dawarich/spec/requests/family/location_sharing_spec.rb

# frozen_string_literal: true

require 'rails_helper'

RSpec.describe 'Family::LocationSharing', type: :request do
  include ActiveSupport::Testing::TimeHelpers

  let(:user) { create(:user) }
  let(:family) { create(:family, creator: user) }
  let!(:user_membership) { create(:family_membership, user: user, family: family, role: :owner) }

  before { sign_in user }

  describe 'PATCH /family/location_sharing' do
    context 'when enabling location sharing' do
      around do |example|
        travel_to(Time.zone.local(2024, 1, 1, 12, 0, 0)) { example.run }
      end

      it 'enables location sharing with duration' do
        patch '/family/location_sharing',
              params: { enabled: true, duration: '1h' },
              as: :json

        expect(response).to have_http_status(:ok)
        json_response = JSON.parse(response.body)
        expect(json_response['success']).to be true
        expect(json_response['enabled']).to be true
        expect(json_response['duration']).to eq('1h')
        expect(json_response['message']).to eq('Location sharing enabled for 1 hour')
        expect(json_response['expires_at']).to eq(1.hour.from_now.iso8601)
      end

      it 'enables location sharing permanently' do
        patch '/family/location_sharing',
              params: { enabled: true, duration: 'permanent' },
              as: :json

        expect(response).to have_http_status(:ok)
        json_response = JSON.parse(response.body)
        expect(json_response['success']).to be true
        expect(json_response['enabled']).to be true
        expect(json_response['duration']).to eq('permanent')
        expect(json_response).not_to have_key('expires_at')
      end
    end

    context 'when disabling location sharing' do
      before do
        user.update_family_location_sharing!(true, duration: '1h')
      end

      it 'disables location sharing' do
        patch '/family/location_sharing',
              params: { enabled: false },
              as: :json

        expect(response).to have_http_status(:ok)
        json_response = JSON.parse(response.body)
        expect(json_response['success']).to be true
        expect(json_response['enabled']).to be false
        expect(json_response['message']).to eq('Location sharing disabled')
      end
    end

    context 'when user is not in a family' do
      let(:solo_user) { create(:user) }

      before do
        sign_out user
        sign_in solo_user
      end

      it 'returns forbidden' do
        patch '/family/location_sharing',
              params: { enabled: true, duration: '1h' },
              as: :json

        expect(response).to have_http_status(:forbidden)
        json_response = JSON.parse(response.body)
        expect(json_response['error']).to eq('User is not part of a family')
      end
    end

    context 'when update fails' do
      before do
        allow_any_instance_of(User).to receive(:update_family_location_sharing!)
          .and_raise(StandardError, 'Database error')
      end

      it 'returns internal server error' do
        patch '/family/location_sharing',
              params: { enabled: true, duration: '1h' },
              as: :json

        expect(response).to have_http_status(:internal_server_error)
        json_response = JSON.parse(response.body)
        expect(json_response['success']).to be false
        expect(json_response['message']).to eq('An error occurred while updating location sharing')
      end
    end

    context 'without authentication' do
      before { sign_out user }

      it 'returns unauthorized' do
        patch '/family/location_sharing',
              params: { enabled: true, duration: '1h' },
              as: :json

        expect(response).to have_http_status(:unauthorized)
        json_response = JSON.parse(response.body)
        expect(json_response['error']).to eq('You need to sign in or sign up before continuing.')
      end
    end
  end
end
0.36.0 (#1952) * Implement OmniAuth GitHub authentication * Fix omniauth GitHub scope to include user email access * Remove margin-bottom * Implement Google OAuth2 authentication * Implement OIDC authentication for Dawarich using omniauth_openid_connect gem. * Add patreon account linking and patron checking service * Update docker-compose.yml to use boolean values instead of strings * Add support for KML files * Add tests * Update changelog * Remove patreon OAuth integration * Move omniauthable to a concern * Update an icon in integrations * Update changelog * Update app version * Fix family location sharing toggle * Move family location sharing to its own controller * Update changelog * Implement basic tagging functionality for places, allowing users to categorize and label places with custom tags. * Add places management API and tags feature * Add some changes related to places management feature * Fix some tests * Fix sometests * Add places layer * Update places layer to use Leaflet.Control.Layers.Tree for hierarchical layer control * Rework tag form * Add hashtag * Add privacy zones to tags * Add notes to places and manage place tags * Update changelog * Update e2e tests * Extract tag serializer to its own file * Fix some tests * Fix tags request specs * Fix some tests * Fix rest of the tests * Revert some changes * Add missing specs * Revert changes in place export/import code * Fix some specs * Fix PlaceFinder to only consider global places when finding existing places * Fix few more specs * Fix visits creator spec * Fix last tests * Update place creating modal * Add home location based on "Home" tagged place * Save enabled tag layers * Some fixes * Fix bug where enabling place tag layers would trigger saving enabled layers, overwriting with incomplete data * Update migration to use disable_ddl_transaction! and add up/down methods * Fix tag layers restoration and filtering logic * Update OIDC auto-registration and email/password registration settings * Fix potential xss 2025-11-24 13:45:09 -05:00			`# frozen_string_literal: true`

			`require 'rails_helper'`

			`RSpec.describe 'Family::LocationSharing', type: :request do`
			`include ActiveSupport::Testing::TimeHelpers`

			`let(:user) { create(:user) }`
			`let(:family) { create(:family, creator: user) }`
			`let!(:user_membership) { create(:family_membership, user: user, family: family, role: :owner) }`

			`before { sign_in user }`

			`describe 'PATCH /family/location_sharing' do`
			`context 'when enabling location sharing' do`
			`around do \|example\|`
			`travel_to(Time.zone.local(2024, 1, 1, 12, 0, 0)) { example.run }`
			`end`

			`it 'enables location sharing with duration' do`
			`patch '/family/location_sharing',`
			`params: { enabled: true, duration: '1h' },`
			`as: :json`

			`expect(response).to have_http_status(:ok)`
			`json_response = JSON.parse(response.body)`
			`expect(json_response['success']).to be true`
			`expect(json_response['enabled']).to be true`
			`expect(json_response['duration']).to eq('1h')`
			`expect(json_response['message']).to eq('Location sharing enabled for 1 hour')`
			`expect(json_response['expires_at']).to eq(1.hour.from_now.iso8601)`
			`end`

			`it 'enables location sharing permanently' do`
			`patch '/family/location_sharing',`
			`params: { enabled: true, duration: 'permanent' },`
			`as: :json`

			`expect(response).to have_http_status(:ok)`
			`json_response = JSON.parse(response.body)`
			`expect(json_response['success']).to be true`
			`expect(json_response['enabled']).to be true`
			`expect(json_response['duration']).to eq('permanent')`
			`expect(json_response).not_to have_key('expires_at')`
			`end`
			`end`

			`context 'when disabling location sharing' do`
			`before do`
			`user.update_family_location_sharing!(true, duration: '1h')`
			`end`

			`it 'disables location sharing' do`
			`patch '/family/location_sharing',`
			`params: { enabled: false },`
			`as: :json`

			`expect(response).to have_http_status(:ok)`
			`json_response = JSON.parse(response.body)`
			`expect(json_response['success']).to be true`
			`expect(json_response['enabled']).to be false`
			`expect(json_response['message']).to eq('Location sharing disabled')`
			`end`
			`end`

			`context 'when user is not in a family' do`
			`let(:solo_user) { create(:user) }`

			`before do`
			`sign_out user`
			`sign_in solo_user`
			`end`

			`it 'returns forbidden' do`
			`patch '/family/location_sharing',`
			`params: { enabled: true, duration: '1h' },`
			`as: :json`

			`expect(response).to have_http_status(:forbidden)`
			`json_response = JSON.parse(response.body)`
			`expect(json_response['error']).to eq('User is not part of a family')`
			`end`
			`end`

			`context 'when update fails' do`
			`before do`
			`allow_any_instance_of(User).to receive(:update_family_location_sharing!)`
			`.and_raise(StandardError, 'Database error')`
			`end`

			`it 'returns internal server error' do`
			`patch '/family/location_sharing',`
			`params: { enabled: true, duration: '1h' },`
			`as: :json`

			`expect(response).to have_http_status(:internal_server_error)`
			`json_response = JSON.parse(response.body)`
			`expect(json_response['success']).to be false`
			`expect(json_response['message']).to eq('An error occurred while updating location sharing')`
			`end`
			`end`

			`context 'without authentication' do`
			`before { sign_out user }`

			`it 'returns unauthorized' do`
			`patch '/family/location_sharing',`
			`params: { enabled: true, duration: '1h' },`
			`as: :json`

			`expect(response).to have_http_status(:unauthorized)`
			`json_response = JSON.parse(response.body)`
			`expect(json_response['error']).to eq('You need to sign in or sign up before continuing.')`
			`end`
			`end`
			`end`
			`end`