Merge branch 'main' into issue/mitgliederverwaltung-533
# Conflicts: # test/mv_web/member_live/index_test.exs
This commit is contained in:
commit
84e1cf1cb8
118 changed files with 767 additions and 1148 deletions
58
test/mv/application_test.exs
Normal file
58
test/mv/application_test.exs
Normal file
|
|
@ -0,0 +1,58 @@
|
|||
defmodule Mv.ApplicationTest do
|
||||
@moduledoc """
|
||||
Guards the AshAuthentication supervisor wiring in `Mv.Application`.
|
||||
|
||||
The auth children (token Expunger, audit-log batcher/expunger) resolve their
|
||||
configuration via `Spark.sparks(otp_app, Ash.Resource)`. With the wrong
|
||||
`otp_app` they silently start against an empty resource set: the token
|
||||
Expunger then runs against no token resources and becomes a no-op. This test
|
||||
pins the corrected `:mv` wiring against the *running* application tree: the
|
||||
supervisor and all three children are present, and the token Expunger booted
|
||||
live and resolved the real `:mv` token resource.
|
||||
|
||||
The two audit-log children legitimately report an `:undefined` pid because no
|
||||
`AuditLogResource` resources exist under `:mv` (their init returns `:ignore`);
|
||||
that is a successful start, not a crash, so they are only asserted present.
|
||||
"""
|
||||
use ExUnit.Case, async: false
|
||||
|
||||
alias AshAuthentication.TokenResource.Expunger
|
||||
|
||||
test "AshAuthentication children boot under the :mv otp_app and resolve real config" do
|
||||
# Locate the running AshAuthentication.Supervisor inside the live app tree.
|
||||
auth_sup =
|
||||
Mv.Supervisor
|
||||
|> Supervisor.which_children()
|
||||
|> Enum.find_value(fn
|
||||
{AshAuthentication.Supervisor, pid, _type, _mods} when is_pid(pid) -> pid
|
||||
_ -> nil
|
||||
end)
|
||||
|
||||
assert is_pid(auth_sup), "AshAuthentication.Supervisor is not running in Mv.Supervisor"
|
||||
|
||||
children = Supervisor.which_children(auth_sup)
|
||||
child_ids = children |> Enum.map(&elem(&1, 0)) |> Enum.sort()
|
||||
|
||||
# All three auth children are present in the supervision tree.
|
||||
assert child_ids ==
|
||||
Enum.sort([
|
||||
AshAuthentication.TokenResource.Expunger,
|
||||
AshAuthentication.AuditLogResource.Batcher,
|
||||
AshAuthentication.AuditLogResource.Expunger
|
||||
])
|
||||
|
||||
# The token Expunger booted as a live process and resolved the real :mv
|
||||
# token resource — proving the children run against non-empty :mv config
|
||||
# rather than the empty set the wrong otp_app produced.
|
||||
expunger_pid =
|
||||
Enum.find_value(children, fn
|
||||
{Expunger, pid, _, _} when is_pid(pid) -> pid
|
||||
_ -> nil
|
||||
end)
|
||||
|
||||
assert is_pid(expunger_pid), "token Expunger did not boot as a live process under :mv"
|
||||
assert Process.alive?(expunger_pid)
|
||||
assert %{otp_app: :mv, resources: resources} = :sys.get_state(expunger_pid)
|
||||
assert Map.has_key?(resources, Mv.Accounts.Token)
|
||||
end
|
||||
end
|
||||
|
|
@ -12,10 +12,10 @@ defmodule Mv.Authorization.Checks.HasPermissionFailClosedTest do
|
|||
"""
|
||||
use Mv.DataCase, async: true
|
||||
|
||||
alias Mv.Authorization.Checks.HasPermission
|
||||
|
||||
import Mv.Fixtures
|
||||
|
||||
alias Mv.Authorization.Checks.HasPermission
|
||||
|
||||
test "auto_filter deny-filter matches no records (regression for NOT IN [] allow-all bug)" do
|
||||
# Arrange: create some members in DB
|
||||
_m1 = member_fixture()
|
||||
|
|
|
|||
|
|
@ -1,59 +0,0 @@
|
|||
defmodule Mv.OidcRoleSyncConfigTest do
|
||||
@moduledoc """
|
||||
Tests for OIDC role sync configuration (OIDC_ADMIN_GROUP_NAME, OIDC_GROUPS_CLAIM).
|
||||
Reads via Mv.Config (ENV first, then Settings).
|
||||
"""
|
||||
use Mv.DataCase, async: false
|
||||
|
||||
alias Mv.OidcRoleSyncConfig
|
||||
|
||||
describe "oidc_admin_group_name/0" do
|
||||
test "returns nil when OIDC_ADMIN_GROUP_NAME is not configured" do
|
||||
restore = clear_env("OIDC_ADMIN_GROUP_NAME")
|
||||
on_exit(restore)
|
||||
|
||||
assert OidcRoleSyncConfig.oidc_admin_group_name() == nil
|
||||
end
|
||||
|
||||
test "returns configured admin group name when set via ENV" do
|
||||
restore = set_env("OIDC_ADMIN_GROUP_NAME", "mila-admin")
|
||||
on_exit(restore)
|
||||
|
||||
assert OidcRoleSyncConfig.oidc_admin_group_name() == "mila-admin"
|
||||
end
|
||||
end
|
||||
|
||||
describe "oidc_groups_claim/0" do
|
||||
test "returns default \"groups\" when OIDC_GROUPS_CLAIM is not configured" do
|
||||
restore = clear_env("OIDC_GROUPS_CLAIM")
|
||||
on_exit(restore)
|
||||
|
||||
assert OidcRoleSyncConfig.oidc_groups_claim() == "groups"
|
||||
end
|
||||
|
||||
test "returns configured claim name when OIDC_GROUPS_CLAIM is set via ENV" do
|
||||
restore = set_env("OIDC_GROUPS_CLAIM", "ak_groups")
|
||||
on_exit(restore)
|
||||
|
||||
assert OidcRoleSyncConfig.oidc_groups_claim() == "ak_groups"
|
||||
end
|
||||
end
|
||||
|
||||
defp set_env(key, value) do
|
||||
previous = System.get_env(key)
|
||||
System.put_env(key, value)
|
||||
|
||||
fn ->
|
||||
if previous, do: System.put_env(key, previous), else: System.delete_env(key)
|
||||
end
|
||||
end
|
||||
|
||||
defp clear_env(key) do
|
||||
previous = System.get_env(key)
|
||||
System.delete_env(key)
|
||||
|
||||
fn ->
|
||||
if previous, do: System.put_env(key, previous)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
@ -4,7 +4,6 @@ defmodule Mv.StatisticsTest do
|
|||
"""
|
||||
use Mv.DataCase, async: true
|
||||
|
||||
require Ash.Query
|
||||
import Ash.Expr
|
||||
import Mv.Fixtures, only: [create_fee_type: 2]
|
||||
|
||||
|
|
@ -13,6 +12,8 @@ defmodule Mv.StatisticsTest do
|
|||
alias Mv.MembershipFees.MembershipFeeCycle
|
||||
alias Mv.Statistics
|
||||
|
||||
require Ash.Query
|
||||
|
||||
setup do
|
||||
actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||
%{actor: actor}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue