Add actor parameter to all tests requiring authorization
This commit adds actor: system_actor to all Ash operations in tests that require authorization.
This commit is contained in:
parent
686f69c9e9
commit
0f48a9b15a
GPG key ID:
1020A035E5DD0824
75 changed files with 4686 additions and 2859 deletions
|
|
@ -19,6 +19,8 @@ defmodule MvWeb.CustomFieldLive.DeletionTest do
|
|||
alias Mv.Membership.{CustomField, CustomFieldValue, Member}
|
||||
|
||||
setup do
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
|
||||
# Create admin user for testing
|
||||
{:ok, user} =
|
||||
Mv.Accounts.User
|
||||
|
|
@ -26,7 +28,7 @@ defmodule MvWeb.CustomFieldLive.DeletionTest do
|
|||
email: "admin#{System.unique_integer([:positive])}@mv.local",
|
||||
password: "testpassword123"
|
||||
})
|
||||
|> Ash.create()
|
||||
|> Ash.create(actor: system_actor)
|
||||
|
||||
conn = log_in_user(build_conn(), user)
|
||||
%{conn: conn, user: user}
|
||||
|
|
@ -156,14 +158,16 @@ defmodule MvWeb.CustomFieldLive.DeletionTest do
|
|||
# Should show success message
|
||||
assert render(view) =~ "Data field deleted successfully"
|
||||
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
|
||||
# Custom field should be gone from database
|
||||
assert {:error, _} = Ash.get(CustomField, custom_field.id)
|
||||
assert {:error, _} = Ash.get(CustomField, custom_field.id, actor: system_actor)
|
||||
|
||||
# Custom field value should also be gone (CASCADE)
|
||||
assert {:error, _} = Ash.get(CustomFieldValue, custom_field_value.id)
|
||||
assert {:error, _} = Ash.get(CustomFieldValue, custom_field_value.id, actor: system_actor)
|
||||
|
||||
# Member should still exist
|
||||
assert {:ok, _} = Ash.get(Member, member.id)
|
||||
assert {:ok, _} = Ash.get(Member, member.id, actor: system_actor)
|
||||
end
|
||||
|
||||
test "button remains disabled and custom field not deleted when slug doesn't match", %{
|
||||
|
|
@ -188,7 +192,8 @@ defmodule MvWeb.CustomFieldLive.DeletionTest do
|
|||
assert html =~ ~r/disabled(?:=""|(?!\w))/
|
||||
|
||||
# Custom field should still exist since deletion couldn't proceed
|
||||
assert {:ok, _} = Ash.get(CustomField, custom_field.id)
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
assert {:ok, _} = Ash.get(CustomField, custom_field.id, actor: system_actor)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
@ -214,38 +219,45 @@ defmodule MvWeb.CustomFieldLive.DeletionTest do
|
|||
refute has_element?(view, "#delete-custom-field-modal")
|
||||
|
||||
# Custom field should still exist
|
||||
assert {:ok, _} = Ash.get(CustomField, custom_field.id)
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
assert {:ok, _} = Ash.get(CustomField, custom_field.id, actor: system_actor)
|
||||
end
|
||||
end
|
||||
|
||||
# Helper functions
|
||||
defp create_member do
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
|
||||
Member
|
||||
|> Ash.Changeset.for_create(:create_member, %{
|
||||
first_name: "Test",
|
||||
last_name: "User#{System.unique_integer([:positive])}",
|
||||
email: "test#{System.unique_integer([:positive])}@example.com"
|
||||
})
|
||||
|> Ash.create()
|
||||
|> Ash.create(actor: system_actor)
|
||||
end
|
||||
|
||||
defp create_custom_field(name, value_type) do
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
|
||||
CustomField
|
||||
|> Ash.Changeset.for_create(:create, %{
|
||||
name: "#{name}_#{System.unique_integer([:positive])}",
|
||||
value_type: value_type
|
||||
})
|
||||
|> Ash.create()
|
||||
|> Ash.create(actor: system_actor)
|
||||
end
|
||||
|
||||
defp create_custom_field_value(member, custom_field, value) do
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
|
||||
CustomFieldValue
|
||||
|> Ash.Changeset.for_create(:create, %{
|
||||
member_id: member.id,
|
||||
custom_field_id: custom_field.id,
|
||||
value: %{"_union_type" => "string", "_union_value" => value}
|
||||
})
|
||||
|> Ash.create()
|
||||
|> Ash.create(actor: system_actor)
|
||||
end
|
||||
|
||||
defp log_in_user(conn, user) do
|
||||
|
|
|
|||
|
|
@ -12,6 +12,8 @@ defmodule MvWeb.MembershipFeeTypeLive.FormTest do
|
|||
require Ash.Query
|
||||
|
||||
setup %{conn: conn} do
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
|
||||
# Create admin user
|
||||
{:ok, user} =
|
||||
Mv.Accounts.User
|
||||
|
|
@ -19,7 +21,7 @@ defmodule MvWeb.MembershipFeeTypeLive.FormTest do
|
|||
email: "admin#{System.unique_integer([:positive])}@mv.local",
|
||||
password: "testpassword123"
|
||||
})
|
||||
|> Ash.create()
|
||||
|> Ash.create(actor: system_actor)
|
||||
|
||||
authenticated_conn = conn_with_password_user(conn, user)
|
||||
%{conn: authenticated_conn, user: user}
|
||||
|
|
@ -27,6 +29,8 @@ defmodule MvWeb.MembershipFeeTypeLive.FormTest do
|
|||
|
||||
# Helper to create a membership fee type
|
||||
defp create_fee_type(attrs) do
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
|
||||
default_attrs = %{
|
||||
name: "Test Fee Type #{System.unique_integer([:positive])}",
|
||||
amount: Decimal.new("50.00"),
|
||||
|
|
@ -37,11 +41,13 @@ defmodule MvWeb.MembershipFeeTypeLive.FormTest do
|
|||
|
||||
MembershipFeeType
|
||||
|> Ash.Changeset.for_create(:create, attrs)
|
||||
|> Ash.create!()
|
||||
|> Ash.create!(actor: system_actor)
|
||||
end
|
||||
|
||||
# Helper to create a member
|
||||
defp create_member(attrs) do
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
|
||||
default_attrs = %{
|
||||
first_name: "Test",
|
||||
last_name: "Member",
|
||||
|
|
@ -52,7 +58,7 @@ defmodule MvWeb.MembershipFeeTypeLive.FormTest do
|
|||
|
||||
Member
|
||||
|> Ash.Changeset.for_create(:create_member, attrs)
|
||||
|> Ash.create!()
|
||||
|> Ash.create!(actor: system_actor)
|
||||
end
|
||||
|
||||
describe "create form" do
|
||||
|
|
|
|||
|
|
@ -2,6 +2,11 @@ defmodule MvWeb.ProfileNavigationTest do
|
|||
use MvWeb.ConnCase, async: true
|
||||
import Phoenix.LiveViewTest
|
||||
|
||||
setup do
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
%{actor: system_actor}
|
||||
end
|
||||
|
||||
describe "profile navigation" do
|
||||
test "clicking profile button redirects to current user profile", %{conn: conn} do
|
||||
# Setup: Create and login a user
|
||||
|
|
@ -60,7 +65,7 @@ defmodule MvWeb.ProfileNavigationTest do
|
|||
end
|
||||
|
||||
describe "profile navigation with OIDC user" do
|
||||
test "shows correct profile data for OIDC user", %{conn: conn} do
|
||||
test "shows correct profile data for OIDC user", %{conn: conn, actor: actor} do
|
||||
# Setup: Create OIDC user with sub claim
|
||||
user_info = %{
|
||||
"sub" => "oidc_123",
|
||||
|
|
@ -78,7 +83,7 @@ defmodule MvWeb.ProfileNavigationTest do
|
|||
user_info: user_info,
|
||||
oauth_tokens: oauth_tokens
|
||||
})
|
||||
|> Ash.create!(domain: Mv.Accounts)
|
||||
|> Ash.create!(domain: Mv.Accounts, actor: actor)
|
||||
|
||||
# Login user via OIDC
|
||||
conn = sign_in_user_via_oidc(conn, user)
|
||||
|
|
@ -94,7 +99,10 @@ defmodule MvWeb.ProfileNavigationTest do
|
|||
assert html =~ "Not enabled"
|
||||
end
|
||||
|
||||
test "profile navigation works across different authentication methods", %{conn: conn} do
|
||||
test "profile navigation works across different authentication methods", %{
|
||||
conn: conn,
|
||||
actor: actor
|
||||
} do
|
||||
# Create password user
|
||||
password_user =
|
||||
create_test_user(%{
|
||||
|
|
@ -119,7 +127,7 @@ defmodule MvWeb.ProfileNavigationTest do
|
|||
user_info: user_info,
|
||||
oauth_tokens: oauth_tokens
|
||||
})
|
||||
|> Ash.create!(domain: Mv.Accounts)
|
||||
|> Ash.create!(domain: Mv.Accounts, actor: actor)
|
||||
|
||||
# Test with password user
|
||||
conn_password = conn_with_password_user(conn, password_user)
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ defmodule MvWeb.RoleLive.ShowTest do
|
|||
end
|
||||
|
||||
# Helper to create admin user with admin role
|
||||
defp create_admin_user(conn) do
|
||||
defp create_admin_user(conn, actor) do
|
||||
# Create admin role
|
||||
admin_role =
|
||||
case Authorization.list_roles() do
|
||||
|
|
@ -69,14 +69,14 @@ defmodule MvWeb.RoleLive.ShowTest do
|
|||
email: "admin#{System.unique_integer([:positive])}@mv.local",
|
||||
password: "testpassword123"
|
||||
})
|
||||
|> Ash.create()
|
||||
|> Ash.create(actor: actor)
|
||||
|
||||
# Assign admin role using manage_relationship
|
||||
{:ok, user} =
|
||||
user
|
||||
|> Ash.Changeset.for_update(:update, %{})
|
||||
|> Ash.Changeset.manage_relationship(:role, admin_role, type: :append_and_remove)
|
||||
|> Ash.update()
|
||||
|> Ash.update(actor: actor)
|
||||
|
||||
# Load role for authorization checks (must be loaded for can?/3 to work)
|
||||
user_with_role = Ash.load!(user, :role, domain: Mv.Accounts)
|
||||
|
|
@ -88,8 +88,9 @@ defmodule MvWeb.RoleLive.ShowTest do
|
|||
|
||||
describe "mount and display" do
|
||||
setup %{conn: conn} do
|
||||
{conn, _user, _admin_role} = create_admin_user(conn)
|
||||
%{conn: conn}
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
{conn, _user, _admin_role} = create_admin_user(conn, system_actor)
|
||||
%{conn: conn, actor: system_actor}
|
||||
end
|
||||
|
||||
test "mounts successfully with valid role ID", %{conn: conn} do
|
||||
|
|
@ -135,7 +136,7 @@ defmodule MvWeb.RoleLive.ShowTest do
|
|||
assert html =~ gettext("Permission Set")
|
||||
end
|
||||
|
||||
test "displays system role badge when is_system_role is true", %{conn: conn} do
|
||||
test "displays system role badge when is_system_role is true", %{conn: conn, actor: actor} do
|
||||
system_role =
|
||||
Role
|
||||
|> Ash.Changeset.for_create(:create_role, %{
|
||||
|
|
@ -143,7 +144,7 @@ defmodule MvWeb.RoleLive.ShowTest do
|
|||
permission_set_name: "own_data"
|
||||
})
|
||||
|> Ash.Changeset.force_change_attribute(:is_system_role, true)
|
||||
|> Ash.create!()
|
||||
|> Ash.create!(actor: actor)
|
||||
|
||||
{:ok, _view, html} = live(conn, "/admin/roles/#{system_role.id}")
|
||||
|
||||
|
|
@ -172,8 +173,9 @@ defmodule MvWeb.RoleLive.ShowTest do
|
|||
|
||||
describe "navigation" do
|
||||
setup %{conn: conn} do
|
||||
{conn, _user, _admin_role} = create_admin_user(conn)
|
||||
%{conn: conn}
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
{conn, _user, _admin_role} = create_admin_user(conn, system_actor)
|
||||
%{conn: conn, actor: system_actor}
|
||||
end
|
||||
|
||||
test "back button navigates to role list", %{conn: conn} do
|
||||
|
|
@ -209,8 +211,9 @@ defmodule MvWeb.RoleLive.ShowTest do
|
|||
|
||||
describe "error handling" do
|
||||
setup %{conn: conn} do
|
||||
{conn, _user, _admin_role} = create_admin_user(conn)
|
||||
%{conn: conn}
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
{conn, _user, _admin_role} = create_admin_user(conn, system_actor)
|
||||
%{conn: conn, actor: system_actor}
|
||||
end
|
||||
|
||||
test "redirects to role list with error for invalid role ID", %{conn: conn} do
|
||||
|
|
@ -226,11 +229,12 @@ defmodule MvWeb.RoleLive.ShowTest do
|
|||
|
||||
describe "delete functionality" do
|
||||
setup %{conn: conn} do
|
||||
{conn, _user, _admin_role} = create_admin_user(conn)
|
||||
%{conn: conn}
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
{conn, _user, _admin_role} = create_admin_user(conn, system_actor)
|
||||
%{conn: conn, actor: system_actor}
|
||||
end
|
||||
|
||||
test "delete button is not shown for system roles", %{conn: conn} do
|
||||
test "delete button is not shown for system roles", %{conn: conn, actor: actor} do
|
||||
system_role =
|
||||
Role
|
||||
|> Ash.Changeset.for_create(:create_role, %{
|
||||
|
|
@ -238,7 +242,7 @@ defmodule MvWeb.RoleLive.ShowTest do
|
|||
permission_set_name: "own_data"
|
||||
})
|
||||
|> Ash.Changeset.force_change_attribute(:is_system_role, true)
|
||||
|> Ash.create!()
|
||||
|> Ash.create!(actor: actor)
|
||||
|
||||
{:ok, _view, html} = live(conn, "/admin/roles/#{system_role.id}")
|
||||
|
||||
|
|
@ -258,8 +262,9 @@ defmodule MvWeb.RoleLive.ShowTest do
|
|||
|
||||
describe "page title" do
|
||||
setup %{conn: conn} do
|
||||
{conn, _user, _admin_role} = create_admin_user(conn)
|
||||
%{conn: conn}
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
{conn, _user, _admin_role} = create_admin_user(conn, system_actor)
|
||||
%{conn: conn, actor: system_actor}
|
||||
end
|
||||
|
||||
test "sets correct page title", %{conn: conn} do
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ defmodule MvWeb.RoleLiveTest do
|
|||
end
|
||||
|
||||
# Helper to create admin user with admin role
|
||||
defp create_admin_user(conn) do
|
||||
defp create_admin_user(conn, actor) do
|
||||
# Create admin role
|
||||
admin_role =
|
||||
case Authorization.list_roles() do
|
||||
|
|
@ -60,14 +60,14 @@ defmodule MvWeb.RoleLiveTest do
|
|||
email: "admin#{System.unique_integer([:positive])}@mv.local",
|
||||
password: "testpassword123"
|
||||
})
|
||||
|> Ash.create()
|
||||
|> Ash.create(actor: actor)
|
||||
|
||||
# Assign admin role using manage_relationship
|
||||
{:ok, user} =
|
||||
user
|
||||
|> Ash.Changeset.for_update(:update, %{})
|
||||
|> Ash.Changeset.manage_relationship(:role, admin_role, type: :append_and_remove)
|
||||
|> Ash.update()
|
||||
|> Ash.update(actor: actor)
|
||||
|
||||
# Load role for authorization checks (must be loaded for can?/3 to work)
|
||||
user_with_role = Ash.load!(user, :role, domain: Mv.Accounts)
|
||||
|
|
@ -78,14 +78,14 @@ defmodule MvWeb.RoleLiveTest do
|
|||
end
|
||||
|
||||
# Helper to create non-admin user
|
||||
defp create_non_admin_user(conn) do
|
||||
defp create_non_admin_user(conn, actor) do
|
||||
{:ok, user} =
|
||||
Mv.Accounts.User
|
||||
|> Ash.Changeset.for_create(:register_with_password, %{
|
||||
email: "user#{System.unique_integer([:positive])}@mv.local",
|
||||
password: "testpassword123"
|
||||
})
|
||||
|> Ash.create()
|
||||
|> Ash.create(actor: actor)
|
||||
|
||||
conn = conn_with_password_user(conn, user)
|
||||
{conn, user}
|
||||
|
|
@ -93,8 +93,9 @@ defmodule MvWeb.RoleLiveTest do
|
|||
|
||||
describe "index page" do
|
||||
setup %{conn: conn} do
|
||||
{conn, user, _admin_role} = create_admin_user(conn)
|
||||
%{conn: conn, user: user}
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
{conn, user, _admin_role} = create_admin_user(conn, system_actor)
|
||||
%{conn: conn, actor: system_actor, user: user}
|
||||
end
|
||||
|
||||
test "mounts successfully", %{conn: conn} do
|
||||
|
|
@ -121,7 +122,7 @@ defmodule MvWeb.RoleLiveTest do
|
|||
assert html =~ role.permission_set_name
|
||||
end
|
||||
|
||||
test "shows system role badge", %{conn: conn} do
|
||||
test "shows system role badge", %{conn: conn, actor: actor} do
|
||||
_system_role =
|
||||
Role
|
||||
|> Ash.Changeset.for_create(:create_role, %{
|
||||
|
|
@ -129,14 +130,14 @@ defmodule MvWeb.RoleLiveTest do
|
|||
permission_set_name: "own_data"
|
||||
})
|
||||
|> Ash.Changeset.force_change_attribute(:is_system_role, true)
|
||||
|> Ash.create!()
|
||||
|> Ash.create!(actor: actor)
|
||||
|
||||
{:ok, _view, html} = live(conn, "/admin/roles")
|
||||
|
||||
assert html =~ "System Role" || html =~ "system"
|
||||
end
|
||||
|
||||
test "delete button disabled for system roles", %{conn: conn} do
|
||||
test "delete button disabled for system roles", %{conn: conn, actor: actor} do
|
||||
system_role =
|
||||
Role
|
||||
|> Ash.Changeset.for_create(:create_role, %{
|
||||
|
|
@ -144,7 +145,7 @@ defmodule MvWeb.RoleLiveTest do
|
|||
permission_set_name: "own_data"
|
||||
})
|
||||
|> Ash.Changeset.force_change_attribute(:is_system_role, true)
|
||||
|> Ash.create!()
|
||||
|> Ash.create!(actor: actor)
|
||||
|
||||
{:ok, view, _html} = live(conn, "/admin/roles")
|
||||
|
||||
|
|
@ -191,8 +192,9 @@ defmodule MvWeb.RoleLiveTest do
|
|||
|
||||
describe "show page" do
|
||||
setup %{conn: conn} do
|
||||
{conn, user, _admin_role} = create_admin_user(conn)
|
||||
%{conn: conn, user: user}
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
{conn, user, _admin_role} = create_admin_user(conn, system_actor)
|
||||
%{conn: conn, actor: system_actor, user: user}
|
||||
end
|
||||
|
||||
test "mounts with valid role ID", %{conn: conn} do
|
||||
|
|
@ -215,7 +217,7 @@ defmodule MvWeb.RoleLiveTest do
|
|||
assert match?({:error, {:redirect, %{to: "/admin/roles"}}}, result)
|
||||
end
|
||||
|
||||
test "shows system role badge if is_system_role is true", %{conn: conn} do
|
||||
test "shows system role badge if is_system_role is true", %{conn: conn, actor: actor} do
|
||||
system_role =
|
||||
Role
|
||||
|> Ash.Changeset.for_create(:create_role, %{
|
||||
|
|
@ -223,7 +225,7 @@ defmodule MvWeb.RoleLiveTest do
|
|||
permission_set_name: "own_data"
|
||||
})
|
||||
|> Ash.Changeset.force_change_attribute(:is_system_role, true)
|
||||
|> Ash.create!()
|
||||
|> Ash.create!(actor: actor)
|
||||
|
||||
{:ok, _view, html} = live(conn, "/admin/roles/#{system_role.id}")
|
||||
|
||||
|
|
@ -233,8 +235,9 @@ defmodule MvWeb.RoleLiveTest do
|
|||
|
||||
describe "form - create" do
|
||||
setup %{conn: conn} do
|
||||
{conn, user, _admin_role} = create_admin_user(conn)
|
||||
%{conn: conn, user: user}
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
{conn, user, _admin_role} = create_admin_user(conn, system_actor)
|
||||
%{conn: conn, actor: system_actor, user: user}
|
||||
end
|
||||
|
||||
test "mounts successfully", %{conn: conn} do
|
||||
|
|
@ -306,9 +309,10 @@ defmodule MvWeb.RoleLiveTest do
|
|||
|
||||
describe "form - edit" do
|
||||
setup %{conn: conn} do
|
||||
{conn, user, _admin_role} = create_admin_user(conn)
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
{conn, user, _admin_role} = create_admin_user(conn, system_actor)
|
||||
role = create_role()
|
||||
%{conn: conn, user: user, role: role}
|
||||
%{conn: conn, actor: system_actor, user: user, role: role}
|
||||
end
|
||||
|
||||
test "mounts with valid role ID", %{conn: conn, role: role} do
|
||||
|
|
@ -347,7 +351,7 @@ defmodule MvWeb.RoleLiveTest do
|
|||
assert updated_role.name == "Updated Role Name"
|
||||
end
|
||||
|
||||
test "updates system role's permission_set_name", %{conn: conn} do
|
||||
test "updates system role's permission_set_name", %{conn: conn, actor: actor} do
|
||||
system_role =
|
||||
Role
|
||||
|> Ash.Changeset.for_create(:create_role, %{
|
||||
|
|
@ -355,7 +359,7 @@ defmodule MvWeb.RoleLiveTest do
|
|||
permission_set_name: "own_data"
|
||||
})
|
||||
|> Ash.Changeset.force_change_attribute(:is_system_role, true)
|
||||
|> Ash.create!()
|
||||
|> Ash.create!(actor: actor)
|
||||
|
||||
{:ok, view, _html} = live(conn, "/admin/roles/#{system_role.id}/edit?return_to=show")
|
||||
|
||||
|
|
@ -379,8 +383,9 @@ defmodule MvWeb.RoleLiveTest do
|
|||
|
||||
describe "delete functionality" do
|
||||
setup %{conn: conn} do
|
||||
{conn, user, _admin_role} = create_admin_user(conn)
|
||||
%{conn: conn, user: user}
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
{conn, user, _admin_role} = create_admin_user(conn, system_actor)
|
||||
%{conn: conn, actor: system_actor, user: user}
|
||||
end
|
||||
|
||||
test "deletes non-system role", %{conn: conn} do
|
||||
|
|
@ -400,7 +405,7 @@ defmodule MvWeb.RoleLiveTest do
|
|||
Authorization.get_role(role.id)
|
||||
end
|
||||
|
||||
test "fails to delete system role with error message", %{conn: conn} do
|
||||
test "fails to delete system role with error message", %{conn: conn, actor: actor} do
|
||||
system_role =
|
||||
Role
|
||||
|> Ash.Changeset.for_create(:create_role, %{
|
||||
|
|
@ -408,7 +413,7 @@ defmodule MvWeb.RoleLiveTest do
|
|||
permission_set_name: "own_data"
|
||||
})
|
||||
|> Ash.Changeset.force_change_attribute(:is_system_role, true)
|
||||
|> Ash.create!()
|
||||
|> Ash.create!(actor: actor)
|
||||
|
||||
{:ok, view, html} = live(conn, "/admin/roles")
|
||||
|
||||
|
|
@ -428,8 +433,13 @@ defmodule MvWeb.RoleLiveTest do
|
|||
end
|
||||
|
||||
describe "authorization" do
|
||||
test "only admin can access /admin/roles", %{conn: conn} do
|
||||
{conn, _user} = create_non_admin_user(conn)
|
||||
setup do
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
%{actor: system_actor}
|
||||
end
|
||||
|
||||
test "only admin can access /admin/roles", %{conn: conn, actor: actor} do
|
||||
{conn, _user} = create_non_admin_user(conn, actor)
|
||||
|
||||
# Non-admin should be redirected or see error
|
||||
# Note: Authorization is checked via can_access_page? which returns false
|
||||
|
|
@ -443,8 +453,8 @@ defmodule MvWeb.RoleLiveTest do
|
|||
assert html =~ "Listing Roles" || html =~ "Roles"
|
||||
end
|
||||
|
||||
test "admin can access /admin/roles", %{conn: conn} do
|
||||
{conn, _user, _admin_role} = create_admin_user(conn)
|
||||
test "admin can access /admin/roles", %{conn: conn, actor: actor} do
|
||||
{conn, _user, _admin_role} = create_admin_user(conn, actor)
|
||||
|
||||
{:ok, _view, _html} = live(conn, "/admin/roles")
|
||||
end
|
||||
|
|
|
|||
|
|
@ -64,6 +64,8 @@ defmodule MvWeb.UserLive.ShowTest do
|
|||
end
|
||||
|
||||
test "displays linked member when present", %{conn: conn} do
|
||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
|
||||
# Create member
|
||||
{:ok, member} =
|
||||
Member
|
||||
|
|
@ -72,7 +74,7 @@ defmodule MvWeb.UserLive.ShowTest do
|
|||
last_name: "Smith",
|
||||
email: "alice@example.com"
|
||||
})
|
||||
|> Ash.create()
|
||||
|> Ash.create(actor: system_actor)
|
||||
|
||||
# Create user and link to member
|
||||
user = create_test_user(%{email: "user@example.com"})
|
||||
|
|
@ -81,7 +83,7 @@ defmodule MvWeb.UserLive.ShowTest do
|
|||
user
|
||||
|> Ash.Changeset.for_update(:update, %{})
|
||||
|> Ash.Changeset.manage_relationship(:member, member, type: :append_and_remove)
|
||||
|> Ash.update()
|
||||
|> Ash.update(actor: system_actor)
|
||||
|
||||
conn = conn_with_oidc_user(conn)
|
||||
{:ok, _view, html} = live(conn, ~p"/users/#{user.id}")
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue