Refactor member user-link tests: shared setup
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
Use describe-level setup for normal_user, admin, unlinked_member.
This commit is contained in:
parent
46dcb932d8
commit
65ac6ca1d0
1 changed files with 44 additions and 34 deletions
|
|
@ -405,10 +405,21 @@ defmodule Mv.Membership.MemberPoliciesTest do
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "member user link - only admin may set or change user link" do
|
describe "member user link - only admin may set or change user link" do
|
||||||
test "normal_user can create member without :user argument", %{actor: _actor} do
|
setup %{actor: actor} do
|
||||||
normal_user = Mv.Fixtures.user_with_role_fixture("normal_user")
|
normal_user =
|
||||||
normal_user = Mv.Authorization.Actor.ensure_loaded(normal_user)
|
Mv.Fixtures.user_with_role_fixture("normal_user")
|
||||||
|
|> Mv.Authorization.Actor.ensure_loaded()
|
||||||
|
|
||||||
|
admin =
|
||||||
|
Mv.Fixtures.user_with_role_fixture("admin")
|
||||||
|
|> Mv.Authorization.Actor.ensure_loaded()
|
||||||
|
|
||||||
|
unlinked_member = create_unlinked_member(actor)
|
||||||
|
|
||||||
|
%{normal_user: normal_user, admin: admin, unlinked_member: unlinked_member}
|
||||||
|
end
|
||||||
|
|
||||||
|
test "normal_user can create member without :user argument", %{normal_user: normal_user} do
|
||||||
{:ok, member} =
|
{:ok, member} =
|
||||||
Membership.create_member(
|
Membership.create_member(
|
||||||
%{
|
%{
|
||||||
|
|
@ -425,12 +436,12 @@ defmodule Mv.Membership.MemberPoliciesTest do
|
||||||
assert is_nil(member.user)
|
assert is_nil(member.user)
|
||||||
end
|
end
|
||||||
|
|
||||||
test "normal_user cannot create member with :user argument (forbidden)", %{actor: _actor} do
|
test "normal_user cannot create member with :user argument (forbidden)", %{
|
||||||
normal_user = Mv.Fixtures.user_with_role_fixture("normal_user")
|
normal_user: normal_user
|
||||||
normal_user = Mv.Authorization.Actor.ensure_loaded(normal_user)
|
} do
|
||||||
# Another user to try to link to
|
other_user =
|
||||||
other_user = Mv.Fixtures.user_with_role_fixture("read_only")
|
Mv.Fixtures.user_with_role_fixture("read_only")
|
||||||
other_user = Mv.Authorization.Actor.ensure_loaded(other_user)
|
|> Mv.Authorization.Actor.ensure_loaded()
|
||||||
|
|
||||||
attrs = %{
|
attrs = %{
|
||||||
first_name: "Linked",
|
first_name: "Linked",
|
||||||
|
|
@ -443,11 +454,10 @@ defmodule Mv.Membership.MemberPoliciesTest do
|
||||||
Membership.create_member(attrs, actor: normal_user)
|
Membership.create_member(attrs, actor: normal_user)
|
||||||
end
|
end
|
||||||
|
|
||||||
test "normal_user can update member without :user argument", %{actor: actor} do
|
test "normal_user can update member without :user argument", %{
|
||||||
normal_user = Mv.Fixtures.user_with_role_fixture("normal_user")
|
normal_user: normal_user,
|
||||||
normal_user = Mv.Authorization.Actor.ensure_loaded(normal_user)
|
unlinked_member: unlinked_member
|
||||||
unlinked_member = create_unlinked_member(actor)
|
} do
|
||||||
|
|
||||||
{:ok, updated} =
|
{:ok, updated} =
|
||||||
Membership.update_member(unlinked_member, %{first_name: "UpdatedByNormal"},
|
Membership.update_member(unlinked_member, %{first_name: "UpdatedByNormal"},
|
||||||
actor: normal_user
|
actor: normal_user
|
||||||
|
|
@ -456,25 +466,24 @@ defmodule Mv.Membership.MemberPoliciesTest do
|
||||||
assert updated.first_name == "UpdatedByNormal"
|
assert updated.first_name == "UpdatedByNormal"
|
||||||
end
|
end
|
||||||
|
|
||||||
test "normal_user cannot update member with :user argument (forbidden)", %{actor: actor} do
|
test "normal_user cannot update member with :user argument (forbidden)", %{
|
||||||
normal_user = Mv.Fixtures.user_with_role_fixture("normal_user")
|
normal_user: normal_user,
|
||||||
normal_user = Mv.Authorization.Actor.ensure_loaded(normal_user)
|
unlinked_member: unlinked_member
|
||||||
other_user = Mv.Fixtures.user_with_role_fixture("own_data")
|
} do
|
||||||
other_user = Mv.Authorization.Actor.ensure_loaded(other_user)
|
other_user =
|
||||||
unlinked_member = create_unlinked_member(actor)
|
Mv.Fixtures.user_with_role_fixture("own_data")
|
||||||
|
|> Mv.Authorization.Actor.ensure_loaded()
|
||||||
|
|
||||||
# Passing :user in params tries to link member to other_user - only admin may do that
|
|
||||||
params = %{first_name: unlinked_member.first_name, user: %{id: other_user.id}}
|
params = %{first_name: unlinked_member.first_name, user: %{id: other_user.id}}
|
||||||
|
|
||||||
assert {:error, %Ash.Error.Forbidden{}} =
|
assert {:error, %Ash.Error.Forbidden{}} =
|
||||||
Membership.update_member(unlinked_member, params, actor: normal_user)
|
Membership.update_member(unlinked_member, params, actor: normal_user)
|
||||||
end
|
end
|
||||||
|
|
||||||
test "admin can create member with :user argument", %{actor: _actor} do
|
test "admin can create member with :user argument", %{admin: admin} do
|
||||||
admin = Mv.Fixtures.user_with_role_fixture("admin")
|
link_target =
|
||||||
admin = Mv.Authorization.Actor.ensure_loaded(admin)
|
Mv.Fixtures.user_with_role_fixture("own_data")
|
||||||
link_target = Mv.Fixtures.user_with_role_fixture("own_data")
|
|> Mv.Authorization.Actor.ensure_loaded()
|
||||||
link_target = Mv.Authorization.Actor.ensure_loaded(link_target)
|
|
||||||
|
|
||||||
attrs = %{
|
attrs = %{
|
||||||
first_name: "AdminLinked",
|
first_name: "AdminLinked",
|
||||||
|
|
@ -486,19 +495,20 @@ defmodule Mv.Membership.MemberPoliciesTest do
|
||||||
{:ok, member} = Membership.create_member(attrs, actor: admin)
|
{:ok, member} = Membership.create_member(attrs, actor: admin)
|
||||||
|
|
||||||
assert member.first_name == "AdminLinked"
|
assert member.first_name == "AdminLinked"
|
||||||
# Reload link_target to see the new member_id set by manage_relationship
|
|
||||||
{:ok, link_target} =
|
{:ok, link_target} =
|
||||||
Ash.get(Mv.Accounts.User, link_target.id, domain: Mv.Accounts, actor: admin)
|
Ash.get(Mv.Accounts.User, link_target.id, domain: Mv.Accounts, actor: admin)
|
||||||
|
|
||||||
assert link_target.member_id == member.id
|
assert link_target.member_id == member.id
|
||||||
end
|
end
|
||||||
|
|
||||||
test "admin can update member with :user argument (link)", %{actor: actor} do
|
test "admin can update member with :user argument (link)", %{
|
||||||
admin = Mv.Fixtures.user_with_role_fixture("admin")
|
admin: admin,
|
||||||
admin = Mv.Authorization.Actor.ensure_loaded(admin)
|
unlinked_member: unlinked_member
|
||||||
unlinked_member = create_unlinked_member(actor)
|
} do
|
||||||
link_target = Mv.Fixtures.user_with_role_fixture("read_only")
|
link_target =
|
||||||
link_target = Mv.Authorization.Actor.ensure_loaded(link_target)
|
Mv.Fixtures.user_with_role_fixture("read_only")
|
||||||
|
|> Mv.Authorization.Actor.ensure_loaded()
|
||||||
|
|
||||||
{:ok, updated} =
|
{:ok, updated} =
|
||||||
Membership.update_member(
|
Membership.update_member(
|
||||||
|
|
@ -508,7 +518,7 @@ defmodule Mv.Membership.MemberPoliciesTest do
|
||||||
)
|
)
|
||||||
|
|
||||||
assert updated.id == unlinked_member.id
|
assert updated.id == unlinked_member.id
|
||||||
# Member should now be linked to link_target (user.member_id points to this member)
|
|
||||||
{:ok, reloaded_user} =
|
{:ok, reloaded_user} =
|
||||||
Ash.get(Mv.Accounts.User, link_target.id,
|
Ash.get(Mv.Accounts.User, link_target.id,
|
||||||
domain: Mv.Accounts,
|
domain: Mv.Accounts,
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue