview_card_batch: [:action, preview_card_ids: []]) end def action_from_button diff --git a/app/controllers/admin/trends/statuses_controller.rb b/app/controllers/admin/trends/statuses_controller.rb index 682fe70bb56..873d777fe3c 100644 --- a/app/controllers/admin/trends/statuses_controller.rb +++ b/app/controllers/admin/trends/statuses_controller.rb @@ -31,7 +31,8 @@ class Admin::Trends::StatusesController < Admin::BaseController end def trends_status_batch_params - params.require(:trends_status_batch).permit(:action, status_ids: []) + params + .expect(trends_status_batch: [:action, status_ids: []]) end def action_from_button diff --git a/app/controllers/admin/trends/tags_controller.rb b/app/controllers/admin/trends/tags_controller.rb index fcd23fbf66b..1ccd740686f 100644 --- a/app/controllers/admin/trends/tags_controller.rb +++ b/app/controllers/admin/trends/tags_controller.rb @@ -31,7 +31,8 @@ class Admin::Trends::TagsController < Admin::BaseController end def trends_tag_batch_params - params.require(:trends_tag_batch).permit(:action, tag_ids: []) + params + .expect(trends_tag_batch: [:action, tag_ids: []]) end def action_from_button diff --git a/app/controllers/admin/users/roles_controller.rb b/app/controllers/admin/users/roles_controller.rb index f5dfc643d47..e8b58de504a 100644 --- a/app/controllers/admin/users/roles_controller.rb +++ b/app/controllers/admin/users/roles_controller.rb @@ -28,7 +28,8 @@ module Admin end def resource_params - params.require(:user).permit(:role_id) + params + .expect(user: [:role_id]) end end end diff --git a/app/controllers/admin/warning_presets_controller.rb b/app/controllers/admin/warning_presets_controller.rb index efbf65b1191..dcf88294ee4 100644 --- a/app/controllers/admin/warning_presets_controller.rb +++ b/app/controllers/admin/warning_presets_controller.rb @@ -52,7 +52,8 @@ module Admin end def warning_preset_params - params.require(:account_warning_preset).permit(:title, :text) + params + .expect(account_warning_preset: [:title, :text]) end end end diff --git a/app/controllers/admin/webhooks_controller.rb b/app/controllers/admin/webhooks_controller.rb index f1aad7c4b5a..31db3696375 100644 --- a/app/controllers/admin/webhooks_controller.rb +++ b/app/controllers/admin/webhooks_controller.rb @@ -74,7 +74,8 @@ module Admin end def resource_params - params.require(:webhook).permit(:url, :template, events: []) + params + .expect(webhook: [:url, :template, events: []]) end end end diff --git a/spec/controllers/admin/settings/branding_controller_spec.rb b/spec/controllers/admin/settings/branding_controller_spec.rb index 843021469e5..6b3621bb8a3 100644 --- a/spec/controllers/admin/settings/branding_controller_spec.rb +++ b/spec/controllers/admin/settings/branding_controller_spec.rb @@ -16,7 +16,8 @@ RSpec.describe Admin::Settings::BrandingController do patch :update, params: { form_admin_settings: { new_setting_key: 'New key value' } } - expect(response).to redirect_to(admin_settings_branding_path) + expect(response) + .to have_http_status(400) expect(Setting.new_setting_key).to be_nil end end diff --git a/spec/requests/admin/account_actions_spec.rb b/spec/requests/admin/account_actions_spec.rb new file mode 100644 index 00000000000..5bf8f3e9b2a --- /dev/null +++ b/spec/requests/admin/account_actions_spec.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Account Actions' do + describe 'POST /admin/accounts/:account_id/action' do + before { sign_in Fabricate(:admin_user) } + + let(:account) { Fabricate :account } + + it 'gracefully handles invalid nested params' do + post admin_account_action_path(account.id, admin_account_action: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/account_moderation_notes_spec.rb b/spec/requests/admin/account_moderation_notes_spec.rb new file mode 100644 index 00000000000..857bec1e098 --- /dev/null +++ b/spec/requests/admin/account_moderation_notes_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Account Moderation Notes' do + describe 'POST /admin/account_moderation_notes' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_account_moderation_notes_path(account_moderation_note: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/accounts_spec.rb b/spec/requests/admin/accounts_spec.rb new file mode 100644 index 00000000000..de655f0d36a --- /dev/null +++ b/spec/requests/admin/accounts_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Accounts' do + describe 'POST /admin/accounts/batch' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post batch_admin_accounts_path(form_account_batch: 'invalid') + + expect(response) + .to redirect_to(admin_accounts_path) + end + end +end diff --git a/spec/requests/admin/announcements_spec.rb b/spec/requests/admin/announcements_spec.rb new file mode 100644 index 00000000000..46d1b6a0965 --- /dev/null +++ b/spec/requests/admin/announcements_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Announcements' do + describe 'POST /admin/announcements' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_announcements_path(announcement: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/change_emails_spec.rb b/spec/requests/admin/change_emails_spec.rb new file mode 100644 index 00000000000..3df29eb77b4 --- /dev/null +++ b/spec/requests/admin/change_emails_spec.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Account Change Email' do + describe 'PUT /admin/accounts/:account_id/change_email' do + before { sign_in Fabricate(:admin_user) } + + let(:account) { Fabricate :account } + + it 'gracefully handles invalid nested params' do + put admin_account_change_email_path(account.id, user: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/custom_emojis_spec.rb b/spec/requests/admin/custom_emojis_spec.rb new file mode 100644 index 00000000000..0c142f11f21 --- /dev/null +++ b/spec/requests/admin/custom_emojis_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Custom Emojis' do + describe 'POST /admin/custom_emojis' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_custom_emojis_path(custom_emoji: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/domain_allows_spec.rb b/spec/requests/admin/domain_allows_spec.rb new file mode 100644 index 00000000000..0d1f6d02489 --- /dev/null +++ b/spec/requests/admin/domain_allows_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Domain Allows' do + describe 'POST /admin/domain_allows' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_domain_allows_path(domain_allow: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/domain_blocks_spec.rb b/spec/requests/admin/domain_blocks_spec.rb new file mode 100644 index 00000000000..3b18a8ece12 --- /dev/null +++ b/spec/requests/admin/domain_blocks_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Domain Blocks' do + describe 'POST /admin/domain_blocks/batch' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post batch_admin_domain_blocks_path(form_domain_block_batch: 'invalid') + + expect(response) + .to redirect_to(admin_instances_path(limited: '1')) + end + end +end diff --git a/spec/requests/admin/email_domain_blocks_spec.rb b/spec/requests/admin/email_domain_blocks_spec.rb new file mode 100644 index 00000000000..7bccb3166b4 --- /dev/null +++ b/spec/requests/admin/email_domain_blocks_spec.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Email Domain Blocks' do + describe 'POST /admin/email_domain_blocks' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_email_domain_blocks_path(email_domain_block: 'invalid') + + expect(response) + .to have_http_status(400) + end + end + + describe 'POST /admin/email_domain_blocks/batch' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post batch_admin_email_domain_blocks_path(form_email_domain_block_batch: 'invalid') + + expect(response) + .to redirect_to(admin_email_domain_blocks_path) + end + end +end diff --git a/spec/requests/admin/follow_recommendations_spec.rb b/spec/requests/admin/follow_recommendations_spec.rb new file mode 100644 index 00000000000..146c26448cd --- /dev/null +++ b/spec/requests/admin/follow_recommendations_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Follow Recommendations' do + describe 'PUT /admin/follow_recommendations' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + put admin_follow_recommendations_path(form_account_batch: 'invalid') + + expect(response) + .to redirect_to(admin_follow_recommendations_path) + end + end +end diff --git a/spec/requests/admin/invites_spec.rb b/spec/requests/admin/invites_spec.rb new file mode 100644 index 00000000000..c027fd30cfc --- /dev/null +++ b/spec/requests/admin/invites_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Invites' do + describe 'POST /admin/invites' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_invites_path(invite: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/ip_blocks_spec.rb b/spec/requests/admin/ip_blocks_spec.rb new file mode 100644 index 00000000000..e74961aa3cd --- /dev/null +++ b/spec/requests/admin/ip_blocks_spec.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin IP Blocks' do + describe 'POST /admin/ip_blocks' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_ip_blocks_path(ip_block: 'invalid') + + expect(response) + .to have_http_status(400) + end + end + + describe 'POST /admin/ip_blocks/batch' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post batch_admin_ip_blocks_path(form_ip_block_batch: 'invalid') + + expect(response) + .to redirect_to(admin_ip_blocks_path) + end + end +end diff --git a/spec/requests/admin/relays_spec.rb b/spec/requests/admin/relays_spec.rb new file mode 100644 index 00000000000..5dcdfe98924 --- /dev/null +++ b/spec/requests/admin/relays_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Relays' do + describe 'POST /admin/relays' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_relays_path(relay: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/report_notes_spec.rb b/spec/requests/admin/report_notes_spec.rb new file mode 100644 index 00000000000..170648a714f --- /dev/null +++ b/spec/requests/admin/report_notes_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Report Notes' do + describe 'POST /admin/report_notes' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_report_notes_path(report_note: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/roles_spec.rb b/spec/requests/admin/roles_spec.rb new file mode 100644 index 00000000000..785da5a0ffd --- /dev/null +++ b/spec/requests/admin/roles_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Roles' do + describe 'POST /admin/roles' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_roles_path(user_role: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/rules_spec.rb b/spec/requests/admin/rules_spec.rb new file mode 100644 index 00000000000..9382b38e59d --- /dev/null +++ b/spec/requests/admin/rules_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Rules' do + describe 'POST /admin/rules' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_rules_path(rule: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/settings/about_spec.rb b/spec/requests/admin/settings/about_spec.rb new file mode 100644 index 00000000000..28be2c252d6 --- /dev/null +++ b/spec/requests/admin/settings/about_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Settings About' do + describe 'PUT /admin/settings/about' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + put admin_settings_about_path(form_admin_settings: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/statuses_spec.rb b/spec/requests/admin/statuses_spec.rb new file mode 100644 index 00000000000..9fa732e178f --- /dev/null +++ b/spec/requests/admin/statuses_spec.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Statuses' do + describe 'POST /admin/accounts/:account_id/statuses/batch' do + before { sign_in Fabricate(:admin_user) } + + let(:account) { Fabricate :account } + + it 'gracefully handles invalid nested params' do + post batch_admin_account_statuses_path(account.id, admin_status_batch_action: 'invalid') + + expect(response) + .to redirect_to(admin_account_statuses_path(account.id)) + end + end +end diff --git a/spec/requests/admin/tags_spec.rb b/spec/requests/admin/tags_spec.rb new file mode 100644 index 00000000000..653c5bd9356 --- /dev/null +++ b/spec/requests/admin/tags_spec.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Tags' do + describe 'PUT /admin/tags/:id' do + before { sign_in Fabricate(:admin_user) } + + let(:tag) { Fabricate :tag } + + it 'gracefully handles invalid nested params' do + put admin_tag_path(tag.id, tag: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/terms_of_service/drafts_spec.rb b/spec/requests/admin/terms_of_service/drafts_spec.rb new file mode 100644 index 00000000000..2c3c77193e5 --- /dev/null +++ b/spec/requests/admin/terms_of_service/drafts_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Terms Drafts' do + describe 'PUT /admin/terms_of_service/draft' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + put admin_terms_of_service_draft_path(terms_of_service: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/terms_of_service/generates_spec.rb b/spec/requests/admin/terms_of_service/generates_spec.rb new file mode 100644 index 00000000000..b8c51fdf2c7 --- /dev/null +++ b/spec/requests/admin/terms_of_service/generates_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Terms Generates' do + describe 'POST /admin/terms_of_service/generates' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_terms_of_service_generate_path(terms_of_service_generator: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/trends/links/preview_card_providers_spec.rb b/spec/requests/admin/trends/links/preview_card_providers_spec.rb new file mode 100644 index 00000000000..69bf479c686 --- /dev/null +++ b/spec/requests/admin/trends/links/preview_card_providers_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Trends Links Preview Card Providers' do + describe 'POST /admin/trends/links/publishers/batch' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post batch_admin_trends_links_preview_card_providers_path(trends_preview_card_provider_batch: 'invalid') + + expect(response) + .to redirect_to(admin_trends_links_preview_card_providers_path) + end + end +end diff --git a/spec/requests/admin/trends/links_spec.rb b/spec/requests/admin/trends/links_spec.rb new file mode 100644 index 00000000000..9fbfd567043 --- /dev/null +++ b/spec/requests/admin/trends/links_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Trends Links' do + describe 'POST /admin/trends/links/batch' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post batch_admin_trends_links_path(trends_preview_card_batch: 'invalid') + + expect(response) + .to redirect_to(admin_trends_links_path) + end + end +end diff --git a/spec/requests/admin/trends/statuses_spec.rb b/spec/requests/admin/trends/statuses_spec.rb new file mode 100644 index 00000000000..ceae24ec8f0 --- /dev/null +++ b/spec/requests/admin/trends/statuses_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Trends Statuses' do + describe 'POST /admin/trends/statuses/batch' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post batch_admin_trends_statuses_path(trends_status_batch: 'invalid') + + expect(response) + .to redirect_to(admin_trends_statuses_path) + end + end +end diff --git a/spec/requests/admin/trends/tags_spec.rb b/spec/requests/admin/trends/tags_spec.rb new file mode 100644 index 00000000000..e505be7a193 --- /dev/null +++ b/spec/requests/admin/trends/tags_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Trends Tags' do + describe 'POST /admin/trends/tags/batch' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post batch_admin_trends_tags_path(trends_tag_batch: 'invalid') + + expect(response) + .to redirect_to(admin_trends_tags_path) + end + end +end diff --git a/spec/requests/admin/users/roles_spec.rb b/spec/requests/admin/users/roles_spec.rb new file mode 100644 index 00000000000..b39e3f8bae1 --- /dev/null +++ b/spec/requests/admin/users/roles_spec.rb @@ -0,0 +1,18 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Users Roles' do + describe 'PUT /admin/users/:user_id/role' do + before { sign_in Fabricate(:admin_user) } + + let(:user) { Fabricate :user } + + it 'gracefully handles invalid nested params' do + put admin_user_role_path(user.id, user: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/warning_presets_spec.rb b/spec/requests/admin/warning_presets_spec.rb new file mode 100644 index 00000000000..6527cec30f3 --- /dev/null +++ b/spec/requests/admin/warning_presets_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Warning Presets' do + describe 'POST /admin/warning_presets' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_warning_presets_path(account_warning_preset: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end diff --git a/spec/requests/admin/webhooks_spec.rb b/spec/requests/admin/webhooks_spec.rb new file mode 100644 index 00000000000..fe047abd3c1 --- /dev/null +++ b/spec/requests/admin/webhooks_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +require 'rails_helper' + +RSpec.describe 'Admin Webhooks' do + describe 'POST /admin/webhooks' do + before { sign_in Fabricate(:admin_user) } + + it 'gracefully handles invalid nested params' do + post admin_webhooks_path(webhook: 'invalid') + + expect(response) + .to have_http_status(400) + end + end +end