test: add tests for approval ui

2026-03-10 23:21:57 +01:00 · 2026-03-10 23:21:57 +01:00 · 50433e607f
commit 50433e607f
parent 021b709e6a
6 changed files with 466 additions and 11 deletions
--- a/docs/page-permission-route-coverage.md
+++ b/docs/page-permission-route-coverage.md
@ -31,8 +31,10 @@ This document lists all protected routes, which permission set may access them,
 | `/admin/roles/new` | ✗ | ✗ | ✗ | ✓ |
 | `/admin/roles/:id` | ✗ | ✗ | ✗ | ✓ |
 | `/admin/roles/:id/edit` | ✗ | ✗ | ✗ | ✓ |
+| `/join_requests` (Step 2) | ✗ | ✗ | ✓ | ✓ |
+| `/join_requests/:id` (Step 2) | ✗ | ✗ | ✓ | ✓ |

-**Note:** Permission sets define `/custom_field_values` and related paths, but there are no such routes in the router; those entries are for future use.
+**Note:** Permission sets define `/custom_field_values` and related paths, but there are no such routes in the router; those entries are for future use. Step 2 (Approval UI) adds `/join_requests` and `/join_requests/:id` for normal_user and admin; routes and permission set entries are not yet implemented; tests exist in `check_page_permission_test.exs` (describe "join_requests routes" and integration blocks).

 ## Public Paths (no permission check)

@ -55,6 +57,7 @@ The join confirmation route `GET /confirm_join/:token` is public (matched by `/c
 - Unauthenticated: nil user denied, redirect `/sign-in`.
 - Public: unauthenticated allowed `/auth/sign-in`, `/register`.
 - Error: no role, invalid permission_set_name → denied.
+- **Join requests (Step 2):** normal_user and admin allowed `/join_requests`, `/join_requests/:id`; read_only and own_data denied. Tests fail (red) until routes and permission set are added.

 ### Integration tests (full router, Mitglied = own_data)