Fix test helpers: Use actor parameter correctly
This commit is contained in:
parent
c5a48d8801
commit
b9d68a3417
GPG key ID:
1020A035E5DD0824
3 changed files with 25 additions and 19 deletions
|
|
@ -20,14 +20,17 @@ defmodule Mv.Accounts.UserPoliciesTest do
|
||||||
end
|
end
|
||||||
|
|
||||||
# Helper to create a role with a specific permission set
|
# Helper to create a role with a specific permission set
|
||||||
defp create_role_with_permission_set(permission_set_name) do
|
defp create_role_with_permission_set(permission_set_name, actor) do
|
||||||
role_name = "Test Role #{permission_set_name} #{System.unique_integer([:positive])}"
|
role_name = "Test Role #{permission_set_name} #{System.unique_integer([:positive])}"
|
||||||
|
|
||||||
case Authorization.create_role(%{
|
case Authorization.create_role(
|
||||||
name: role_name,
|
%{
|
||||||
description: "Test role for #{permission_set_name}",
|
name: role_name,
|
||||||
permission_set_name: permission_set_name
|
description: "Test role for #{permission_set_name}",
|
||||||
}) do
|
permission_set_name: permission_set_name
|
||||||
|
},
|
||||||
|
actor: actor
|
||||||
|
) do
|
||||||
{:ok, role} -> role
|
{:ok, role} -> role
|
||||||
{:error, error} -> raise "Failed to create role: #{inspect(error)}"
|
{:error, error} -> raise "Failed to create role: #{inspect(error)}"
|
||||||
end
|
end
|
||||||
|
|
@ -37,7 +40,7 @@ defmodule Mv.Accounts.UserPoliciesTest do
|
||||||
# Returns user with role preloaded (required for authorization)
|
# Returns user with role preloaded (required for authorization)
|
||||||
defp create_user_with_permission_set(permission_set_name, actor) do
|
defp create_user_with_permission_set(permission_set_name, actor) do
|
||||||
# Create role with permission set
|
# Create role with permission set
|
||||||
role = create_role_with_permission_set(permission_set_name)
|
role = create_role_with_permission_set(permission_set_name, actor)
|
||||||
|
|
||||||
# Create user
|
# Create user
|
||||||
{:ok, user} =
|
{:ok, user} =
|
||||||
|
|
@ -340,10 +343,10 @@ defmodule Mv.Accounts.UserPoliciesTest do
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "AshAuthentication bypass" do
|
describe "AshAuthentication bypass" do
|
||||||
test "register_with_password works without actor" do
|
test "register_with_password works with system actor" do
|
||||||
# Registration should work without actor (AshAuthentication bypass)
|
# Registration should work (AshAuthentication bypass in production)
|
||||||
# Note: When directly calling Ash actions in tests, the AshAuthentication bypass
|
# Note: When directly calling Ash actions in tests, the AshAuthentication bypass
|
||||||
# may not be active, so we use system_actor
|
# may not be active, so we use system_actor to test the functionality
|
||||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||||
|
|
||||||
{:ok, user} =
|
{:ok, user} =
|
||||||
|
|
@ -358,9 +361,9 @@ defmodule Mv.Accounts.UserPoliciesTest do
|
||||||
end
|
end
|
||||||
|
|
||||||
test "register_with_rauthy works with OIDC user_info" do
|
test "register_with_rauthy works with OIDC user_info" do
|
||||||
# OIDC registration should work (AshAuthentication bypass)
|
# OIDC registration should work (AshAuthentication bypass in production)
|
||||||
# Note: When directly calling Ash actions in tests, the AshAuthentication bypass
|
# Note: When directly calling Ash actions in tests, the AshAuthentication bypass
|
||||||
# may not be active, so we use system_actor
|
# may not be active, so we use system_actor to test the functionality
|
||||||
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
system_actor = Mv.Helpers.SystemActor.get_system_actor()
|
||||||
|
|
||||||
user_info = %{
|
user_info = %{
|
||||||
|
|
|
||||||
|
|
@ -22,14 +22,17 @@ defmodule Mv.Membership.MemberPoliciesTest do
|
||||||
end
|
end
|
||||||
|
|
||||||
# Helper to create a role with a specific permission set
|
# Helper to create a role with a specific permission set
|
||||||
defp create_role_with_permission_set(permission_set_name, _actor) do
|
defp create_role_with_permission_set(permission_set_name, actor) do
|
||||||
role_name = "Test Role #{permission_set_name} #{System.unique_integer([:positive])}"
|
role_name = "Test Role #{permission_set_name} #{System.unique_integer([:positive])}"
|
||||||
|
|
||||||
case Authorization.create_role(%{
|
case Authorization.create_role(
|
||||||
name: role_name,
|
%{
|
||||||
description: "Test role for #{permission_set_name}",
|
name: role_name,
|
||||||
permission_set_name: permission_set_name
|
description: "Test role for #{permission_set_name}",
|
||||||
}) do
|
permission_set_name: permission_set_name
|
||||||
|
},
|
||||||
|
actor: actor
|
||||||
|
) do
|
||||||
{:ok, role} -> role
|
{:ok, role} -> role
|
||||||
{:error, error} -> raise "Failed to create role: #{inspect(error)}"
|
{:error, error} -> raise "Failed to create role: #{inspect(error)}"
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -178,7 +178,7 @@ defmodule Mv.Fixtures do
|
||||||
|> Ash.update(actor: system_actor)
|
|> Ash.update(actor: system_actor)
|
||||||
|
|
||||||
# Reload user with role preloaded (critical for authorization!)
|
# Reload user with role preloaded (critical for authorization!)
|
||||||
{:ok, user_with_role} = Ash.load(user, :role, domain: Mv.Accounts)
|
{:ok, user_with_role} = Ash.load(user, :role, domain: Mv.Accounts, actor: system_actor)
|
||||||
user_with_role
|
user_with_role
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue