From c9ce111849d8ecdfb5f8acb2ad32c2b746202fd1 Mon Sep 17 00:00:00 2001
From: Sarken <sarken@gmail.com>
Date: Fri, 23 Feb 2024 21:21:12 -0500
Subject: [PATCH] AO3-6634 Prefer update! for roles

---
 .../admin_posts_controller_spec.rb            | 80 ++++++++++++++-----
 spec/controllers/comments_controller_spec.rb  |  6 +-
 2 files changed, 63 insertions(+), 23 deletions(-)

diff --git a/spec/controllers/admin_posts_controller_spec.rb b/spec/controllers/admin_posts_controller_spec.rb
index 2959bf2f12c..6f750491e44 100644
--- a/spec/controllers/admin_posts_controller_spec.rb
+++ b/spec/controllers/admin_posts_controller_spec.rb
@@ -25,15 +25,13 @@
                           content: "AdminPost content long enough to pass validation" } }
 
     authorized_roles = %w[superadmin board board_assistants_team communications support translation]
-    unauthorized_roles = Admin::VALID_ROLES - authorized_roles + [nil]
+    unauthorized_roles = Admin::VALID_ROLES - authorized_roles
 
     context "when admin does not have correct authorization" do
       let(:admin) { create(:admin) }
 
       unauthorized_roles.each do |admin_role|
-        role_description = admin_role.nil? ? "no role" : "the role #{admin_role}"
-
-        context "with #{role_description}" do
+        context "with #{admin_role}" do
           it "redirects with error" do
             admin.update!(roles: [admin_role])
             fake_login_admin(admin)
@@ -43,6 +41,16 @@
           end
         end
       end
+
+      context "with no role" do
+        it "redirects with error" do
+          admin.update!(roles: [])
+          fake_login_admin(admin)
+          post :create, params: { admin_post: base_params }
+
+          it_redirects_to_with_error(root_url, "Sorry, only an authorized admin can access the page you were trying to reach.")
+        end
+      end
     end
 
     context "when admin has correct authorization" do
@@ -93,13 +101,11 @@
     let(:post) { create(:admin_post) }
 
     authorized_roles = %w[superadmin board board_assistants_team communications support translation]
-    unauthorized_roles = Admin::VALID_ROLES - authorized_roles + [nil]
+    unauthorized_roles = Admin::VALID_ROLES - authorized_roles
 
     context "when admin does not have correct authorization" do
       unauthorized_roles.each do |admin_role|
-        role_description = admin_role.nil? ? "no role" : "the role #{admin_role}"
-
-        context "with #{role_description}" do
+        context "with the role #{admin_role}" do
           it "redirects with error" do
             admin.update!(roles: [admin_role])
             fake_login_admin(admin)
@@ -109,6 +115,16 @@
           end
         end
       end
+
+      context "with no role" do
+        it "redirects with error" do
+          admin.update!(roles: [])
+          fake_login_admin(admin)
+          put :update, params: { id: post.id, admin_post: { admin_id: admin.id } }
+
+          it_redirects_to_with_error(root_url, "Sorry, only an authorized admin can access the page you were trying to reach.")
+        end
+      end
     end
 
     context "when admin has correct authorization" do
@@ -177,13 +193,11 @@
     let(:admin) { create(:admin) }
     let(:post) { create(:admin_post) }
     authorized_roles = %w[superadmin board board_assistants_team communications support translation]
-    unauthorized_roles = Admin::VALID_ROLES - authorized_roles + [nil]
+    unauthorized_roles = Admin::VALID_ROLES - authorized_roles
 
     context "when admin does not have correct authorization" do
       unauthorized_roles.each do |admin_role|
-        role_description = admin_role.nil? ? "no role" : "the role #{admin_role}"
-
-        context "with #{role_description}" do
+        context "with the role #{admin_role}" do
           it "redirects with error" do
             admin.update!(roles: [admin_role])
             fake_login_admin(admin)
@@ -193,6 +207,16 @@
           end
         end
       end
+
+      context "with no role" do
+        it "redirects with error" do
+          admin.update!(roles: [])
+          fake_login_admin(admin)
+          get :edit, params: { id: post.id }
+
+          it_redirects_to_with_error(root_url, "Sorry, only an authorized admin can access the page you were trying to reach.")
+        end
+      end
     end
 
     context "when admin has correct authorization" do
@@ -214,13 +238,11 @@
     let(:admin) { create(:admin) }
     let(:post) { create(:admin_post) }
     authorized_roles = %w[superadmin board board_assistants_team communications support translation]
-    unauthorized_roles = Admin::VALID_ROLES - authorized_roles + [nil]
+    unauthorized_roles = Admin::VALID_ROLES - authorized_roles
 
     context "when admin does not have correct authorization" do
       unauthorized_roles.each do |admin_role|
-        role_description = admin_role.nil? ? "no role" : "the role #{admin_role}"
-
-        context "with #{role_description}" do
+        context "with the role #{admin_role}" do
           it "redirects with error" do
             admin.update!(roles: [admin_role])
             fake_login_admin(admin)
@@ -230,6 +252,16 @@
           end
         end
       end
+
+      context "with no role" do
+        it "redirects with error" do
+          admin.update!(roles: [])
+          fake_login_admin(admin)
+          get :edit, params: { id: post.id }
+
+          it_redirects_to_with_error(root_url, "Sorry, only an authorized admin can access the page you were trying to reach.")
+        end
+      end
     end
 
     context "when admin has correct authorization" do
@@ -251,13 +283,11 @@
     let(:admin) { create(:admin) }
     let(:post) { create(:admin_post) }
     authorized_roles = %w[superadmin board board_assistants_team communications support translation]
-    unauthorized_roles = Admin::VALID_ROLES - authorized_roles + [nil]
+    unauthorized_roles = Admin::VALID_ROLES - authorized_roles
 
     context "when admin does not have correct authorization" do
       unauthorized_roles.each do |admin_role|
-        role_description = admin_role.nil? ? "no role" : "the role #{admin_role}"
-
-        context "with #{role_description}" do
+        context "with the role #{admin_role}" do
           it "redirects with error" do
             admin.update!(roles: [admin_role])
             fake_login_admin(admin)
@@ -267,6 +297,16 @@
           end
         end
       end
+
+      context "with no role" do
+        it "redirects with error" do
+          admin.update!(roles: [])
+          fake_login_admin(admin)
+          delete :destroy, params: { id: post.id }
+
+          it_redirects_to_with_error(root_url, "Sorry, only an authorized admin can access the page you were trying to reach.")
+        end
+      end
     end
 
     context "when admin has correct authorization" do
diff --git a/spec/controllers/comments_controller_spec.rb b/spec/controllers/comments_controller_spec.rb
index 157ef3e1c57..86aad5df5b5 100644
--- a/spec/controllers/comments_controller_spec.rb
+++ b/spec/controllers/comments_controller_spec.rb
@@ -3641,7 +3641,7 @@
       end
 
       it "PUT #unfreeze successfully unfreezes the comment" do
-        comment.update(iced: true)
+        comment.update!(iced: true)
         put :unfreeze, params: { id: comment.id }
         it_redirects_to_with_comment_notice(
           work_path(comment.ultimate_parent, show_comments: true, anchor: :comments),
@@ -3741,7 +3741,7 @@
 
       context "PUT #unfreeze" do
         it "does not permit unfreezing of the comment when admin has no role" do
-          comment.update(iced: true)
+          comment.update!(iced: true)
           admin.update!(roles: [])
           fake_login_admin(admin)
           put :unfreeze, params: { id: comment.id }
@@ -3750,7 +3750,7 @@
 
         %w[superadmin policy_and_abuse].each do |admin_role|
           it "successfully unfreezes the comment when admin has #{admin_role} role" do
-            comment.update(iced: true)
+            comment.update!(iced: true)
             admin.update!(roles: [admin_role])
             fake_login_admin(admin)
             put :unfreeze, params: { id: comment.id }