blob: cf939a2bfd5002680fdc4bf281adf1bbc948ad2a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
defmodule SilmataivasWeb.AdminOnlyTest do
use SilmataivasWeb.ConnCase
import Silmataivas.UsersFixtures
alias SilmataivasWeb.Plugs.AdminOnly
describe "admin_only plug" do
test "allows admin users to access protected routes", %{conn: conn} do
# Create an admin user
admin = user_fixture(%{role: "admin"})
# Set up the connection with the admin user
conn =
conn
|> assign(:current_user, admin)
|> AdminOnly.call(%{})
# Verify the connection is allowed to continue
refute conn.halted
end
test "rejects non-admin users from accessing protected routes", %{conn: conn} do
# Create a regular user
regular_user = user_fixture(%{role: "user"})
# Set up the connection with the regular user
conn =
conn
|> assign(:current_user, regular_user)
|> AdminOnly.call(%{})
# Verify the connection is halted
assert conn.halted
assert conn.status == 403
assert conn.resp_body == "Forbidden"
end
test "rejects unauthenticated requests from accessing protected routes", %{conn: conn} do
# Set up the connection with no user
conn = AdminOnly.call(conn, %{})
# Verify the connection is halted
assert conn.halted
assert conn.status == 403
assert conn.resp_body == "Forbidden"
end
end
end
|
