#63

2026-05-04 03:14:50 +09:00 · 2026-05-04 03:12:50 +09:00 · 2026-05-04 02:55:36 +09:00
11 changed files with 103 additions and 523 deletions
@@ -1,16 +1,14 @@
 class ApplicationController < ActionController::API
  before_action :reject_banned_ip_address!
  before_action :authenticate_user
  before_action :reject_banned_user!
-  def current_user = @current_user
+  def current_user
    @current_user
  end
  private
  def authenticate_user
    code = request.headers['X-Transfer-Code'] || request.headers['HTTP_X_TRANSFER_CODE']
    return if code.blank?
    @current_user = User.find_by(inheritance_code: code)
  end
@@ -24,17 +22,4 @@ class ApplicationController < ActionController::API
      s.in?(['', '1', 'true', 'on', 'yes'])
    end
  end
  def reject_banned_ip_address!
    ip_address = IpAddress.find_by(ip_address: IPAddr.new(request.remote_ip).hton)
    return unless ip_address&.banned?
    head :forbidden
  end
  def reject_banned_user!
    return unless current_user&.banned?
    head :forbidden
  end
 end
@@ -1,6 +1,9 @@
 class UsersController < ApplicationController
  def create
    return head :unprocessable_entity if request.remote_ip.blank?
    user = nil
    User.transaction do
      user = User.create!(inheritance_code: SecureRandom.uuid, role: :guest)
      attach_ip_address!(user)
@@ -14,7 +17,8 @@ class UsersController < ApplicationController
  def verify
    user = User.find_by(inheritance_code: params[:code])
    return render json: { valid: false } unless user
-    return head :forbidden if user.banned?
+
    return head :unprocessable_entity if request.remote_ip.blank?
    attach_ip_address!(user)
@@ -1,10 +1,7 @@
 class IpAddress < ApplicationRecord
  validates :ip_address, presence: true, length: { maximum: 16 }
  validates :banned, inclusion: { in: [true, false] }
  has_many :user_ips, dependent: :destroy
  has_many :users, through: :user_ips
  def banned? = banned_at.present?
  def ban! = banned? || update!(banned_at: Time.current)
  def unban! = update!(banned_at: nil)
 end
@@ -4,6 +4,7 @@ class User < ApplicationRecord
  validates :name, length: { maximum: 255 }
  validates :inheritance_code, presence: true, length: { maximum: 64 }
  validates :role, presence: true, inclusion: { in: roles.keys }
  validates :banned, inclusion: { in: [true, false] }
  has_many :created_posts,
           class_name: 'Post', foreign_key: :uploaded_user_id, dependent: :nullify
@@ -18,10 +19,5 @@ class User < ApplicationRecord
           class_name: 'WikiPage', foreign_key: :updated_user_id, dependent: :nullify
  def viewed?(post) = user_post_views.exists?(post_id: post.id)
  def gte_member? = member? || admin?
  def banned? = banned_at.present?
  def ban! = banned? || update!(banned_at: Time.current)
  def unban! = update!(banned_at: nil)
 end
@@ -1,16 +0,0 @@
 class RenameBannedToBannedAtInUsersAndIpAddresses < ActiveRecord::Migration[8.0]
  def up
    [:users, :ip_addresses].each do
      add_column _1, :banned_at, :datetime, after: :banned
      add_index _1, :banned_at
      remove_column _1, :banned
    end
  end
  def down
    [:ip_addresses, :users].each do
      add_column _1, :banned, :boolean, null: false, default: false, after: :banned_at
      remove_column _1, :banned_at
    end
  end
 end
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema[8.0].define(version: 2026_05_01_153900) do
+ActiveRecord::Schema[8.0].define(version: 2026_04_27_214800) do
  create_table "active_storage_attachments", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.string "name", null: false
    t.string "record_type", null: false
@@ -50,10 +50,9 @@ ActiveRecord::Schema[8.0].define(version: 2026_05_01_153900) do
  create_table "ip_addresses", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
    t.binary "ip_address", limit: 16, null: false
-    t.datetime "banned_at"
+    t.boolean "banned", default: false, null: false
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.index ["banned_at"], name: "index_ip_addresses_on_banned_at"
    t.index ["ip_address"], name: "index_ip_addresses_on_ip_address", unique: true
  end
@@ -333,10 +332,9 @@ ActiveRecord::Schema[8.0].define(version: 2026_05_01_153900) do
    t.string "name"
    t.string "inheritance_code", limit: 64, null: false
    t.string "role", null: false
-    t.datetime "banned_at"
+    t.boolean "banned", default: false, null: false
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.index ["banned_at"], name: "index_users_on_banned_at"
  end
  create_table "wiki_assets", charset: "utf8mb4", collation: "utf8mb4_0900_ai_ci", force: :cascade do |t|
@@ -1,10 +0,0 @@
 FactoryBot.define do
  factory :ip_address do
    ip_address { IPAddr.new('203.0.113.10').hton }
    banned_at { nil }
    trait :banned do
      banned_at { Time.current }
    end
  end
 end
@@ -1,24 +1,15 @@
 FactoryBot.define do
  factory :user do
-    name { nil }
+    name { "test-user" }
    inheritance_code { SecureRandom.uuid }
-    role { 'guest' }
+    role { "guest" }
    banned_at { nil }
    trait :guest do
      role { 'guest' }
    end
    trait :member do
-      role { 'member' }
+      role { "member" }
    end
    trait :admin do
      role { 'admin' }
    end
    trait :banned do
      banned_at { Time.current }
    end
  end
 end
@@ -8,35 +8,23 @@ RSpec.describe 'Tags deerjikists API', type: :request do
  let!(:tag) { create(:tag, category: :deerjikist) }
  let(:member) { create(:user, :member) }
  let(:guest) { create(:user, role: :guest) }
  before do
    # show_by_name / deerjikists_by_name 用に名前を固定
    tag.tag_name.update!(name: 'deerjika')
  end
  describe 'GET /tags/:id/deerjikists' do
    subject(:do_request) do
-      get "/tags/#{tag_id}/deerjikists"
+      get "/tags/#{ tag_id }/deerjikists"
    end
    let(:tag_id) { tag.id }
    context 'when tag exists and has no deerjikists' do
-      it 'returns 200 with tag and empty deerjikists array' do
+      it 'returns 200 and empty array' do
        do_request
        expect(response).to have_http_status(:ok)
-
+        expect(json).to eq([])
        expect(json).to be_a(Hash)
        expect(json['tag']).to be_a(Hash)
        expect(json['tag']['id']).to eq(tag.id)
        expect(json['tag']['name']).to eq('deerjika')
        expect(json['tag']['category']).to eq('deerjikist')
        expect(json['tag']['has_deerjikists']).to eq(false)
        expect(json['deerjikists']).to eq([])
      end
    end
@@ -46,24 +34,14 @@ RSpec.describe 'Tags deerjikists API', type: :request do
        Deerjikist.create!(platform: platform2, code: code2, tag: tag)
      end
-      it 'returns 200 with tag and deerjikists array' do
+      it 'returns 200 and deerjikists array' do
        do_request
        expect(response).to have_http_status(:ok)
-        expect(json).to be_a(Hash)
+        expect(json).to be_a(Array)
        expect(json.size).to eq(2)
-        expect(json['tag']).to be_a(Hash)
+        expect(json.map { |h| [h['platform'], h['code']] }).to contain_exactly(
        expect(json['tag']['id']).to eq(tag.id)
        expect(json['tag']['name']).to eq('deerjika')
        expect(json['tag']['category']).to eq('deerjikist')
        expect(json['tag']['has_deerjikists']).to eq(true)
        expect(json['deerjikists']).to be_a(Array)
        expect(json['deerjikists'].size).to eq(2)
        expect(json['deerjikists'].map { |h| [h['platform'], h['code']] })
          .to contain_exactly(
          [platform1, code1],
          [platform2, code2],
        )
@@ -75,7 +53,6 @@ RSpec.describe 'Tags deerjikists API', type: :request do
      it 'returns 404' do
        do_request
        expect(response).to have_http_status(:not_found)
      end
    end
@@ -83,7 +60,7 @@ RSpec.describe 'Tags deerjikists API', type: :request do
  describe 'GET /tags/name/:name/deerjikists' do
    subject(:do_request) do
-      get "/tags/name/#{name}/deerjikists"
+      get "/tags/name/#{ name }/deerjikists"
    end
    let(:name) { 'deerjika' }
@@ -93,7 +70,6 @@ RSpec.describe 'Tags deerjikists API', type: :request do
      it 'returns 400' do
        do_request
        expect(response).to have_http_status(:bad_request)
      end
    end
@@ -103,209 +79,23 @@ RSpec.describe 'Tags deerjikists API', type: :request do
      it 'returns 404' do
        do_request
        expect(response).to have_http_status(:not_found)
      end
    end
    context 'when tag exists and has no deerjikists' do
      it 'returns 200 with tag and empty deerjikists array' do
        do_request
        expect(response).to have_http_status(:ok)
        expect(json).to be_a(Hash)
        expect(json['tag']).to be_a(Hash)
        expect(json['tag']['id']).to eq(tag.id)
        expect(json['tag']['name']).to eq('deerjika')
        expect(json['tag']['category']).to eq('deerjikist')
        expect(json['tag']['has_deerjikists']).to eq(false)
        expect(json['deerjikists']).to eq([])
      end
    end
    context 'when tag exists and has deerjikists' do
      before do
        Deerjikist.create!(platform: platform1, code: code1, tag: tag)
      end
-      it 'returns 200 with tag and deerjikists array' do
+      it 'returns 200 and deerjikists array' do
        do_request
        expect(response).to have_http_status(:ok)
        expect(json).to be_a(Hash)
        expect(json['tag']).to be_a(Hash)
        expect(json['tag']['id']).to eq(tag.id)
        expect(json['tag']['name']).to eq('deerjika')
        expect(json['tag']['category']).to eq('deerjikist')
        expect(json['tag']['has_deerjikists']).to eq(true)
        expect(json['deerjikists']).to be_a(Array)
        expect(json['deerjikists'].size).to eq(1)
        expect(json['deerjikists'][0]['platform']).to eq(platform1)
        expect(json['deerjikists'][0]['code']).to eq(code1)
      end
    end
  end
  describe 'PUT /tags/:id/deerjikists' do
    subject(:do_request) do
      put "/tags/#{tag_id}/deerjikists", params: payload, as: :json
    end
    let(:tag_id) { tag.id }
    let(:payload) do
      [
        { platform: platform1, code: code1 },
        { platform: platform2, code: code2 },
      ]
    end
    context 'when not logged in' do
      it 'returns 401' do
        do_request
        expect(response).to have_http_status(:unauthorized)
      end
    end
    context 'when logged in but not member' do
      before do
        sign_in_as guest
      end
      it 'returns 403' do
        do_request
        expect(response).to have_http_status(:forbidden)
      end
    end
    context 'when tag does not exist' do
      let(:tag_id) { 9_999_999 }
      before do
        sign_in_as member
      end
      it 'returns 404' do
        do_request
        expect(response).to have_http_status(:not_found)
      end
    end
    context 'when logged in as member' do
      before do
        sign_in_as member
      end
      context 'when tag has no deerjikists' do
        it 'creates deerjikists and returns deerjikists array' do
          expect {
            do_request
          }.to change { Deerjikist.where(tag: tag).count }.from(0).to(2)
          expect(response).to have_http_status(:ok)
          expect(json).to be_a(Array)
          expect(json.map { |h| [h['platform'], h['code']] })
            .to contain_exactly(
              [platform1, code1],
              [platform2, code2],
            )
          expect(Deerjikist.where(tag: tag).map { |d| [d.platform, d.code] })
            .to contain_exactly(
              [platform1, code1],
              [platform2, code2],
            )
        end
      end
      context 'when tag already has deerjikists' do
        before do
          Deerjikist.create!(platform: platform1, code: 'old-code-1', tag: tag)
          Deerjikist.create!(platform: platform2, code: 'old-code-2', tag: tag)
        end
        it 'replaces deerjikists and returns deerjikists array' do
          do_request
          expect(response).to have_http_status(:ok)
          expect(Deerjikist.where(tag: tag).map { |d| [d.platform, d.code] })
            .to contain_exactly(
              [platform1, code1],
              [platform2, code2],
            )
          expect(Deerjikist.exists?(platform: platform1, code: 'old-code-1')).to eq(false)
          expect(Deerjikist.exists?(platform: platform2, code: 'old-code-2')).to eq(false)
          expect(json).to be_a(Array)
          expect(json.map { |h| [h['platform'], h['code']] })
            .to contain_exactly(
              [platform1, code1],
              [platform2, code2],
            )
        end
      end
      context 'when payload is empty array' do
        let(:payload) { [] }
        before do
          Deerjikist.create!(platform: platform1, code: code1, tag: tag)
          Deerjikist.create!(platform: platform2, code: code2, tag: tag)
        end
        it 'clears deerjikists and returns empty array' do
          expect {
            do_request
          }.to change { Deerjikist.where(tag: tag).count }.from(2).to(0)
          expect(response).to have_http_status(:ok)
          expect(json).to eq([])
        end
      end
      context 'when youtube code is handle' do
        let(:channel_id) { 'UCabcdefghijklmnopqrstuv' }
        let(:payload) do
          [
            { platform: 'youtube', code: '@deerjika' },
          ]
        end
        before do
          allow(Net::HTTP).to receive(:get).and_return(
            %(<link rel="canonical" href="https://www.youtube.com/channel/#{channel_id}">),
          )
        end
        it 'normalises youtube handle to channel id' do
          expect {
            do_request
          }.to change { Deerjikist.where(tag: tag).count }.from(0).to(1)
          expect(response).to have_http_status(:ok)
          expect(Net::HTTP).to have_received(:get)
          expect(Deerjikist.exists?(platform: 'youtube', code: channel_id, tag: tag))
            .to eq(true)
        expect(json).to be_a(Array)
        expect(json.size).to eq(1)
-          expect(json[0]['platform']).to eq('youtube')
+        expect(json[0]['platform']).to eq(platform1)
-          expect(json[0]['code']).to eq(channel_id)
+        expect(json[0]['code']).to eq(code1)
        end
      end
    end
  end
@@ -1,266 +1,109 @@
-require 'rails_helper'
+require "rails_helper"
 RSpec.describe 'Users', type: :request do
  let(:remote_ip) { '203.0.113.10' }
  before do
    allow_any_instance_of(ActionDispatch::Request)
      .to receive(:remote_ip)
      .and_return(remote_ip)
  end
  def auth_headers(user)
    { 'X-Transfer-Code' => user.inheritance_code }
  end
  describe 'POST /users' do
    it 'creates guest user, IpAddress and UserIp, and returns code' do
      expect {
        post '/users'
      }.to change(User, :count).by(1)
        .and change(IpAddress, :count).by(1)
        .and change(UserIp, :count).by(1)
 RSpec.describe "Users", type: :request do
  describe "POST /users" do
    it "creates guest user and returns code" do
      post "/users"
      expect(response).to have_http_status(:created)
-      expect(json['code']).to be_present
+      expect(json["code"]).to be_present
-      expect(json['user']['role']).to eq('guest')
+      expect(json["user"]["role"]).to eq("guest")
      user = User.last
      ip_address = IpAddress.find_by(ip_address: IPAddr.new(remote_ip).hton)
      expect(user.role).to eq('guest')
      expect(ip_address).to be_present
      expect(UserIp.exists?(user:, ip_address:)).to eq(true)
    end
    it 'returns 403 and does not create user when current IP address is banned' do
      IpAddress.create!(
        ip_address: IPAddr.new(remote_ip).hton,
        banned_at: Time.current
      )
      expect {
        post '/users'
      }.not_to change(User, :count)
      expect(response).to have_http_status(:forbidden)
      expect(UserIp.count).to eq(0)
    end
  end
-  describe 'POST /users/code/renew' do
+  describe "POST /users/code/renew" do
-    it 'returns 401 when not logged in' do
+    it "returns 401 when not logged in" do
-      post '/users/code/renew'
+      sign_out
      post "/users/code/renew"
      expect(response).to have_http_status(:unauthorized)
    end
  end
  describe "PUT /users/:id" do
    let(:user) { create(:user, name: "old-name", role: "guest") }
    it "returns 401 when current_user id mismatch" do
      sign_in_as(create(:user))
      put "/users/#{user.id}", params: { name: "new-name" }
      expect(response).to have_http_status(:unauthorized)
    end
-    it 'returns 403 when current user is banned' do
+    it "returns 400 when name is blank" do
-      user = create(:user, :banned)
+      sign_in_as(user)
-
+      put "/users/#{user.id}", params: { name: "   " }
      post '/users/code/renew', headers: auth_headers(user)
      expect(response).to have_http_status(:forbidden)
    end
    it 'returns 403 when current IP address is banned' do
      user = create(:user)
      IpAddress.create!(
        ip_address: IPAddr.new(remote_ip).hton,
        banned_at: Time.current
      )
      post '/users/code/renew', headers: auth_headers(user)
      expect(response).to have_http_status(:forbidden)
    end
  end
  describe 'PUT /users/:id' do
    let(:user) { create(:user, name: 'old-name', role: 'guest') }
    it 'returns 401 when current_user id mismatch' do
      other_user = create(:user)
      put "/users/#{user.id}",
          params: { name: 'new-name' },
          headers: auth_headers(other_user)
      expect(response).to have_http_status(:unauthorized)
    end
    it 'returns 400 when name is blank' do
      put "/users/#{user.id}",
          params: { name: '   ' },
          headers: auth_headers(user)
      expect(response).to have_http_status(:bad_request)
    end
-    it 'updates name and returns user slice' do
+    it "updates name and returns 201 with user slice" do
-      put "/users/#{user.id}",
+      sign_in_as(user)
-          params: { name: 'new-name' },
+      put "/users/#{user.id}", params: { name: "new-name" }
          headers: auth_headers(user)
      expect(response).to have_http_status(:ok)
-      expect(json['id']).to eq(user.id)
+      expect(json["id"]).to eq(user.id)
-      expect(json['name']).to eq('new-name')
+      expect(json["name"]).to eq("new-name")
      user.reload
-      expect(user.name).to eq('new-name')
+      expect(user.name).to eq("new-name")
    end
    it 'returns 403 when current user is banned' do
      user.update!(banned_at: Time.current)
      put "/users/#{user.id}",
          params: { name: 'new-name' },
          headers: auth_headers(user)
      expect(response).to have_http_status(:forbidden)
      user.reload
      expect(user.name).to eq('old-name')
    end
    it 'returns 403 when current IP address is banned' do
      IpAddress.create!(
        ip_address: IPAddr.new(remote_ip).hton,
        banned_at: Time.current
      )
      put "/users/#{user.id}",
          params: { name: 'new-name' },
          headers: auth_headers(user)
      expect(response).to have_http_status(:forbidden)
      user.reload
      expect(user.name).to eq('old-name')
    end
  end
-  describe 'POST /users/verify' do
+  describe "POST /users/verify" do
-    it 'returns valid:false when code not found' do
+    it "returns valid:false when code not found" do
-      post '/users/verify', params: { code: 'nope' }
+      post "/users/verify", params: { code: "nope" }
      expect(response).to have_http_status(:ok)
-      expect(json['valid']).to eq(false)
+      expect(json["valid"]).to eq(false)
    end
-    it 'returns 403 when current IP address is banned' do
+    it "creates IpAddress and UserIp, and returns valid:true with user slice" do
-      user = create(:user, inheritance_code: SecureRandom.uuid, role: 'guest')
+      user = create(:user, inheritance_code: SecureRandom.uuid, role: "guest")
-      IpAddress.create!(
+      # request.remote_ip を固定
-        ip_address: IPAddr.new(remote_ip).hton,
+      allow_any_instance_of(ActionDispatch::Request).to receive(:remote_ip).and_return("203.0.113.10")
        banned_at: Time.current
      )
      expect {
-        post '/users/verify', params: { code: user.inheritance_code }
+        post "/users/verify", params: { code: user.inheritance_code }
      }.not_to change(UserIp, :count)
      expect(response).to have_http_status(:forbidden)
    end
    it 'returns 403 when verified user is banned' do
      user = create(
        :user,
        :banned,
        inheritance_code: SecureRandom.uuid,
        role: 'guest'
      )
      expect {
        post '/users/verify', params: { code: user.inheritance_code }
      }.not_to change(UserIp, :count)
      expect(response).to have_http_status(:forbidden)
    end
    it 'creates IpAddress and UserIp, and returns valid:true with user slice' do
      user = create(:user, inheritance_code: SecureRandom.uuid, role: 'guest')
      expect {
        post '/users/verify', params: { code: user.inheritance_code }
      }.to change(UserIp, :count).by(1)
        .and change(IpAddress, :count).by(1)
      expect(response).to have_http_status(:ok)
      expect(json['valid']).to eq(true)
      expect(json['user']['id']).to eq(user.id)
      expect(json['user']['inheritance_code']).to eq(user.inheritance_code)
      expect(json['user']['role']).to eq('guest')
      ip_address = IpAddress.find_by(ip_address: IPAddr.new(remote_ip).hton)
      expect(ip_address).to be_present
      expect(UserIp.exists?(user:, ip_address:)).to eq(true)
    end
    it 'is idempotent for same user and same IP address' do
      user = create(:user, inheritance_code: SecureRandom.uuid, role: 'guest')
      post '/users/verify', params: { code: user.inheritance_code }
      expect(response).to have_http_status(:ok)
      expect {
        post '/users/verify', params: { code: user.inheritance_code }
      }.not_to change(UserIp, :count)
      expect(response).to have_http_status(:ok)
      expect(json['valid']).to eq(true)
    end
    it 'creates another UserIp for same user and different IP address' do
      user = create(:user, inheritance_code: SecureRandom.uuid, role: 'guest')
      post '/users/verify', params: { code: user.inheritance_code }
      expect(response).to have_http_status(:ok)
      allow_any_instance_of(ActionDispatch::Request)
        .to receive(:remote_ip)
        .and_return('203.0.113.11')
      expect {
        post '/users/verify', params: { code: user.inheritance_code }
      }.to change(UserIp, :count).by(1)
      expect(response).to have_http_status(:ok)
-      expect(json['valid']).to eq(true)
+      expect(json["valid"]).to eq(true)
      expect(json["user"]["id"]).to eq(user.id)
      expect(json["user"]["inheritance_code"]).to eq(user.inheritance_code)
      expect(json["user"]["role"]).to eq("guest")
      # ついでに IpAddress もできてることを確認（ipの保存形式がバイナリでも count で見れる）
      expect(IpAddress.count).to be >= 1
    end
    it "is idempotent for same user+ip (does not create duplicate UserIp)" do
      user = create(:user, inheritance_code: SecureRandom.uuid, role: "guest")
      allow_any_instance_of(ActionDispatch::Request).to receive(:remote_ip).and_return("203.0.113.10")
      post "/users/verify", params: { code: user.inheritance_code }
      expect(response).to have_http_status(:ok)
      expect {
        post "/users/verify", params: { code: user.inheritance_code }
      }.not_to change(UserIp, :count)
      expect(response).to have_http_status(:ok)
      expect(json["valid"]).to eq(true)
    end
  end
-  describe 'GET /users/me' do
+  describe "GET /users/me" do
-    it 'returns 404 when code not found' do
+    it "returns 404 when code not found" do
-      get '/users/me', params: { code: 'nope' }
+      get "/users/me", params: { code: "nope" }
      expect(response).to have_http_status(:not_found)
    end
-    it 'returns user slice when found' do
+    it "returns user slice when found" do
-      user = create(:user, inheritance_code: SecureRandom.uuid, name: 'me', role: 'guest')
+      user = create(:user, inheritance_code: SecureRandom.uuid, name: "me", role: "guest")
-
+      get "/users/me", params: { code: user.inheritance_code }
      get '/users/me', params: { code: user.inheritance_code }
      expect(response).to have_http_status(:ok)
-      expect(json['id']).to eq(user.id)
+      expect(json["id"]).to eq(user.id)
-      expect(json['name']).to eq('me')
+      expect(json["name"]).to eq("me")
-      expect(json['inheritance_code']).to eq(user.inheritance_code)
+      expect(json["inheritance_code"]).to eq(user.inheritance_code)
-      expect(json['role']).to eq('guest')
+      expect(json["role"]).to eq("guest")
    end
    it 'returns 403 when current IP address is banned' do
      user = create(:user, inheritance_code: SecureRandom.uuid)
      IpAddress.create!(
        ip_address: IPAddr.new(remote_ip).hton,
        banned_at: Time.current
      )
      get '/users/me', params: { code: user.inheritance_code }
      expect(response).to have_http_status(:forbidden)
    end
  end
 end
@@ -2,12 +2,14 @@ module TestRecords
  def create_member_user!
    User.create!(name: 'spec user',
                 inheritance_code: SecureRandom.hex(16),
-                 role: 'member')
+                 role: 'member',
                 banned: false)
  end
  def create_admin_user!
    User.create!(name: 'spec admin',
                 inheritance_code: SecureRandom.hex(16),
-                 role: 'admin')
+                 role: 'admin',
                 banned: false)
  end
 end
Author	SHA1	Message	Date
みてるぞ	1653e1ae79	#63	2026-05-04 03:14:50 +09:00
みてるぞ	5c1295f0ff	#63	2026-05-04 03:12:50 +09:00
みてるぞ	cf7f9621e1	#63	2026-05-04 02:55:36 +09:00