Restrict Actor.ensure_loaded to Mv.Accounts.User only
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
Pattern match on %Mv.Accounts.User{} instead of generic actor.
Clearer intention, prevents accidental authorization bypasses.
Non-User actors are returned as-is (no-op).
This commit is contained in:
parent
d114554d52
commit
427608578f
2 changed files with 20 additions and 23 deletions
|
|
@ -72,13 +72,13 @@ defmodule Mv.Authorization.ActorTest do
|
|||
assert result.role.id == role.id
|
||||
end
|
||||
|
||||
test "handles load errors gracefully (returns original actor)" do
|
||||
# Create a plain map (not a real Ash resource)
|
||||
fake_actor = %{id: "fake", role: %Ash.NotLoaded{field: :role}}
|
||||
test "returns non-User actors as-is (no-op)" do
|
||||
# Create a plain map (not Mv.Accounts.User)
|
||||
other_actor = %{id: "fake", role: %Ash.NotLoaded{field: :role}}
|
||||
|
||||
# Should not crash, returns original
|
||||
result = Actor.ensure_loaded(fake_actor)
|
||||
assert result == fake_actor
|
||||
# Should return as-is (pattern match doesn't apply to non-User)
|
||||
result = Actor.ensure_loaded(other_actor)
|
||||
assert result == other_actor
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue