From 0ab2e5ba2b0631b28b5b1405559237b3913c878f Mon Sep 17 00:00:00 2001
From: Dawid Rycerz <dawid@rycerz.xyz>
Date: Sun, 23 Mar 2025 17:11:39 +0100
Subject: feat: initialize Phoenix application for weather alerts

This commit sets up the initial Silmataivas project structure, including: Phoenix web framework configuration, database models for users and locations, weather polling service, notification system, Docker and deployment configurations, CI/CD pipeline setup
---
 test/silmataivas_web/plugs/admin_only_test.exs | 49 ++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 test/silmataivas_web/plugs/admin_only_test.exs

(limited to 'test/silmataivas_web/plugs/admin_only_test.exs')

diff --git a/test/silmataivas_web/plugs/admin_only_test.exs b/test/silmataivas_web/plugs/admin_only_test.exs
new file mode 100644
index 0000000..cf939a2
--- /dev/null
+++ b/test/silmataivas_web/plugs/admin_only_test.exs
@@ -0,0 +1,49 @@
+defmodule SilmataivasWeb.AdminOnlyTest do
+  use SilmataivasWeb.ConnCase
+
+  import Silmataivas.UsersFixtures
+
+  alias SilmataivasWeb.Plugs.AdminOnly
+
+  describe "admin_only plug" do
+    test "allows admin users to access protected routes", %{conn: conn} do
+      # Create an admin user
+      admin = user_fixture(%{role: "admin"})
+
+      # Set up the connection with the admin user
+      conn =
+        conn
+        |> assign(:current_user, admin)
+        |> AdminOnly.call(%{})
+
+      # Verify the connection is allowed to continue
+      refute conn.halted
+    end
+
+    test "rejects non-admin users from accessing protected routes", %{conn: conn} do
+      # Create a regular user
+      regular_user = user_fixture(%{role: "user"})
+
+      # Set up the connection with the regular user
+      conn =
+        conn
+        |> assign(:current_user, regular_user)
+        |> AdminOnly.call(%{})
+
+      # Verify the connection is halted
+      assert conn.halted
+      assert conn.status == 403
+      assert conn.resp_body == "Forbidden"
+    end
+
+    test "rejects unauthenticated requests from accessing protected routes", %{conn: conn} do
+      # Set up the connection with no user
+      conn = AdminOnly.call(conn, %{})
+
+      # Verify the connection is halted
+      assert conn.halted
+      assert conn.status == 403
+      assert conn.resp_body == "Forbidden"
+    end
+  end
+end
-- 
cgit v1.2.3