KKlochko
/
decentralised_book_index
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add tests to check permission for Show and Edit LiveViews.
continuous-integration/drone/push Build is passing Details

Browse Source
dev
KKlochko 1 month ago
parent bdc6670475
commit f406239b16
1 changed files with 326 additions and 4 deletions
Show Stats Download Patch File Download Diff File

330
test/decentralised_book_index_web/live/live_views_permission.exs
Unescape View File

@ -1,8 +1,6 @@
defmodule DecentralisedBookIndexWeb.LiveViewsPermissions do
use DecentralisedBookIndexWeb.LiveCase, async: true
alias DecentralisedBookIndex.Metadata
setup do
user = generate(user(role: :user))
moderator = generate(user(role: :moderator))
@ -11,7 +9,8 @@ defmodule DecentralisedBookIndexWeb.LiveViewsPermissions do
%{
user: user,
moderator: moderator,
admin: admin
admin: admin,
users: [nil, user, moderator, admin]
}
end
@ -44,7 +43,72 @@ defmodule DecentralisedBookIndexWeb.LiveViewsPermissions do
end
end
describe "Author Index /author" do
describe "Book Show /books/:id" do
setup do
%{book: generate(book())}
end
test "can be accessed by any user", %{conn: conn, users: users, book: book} do
for user <- users do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/books/#{book.id}")
assert html =~ book.title
end
end
end
describe "Book Edit /books/:id/new" do
test "can't be accessed by regular user", %{conn: conn, user: user} do
for user <- [nil, user] do
{:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}}
conn
|> log_in_user(user)
|> live("/books/new")
end
end
test "can be accessed by moderator and admin", %{conn: conn, moderator: moderator, admin: admin} do
for user <- [moderator, admin] do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/books/new")
assert html =~ "New Book"
end
end
end
describe "Book Edit /books/:id/edit" do
setup do
%{book: generate(book())}
end
test "can't be accessed by regular user", %{conn: conn, user: user, book: book} do
for user <- [nil, user] do
{:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}}
conn
|> log_in_user(user)
|> live("/books/#{book.id}/edit")
end
end
test "can be accessed by moderator and admin", %{conn: conn, moderator: moderator, admin: admin, book: book} do
for user <- [moderator, admin] do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/books/#{book.id}/edit")
assert html =~ "Edit Book"
end
end
end
describe "Author Index /authors" do
test "can be accessed by regular user", %{conn: conn, user: user} do
{:ok, _view, html} =
conn
@ -73,6 +137,71 @@ defmodule DecentralisedBookIndexWeb.LiveViewsPermissions do
end
end
describe "Author Show /authors/:id" do
setup do
%{author: generate(author())}
end
test "can be accessed by any user", %{conn: conn, users: users, author: author} do
for user <- users do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/authors/#{author.id}")
assert html =~ author.name
end
end
end
describe "Author Edit /authors/:id/new" do
test "can't be accessed by regular user", %{conn: conn, user: user} do
for user <- [nil, user] do
{:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}}
conn
|> log_in_user(user)
|> live("/authors/new")
end
end
test "can be accessed by moderator and admin", %{conn: conn, moderator: moderator, admin: admin} do
for user <- [moderator, admin] do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/authors/new")
assert html =~ "New Author"
end
end
end
describe "Author Edit /authors/:id/edit" do
setup do
%{author: generate(author())}
end
test "can't be accessed by regular user", %{conn: conn, user: user, author: author} do
for user <- [nil, user] do
{:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}}
conn
|> log_in_user(user)
|> live("/authors/#{author.id}/edit")
end
end
test "can be accessed by moderator and admin", %{conn: conn, moderator: moderator, admin: admin, author: author} do
for user <- [moderator, admin] do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/authors/#{author.id}/edit")
assert html =~ "Edit Author"
end
end
end
describe "Publisher Index /publishers" do
test "can't be accessed by regular user", %{conn: conn, user: user} do
assert {:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}} =
@ -100,6 +229,80 @@ defmodule DecentralisedBookIndexWeb.LiveViewsPermissions do
end
end
describe "Publisher Show /publishers/:id" do
setup do
%{publisher: generate(publisher())}
end
test "can't be accessed by regular user", %{conn: conn, user: user, publisher: publisher} do
for user <- [nil, user] do
{:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}}
conn
|> log_in_user(user)
|> live("/publishers/#{publisher.id}")
end
end
test "can be accessed by moderator and admin", %{conn: conn, moderator: moderator, admin: admin, publisher: publisher} do
for user <- [moderator, admin] do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/publishers/#{publisher.id}")
assert html =~ publisher.name
end
end
end
describe "Publisher Edit /publishers/:id/new" do
test "can't be accessed by regular user", %{conn: conn, user: user} do
for user <- [nil, user] do
{:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}}
conn
|> log_in_user(user)
|> live("/publishers/new")
end
end
test "can be accessed by moderator and admin", %{conn: conn, moderator: moderator, admin: admin} do
for user <- [moderator, admin] do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/publishers/new")
assert html =~ "New Publisher"
end
end
end
describe "Publisher Edit /publishers/:id/edit" do
setup do
%{publisher: generate(publisher())}
end
test "can't be accessed by regular user", %{conn: conn, user: user, publisher: publisher} do
for user <- [nil, user] do
{:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}}
conn
|> log_in_user(user)
|> live("/publishers/#{publisher.id}/edit")
end
end
test "can be accessed by moderator and admin", %{conn: conn, moderator: moderator, admin: admin, publisher: publisher} do
for user <- [moderator, admin] do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/publishers/#{publisher.id}/edit")
assert html =~ "Edit Publisher"
end
end
end
describe "Server Index /servers" do
test "can't be accessed by regular user", %{conn: conn, user: user} do
assert {:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}} =
@ -125,6 +328,80 @@ defmodule DecentralisedBookIndexWeb.LiveViewsPermissions do
end
end
describe "Server Show /servers/:id" do
setup do
%{server: generate(dbi_server())}
end
test "can't be accessed by non-admin user", %{conn: conn, user: user, moderator: moderator, server: server} do
for user <- [nil, user, moderator] do
{:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}}
conn
|> log_in_user(user)
|> live("/servers/#{server.id}")
end
end
test "can be accessed by admin", %{conn: conn, admin: admin, server: server} do
for user <- [admin] do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/servers/#{server.id}")
assert html =~ server.name
end
end
end
describe "Server Edit /servers/:id/new" do
test "can't be accessed by non-admin user", %{conn: conn, user: user, moderator: moderator} do
for user <- [nil, user, moderator] do
{:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}}
conn
|> log_in_user(user)
|> live("/servers/new")
end
end
test "can be accessed by admin", %{conn: conn, admin: admin} do
for user <- [admin] do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/servers/new")
assert html =~ "New Server"
end
end
end
describe "Server Edit /servers/:id/edit" do
setup do
%{server: generate(dbi_server())}
end
test "can't be accessed by non-admin user", %{conn: conn, user: user, moderator: moderator, server: server} do
for user <- [nil, user, moderator] do
{:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}}
conn
|> log_in_user(user)
|> live("/servers/#{server.id}/edit")
end
end
test "can be accessed by admin", %{conn: conn, admin: admin, server: server} do
for user <- [admin] do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/servers/#{server.id}/edit")
assert html =~ "Edit Server"
end
end
end
describe "ObanWeb /oban" do
test "can't be accessed by regular user", %{conn: conn, user: user} do
assert {:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}} =
@ -165,4 +442,49 @@ defmodule DecentralisedBookIndexWeb.LiveViewsPermissions do
assert html =~ "Listing Users"
end
end
describe "User Show /users/:id" do
test "can't be accessed by non-admin user", %{conn: conn, user: regular_user, moderator: moderator} do
for user <- [nil, regular_user, moderator] do
{:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}}
conn
|> log_in_user(user)
|> live("/users/#{regular_user.id}")
end
end
test "can be accessed by admin", %{conn: conn, admin: admin} do
for user <- [admin] do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/users/#{user.id}")
assert html =~ user.email.string
end
end
end
describe "User Edit /users/:id/edit" do
test "can't be accessed by non-admin user", %{conn: conn, user: regular_user, moderator: moderator} do
for user <- [nil, regular_user, moderator] do
{:error, {:redirect, %{flash: %{"error" => "Unauthorized!"}, to: "/"}}}
conn
|> log_in_user(user)
|> live("/users/#{regular_user.id}/edit")
end
end
test "can be accessed by admin", %{conn: conn, admin: admin} do
for user <- [admin] do
{:ok, _view, html} =
conn
|> log_in_user(user)
|> live("/users/#{user.id}/edit")
assert html =~ "Edit User"
end
end
end
end

Write Preview
Loading…
Cancel
Save