pleroma/test/plugs/admin_secret_authentication...

defmodule Pleroma.Plugs.AdminSecretAuthenticationPlugTest do
  use Pleroma.Web.ConnCase, async: true
  import Pleroma.Factory

  alias Pleroma.Plugs.AdminSecretAuthenticationPlug

  test "does nothing if a user is assigned", %{conn: conn} do
    user = insert(:user)

    conn =
      conn
      |> assign(:user, user)

    ret_conn =
      conn
      |> AdminSecretAuthenticationPlug.call(%{})

    assert conn == ret_conn
  end

  test "with secret set and given in the 'admin_token' parameter, it assigns an admin user", %{
    conn: conn
  } do
    Pleroma.Config.put(:admin_token, "password123")

    conn =
      %{conn | params: %{"admin_token" => "wrong_password"}}
      |> AdminSecretAuthenticationPlug.call(%{})

    refute conn.assigns[:user]

    conn =
      %{conn | params: %{"admin_token" => "password123"}}
      |> AdminSecretAuthenticationPlug.call(%{})

    assert conn.assigns[:user].info.is_admin
  end
end
Add a way to use the admin api without a user. 2018-12-18 21:08:52 +01:00			`defmodule Pleroma.Plugs.AdminSecretAuthenticationPlugTest do`
			`use Pleroma.Web.ConnCase, async: true`
			`import Pleroma.Factory`

			`alias Pleroma.Plugs.AdminSecretAuthenticationPlug`

			`test "does nothing if a user is assigned", %{conn: conn} do`
			`user = insert(:user)`

			`conn =`
			`conn`
			`\|> assign(:user, user)`

			`ret_conn =`
			`conn`
			`\|> AdminSecretAuthenticationPlug.call(%{})`

			`assert conn == ret_conn`
			`end`

			`test "with secret set and given in the 'admin_token' parameter, it assigns an admin user", %{`
			`conn: conn`
			`} do`
			`Pleroma.Config.put(:admin_token, "password123")`

			`conn =`
			`%{conn \| params: %{"admin_token" => "wrong_password"}}`
			`\|> AdminSecretAuthenticationPlug.call(%{})`

			`refute conn.assigns[:user]`

			`conn =`
			`%{conn \| params: %{"admin_token" => "password123"}}`
			`\|> AdminSecretAuthenticationPlug.call(%{})`

			`assert conn.assigns[:user].info.is_admin`
			`end`
			`end`