Skip to content

Commit

Permalink
Merge #754: Category context authorization tests
Browse files Browse the repository at this point in the history 
8a103c6 refactor: fix small typo in test name (Mario)
254b46a refactor: fix CI formatting error (Mario)
fe7436c refactor: removed unused import (Mario)
7b63341 test: category context authorization tests for admin users (Mario)
8c8af46 test: category context authorization tests for registered users (Mario)
1aad802 test: category context authorization tests for guest users (Mario)

Pull request description:

  Parent issue: #615

ACKs for top commit:
  josecelano:
    ACK 8a103c6

Tree-SHA512: 0bee7abdc6b1b16c147fda56e6913a21fd590c593f91f6b0c7d2a564863b2f29e24b2c383274c8c1153f358632a520b3e5f688bd786f5d97afe46d7dbb3220ac
  • Loading branch information
@josecelano
josecelano committed Oct 29, 2024
2 parents 91a0b76 + 8a103c6 commit 65f108d
Showing 1 changed file with 186 additions and 65 deletions.
251 changes: 186 additions & 65 deletions tests/e2e/web/api/v1/contexts/category/contract.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ use crate::common::contexts::category::forms::{AddCategoryForm, DeleteCategoryFo
use crate::common::contexts::category::responses::ListResponse;
use crate::e2e::environment::TestEnv;
use crate::e2e::web::api::v1::contexts::category::steps::{add_category, add_random_category};
use crate::e2e::web::api::v1::contexts::user::steps::{new_logged_in_admin, new_logged_in_user};
use crate::e2e::web::api::v1::contexts::user::steps::new_logged_in_admin;

#[tokio::test]
async fn it_should_return_an_empty_category_list_when_there_are_no_categories() {
Expand Down Expand Up @@ -47,42 +47,6 @@ async fn it_should_return_a_category_list() {
assert_eq!(response.status, 200);
}

#[tokio::test]
async fn it_should_not_allow_adding_a_new_category_to_unauthenticated_users() {
let mut env = TestEnv::new();
env.start(api::Version::V1).await;

let client = Client::unauthenticated(&env.server_socket_addr().unwrap());

let response = client
.add_category(AddCategoryForm {
name: "CATEGORY NAME".to_string(),
icon: None,
})
.await;

assert_eq!(response.status, 401);
}

#[tokio::test]
async fn it_should_not_allow_adding_a_new_category_to_non_admins() {
let mut env = TestEnv::new();
env.start(api::Version::V1).await;

let logged_non_admin = new_logged_in_user(&env).await;

let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_non_admin.token);

let response = client
.add_category(AddCategoryForm {
name: "CATEGORY NAME".to_string(),
icon: None,
})
.await;

assert_eq!(response.status, 403);
}

#[tokio::test]
async fn it_should_allow_admins_to_add_new_categories() {
let mut env = TestEnv::new();
Expand Down Expand Up @@ -158,41 +122,198 @@ async fn it_should_allow_admins_to_delete_categories() {
assert_deleted_category_response(&response, &added_category_name);
}

#[tokio::test]
async fn it_should_not_allow_non_admins_to_delete_categories() {
let mut env = TestEnv::new();
env.start(api::Version::V1).await;
mod authorization {
use torrust_index::web::api;

let added_category_name = add_random_category(&env).await;
use crate::common::client::Client;
use crate::common::contexts::category::forms::DeleteCategoryForm;
use crate::e2e::environment::TestEnv;
use crate::e2e::web::api::v1::contexts::category::steps::add_random_category;
use crate::e2e::web::api::v1::contexts::user::steps::new_logged_in_user;

let logged_in_non_admin = new_logged_in_user(&env).await;
let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_non_admin.token);
mod for_guests {
use torrust_index::web::api;

let response = client
.delete_category(DeleteCategoryForm {
name: added_category_name.to_string(),
icon: None,
})
.await;
use crate::common::client::Client;
use crate::common::contexts::category::forms::{AddCategoryForm, DeleteCategoryForm};
use crate::e2e::environment::TestEnv;
use crate::e2e::web::api::v1::contexts::category::steps::add_random_category;

assert_eq!(response.status, 403);
}
#[tokio::test]
async fn it_should_not_allow_guest_users_to_add_categories() {
let mut env = TestEnv::new();
env.start(api::Version::V1).await;

#[tokio::test]
async fn it_should_not_allow_guests_to_delete_categories() {
let mut env = TestEnv::new();
env.start(api::Version::V1).await;
let client = Client::unauthenticated(&env.server_socket_addr().unwrap());

let client = Client::unauthenticated(&env.server_socket_addr().unwrap());
let response = client
.add_category(AddCategoryForm {
name: "CATEGORY NAME".to_string(),
icon: None,
})
.await;

let added_category_name = add_random_category(&env).await;
assert_eq!(response.status, 401);
}
#[tokio::test]
async fn it_should_not_allow_guests_to_delete_categories() {
let mut env = TestEnv::new();
env.start(api::Version::V1).await;

let response = client
.delete_category(DeleteCategoryForm {
name: added_category_name.to_string(),
icon: None,
})
.await;
let client = Client::unauthenticated(&env.server_socket_addr().unwrap());

let added_category_name = add_random_category(&env).await;

let response = client
.delete_category(DeleteCategoryForm {
name: added_category_name.to_string(),
icon: None,
})
.await;

assert_eq!(response.status, 401);
}
#[tokio::test]
async fn it_should_allow_guest_users_to_get_categories() {
let mut env = TestEnv::new();
env.start(api::Version::V1).await;

let client = Client::unauthenticated(&env.server_socket_addr().unwrap());

add_random_category(&env).await;

let response = client.get_categories().await;

assert_eq!(response.status, 200);
}
}
mod for_authenticated_users {
use torrust_index::web::api;

use crate::common::client::Client;
use crate::common::contexts::category::forms::AddCategoryForm;
use crate::e2e::environment::TestEnv;
use crate::e2e::web::api::v1::contexts::user::steps::new_logged_in_user;

#[tokio::test]
async fn it_should_not_allow_registered_users_to_add_categories() {
let mut env = TestEnv::new();
env.start(api::Version::V1).await;

let logged_non_admin = new_logged_in_user(&env).await;

let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_non_admin.token);

assert_eq!(response.status, 401);
let response = client
.add_category(AddCategoryForm {
name: "CATEGORY NAME".to_string(),
icon: None,
})
.await;

assert_eq!(response.status, 403);
}
}
#[tokio::test]
async fn it_should_not_allow_registered_users_to_delete_categories() {
let mut env = TestEnv::new();
env.start(api::Version::V1).await;

let added_category_name = add_random_category(&env).await;

let logged_in_non_admin = new_logged_in_user(&env).await;

let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_non_admin.token);

let response = client
.delete_category(DeleteCategoryForm {
name: added_category_name.to_string(),
icon: None,
})
.await;

assert_eq!(response.status, 403);
}
#[tokio::test]
async fn it_should_allow_registered_users_to_get_categories() {
let mut env = TestEnv::new();
env.start(api::Version::V1).await;

let logged_in_non_admin = new_logged_in_user(&env).await;

let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_non_admin.token);

add_random_category(&env).await;

let response = client.get_categories().await;

assert_eq!(response.status, 200);
}
mod for_admin_users {
use torrust_index::web::api;

use crate::common::client::Client;
use crate::common::contexts::category::asserts::assert_deleted_category_response;
use crate::common::contexts::category::fixtures::random_category_name;
use crate::common::contexts::category::forms::{AddCategoryForm, DeleteCategoryForm};
use crate::e2e::environment::TestEnv;
use crate::e2e::web::api::v1::contexts::category::steps::add_random_category;
use crate::e2e::web::api::v1::contexts::user::steps::new_logged_in_admin;

#[tokio::test]
async fn it_should_allow_admins_to_add_new_categories() {
let mut env = TestEnv::new();
env.start(api::Version::V1).await;

let logged_in_admin = new_logged_in_admin(&env).await;

let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_admin.token);

let category_name = random_category_name();

let response = client
.add_category(AddCategoryForm {
name: category_name.to_string(),
icon: None,
})
.await;

assert_eq!(response.status, 200);
}
#[tokio::test]
async fn it_should_allow_admins_to_delete_categories() {
let mut env = TestEnv::new();
env.start(api::Version::V1).await;

let logged_in_admin = new_logged_in_admin(&env).await;

let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_admin.token);

let added_category_name = add_random_category(&env).await;

let response = client
.delete_category(DeleteCategoryForm {
name: added_category_name.to_string(),
icon: None,
})
.await;

assert_deleted_category_response(&response, &added_category_name);
}
#[tokio::test]
async fn it_should_allow_admin_users_to_get_categories() {
let mut env = TestEnv::new();
env.start(api::Version::V1).await;

let logged_in_admin = new_logged_in_admin(&env).await;

let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_admin.token);

add_random_category(&env).await;

let response = client.get_categories().await;

assert_eq!(response.status, 200);
}
}
}

0 comments on commit 65f108d

Please sign in to comment.