Улучшение безопасности и обработки ошибок. Этап 1. #8

2026-04-29 11:00:14 +03:00
parent 3da4ee28d4
commit cfd2e38952
10 changed files with 219 additions and 116 deletions
--- a/test/api/api_moderation_tests.erl
+++ b/test/api/api_moderation_tests.erl
@@ -9,7 +9,7 @@ test() ->
  AdminToken = api_test_runner:get_admin_token(),
  UserToken  = api_test_runner:get_user_token(),

-  %% Создаём календарь и событие через пользовательский API
+  %% Создаём календарь и событие
  CalId   = api_test_runner:extract_json(
    api_test_runner:http_post("/v1/calendars", #{title => <<"Mod Cal">>}, UserToken),
    <<"id">>),
@@ -21,7 +21,7 @@ test() ->
      UserToken),
    <<"id">>),

-  %% TEST 1: Create report (пользователь)
+  %% TEST 1: Create report
  io:format("  TEST 1: Create report... "),
  ReportId = api_test_runner:extract_json(
    api_test_runner:http_post("/v1/reports",
@@ -32,22 +32,22 @@ test() ->
    <<"id">>),
  io:format("OK~n"),

-  %% TEST 2: Admin views reports (через админский URL, прямой httpc)
+  %% TEST 2: Admin views reports
  io:format("  TEST 2: Admin views reports... "),
  {ok, {{_, 200, _}, _, _}} = httpc:request(get,
    {?ADMIN_BASE_URL ++ "/v1/admin/reports", [{"Authorization", "Bearer " ++ binary_to_list(AdminToken)}]}, [], []),
  io:format("OK~n"),

-  %% TEST 3: Admin resolves report
+  %% TEST 3: Admin resolves report с reason
  io:format("  TEST 3: Admin resolves report... "),
  {ok, {{_, 200, _}, _, _}} = httpc:request(put,
    {?ADMIN_BASE_URL ++ "/v1/admin/reports/" ++ binary_to_list(ReportId),
      [{"Authorization", "Bearer " ++ binary_to_list(AdminToken)}],
      "application/json",
-      jsx:encode(#{status => <<"reviewed">>})}, [], []),
+      jsx:encode(#{status => <<"reviewed">>, reason => <<"Resolved by moderator">>})}, [], []),
  io:format("OK~n"),

-  %% TEST 4: Add banned word (админ)
+  %% TEST 4: Add banned word
  io:format("  TEST 4: Add banned word... "),
  {ok, {{_, 201, _}, _, _}} = httpc:request(post,
    {?ADMIN_BASE_URL ++ "/v1/admin/banned-words",
@@ -56,13 +56,13 @@ test() ->
      jsx:encode(#{<<"word">> => <<"badword">>})}, [], []),
  io:format("OK~n"),

-  %% TEST 5: List banned words (админ)
+  %% TEST 5: List banned words
  io:format("  TEST 5: List banned words... "),
  {ok, {{_, 200, _}, _, _}} = httpc:request(get,
    {?ADMIN_BASE_URL ++ "/v1/admin/banned-words", [{"Authorization", "Bearer " ++ binary_to_list(AdminToken)}]}, [], []),
  io:format("OK~n"),

-  %% TEST 6: Remove banned word (админ)
+  %% TEST 6: Remove banned word
  io:format("  TEST 6: Remove banned word... "),
  {ok, {{_, 200, _}, _, _}} = httpc:request(delete,
    {?ADMIN_BASE_URL ++ "/v1/admin/banned-words/badword", [{"Authorization", "Bearer " ++ binary_to_list(AdminToken)}]}, [], []),