From 754e816d0e1730d51dada5c6650cdc4db00717f2 Mon Sep 17 00:00:00 2001 From: EchoEkhi Date: Mon, 19 Jun 2023 09:39:47 +0100 Subject: [PATCH] AO3-6503 Allow superadmins to disable guest comments across the site (#4492) * AO3-6503 Add guest comment off option * AO3-6503 Fix tests * AO3-6503 Pleasing the hound * AO3-6503 Fix tests * AO3-6503 Fix tests 2 * AO3-6503 Fix tests 3 * AO3-6503 Fix typo * AO3-6503 Hide reply button * AO3-6503 Pleasing the hound * AO3-6503 Expand tests * AO3-6503 Pleasing the hound * AO3-6503 Change cache key & refactor tests * AO3-6503 Refactor tests * AO3-6503 Expand tests * AO3-6503 Fix test * AO3-6503 Normalise en.yml * AO3-6503 Fix tests --- app/controllers/application_controller.rb | 1 + app/controllers/comments_controller.rb | 10 + app/helpers/comments_helper.rb | 5 +- app/models/admin_setting.rb | 4 +- app/policies/admin_setting_policy.rb | 1 + app/views/admin/settings/index.html.erb | 3 + app/views/comments/_commentable.html.erb | 6 +- config/locales/views/en.yml | 2 + ...add_guest_comment_off_to_admin_settings.rb | 5 + features/admins/admin_settings.feature | 112 +++++++++ features/step_definitions/admin_steps.rb | 22 ++ features/step_definitions/comment_steps.rb | 10 +- .../admin/settings_controller_spec.rb | 7 +- spec/controllers/comments_controller_spec.rb | 223 +++++++++++++++++- test/fixtures/admin_settings.yml | 1 + 15 files changed, 391 insertions(+), 21 deletions(-) create mode 100644 db/migrate/20230408145819_add_guest_comment_off_to_admin_settings.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 06079c806ad..27148b57516 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -74,6 +74,7 @@ def transform_sanitized_hash_to_ac_params(key, value) helper_method :current_admin helper_method :logged_in? helper_method :logged_in_as_admin? + helper_method :guest? # Title helpers helper_method :process_title diff --git a/app/controllers/comments_controller.rb b/app/controllers/comments_controller.rb index c2742b4eb7f..507c99114c4 100644 --- a/app/controllers/comments_controller.rb +++ b/app/controllers/comments_controller.rb @@ -18,6 +18,7 @@ class CommentsController < ApplicationController before_action :check_ownership, only: [:edit, :update, :cancel_comment_edit] before_action :check_permission_to_edit, only: [:edit, :update ] before_action :check_permission_to_delete, only: [:delete_comment, :destroy] + before_action :check_guest_comment_admin_setting, only: [:new, :create, :add_comment_reply] before_action :check_parent_comment_permissions, only: [:new, :create, :add_comment_reply] before_action :check_unreviewed, only: [:add_comment_reply] before_action :check_frozen, only: [:new, :create, :add_comment_reply] @@ -130,6 +131,15 @@ def check_parent_comment_permissions end end + def check_guest_comment_admin_setting + admin_settings = AdminSetting.current + + return unless admin_settings.guest_comments_off? && guest? + + flash[:error] = t("comments.commentable.guest_comments_disabled") + redirect_back(fallback_location: root_path) + end + def check_unreviewed return unless @commentable.respond_to?(:unreviewed?) && @commentable.unreviewed? diff --git a/app/helpers/comments_helper.rb b/app/helpers/comments_helper.rb index e51e7462b52..377e50c6e3d 100644 --- a/app/helpers/comments_helper.rb +++ b/app/helpers/comments_helper.rb @@ -99,13 +99,16 @@ def show_hide_comments_link(commentable, options={}) #### HELPERS FOR CHECKING WHICH BUTTONS/FORMS TO DISPLAY ##### def can_reply_to_comment?(comment) + admin_settings = AdminSetting.current + !(comment.unreviewed? || comment.iced? || comment.hidden_by_admin? || parent_disallows_comments?(comment) || comment_parent_hidden?(comment) || blocked_by_comment?(comment) || - blocked_by?(comment.ultimate_parent)) + blocked_by?(comment.ultimate_parent) || + guest? && admin_settings.guest_comments_off?) end def can_edit_comment?(comment) diff --git a/app/models/admin_setting.rb b/app/models/admin_setting.rb index 9385a8bfedc..54297f04aa6 100644 --- a/app/models/admin_setting.rb +++ b/app/models/admin_setting.rb @@ -45,7 +45,7 @@ def self.default end def self.current - Rails.cache.fetch("admin_settings", race_condition_ttl: 10.seconds) { AdminSetting.first } || OpenStruct.new(DEFAULT_SETTINGS) + Rails.cache.fetch("admin_settings-v1", race_condition_ttl: 10.seconds) { AdminSetting.first } || OpenStruct.new(DEFAULT_SETTINGS) end class << self @@ -79,7 +79,7 @@ def recache_settings self.reload # However, we only cache it if the transaction is successful. - after_commit { Rails.cache.write("admin_settings", self) } + after_commit { Rails.cache.write("admin_settings-v1", self) } end private diff --git a/app/policies/admin_setting_policy.rb b/app/policies/admin_setting_policy.rb index 7be90806217..30c206c2831 100644 --- a/app/policies/admin_setting_policy.rb +++ b/app/policies/admin_setting_policy.rb @@ -19,6 +19,7 @@ class AdminSettingPolicy < ApplicationPolicy downloads_enabled enable_test_caching hide_spam + guest_comments_off invite_from_queue_enabled invite_from_queue_frequency invite_from_queue_number diff --git a/app/views/admin/settings/index.html.erb b/app/views/admin/settings/index.html.erb index 15d6321a062..c4538e5d438 100644 --- a/app/views/admin/settings/index.html.erb +++ b/app/views/admin/settings/index.html.erb @@ -67,6 +67,9 @@
<%= admin_setting_checkbox(f, :hide_spam) %>
<%= f.label :hide_spam, t(".fields.hide_spam") %>
+ +
<%= admin_setting_checkbox(f, :guest_comments_off) %>
+
<%= f.label :guest_comments_off, t(".fields.guest_comments_off") %>
diff --git a/app/views/comments/_commentable.html.erb b/app/views/comments/_commentable.html.erb index 0f4928a0a15..31fddee6d92 100644 --- a/app/views/comments/_commentable.html.erb +++ b/app/views/comments/_commentable.html.erb @@ -75,7 +75,11 @@ <%= flash_div :comment_error, :comment_notice %> <% commentable_parent = find_parent(commentable) %> - <% if commentable_parent.is_a?(AdminPost) && commentable_parent.disable_all_comments? %> + <% if @admin_settings.guest_comments_off? && guest? %> +

+ <%= t(".guest_comments_disabled") %> +

+ <% elsif commentable_parent.is_a?(AdminPost) && commentable_parent.disable_all_comments? %>

<%= t(".permissions.admin_post.disable_all") %>

diff --git a/config/locales/views/en.yml b/config/locales/views/en.yml index 637b6507bc8..579b9cadd82 100644 --- a/config/locales/views/en.yml +++ b/config/locales/views/en.yml @@ -212,6 +212,7 @@ en: disabled_support_form_text: Disabled support form text downloads_enabled: Allow downloads enable_test_caching: Turn on caching (currently experimental) + guest_comments_off: Turn off guest comments across the site hide_spam: Automatically hide spam works invite_from_queue_enabled: Invite from queue enabled (People can add themselves to the queue and invitations are sent out automatically) invite_from_queue_frequency: How often (in days) should we invite people from the queue @@ -341,6 +342,7 @@ en: actions: comment: Comment blocked: Sorry, you have been blocked by one or more of this work's creators. + guest_comments_disabled: Sorry, the Archive doesn't allow guests to comment right now. invite_to_collections_link: Invite To Collections permissions: admin_post: diff --git a/db/migrate/20230408145819_add_guest_comment_off_to_admin_settings.rb b/db/migrate/20230408145819_add_guest_comment_off_to_admin_settings.rb new file mode 100644 index 00000000000..8211b4c5cfe --- /dev/null +++ b/db/migrate/20230408145819_add_guest_comment_off_to_admin_settings.rb @@ -0,0 +1,5 @@ +class AddGuestCommentOffToAdminSettings < ActiveRecord::Migration[6.1] + def change + add_column :admin_settings, :guest_comments_off, :boolean, default: false, null: false + end +end diff --git a/features/admins/admin_settings.feature b/features/admins/admin_settings.feature index 43048267711..320f003be3a 100644 --- a/features/admins/admin_settings.feature +++ b/features/admins/admin_settings.feature @@ -36,3 +36,115 @@ Feature: Admin Settings Page When I am logged in as a random user And I go to the support page Then I should see "We can answer Support inquiries in" + + Scenario Outline: Guests can comment when guest coments are enabled + Given guest comments are on + And I am logged out + And + And I view with comments + When I post a guest comment + Then I should see a link "Reply" + + Examples: + | commentable | + | the work "Generic Work" | + | the admin post "Generic Post" | + + Scenario Outline: Guests cannot comment when guest comments are disabled, even if works or admin posts allow commets + Given guest comments are off + And I am logged out + And + And a guest comment on + When I view with comments + Then I should see "Sorry, the Archive doesn't allow guests to comment right now." + And I should not see a link "Reply" + When I am logged in + And I view with comments + Then I should not see "Sorry, the Archive doesn't allow guests to comment right now." + When I am logged in as a super admin + And I view with comments + Then I should not see "Sorry, the Archive doesn't allow guests to comment right now." + + Examples: + | commentable | + | the work "Generic Work" | + | the admin post "Generic Post" | + + Scenario: Turn off guest comments (when the work itself does not allow guest comments) + Given guest comments are off + And I am logged in as "author" + And I set up the draft "Generic Work" + And I choose "Only registered users can comment" + And I post the work without preview + And a comment "Nice job" by "user" on the work "Generic Work" + When I am logged out + And I view the work "Generic Work" with comments + Then I should see "Sorry, the Archive doesn't allow guests to comment right now." + And I should not see a link "Reply" + When I am logged in + And I view the work "Generic Work" with comments + Then I should not see "Sorry, the Archive doesn't allow guests to comment right now." + When I am logged in as a super admin + And I view the work "Generic Work" with comments + Then I should not see "Sorry, the Archive doesn't allow guests to comment right now." + + Scenario: Turn off guest comments (when the admin post itself does not allow guest comments) + Given guest comments are off + And I have posted an admin post with guest comments disabled + And a comment "Nice job" by "user" on the admin post "Default Admin Post" + When I view the admin post "Default Admin Post" with comments + Then I should see "Sorry, the Archive doesn't allow guests to comment right now." + And I should not see a link "Reply" + When I am logged in + And I view the admin post "Default Admin Post" with comments + Then I should not see "Sorry, the Archive doesn't allow guests to comment right now." + When I am logged in as a super admin + And I view the admin post "Default Admin Post" with comments + Then I should not see "Sorry, the Archive doesn't allow guests to comment right now." + + Scenario: Turn off guest comments (when work itself does not allow any comments) + Given guest comments are off + And I am logged in as "author" + And I post the work "Generic Work" + And a guest comment on the work "Generic Work" + And I edit the work "Generic Work" + And I choose "No one can comment" + And I press "Post" + When I am logged out + And I view the work "Generic Work" with comments + Then I should see "Sorry, the Archive doesn't allow guests to comment right now." + And I should not see a link "Reply" + When I am logged in + And I view the work "Generic Work" with comments + Then I should not see "Sorry, the Archive doesn't allow guests to comment right now." + When I am logged in as a super admin + And I view the work "Generic Work" with comments + Then I should not see "Sorry, the Archive doesn't allow guests to comment right now." + + Scenario: Turn off guest comments (when the admin post itself does not allow any comments) + Given guest comments are off + And I have posted an admin post with comments disabled + And a comment "Nice job" by "user" on the admin post "Default Admin Post" + When I view the admin post "Default Admin Post" with comments + Then I should see "Sorry, the Archive doesn't allow guests to comment right now." + And I should not see a link "Reply" + When I am logged in + And I view the admin post "Default Admin Post" with comments + Then I should not see "Sorry, the Archive doesn't allow guests to comment right now." + When I am logged in as a super admin + And I view the admin post "Default Admin Post" with comments + Then I should not see "Sorry, the Archive doesn't allow guests to comment right now." + + Scenario: Tag comments are not affected when guest comments are turned off + Given guest comments are off + And a fandom exists with name: "Stargate SG-1", canonical: true + When I am logged in as a super admin + And I view the tag "Stargate SG-1" with comments + Then I should not see "Sorry, the Archive doesn't allow guests to comment right now." + When I post the comment "Important policy decision" on the tag "Stargate SG-1" + Then I should see "Comment created!" + When I am logged in as a tag wrangler + And I view the tag "Stargate SG-1" with comments + Then I should not see "Sorry, the Archive doesn't allow guests to comment right now." + When I post the comment "Sent you a syn" on the tag "Stargate SG-1" + Then I should see "Comment created!" diff --git a/features/step_definitions/admin_steps.rb b/features/step_definitions/admin_steps.rb index 4a32c949319..398da294f58 100644 --- a/features/step_definitions/admin_steps.rb +++ b/features/step_definitions/admin_steps.rb @@ -88,6 +88,20 @@ click_button("Update") end +Given "guest comments are on" do + step("I am logged in as a super admin") + visit(admin_settings_path) + uncheck("Turn off guest comments across the site") + click_button("Update") +end + +Given "guest comments are off" do + step("I am logged in as a super admin") + visit(admin_settings_path) + check("Turn off guest comments across the site") + click_button("Update") +end + Given /^I have posted known issues$/ do step %{I am logged in as an admin} step %{I follow "Admin Posts"} @@ -159,6 +173,14 @@ end end +Given /^I have posted an admin post with guest comments disabled$/ do + step %{I am logged in as a "communications" admin} + step %{I start to make an admin post} + choose("Only registered users can comment") + click_button("Post") + step %{I log out} +end + Given /^I have posted an admin post with comments disabled$/ do step %{I am logged in as a "communications" admin} step %{I start to make an admin post} diff --git a/features/step_definitions/comment_steps.rb b/features/step_definitions/comment_steps.rb index ff9cc6558fb..c434b7ea7c3 100644 --- a/features/step_definitions/comment_steps.rb +++ b/features/step_definitions/comment_steps.rb @@ -14,11 +14,6 @@ user.preference.save end -Given "a guest comment on the work {string}" do |title| - work = Work.find_by(title: title) - FactoryBot.create(:comment, :by_guest, commentable: work.first_chapter) -end - ParameterType( name: "commentable", regexp: /the (work|admin post|tag) "([^"]*)"/, @@ -35,6 +30,11 @@ } ) +Given "a guest comment on {commentable}" do |commentable| + commentable = Comment.commentable_object(commentable) + FactoryBot.create(:comment, :by_guest, commentable: commentable) +end + Given "a comment {string} by {string} on {commentable}" do |text, user, commentable| user = ensure_user(user) commentable = Comment.commentable_object(commentable) diff --git a/spec/controllers/admin/settings_controller_spec.rb b/spec/controllers/admin/settings_controller_spec.rb index af00748b8b7..79e64cbf289 100644 --- a/spec/controllers/admin/settings_controller_spec.rb +++ b/spec/controllers/admin/settings_controller_spec.rb @@ -64,7 +64,8 @@ downloads_enabled: "1", enable_test_caching: "0", cache_expiration: "10", - hide_spam: "1" + hide_spam: "1", + guest_comments_off: "1" } } @@ -107,6 +108,7 @@ { downloads_enabled: false, hide_spam: true, + guest_comments_off: true, tag_wrangling_off: true }.each_pair do |field, value| it "prevents admins with support role from updating #{field}" do @@ -137,7 +139,8 @@ { disable_support_form: true, downloads_enabled: false, - hide_spam: true + hide_spam: true, + guest_comments_off: true }.each_pair do |field, value| it "prevents admins with tag_wrangling role from updating #{field}" do expect do diff --git a/spec/controllers/comments_controller_spec.rb b/spec/controllers/comments_controller_spec.rb index 411c5e730cc..410dab6a512 100644 --- a/spec/controllers/comments_controller_spec.rb +++ b/spec/controllers/comments_controller_spec.rb @@ -104,6 +104,69 @@ it_behaves_like "no one can add comment reply on a hidden comment" end end + + context "guest comments are turned on in admin settings" do + let(:comment) { create(:comment) } + let(:admin_setting) { AdminSetting.first || AdminSetting.create } + + before do + admin_setting.update_attribute(:guest_comments_off, false) + end + + it "redirects logged out user to the comment on the commentable without an error" do + get :add_comment_reply, params: { comment_id: comment.id } + + expect(flash[:error]).to be_nil + it_redirects_to(chapter_path(comment.commentable, show_comments: true, anchor: "comment_#{comment.id}")) + end + end + + context "guest comments are turned off in admin settings" do + let(:comment) { create(:comment) } + let(:admin_setting) { AdminSetting.first || AdminSetting.create } + let(:work) { comment.ultimate_parent } + + before do + admin_setting.update_attribute(:guest_comments_off, true) + end + + [:enable_all, :disable_anon].each do |permissions| + context "when work comment permissions are #{permissions}" do + before do + work.update_attribute(:comment_permissions, permissions) + end + + it "redirects logged out user with an error" do + get :add_comment_reply, params: { comment_id: comment.id } + it_redirects_to_with_error("/where_i_came_from", "Sorry, the Archive doesn't allow guests to comment right now.") + end + + it "redirects logged in user to the comment on the commentable without an error" do + fake_login + get :add_comment_reply, params: { comment_id: comment.id } + expect(flash[:error]).to be_nil + expect(response).to redirect_to(chapter_path(comment.commentable, show_comments: true, anchor: "comment_#{comment.id}")) + end + end + end + + context "when work comment permissions are disable_all" do + before do + work.update_attribute(:comment_permissions, :disable_all) + end + + it "redirects logged out user with an error" do + get :add_comment_reply, params: { comment_id: comment.id } + it_redirects_to_with_error("/where_i_came_from", "Sorry, the Archive doesn't allow guests to comment right now.") + end + + it "redirects logged in user with an error" do + fake_login + get :add_comment_reply, params: { comment_id: comment.id } + it_redirects_to_with_error(work_path(work), "Sorry, this work doesn't allow comments.") + end + end + end end describe "GET #unreviewed" do @@ -135,15 +198,15 @@ end end - describe "POST #new" do + describe "GET #new" do it "errors if the commentable is not a valid tag" do - post :new, params: { tag_id: "Non existent tag" } + get :new, params: { tag_id: "Non existent tag" } expect(flash[:error]).to eq "What did you want to comment on?" end it "renders the :new template if commentable is a valid admin post" do admin_post = create(:admin_post) - post :new, params: { admin_post_id: admin_post.id } + get :new, params: { admin_post_id: admin_post.id } expect(response).to render_template("new") expect(assigns(:name)).to eq(admin_post.title) end @@ -155,7 +218,7 @@ before { fake_login_admin(create(:admin)) } it "renders the :new template" do - post :new, params: { tag_id: fandom.name } + get :new, params: { tag_id: fandom.name } expect(response).to render_template("new") expect(assigns(:name)).to eq("Fandom") end @@ -165,7 +228,7 @@ before { fake_login_known_user(create(:tag_wrangler)) } it "renders the :new template" do - post :new, params: { tag_id: fandom.name } + get :new, params: { tag_id: fandom.name } expect(response).to render_template("new") expect(assigns(:name)).to eq("Fandom") end @@ -175,7 +238,7 @@ before { fake_login } it "shows an error and redirects" do - post :new, params: { tag_id: fandom.name } + get :new, params: { tag_id: fandom.name } it_redirects_to_with_error(user_path(controller.current_user), "Sorry, you don't have permission to " \ "access the page you were trying to " \ @@ -187,7 +250,7 @@ before { fake_logout } it "shows an error and redirects" do - post :new, params: { tag_id: fandom.name } + get :new, params: { tag_id: fandom.name } it_redirects_to_with_error(new_user_session_path, "Sorry, you don't have permission to " \ "access the page you were trying to " \ @@ -196,22 +259,91 @@ end end + context "guest comments are turned on in admin settings" do + let(:work) { create(:work) } + let(:work_with_guest_comment_off) { create(:work, comment_permissions: :disable_anon) } + let(:admin_setting) { AdminSetting.first || AdminSetting.create } + + before do + admin_setting.update_attribute(:guest_comments_off, false) + end + + it "allows guest comments" do + get :new, params: { work_id: work.id } + + expect(response).to render_template(:new) + end + + it "does not allow guest comments when work has guest comments disabled" do + get :new, params: { work_id: work_with_guest_comment_off.id } + + it_redirects_to_with_error(work_path(work_with_guest_comment_off), + "Sorry, this work doesn't allow non-Archive users to comment.") + end + end + + context "guest comments are turned off in admin settings" do + let(:work) { create(:work) } + let(:admin_setting) { AdminSetting.first || AdminSetting.create } + + before do + admin_setting.update_attribute(:guest_comments_off, true) + end + + [:enable_all, :disable_anon].each do |permissions| + context "when work comment permissions are #{permissions}" do + before do + work.update_attribute(:comment_permissions, permissions) + end + + it "redirects logged out user with an error" do + get :new, params: { work_id: work.id } + it_redirects_to_with_error("/where_i_came_from", "Sorry, the Archive doesn't allow guests to comment right now.") + end + + it "renders the :new template for logged in user" do + fake_login + get :new, params: { work_id: work.id } + expect(flash[:error]).to be_nil + expect(response).to render_template("new") + end + end + end + + context "when work comment permissions are disable_all" do + before do + work.update_attribute(:comment_permissions, :disable_all) + end + + it "redirects logged out user with an error" do + get :new, params: { work_id: work.id } + it_redirects_to_with_error("/where_i_came_from", "Sorry, the Archive doesn't allow guests to comment right now.") + end + + it "redirects logged in user with an error" do + fake_login + get :new, params: { work_id: work.id } + it_redirects_to_with_error(work_path(work), "Sorry, this work doesn't allow comments.") + end + end + end + it "renders the :new template if commentable is a valid comment" do comment = create(:comment) - post :new, params: { comment_id: comment.id } + get :new, params: { comment_id: comment.id } expect(response).to render_template("new") expect(assigns(:name)).to eq("Previous Comment") end it "shows an error and redirects if commentable is a frozen comment" do comment = create(:comment, iced: true) - post :new, params: { comment_id: comment.id } + get :new, params: { comment_id: comment.id } it_redirects_to_with_error("/where_i_came_from", "Sorry, you cannot reply to a frozen comment.") end it "shows an error and redirects if commentable is a hidden comment" do comment = create(:comment, hidden_by_admin: true) - post :new, params: { comment_id: comment.id } + get :new, params: { comment_id: comment.id } it_redirects_to_with_error("/where_i_came_from", "Sorry, you cannot reply to a hidden comment.") end end @@ -446,6 +578,77 @@ end end end + + context "guest comments are turned on in admin settings" do + let(:work) { create(:work) } + let(:admin_setting) { AdminSetting.first || AdminSetting.create } + + before do + admin_setting.update_attribute(:guest_comments_off, false) + end + + it "allows guest comments" do + post :create, params: { work_id: work.id, comment: anon_comment_attributes } + + expect(flash[:error]).to be_nil + end + end + + context "guest comments are turned off in admin settings" do + let(:work) { create(:work) } + let(:user) { create(:user) } + let(:admin_setting) { AdminSetting.first || AdminSetting.create } + + before do + admin_setting.update_attribute(:guest_comments_off, true) + end + + [:enable_all, :disable_anon].each do |permissions| + context "when work comment permissions are #{permissions}" do + before do + work.update_attribute(:comment_permissions, permissions) + end + + it "redirects logged out user with an error" do + post :create, params: { work_id: work.id, comment: anon_comment_attributes } + it_redirects_to_with_error("/where_i_came_from", "Sorry, the Archive doesn't allow guests to comment right now.") + end + + it "redirects logged in user to the comment on the commentable without an error" do + comment_attributes = { + pseud_id: user.default_pseud_id, + comment_content: "Hello fellow human!" + } + fake_login_known_user(user) + post :create, params: { work_id: work.id, comment: comment_attributes } + comment = Comment.last + expect(flash[:error]).to be_nil + expect(response).to redirect_to(work_chapter_path(work, comment.commentable, show_comments: true, view_full_work: false, anchor: "comment_#{comment.id}")) + end + end + end + + context "when work comment permissions are disable_all" do + before do + work.update_attribute(:comment_permissions, :disable_all) + end + + it "redirects logged out user with an error" do + post :create, params: { work_id: work.id, comment: anon_comment_attributes } + it_redirects_to_with_error("/where_i_came_from", "Sorry, the Archive doesn't allow guests to comment right now.") + end + + it "redirects logged in user with an error" do + comment_attributes = { + pseud_id: user.default_pseud_id, + comment_content: "Hello fellow human!" + } + fake_login_known_user(user) + post :create, params: { work_id: work.id, comment: comment_attributes } + it_redirects_to_with_error(work_path(work), "Sorry, this work doesn't allow comments.") + end + end + end end describe "PUT #review_all" do diff --git a/test/fixtures/admin_settings.yml b/test/fixtures/admin_settings.yml index 1da015a83c6..5379d6346d2 100644 --- a/test/fixtures/admin_settings.yml +++ b/test/fixtures/admin_settings.yml @@ -19,3 +19,4 @@ admin_setting_3: creation_requires_invite: false downloads_enabled: true hide_spam: false + guest_comments_off: false