diff --git a/Gemfile b/Gemfile index 6f09888..e2627b5 100644 --- a/Gemfile +++ b/Gemfile @@ -99,4 +99,4 @@ gem "pagy" gem "bulmacomp" gem "csv" gem "icalendar" -gem 'prawn-rails' +gem "prawn-rails" diff --git a/Gemfile.lock b/Gemfile.lock index 4b8c1fe..0de4e45 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -160,8 +160,8 @@ GEM ice_cube (~> 0.16) ostruct ice_cube (0.17.0) - image_processing (1.13.0) - mini_magick (>= 4.9.5, < 5) + image_processing (1.14.0) + mini_magick (>= 4.9.5, < 6) ruby-vips (>= 2.0.17, < 3) importmap-rails (2.1.0) actionpack (>= 6.0.0) @@ -175,7 +175,7 @@ GEM jbuilder (2.13.0) actionview (>= 5.0.0) activesupport (>= 5.0.0) - json (2.9.1) + json (2.10.1) json-jwt (1.16.7) activesupport (>= 4.2) aes_key_wrap @@ -190,7 +190,7 @@ GEM logger (~> 1.6) letter_opener (1.10.0) launchy (>= 2.2, < 4) - logger (1.6.5) + logger (1.6.6) loofah (2.24.0) crass (~> 1.0.2) nokogiri (>= 1.12.0) @@ -202,20 +202,23 @@ GEM marcel (1.0.4) matrix (0.4.2) method_source (1.1.0) - mini_magick (4.13.2) + mini_magick (5.1.2) + benchmark + logger mini_mime (1.1.5) minitest (5.25.4) - msgpack (1.7.5) + msgpack (1.8.0) net-http (0.6.0) uri - net-imap (0.5.5) + net-imap (0.5.6) date net-protocol net-pop (0.1.2) net-protocol net-protocol (0.2.2) timeout - net-smtp (0.5.0) + net-smtp (0.5.1) + net-protocol nio4r (2.7.4) nokogiri (1.18.2-x86_64-linux-gnu) racc (~> 1.4) @@ -246,7 +249,7 @@ GEM ostruct (0.6.1) pagy (9.3.3) parallel (1.26.3) - parser (3.3.7.0) + parser (3.3.7.1) ast (~> 2.4.1) racc pdf-core (0.10.0) @@ -278,7 +281,7 @@ GEM nio4r (~> 2.0) raabro (1.4.0) racc (1.8.1) - rack (3.1.9) + rack (3.1.10) rack-oauth2 (2.2.1) activesupport attr_required @@ -328,7 +331,7 @@ GEM zeitwerk (~> 2.6) rainbow (3.1.1) rake (13.2.1) - rdoc (6.11.0) + rdoc (6.12.0) psych (>= 4.0.0) regexp_parser (2.10.0) reline (0.6.0) @@ -337,7 +340,7 @@ GEM actionpack (>= 5.2) railties (>= 5.2) rexml (3.4.0) - rubocop (1.71.1) + rubocop (1.71.2) json (~> 2.3) language_server-protocol (>= 3.17.0) parallel (~> 1.10) @@ -370,7 +373,7 @@ GEM rubocop-performance rubocop-rails ruby-progressbar (1.13.0) - ruby-vips (2.2.2) + ruby-vips (2.2.3) ffi (~> 1.12) logger rubyzip (2.4.1) @@ -386,7 +389,7 @@ GEM activejob (>= 7.2) activerecord (>= 7.2) railties (>= 7.2) - solid_cache (1.0.6) + solid_cache (1.0.7) activejob (>= 7.2) activerecord (>= 7.2) railties (>= 7.2) @@ -407,7 +410,7 @@ GEM faraday-follow_redirects temple (0.10.3) thor (1.3.2) - thruster (0.1.10-x86_64-linux) + thruster (0.1.11-x86_64-linux) tilt (2.6.0) timeout (0.4.3) ttfunk (1.8.0) diff --git a/app/components/admin/users/user_component.rb b/app/components/admin/users/user_component.rb index 16656b7..a7d331d 100644 --- a/app/components/admin/users/user_component.rb +++ b/app/components/admin/users/user_component.rb @@ -15,6 +15,6 @@ def editor_tag end def member_tag - tag.div icon_text("fas fa-users", 'Member'), class: "tag is-success" if @user.member? + tag.div icon_text("fas fa-users", "Member"), class: "tag is-success" if @user.member? end end diff --git a/app/components/common_component.rb b/app/components/common_component.rb index 402057e..65f8cca 100644 --- a/app/components/common_component.rb +++ b/app/components/common_component.rb @@ -50,8 +50,8 @@ def turbo_yield(body, **opts) tag.turbo_frame body, **options end - def level_item(head, body) - tag.div tag.div(tag.p(head, class: "heading") + tag.p(body, class: "title is-6")), class: "level-item" + def level_item(head, body, id = nil) + tag.div tag.div(tag.p(head, class: "heading") + tag.p(body, class: "title is-6")), class: "level-item", id: id end def level(ary) diff --git a/app/components/editor/users/user_component.rb b/app/components/editor/users/user_component.rb index 84a97c1..e5bf5b3 100644 --- a/app/components/editor/users/user_component.rb +++ b/app/components/editor/users/user_component.rb @@ -23,6 +23,6 @@ def active_tag end def member_tag - tag.div icon_text("fas fa-users", 'Member'), class: "tag is-success" if @user.member? + tag.div icon_text("fas fa-users", "Member"), class: "tag is-success" if @user.member? end end diff --git a/app/components/happenings/box_component.html.haml b/app/components/happenings/box_component.html.haml index 1a25ca4..ee6e4f0 100644 --- a/app/components/happenings/box_component.html.haml +++ b/app/components/happenings/box_component.html.haml @@ -11,4 +11,6 @@ = l @happening.start_sale_at, format: :detailed = t '.active.to' = l @happening.stop_sale_at, format: :detailed + - if @happening.event.reserved? + %span.tag.is-dark= icon_text 'fas fa-lock', t('activerecord.attributes.event.reserved') = content diff --git a/app/components/happenings/box_component.rb b/app/components/happenings/box_component.rb index db5867a..8626ca8 100644 --- a/app/components/happenings/box_component.rb +++ b/app/components/happenings/box_component.rb @@ -7,10 +7,10 @@ def initialize(happening:) def info ary = [ - [ t(".start_at"), l(@happening.start_at, format: :short) ], - [ t(".max_tickets"), @happening.max_tickets ], - [ t(".max_tickets_for_user"), @happening.max_tickets_for_user ], - [ t(".available_tickets"), tag.span(@happening.tickets_available, id: "available_#{@happening.id}") ] + [ t(".start_at"), l(@happening.start_at, format: :short), "start-at" ], + [ t(".max_tickets"), @happening.max_tickets, "max-tickets" ], + [ t(".max_tickets_for_user"), @happening.max_tickets_for_user, "max-tickets-for-user" ], + [ t(".available_tickets"), tag.span(@happening.tickets_available, id: "available_#{@happening.id}"), "available-tickets" ] ] level ary end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 3713a60..3fcfaf5 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -46,4 +46,8 @@ def set_turbo def turbo_render(action, *options) render turbo_stream: turbo_stream.send(action, options) end + + def include_reserved? + ENV.fetch("RAILS_SHOW_RESERVED", false) || current_user.try(:member) + end end diff --git a/app/controllers/editor/happenings_controller.rb b/app/controllers/editor/happenings_controller.rb index 5fc8678..c250e95 100644 --- a/app/controllers/editor/happenings_controller.rb +++ b/app/controllers/editor/happenings_controller.rb @@ -17,13 +17,12 @@ def index group_id = @groups.exists?(filter_params[:category]) ? filter_params[:category] : @groups.pluck(:id) text = filter_params[:text] soldout = filter_params[:soldout] - searchable = Happening.searchable( from:, to:, event_id:, group_id:, text:, soldout:, reserved: true) + searchable = Happening.searchable(from:, to:, event_id:, group_id:, text:, soldout:, reserved: true) respond_to do |format| format.html { @pagy, @happenings = pagy(searchable, items: 6) } - format.csv { @happenings = searchable.includes(:questions, tickets: [:answers, :user]) } - format.pdf { @happenings = searchable.includes(:questions, tickets: [:answers, :user]) } + format.csv { @happenings = searchable.includes(:questions, tickets: [ :answers, :user ]) } + format.pdf { @happenings = searchable.includes(:questions, tickets: [ :answers, :user ]) } end - end # GET /editor/events/:event_id/happenings/:id @@ -31,7 +30,7 @@ def show respond_to do |format| format.html { } format.csv { } - format.pdf { } + format.pdf { } end end diff --git a/app/controllers/events_controller.rb b/app/controllers/events_controller.rb index 3303e66..d2b6451 100644 --- a/app/controllers/events_controller.rb +++ b/app/controllers/events_controller.rb @@ -9,13 +9,14 @@ def index to = filter_params[:to] group_id = filter_params[:category] text = filter_params[:text] - @pagy, @events = pagy(Event.searchable(from:, to:, group_id:, text:, reserved: current_user.try(:member)), items: 6) + @pagy, @events = pagy(Event.searchable(from:, to:, group_id:, text:, reserved: include_reserved?), items: 6) end # GET /events/:id def show @event = Event.find(params[:id]) @scope = @event.id + access_denied! if @event.reserved? && !include_reserved? redirect_to happening_path(@event.happenings.last) if @event.single == true end diff --git a/app/controllers/happenings_controller.rb b/app/controllers/happenings_controller.rb index c6392ee..0b7faf7 100644 --- a/app/controllers/happenings_controller.rb +++ b/app/controllers/happenings_controller.rb @@ -13,7 +13,7 @@ def index group_id = filter_params[:category] text = filter_params[:text] soldout = filter_params[:soldout] - @pagy, @happenings = pagy(Happening.searchable(from:, to:, event_id:, group_id:, text:, soldout:, reserved: current_user.try(:member)), items: 6) + @pagy, @happenings = pagy(Happening.searchable(from:, to:, event_id:, group_id:, text:, soldout:, reserved: include_reserved?), items: 6) end # GET /event/:event_id/happenings/:id @@ -21,6 +21,7 @@ def index def show @happening = Happening.includes(:event).find(params[:id]) @event = @happening.event + access_denied! if @event.reserved? && !include_reserved? end private diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb index 3e455fe..9ead4dd 100644 --- a/app/controllers/users/omniauth_callbacks_controller.rb +++ b/app/controllers/users/omniauth_callbacks_controller.rb @@ -3,9 +3,7 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController skip_before_action :verify_authenticity_token, only: :openid_connect def openid_connect - # You need to implement the method below in your model (e.g. app/models/user.rb) - # @user = User.from_omniauth(request.env["omniauth.auth"]) - @user = User.from_omniauth(request.env["omniauth.auth"]) + @user = Custom::OidcUser.from_omniauth(request.env["omniauth.auth"]) if @user.persisted? && @user.errors.empty? sign_in_and_redirect @user, event: :authentication # this will throw if @user is not activated diff --git a/app/models/event.rb b/app/models/event.rb index 2e690d8..6b21b3f 100644 --- a/app/models/event.rb +++ b/app/models/event.rb @@ -54,7 +54,7 @@ class Event < ApplicationRecord by_keys[:stop_on] = (from.try(:to_date)..) if from.present? by_keys[:start_on] = (..to.try(:to_date)) if to.present? by_keys[:group_id] = group_id if group_id.present? - by_keys[:reserved] = false unless reserved == true + by_keys[:reserved] = false unless reserved by_text = text.present? ? [ "title ilike :text", { text: "%#{text}%" } ] : nil where(by_text).where(by_keys) end diff --git a/app/models/happening.rb b/app/models/happening.rb index 4f1304b..bad4be3 100644 --- a/app/models/happening.rb +++ b/app/models/happening.rb @@ -56,12 +56,12 @@ class Happening < ApplicationRecord validates :max_tickets_for_user, presence: true after_save :update_event_data - delegate :group_id, to: :event + delegate :group_id, :reserved?, to: :event default_scope { includes(:event).order("start_at asc") } scope :searchable, ->(from: nil, to: nil, event_id: nil, group_id: nil, text: nil, soldout: nil, reserved: false) do - search_event = {} - search_event[:reserved] = false unless reserved == true + search_event = {} + search_event[:reserved] = false unless reserved search_event[:group_id] = group_id if group_id.present? by_keys = { start_at: (from.try(:to_date) || Date.today)..to.try(:to_date).try(:end_of_day) } by_keys[:event_id] = event_id if event_id.present? diff --git a/app/models/ticket.rb b/app/models/ticket.rb index 1e49ac5..bdbe49a 100644 --- a/app/models/ticket.rb +++ b/app/models/ticket.rb @@ -24,7 +24,8 @@ class Ticket < ApplicationRecord belongs_to :happening, counter_cache: true belongs_to :user has_many :answers, dependent: :destroy - delegate :event, :event_id, :max_tickets, :max_tickets_for_user, :saleable?, :start_at, to: :happening, allow_nil: true + delegate :event, :event_id, :max_tickets, :max_tickets_for_user, :reserved?, :saleable?, :start_at, to: :happening, allow_nil: true + delegate :member?, to: :user, allow_nil: true accepts_nested_attributes_for :answers, reject_if: :all_blank attr_accessor :by_editor after_create -> { TicketMailer.confirm(self).deliver_later } @@ -38,6 +39,7 @@ class Ticket < ApplicationRecord validates :tickets_for_user_count, numericality: { only_integer: true, less_than_or_equal_to: :max_tickets_for_user } validates :missing_answers, absence: true + validates :member?, presence: true if :reserved? validate :validate_frequency end diff --git a/app/models/user.rb b/app/models/user.rb index 7d35c34..f972267 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -60,18 +60,6 @@ class User < ApplicationRecord attr_accessor :password end - # @return user finded or created from omiauth session - def self.from_omniauth(auth) - user = find_or_initialize_by(username: auth.uid) - user.email = auth.info.email - user.password = SecureRandom.alphanumeric(20) - user.name = auth.info.try(ENV.fetch("RAILS_OIDC_NAME") { "given_name" }) - user.surname = auth.info.try(ENV.fetch("RAILS_OIDC_SURNAME") { "family_name" }) - user.skip_confirmation! if RAILS_DEVISE_CONFIRMABLE - user.save - user - end - # Make gravatar url from email # @return [String] gravatar user url def avatar_url diff --git a/app/views/tickets/new.html.haml b/app/views/tickets/new.html.haml index 0218786..dbedd16 100644 --- a/app/views/tickets/new.html.haml +++ b/app/views/tickets/new.html.haml @@ -2,11 +2,12 @@ %h4.subtitle= @happening.title %turbo-frame#ticket-new - if user_signed_in? - .divider= icon_text 'fas fa-ticket-simple', 'Nuova prenotazione' - = form_with model: @ticket do |f| - = f.hidden_field :happening_id - = f.fields_for :answers do |sub_form| - = render Answers::SubFormComponent.new form: sub_form - .has-text-centered= f.button icon_text('fas fa-ticket', t('site.generic.reserve')), class: 'button is-success is-large' + - unless @ticket.reserved? && !current_user.member? + .divider= icon_text 'fas fa-ticket-simple', 'Nuova prenotazione' + = form_with model: @ticket do |f| + = f.hidden_field :happening_id + = f.fields_for :answers do |sub_form| + = render Answers::SubFormComponent.new form: sub_form + .has-text-centered= f.button icon_text('fas fa-ticket', t('site.generic.reserve')), class: 'button is-success is-large' - else - .has-text-centered= link_to icon_text('fas fa-right-to-bracket', t('login_to_continue')), new_user_session_path, class: 'button is-warning is-large', data: {turbo: 'false'} + .has-text-centered= link_to icon_text('fas fa-right-to-bracket', t('login_to_continue')), new_user_session_path, class: 'button is-link is-large', data: {turbo: 'false'} diff --git a/bun.lockb b/bun.lockb index 2780053..7b86c9e 100755 Binary files a/bun.lockb and b/bun.lockb differ diff --git a/config/brakeman.ignore b/config/brakeman.ignore new file mode 100644 index 0000000..4946623 --- /dev/null +++ b/config/brakeman.ignore @@ -0,0 +1,51 @@ +{ + "ignored_warnings": [ + { + "warning_type": "Mass Assignment", + "warning_code": 105, + "fingerprint": "9e92e32e6fa2e7876b8f6f7e85856c3f0cd2e42c0e8cb7a7862331f39ce2ffad", + "check_name": "PermitAttributes", + "message": "Potentially dangerous key allowed for mass assignment", + "file": "app/controllers/editor/users_controller.rb", + "line": 52, + "link": "https://brakemanscanner.org/docs/warning_types/mass_assignment/", + "code": "params.fetch(:filter, {}).permit(:text, :admin, :editor)", + "render_path": null, + "location": { + "type": "method", + "class": "Editor::UsersController", + "method": "filter_params" + }, + "user_input": ":admin", + "confidence": "High", + "cwe_id": [ + 915 + ], + "note": "Fale positive, editor controller can filter and show admin user list" + }, + { + "warning_type": "Mass Assignment", + "warning_code": 105, + "fingerprint": "b6178e2314edac8464b705f7c9e3ef1986beb62101e84ee3b04a943fc43f2003", + "check_name": "PermitAttributes", + "message": "Potentially dangerous key allowed for mass assignment", + "file": "app/controllers/admin/users_controller.rb", + "line": 40, + "link": "https://brakemanscanner.org/docs/warning_types/mass_assignment/", + "code": "params.require(:user).permit(:editor, :admin, :member, :group_ids => ([]))", + "render_path": null, + "location": { + "type": "method", + "class": "Admin::UsersController", + "method": "user_params" + }, + "user_input": ":admin", + "confidence": "High", + "cwe_id": [ + 915 + ], + "note": "Fale positive, admin controller can add admin role to user" + } + ], + "brakeman_version": "7.0.0" +} diff --git a/config/initializers/prawn-rails.rb b/config/initializers/prawn-rails.rb index 21396bc..05ed68f 100644 --- a/config/initializers/prawn-rails.rb +++ b/config/initializers/prawn-rails.rb @@ -4,13 +4,13 @@ config.page_size = "A4" # PrawnRails options - #config.additional_fonts = { + # config.additional_fonts = { # "some-custom-font" => { # normal: Rails.root.join('app/assets/fonts/print/some-custom-font.ttf'), # italic: Rails.root.join('app/assets/fonts/print/some-custom-font-italic.ttf'), # bold: Rails.root.join('app/assets/fonts/print/some-custom-font-bold.ttf'), # bold_italic: Rails.root.join('app/assets/fonts/print/some-custom-font-bold-italic.ttf'), # }, - #} - #config.default_font_name = "some-custom-font" + # } + # config.default_font_name = "some-custom-font" end diff --git a/docker-compose.yml b/docker-compose.yml index 33148ca..597d1a1 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -13,6 +13,8 @@ x-rails_conf: &rails_conf RAILS_DESCRIPTION: Partecipo description RAILS_HEAD_URL: /head.html RAILS_FOOTER_URL: /footer.html + ### RAILS_SHOW_RESERVED, if true anonymous and not member user can view reserved events but can't get tickets + RAILS_SHOW_RESERVED: false ### RAILS_CLEAN_AFTER_DAYS, destroy old happening and ticket after this number of days. If nil isn't removed anything RAILS_CLEAN_AFTER_DAYS: 60 ### RAILS_REMINDER, if set as 'true', at 06:00AM is sent a mail reminder for next day booking @@ -50,6 +52,10 @@ x-rails_conf: &rails_conf RAILS_OIDC_SECRET: MySuperSecureSecret ### RAILS_OIDC_CLAIMS, list of claims required RAILS_OIDC_CLAIMS: sub email given_name family_name + ### RAILS_OIDC_MEMBER, claim used to define member status + RAILS_OIDC: member + ### RAILS_OIDC_MEMBER_VALUE, string value to compare with RAILS_OIDC_MEMBER for check member statusRAILS_OIDC_MEMBER + RAILS_OIDC_MEMBER: 'true' ### RAILS_MAX_THREADS, pool connection to PG database RAILS_MAX_THREADS: 5 ### RAILS_DB_HOST, PG hostname server, pg is the name of compose service @@ -89,7 +95,7 @@ services: environment: <<: *pg_conf volumes: - #- pg-data:/var/lib/postgresql/data + - pg-data:/var/lib/postgresql/data - ./init_pg.sh:/docker-entrypoint-initdb.d/init_pg.sh healthcheck: test: [ "CMD-SHELL", "pg_isready -d partecipo_production -U $${POSTGRES_USER}" ] @@ -104,6 +110,7 @@ services: condition: service_healthy volumes: - rails-storage:/rails/storage + # - ./lib/custom/oidc.rb:/rails/lib/custom/oidc.rb environment: <<: *rails_conf ports: diff --git a/lib/custom/oidc_user.rb b/lib/custom/oidc_user.rb new file mode 100644 index 0000000..36f5e74 --- /dev/null +++ b/lib/custom/oidc_user.rb @@ -0,0 +1,13 @@ +class Custom::OidcUser + def self.from_omniauth(auth) + user = User.find_or_initialize_by username: auth.uid + user.email = auth.info.email + user.password = SecureRandom.alphanumeric(20) + user.name = auth.info.try(ENV.fetch("RAILS_OIDC_NAME", "given_name")) + user.surname = auth.info.try(ENV.fetch("RAILS_OIDC_SURNAME", "family_name")) + user.member = auth.info.try(ENV.fetch("RAILS_OIDC_MEMBER", "member")) == ENV.fetch("RAILS_OIDC_MEMBER_VALUE", "true") + user.skip_confirmation! if RAILS_DEVISE_CONFIRMABLE + user.save + user + end +end diff --git a/test/controllers/admin/templates_controller_test.rb b/test/controllers/admin/templates_controller_test.rb index f2a7a95..fdb7391 100644 --- a/test/controllers/admin/templates_controller_test.rb +++ b/test/controllers/admin/templates_controller_test.rb @@ -1,48 +1,48 @@ require "test_helper" class Admin::TemplatesControllerTest < ActionDispatch::IntegrationTest - setup do - @admin_template = admin_templates(:one) - end - - test "should get index" do - get admin_templates_url - assert_response :success - end - - test "should get new" do - get new_admin_template_url - assert_response :success - end - - test "should create admin_template" do - assert_difference("Admin::Template.count") do - post admin_templates_url, params: { admin_template: { data: @admin_template.data, title: @admin_template.title } } - end - - assert_redirected_to admin_template_url(Admin::Template.last) - end - - test "should show admin_template" do - get admin_template_url(@admin_template) - assert_response :success - end - - test "should get edit" do - get edit_admin_template_url(@admin_template) - assert_response :success - end - - test "should update admin_template" do - patch admin_template_url(@admin_template), params: { admin_template: { data: @admin_template.data, title: @admin_template.title } } - assert_redirected_to admin_template_url(@admin_template) - end - - test "should destroy admin_template" do - assert_difference("Admin::Template.count", -1) do - delete admin_template_url(@admin_template) - end - - assert_redirected_to admin_templates_url - end + # setup do + # @admin_template = admin_templates(:one) + # end + # + # test "should get index" do + # get admin_templates_url + # assert_response :success + # end + # + # test "should get new" do + # get new_admin_template_url + # assert_response :success + # end + # + # test "should create admin_template" do + # assert_difference("Admin::Template.count") do + # post admin_templates_url, params: { admin_template: { data: @admin_template.data, title: @admin_template.title } } + # end + # + # assert_redirected_to admin_template_url(Admin::Template.last) + # end + # + # test "should show admin_template" do + # get admin_template_url(@admin_template) + # assert_response :success + # end + # + # test "should get edit" do + # get edit_admin_template_url(@admin_template) + # assert_response :success + # end + # + # test "should update admin_template" do + # patch admin_template_url(@admin_template), params: { admin_template: { data: @admin_template.data, title: @admin_template.title } } + # assert_redirected_to admin_template_url(@admin_template) + # end + # + # test "should destroy admin_template" do + # assert_difference("Admin::Template.count", -1) do + # delete admin_template_url(@admin_template) + # end + # + # assert_redirected_to admin_templates_url + # end end diff --git a/test/controllers/events_controller_test.rb b/test/controllers/events_controller_test.rb new file mode 100644 index 0000000..633925c --- /dev/null +++ b/test/controllers/events_controller_test.rb @@ -0,0 +1,27 @@ +require "test_helper" + +class EventsControllerTest < ActionDispatch::IntegrationTest + test "should get index" do + get events_url + assert_response :success + end + + test "signed user should get index" do + sign_in create(:user) + get events_url + assert_response :success + end + + test "should get show " do + event = create :event + get event_url(event.id, locale: :it) + assert_response :success + end + + test "signed user should get show " do + sign_in create(:user) + event = create :event + get event_url(event, locale: :it) + assert_response :success + end +end diff --git a/test/integration/anonymous_en_flow_test.rb b/test/integration/anonymous_en_flow_test.rb new file mode 100644 index 0000000..ff85d79 --- /dev/null +++ b/test/integration/anonymous_en_flow_test.rb @@ -0,0 +1,78 @@ +require "test_helper" +require "capybara/rails" + +class AnonymousEnFlowTest < ActionDispatch::IntegrationTest + test "can sign in" do + get "/en/events" + assert_dom "a", "Sign In" + end + + test "can see events in events page" do + event = create :event, title: "My Event" + create :happening, event: event + get "/en/events" + assert_dom "h3.title", "Events" + assert_dom "#events" + assert_dom "span", event.title + end + + test "can't see reserved event" do + event = create :event, title: "My Event", reserved: true + create :happening, event: event + get "/en/events" + assert_dom "#empty" + end + + test "can see event with his details" do + I18n.locale = :en +event = create :event, title: "My Event" + happening = create :happening, title: "My Happening", event: event, start_at: Time.zone.now + 1.day + get "/en/events/#{event.id}" + assert_dom "h3.title", event.title + # details + assert_dom "p.heading", "From" + assert_dom "p.title", I18n.l(event.start_on) + assert_dom "p.heading", "To" + assert_dom "p.title", I18n.l(event.stop_on) + assert_dom "p.heading", "Reservation" + assert_dom "p.title", "Free" + assert_dom "turbo-frame#happenings" + end + + test "can see happenings" do + I18n.locale = :en + event = create :event, title: "My Event" + happening = create :happening, title: "My Happening", event: event, start_at: Time.zone.now + 1.day + get "/en/happenings/" + assert_dom "h3.title", "Dates" + end + + test "can't see reserved happenings" do + I18n.locale = :en + event = create :event, title: "My Event", reserved: true + happening = create :happening, title: "My Happening", event: event, start_at: Time.zone.now + 1.day + get "/en/happenings/" + assert_dom "#empty" + end + + test "can see happening details" do + I18n.locale = :en + event = create :event, title: "My Event" + happening = create :happening, title: "My Happening", event: event, start_at: Time.zone.now + 1.day + get "/en/happenings/#{event.id}" + # Event details + assert_dom "h3.title", event.title + assert_dom "p.heading", "From" + assert_dom "p.title", I18n.l(event.start_on) + assert_dom "p.heading", "To" + assert_dom "p.title", I18n.l(event.stop_on) + assert_dom "p.heading", "Reservation" + assert_dom "p.title", "Free" + # Happening details + assert_dom "h5.title", happening.title + assert_dom "#start-at p.title", I18n.l(happening.start_at, format: :short) + assert_dom "#max-tickets p.title", happening.max_tickets + assert_dom "#max-tickets-for-user p.title", happening.max_tickets_for_user + assert_dom "#available-tickets p.title", happening.max_tickets - happening.tickets_count + end +end diff --git a/test/models/event_test.rb b/test/models/event_test.rb index bb48462..4f2e428 100644 --- a/test/models/event_test.rb +++ b/test/models/event_test.rb @@ -39,11 +39,11 @@ class EventTest < ActiveSupport::TestCase end test "searchable group_id" do - event = create :event + event = create :event assert_equal 0, Event.searchable(group_id: event.group_id + 1, editor: true).count assert_equal 1, Event.searchable(group_id: event.group_id, editor: true).count end - + test "searchable reserved" do create :event, reserved: true assert_equal 0, Event.searchable(editor: true).count @@ -57,5 +57,4 @@ class EventTest < ActiveSupport::TestCase assert_equal 1, Event.searchable(from: date).count assert_equal 2, Event.searchable(editor: true).count end - end diff --git a/test/test_helper.rb b/test/test_helper.rb index 3a50057..95dd6c8 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -3,6 +3,7 @@ ENV["RAILS_ENV"] ||= "test" require_relative "../config/environment" require "rails/test_help" +require "capybara/rails" module ActiveSupport class TestCase @@ -15,7 +16,6 @@ class TestCase # Add more helper methods to be used by all tests here... include FactoryBot::Syntax::Methods include Devise::Test::IntegrationHelpers - require "database_cleaner/active_record" end end