diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 06079c806ad..27148b57516 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -74,6 +74,7 @@ def transform_sanitized_hash_to_ac_params(key, value)
helper_method :current_admin
helper_method :logged_in?
helper_method :logged_in_as_admin?
+ helper_method :guest?
# Title helpers
helper_method :process_title
diff --git a/app/controllers/comments_controller.rb b/app/controllers/comments_controller.rb
index c2742b4eb7f..507c99114c4 100644
--- a/app/controllers/comments_controller.rb
+++ b/app/controllers/comments_controller.rb
@@ -18,6 +18,7 @@ class CommentsController < ApplicationController
before_action :check_ownership, only: [:edit, :update, :cancel_comment_edit]
before_action :check_permission_to_edit, only: [:edit, :update ]
before_action :check_permission_to_delete, only: [:delete_comment, :destroy]
+ before_action :check_guest_comment_admin_setting, only: [:new, :create, :add_comment_reply]
before_action :check_parent_comment_permissions, only: [:new, :create, :add_comment_reply]
before_action :check_unreviewed, only: [:add_comment_reply]
before_action :check_frozen, only: [:new, :create, :add_comment_reply]
@@ -130,6 +131,15 @@ def check_parent_comment_permissions
end
end
+ def check_guest_comment_admin_setting
+ admin_settings = AdminSetting.current
+
+ return unless admin_settings.guest_comments_off? && guest?
+
+ flash[:error] = t("comments.commentable.guest_comments_disabled")
+ redirect_back(fallback_location: root_path)
+ end
+
def check_unreviewed
return unless @commentable.respond_to?(:unreviewed?) && @commentable.unreviewed?
diff --git a/app/helpers/comments_helper.rb b/app/helpers/comments_helper.rb
index e51e7462b52..377e50c6e3d 100644
--- a/app/helpers/comments_helper.rb
+++ b/app/helpers/comments_helper.rb
@@ -99,13 +99,16 @@ def show_hide_comments_link(commentable, options={})
#### HELPERS FOR CHECKING WHICH BUTTONS/FORMS TO DISPLAY #####
def can_reply_to_comment?(comment)
+ admin_settings = AdminSetting.current
+
!(comment.unreviewed? ||
comment.iced? ||
comment.hidden_by_admin? ||
parent_disallows_comments?(comment) ||
comment_parent_hidden?(comment) ||
blocked_by_comment?(comment) ||
- blocked_by?(comment.ultimate_parent))
+ blocked_by?(comment.ultimate_parent) ||
+ guest? && admin_settings.guest_comments_off?)
end
def can_edit_comment?(comment)
diff --git a/app/models/admin_setting.rb b/app/models/admin_setting.rb
index 9385a8bfedc..54297f04aa6 100644
--- a/app/models/admin_setting.rb
+++ b/app/models/admin_setting.rb
@@ -45,7 +45,7 @@ def self.default
end
def self.current
- Rails.cache.fetch("admin_settings", race_condition_ttl: 10.seconds) { AdminSetting.first } || OpenStruct.new(DEFAULT_SETTINGS)
+ Rails.cache.fetch("admin_settings-v1", race_condition_ttl: 10.seconds) { AdminSetting.first } || OpenStruct.new(DEFAULT_SETTINGS)
end
class << self
@@ -79,7 +79,7 @@ def recache_settings
self.reload
# However, we only cache it if the transaction is successful.
- after_commit { Rails.cache.write("admin_settings", self) }
+ after_commit { Rails.cache.write("admin_settings-v1", self) }
end
private
diff --git a/app/policies/admin_setting_policy.rb b/app/policies/admin_setting_policy.rb
index 7be90806217..30c206c2831 100644
--- a/app/policies/admin_setting_policy.rb
+++ b/app/policies/admin_setting_policy.rb
@@ -19,6 +19,7 @@ class AdminSettingPolicy < ApplicationPolicy
downloads_enabled
enable_test_caching
hide_spam
+ guest_comments_off
invite_from_queue_enabled
invite_from_queue_frequency
invite_from_queue_number
diff --git a/app/views/admin/settings/index.html.erb b/app/views/admin/settings/index.html.erb
index 15d6321a062..c4538e5d438 100644
--- a/app/views/admin/settings/index.html.erb
+++ b/app/views/admin/settings/index.html.erb
@@ -67,6 +67,9 @@
<%= admin_setting_checkbox(f, :hide_spam) %>
<%= f.label :hide_spam, t(".fields.hide_spam") %>
+
+ <%= admin_setting_checkbox(f, :guest_comments_off) %>
+ <%= f.label :guest_comments_off, t(".fields.guest_comments_off") %>
diff --git a/app/views/comments/_commentable.html.erb b/app/views/comments/_commentable.html.erb
index 0f4928a0a15..31fddee6d92 100644
--- a/app/views/comments/_commentable.html.erb
+++ b/app/views/comments/_commentable.html.erb
@@ -75,7 +75,11 @@
<%= flash_div :comment_error, :comment_notice %>
<% commentable_parent = find_parent(commentable) %>
- <% if commentable_parent.is_a?(AdminPost) && commentable_parent.disable_all_comments? %>
+ <% if @admin_settings.guest_comments_off? && guest? %>
+
+ <%= t(".guest_comments_disabled") %>
+
+ <% elsif commentable_parent.is_a?(AdminPost) && commentable_parent.disable_all_comments? %>
<%= t(".permissions.admin_post.disable_all") %>
diff --git a/config/locales/views/en.yml b/config/locales/views/en.yml
index 637b6507bc8..579b9cadd82 100644
--- a/config/locales/views/en.yml
+++ b/config/locales/views/en.yml
@@ -212,6 +212,7 @@ en:
disabled_support_form_text: Disabled support form text
downloads_enabled: Allow downloads
enable_test_caching: Turn on caching (currently experimental)
+ guest_comments_off: Turn off guest comments across the site
hide_spam: Automatically hide spam works
invite_from_queue_enabled: Invite from queue enabled (People can add themselves to the queue and invitations are sent out automatically)
invite_from_queue_frequency: How often (in days) should we invite people from the queue
@@ -341,6 +342,7 @@ en:
actions:
comment: Comment
blocked: Sorry, you have been blocked by one or more of this work's creators.
+ guest_comments_disabled: Sorry, the Archive doesn't allow guests to comment right now.
invite_to_collections_link: Invite To Collections
permissions:
admin_post:
diff --git a/db/migrate/20230408145819_add_guest_comment_off_to_admin_settings.rb b/db/migrate/20230408145819_add_guest_comment_off_to_admin_settings.rb
new file mode 100644
index 00000000000..8211b4c5cfe
--- /dev/null
+++ b/db/migrate/20230408145819_add_guest_comment_off_to_admin_settings.rb
@@ -0,0 +1,5 @@
+class AddGuestCommentOffToAdminSettings < ActiveRecord::Migration[6.1]
+ def change
+ add_column :admin_settings, :guest_comments_off, :boolean, default: false, null: false
+ end
+end
diff --git a/features/admins/admin_settings.feature b/features/admins/admin_settings.feature
index 43048267711..320f003be3a 100644
--- a/features/admins/admin_settings.feature
+++ b/features/admins/admin_settings.feature
@@ -36,3 +36,115 @@ Feature: Admin Settings Page
When I am logged in as a random user
And I go to the support page
Then I should see "We can answer Support inquiries in"
+
+ Scenario Outline: Guests can comment when guest coments are enabled
+ Given guest comments are on
+ And I am logged out
+ And
+ And I view with comments
+ When I post a guest comment
+ Then I should see a link "Reply"
+
+ Examples:
+ | commentable |
+ | the work "Generic Work" |
+ | the admin post "Generic Post" |
+
+ Scenario Outline: Guests cannot comment when guest comments are disabled, even if works or admin posts allow commets
+ Given guest comments are off
+ And I am logged out
+ And
+ And a guest comment on
+ When I view with comments
+ Then I should see "Sorry, the Archive doesn't allow guests to comment right now."
+ And I should not see a link "Reply"
+ When I am logged in
+ And I view with comments
+ Then I should not see "Sorry, the Archive doesn't allow guests to comment right now."
+ When I am logged in as a super admin
+ And I view with comments
+ Then I should not see "Sorry, the Archive doesn't allow guests to comment right now."
+
+ Examples:
+ | commentable |
+ | the work "Generic Work" |
+ | the admin post "Generic Post" |
+
+ Scenario: Turn off guest comments (when the work itself does not allow guest comments)
+ Given guest comments are off
+ And I am logged in as "author"
+ And I set up the draft "Generic Work"
+ And I choose "Only registered users can comment"
+ And I post the work without preview
+ And a comment "Nice job" by "user" on the work "Generic Work"
+ When I am logged out
+ And I view the work "Generic Work" with comments
+ Then I should see "Sorry, the Archive doesn't allow guests to comment right now."
+ And I should not see a link "Reply"
+ When I am logged in
+ And I view the work "Generic Work" with comments
+ Then I should not see "Sorry, the Archive doesn't allow guests to comment right now."
+ When I am logged in as a super admin
+ And I view the work "Generic Work" with comments
+ Then I should not see "Sorry, the Archive doesn't allow guests to comment right now."
+
+ Scenario: Turn off guest comments (when the admin post itself does not allow guest comments)
+ Given guest comments are off
+ And I have posted an admin post with guest comments disabled
+ And a comment "Nice job" by "user" on the admin post "Default Admin Post"
+ When I view the admin post "Default Admin Post" with comments
+ Then I should see "Sorry, the Archive doesn't allow guests to comment right now."
+ And I should not see a link "Reply"
+ When I am logged in
+ And I view the admin post "Default Admin Post" with comments
+ Then I should not see "Sorry, the Archive doesn't allow guests to comment right now."
+ When I am logged in as a super admin
+ And I view the admin post "Default Admin Post" with comments
+ Then I should not see "Sorry, the Archive doesn't allow guests to comment right now."
+
+ Scenario: Turn off guest comments (when work itself does not allow any comments)
+ Given guest comments are off
+ And I am logged in as "author"
+ And I post the work "Generic Work"
+ And a guest comment on the work "Generic Work"
+ And I edit the work "Generic Work"
+ And I choose "No one can comment"
+ And I press "Post"
+ When I am logged out
+ And I view the work "Generic Work" with comments
+ Then I should see "Sorry, the Archive doesn't allow guests to comment right now."
+ And I should not see a link "Reply"
+ When I am logged in
+ And I view the work "Generic Work" with comments
+ Then I should not see "Sorry, the Archive doesn't allow guests to comment right now."
+ When I am logged in as a super admin
+ And I view the work "Generic Work" with comments
+ Then I should not see "Sorry, the Archive doesn't allow guests to comment right now."
+
+ Scenario: Turn off guest comments (when the admin post itself does not allow any comments)
+ Given guest comments are off
+ And I have posted an admin post with comments disabled
+ And a comment "Nice job" by "user" on the admin post "Default Admin Post"
+ When I view the admin post "Default Admin Post" with comments
+ Then I should see "Sorry, the Archive doesn't allow guests to comment right now."
+ And I should not see a link "Reply"
+ When I am logged in
+ And I view the admin post "Default Admin Post" with comments
+ Then I should not see "Sorry, the Archive doesn't allow guests to comment right now."
+ When I am logged in as a super admin
+ And I view the admin post "Default Admin Post" with comments
+ Then I should not see "Sorry, the Archive doesn't allow guests to comment right now."
+
+ Scenario: Tag comments are not affected when guest comments are turned off
+ Given guest comments are off
+ And a fandom exists with name: "Stargate SG-1", canonical: true
+ When I am logged in as a super admin
+ And I view the tag "Stargate SG-1" with comments
+ Then I should not see "Sorry, the Archive doesn't allow guests to comment right now."
+ When I post the comment "Important policy decision" on the tag "Stargate SG-1"
+ Then I should see "Comment created!"
+ When I am logged in as a tag wrangler
+ And I view the tag "Stargate SG-1" with comments
+ Then I should not see "Sorry, the Archive doesn't allow guests to comment right now."
+ When I post the comment "Sent you a syn" on the tag "Stargate SG-1"
+ Then I should see "Comment created!"
diff --git a/features/step_definitions/admin_steps.rb b/features/step_definitions/admin_steps.rb
index 4a32c949319..398da294f58 100644
--- a/features/step_definitions/admin_steps.rb
+++ b/features/step_definitions/admin_steps.rb
@@ -88,6 +88,20 @@
click_button("Update")
end
+Given "guest comments are on" do
+ step("I am logged in as a super admin")
+ visit(admin_settings_path)
+ uncheck("Turn off guest comments across the site")
+ click_button("Update")
+end
+
+Given "guest comments are off" do
+ step("I am logged in as a super admin")
+ visit(admin_settings_path)
+ check("Turn off guest comments across the site")
+ click_button("Update")
+end
+
Given /^I have posted known issues$/ do
step %{I am logged in as an admin}
step %{I follow "Admin Posts"}
@@ -159,6 +173,14 @@
end
end
+Given /^I have posted an admin post with guest comments disabled$/ do
+ step %{I am logged in as a "communications" admin}
+ step %{I start to make an admin post}
+ choose("Only registered users can comment")
+ click_button("Post")
+ step %{I log out}
+end
+
Given /^I have posted an admin post with comments disabled$/ do
step %{I am logged in as a "communications" admin}
step %{I start to make an admin post}
diff --git a/features/step_definitions/comment_steps.rb b/features/step_definitions/comment_steps.rb
index ff9cc6558fb..c434b7ea7c3 100644
--- a/features/step_definitions/comment_steps.rb
+++ b/features/step_definitions/comment_steps.rb
@@ -14,11 +14,6 @@
user.preference.save
end
-Given "a guest comment on the work {string}" do |title|
- work = Work.find_by(title: title)
- FactoryBot.create(:comment, :by_guest, commentable: work.first_chapter)
-end
-
ParameterType(
name: "commentable",
regexp: /the (work|admin post|tag) "([^"]*)"/,
@@ -35,6 +30,11 @@
}
)
+Given "a guest comment on {commentable}" do |commentable|
+ commentable = Comment.commentable_object(commentable)
+ FactoryBot.create(:comment, :by_guest, commentable: commentable)
+end
+
Given "a comment {string} by {string} on {commentable}" do |text, user, commentable|
user = ensure_user(user)
commentable = Comment.commentable_object(commentable)
diff --git a/spec/controllers/admin/settings_controller_spec.rb b/spec/controllers/admin/settings_controller_spec.rb
index af00748b8b7..79e64cbf289 100644
--- a/spec/controllers/admin/settings_controller_spec.rb
+++ b/spec/controllers/admin/settings_controller_spec.rb
@@ -64,7 +64,8 @@
downloads_enabled: "1",
enable_test_caching: "0",
cache_expiration: "10",
- hide_spam: "1"
+ hide_spam: "1",
+ guest_comments_off: "1"
}
}
@@ -107,6 +108,7 @@
{
downloads_enabled: false,
hide_spam: true,
+ guest_comments_off: true,
tag_wrangling_off: true
}.each_pair do |field, value|
it "prevents admins with support role from updating #{field}" do
@@ -137,7 +139,8 @@
{
disable_support_form: true,
downloads_enabled: false,
- hide_spam: true
+ hide_spam: true,
+ guest_comments_off: true
}.each_pair do |field, value|
it "prevents admins with tag_wrangling role from updating #{field}" do
expect do
diff --git a/spec/controllers/comments_controller_spec.rb b/spec/controllers/comments_controller_spec.rb
index 411c5e730cc..410dab6a512 100644
--- a/spec/controllers/comments_controller_spec.rb
+++ b/spec/controllers/comments_controller_spec.rb
@@ -104,6 +104,69 @@
it_behaves_like "no one can add comment reply on a hidden comment"
end
end
+
+ context "guest comments are turned on in admin settings" do
+ let(:comment) { create(:comment) }
+ let(:admin_setting) { AdminSetting.first || AdminSetting.create }
+
+ before do
+ admin_setting.update_attribute(:guest_comments_off, false)
+ end
+
+ it "redirects logged out user to the comment on the commentable without an error" do
+ get :add_comment_reply, params: { comment_id: comment.id }
+
+ expect(flash[:error]).to be_nil
+ it_redirects_to(chapter_path(comment.commentable, show_comments: true, anchor: "comment_#{comment.id}"))
+ end
+ end
+
+ context "guest comments are turned off in admin settings" do
+ let(:comment) { create(:comment) }
+ let(:admin_setting) { AdminSetting.first || AdminSetting.create }
+ let(:work) { comment.ultimate_parent }
+
+ before do
+ admin_setting.update_attribute(:guest_comments_off, true)
+ end
+
+ [:enable_all, :disable_anon].each do |permissions|
+ context "when work comment permissions are #{permissions}" do
+ before do
+ work.update_attribute(:comment_permissions, permissions)
+ end
+
+ it "redirects logged out user with an error" do
+ get :add_comment_reply, params: { comment_id: comment.id }
+ it_redirects_to_with_error("/where_i_came_from", "Sorry, the Archive doesn't allow guests to comment right now.")
+ end
+
+ it "redirects logged in user to the comment on the commentable without an error" do
+ fake_login
+ get :add_comment_reply, params: { comment_id: comment.id }
+ expect(flash[:error]).to be_nil
+ expect(response).to redirect_to(chapter_path(comment.commentable, show_comments: true, anchor: "comment_#{comment.id}"))
+ end
+ end
+ end
+
+ context "when work comment permissions are disable_all" do
+ before do
+ work.update_attribute(:comment_permissions, :disable_all)
+ end
+
+ it "redirects logged out user with an error" do
+ get :add_comment_reply, params: { comment_id: comment.id }
+ it_redirects_to_with_error("/where_i_came_from", "Sorry, the Archive doesn't allow guests to comment right now.")
+ end
+
+ it "redirects logged in user with an error" do
+ fake_login
+ get :add_comment_reply, params: { comment_id: comment.id }
+ it_redirects_to_with_error(work_path(work), "Sorry, this work doesn't allow comments.")
+ end
+ end
+ end
end
describe "GET #unreviewed" do
@@ -135,15 +198,15 @@
end
end
- describe "POST #new" do
+ describe "GET #new" do
it "errors if the commentable is not a valid tag" do
- post :new, params: { tag_id: "Non existent tag" }
+ get :new, params: { tag_id: "Non existent tag" }
expect(flash[:error]).to eq "What did you want to comment on?"
end
it "renders the :new template if commentable is a valid admin post" do
admin_post = create(:admin_post)
- post :new, params: { admin_post_id: admin_post.id }
+ get :new, params: { admin_post_id: admin_post.id }
expect(response).to render_template("new")
expect(assigns(:name)).to eq(admin_post.title)
end
@@ -155,7 +218,7 @@
before { fake_login_admin(create(:admin)) }
it "renders the :new template" do
- post :new, params: { tag_id: fandom.name }
+ get :new, params: { tag_id: fandom.name }
expect(response).to render_template("new")
expect(assigns(:name)).to eq("Fandom")
end
@@ -165,7 +228,7 @@
before { fake_login_known_user(create(:tag_wrangler)) }
it "renders the :new template" do
- post :new, params: { tag_id: fandom.name }
+ get :new, params: { tag_id: fandom.name }
expect(response).to render_template("new")
expect(assigns(:name)).to eq("Fandom")
end
@@ -175,7 +238,7 @@
before { fake_login }
it "shows an error and redirects" do
- post :new, params: { tag_id: fandom.name }
+ get :new, params: { tag_id: fandom.name }
it_redirects_to_with_error(user_path(controller.current_user),
"Sorry, you don't have permission to " \
"access the page you were trying to " \
@@ -187,7 +250,7 @@
before { fake_logout }
it "shows an error and redirects" do
- post :new, params: { tag_id: fandom.name }
+ get :new, params: { tag_id: fandom.name }
it_redirects_to_with_error(new_user_session_path,
"Sorry, you don't have permission to " \
"access the page you were trying to " \
@@ -196,22 +259,91 @@
end
end
+ context "guest comments are turned on in admin settings" do
+ let(:work) { create(:work) }
+ let(:work_with_guest_comment_off) { create(:work, comment_permissions: :disable_anon) }
+ let(:admin_setting) { AdminSetting.first || AdminSetting.create }
+
+ before do
+ admin_setting.update_attribute(:guest_comments_off, false)
+ end
+
+ it "allows guest comments" do
+ get :new, params: { work_id: work.id }
+
+ expect(response).to render_template(:new)
+ end
+
+ it "does not allow guest comments when work has guest comments disabled" do
+ get :new, params: { work_id: work_with_guest_comment_off.id }
+
+ it_redirects_to_with_error(work_path(work_with_guest_comment_off),
+ "Sorry, this work doesn't allow non-Archive users to comment.")
+ end
+ end
+
+ context "guest comments are turned off in admin settings" do
+ let(:work) { create(:work) }
+ let(:admin_setting) { AdminSetting.first || AdminSetting.create }
+
+ before do
+ admin_setting.update_attribute(:guest_comments_off, true)
+ end
+
+ [:enable_all, :disable_anon].each do |permissions|
+ context "when work comment permissions are #{permissions}" do
+ before do
+ work.update_attribute(:comment_permissions, permissions)
+ end
+
+ it "redirects logged out user with an error" do
+ get :new, params: { work_id: work.id }
+ it_redirects_to_with_error("/where_i_came_from", "Sorry, the Archive doesn't allow guests to comment right now.")
+ end
+
+ it "renders the :new template for logged in user" do
+ fake_login
+ get :new, params: { work_id: work.id }
+ expect(flash[:error]).to be_nil
+ expect(response).to render_template("new")
+ end
+ end
+ end
+
+ context "when work comment permissions are disable_all" do
+ before do
+ work.update_attribute(:comment_permissions, :disable_all)
+ end
+
+ it "redirects logged out user with an error" do
+ get :new, params: { work_id: work.id }
+ it_redirects_to_with_error("/where_i_came_from", "Sorry, the Archive doesn't allow guests to comment right now.")
+ end
+
+ it "redirects logged in user with an error" do
+ fake_login
+ get :new, params: { work_id: work.id }
+ it_redirects_to_with_error(work_path(work), "Sorry, this work doesn't allow comments.")
+ end
+ end
+ end
+
it "renders the :new template if commentable is a valid comment" do
comment = create(:comment)
- post :new, params: { comment_id: comment.id }
+ get :new, params: { comment_id: comment.id }
expect(response).to render_template("new")
expect(assigns(:name)).to eq("Previous Comment")
end
it "shows an error and redirects if commentable is a frozen comment" do
comment = create(:comment, iced: true)
- post :new, params: { comment_id: comment.id }
+ get :new, params: { comment_id: comment.id }
it_redirects_to_with_error("/where_i_came_from", "Sorry, you cannot reply to a frozen comment.")
end
it "shows an error and redirects if commentable is a hidden comment" do
comment = create(:comment, hidden_by_admin: true)
- post :new, params: { comment_id: comment.id }
+ get :new, params: { comment_id: comment.id }
it_redirects_to_with_error("/where_i_came_from", "Sorry, you cannot reply to a hidden comment.")
end
end
@@ -446,6 +578,77 @@
end
end
end
+
+ context "guest comments are turned on in admin settings" do
+ let(:work) { create(:work) }
+ let(:admin_setting) { AdminSetting.first || AdminSetting.create }
+
+ before do
+ admin_setting.update_attribute(:guest_comments_off, false)
+ end
+
+ it "allows guest comments" do
+ post :create, params: { work_id: work.id, comment: anon_comment_attributes }
+
+ expect(flash[:error]).to be_nil
+ end
+ end
+
+ context "guest comments are turned off in admin settings" do
+ let(:work) { create(:work) }
+ let(:user) { create(:user) }
+ let(:admin_setting) { AdminSetting.first || AdminSetting.create }
+
+ before do
+ admin_setting.update_attribute(:guest_comments_off, true)
+ end
+
+ [:enable_all, :disable_anon].each do |permissions|
+ context "when work comment permissions are #{permissions}" do
+ before do
+ work.update_attribute(:comment_permissions, permissions)
+ end
+
+ it "redirects logged out user with an error" do
+ post :create, params: { work_id: work.id, comment: anon_comment_attributes }
+ it_redirects_to_with_error("/where_i_came_from", "Sorry, the Archive doesn't allow guests to comment right now.")
+ end
+
+ it "redirects logged in user to the comment on the commentable without an error" do
+ comment_attributes = {
+ pseud_id: user.default_pseud_id,
+ comment_content: "Hello fellow human!"
+ }
+ fake_login_known_user(user)
+ post :create, params: { work_id: work.id, comment: comment_attributes }
+ comment = Comment.last
+ expect(flash[:error]).to be_nil
+ expect(response).to redirect_to(work_chapter_path(work, comment.commentable, show_comments: true, view_full_work: false, anchor: "comment_#{comment.id}"))
+ end
+ end
+ end
+
+ context "when work comment permissions are disable_all" do
+ before do
+ work.update_attribute(:comment_permissions, :disable_all)
+ end
+
+ it "redirects logged out user with an error" do
+ post :create, params: { work_id: work.id, comment: anon_comment_attributes }
+ it_redirects_to_with_error("/where_i_came_from", "Sorry, the Archive doesn't allow guests to comment right now.")
+ end
+
+ it "redirects logged in user with an error" do
+ comment_attributes = {
+ pseud_id: user.default_pseud_id,
+ comment_content: "Hello fellow human!"
+ }
+ fake_login_known_user(user)
+ post :create, params: { work_id: work.id, comment: comment_attributes }
+ it_redirects_to_with_error(work_path(work), "Sorry, this work doesn't allow comments.")
+ end
+ end
+ end
end
describe "PUT #review_all" do
diff --git a/test/fixtures/admin_settings.yml b/test/fixtures/admin_settings.yml
index 1da015a83c6..5379d6346d2 100644
--- a/test/fixtures/admin_settings.yml
+++ b/test/fixtures/admin_settings.yml
@@ -19,3 +19,4 @@ admin_setting_3:
creation_requires_invite: false
downloads_enabled: true
hide_spam: false
+ guest_comments_off: false