fluxerapp/fluxer
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
Hampus Kraft
2026-01-01 20:42:59 +00:00
commit 2f557eda8c
9029 changed files with 1490197 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
tests/integration/admin_users_set_acls_acl_requirement_test.go Normal file
View File

@@ -0,0 +1,65 @@
/*
* Copyright (C) 2026 Fluxer Contributors
*
* This file is part of Fluxer.
*
* Fluxer is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Fluxer is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with Fluxer. If not, see <https://www.gnu.org/licenses/>.
*/
package integration
import (
"net/http"
"testing"
)
func TestAdminUsersSetAclsRequiresAclSetUser(t *testing.T) {
client := newTestClient(t)
admin := createTestAccount(t, client)
setUserACLs(t, client, admin.UserID, []string{"admin:authenticate", "user:update:flags"})
target := createTestAccount(t, client)
payload := map[string]any{
"user_id": target.UserID,
"acls": []string{"user:update:flags"},
}
unauthorizedResp, err := client.postJSONWithAuth("/admin/users/set-acls", payload, admin.Token)
if err != nil {
t.Fatalf("failed to call set-acls without acl:set:user: %v", err)
}
if unauthorizedResp.StatusCode != http.StatusForbidden {
t.Fatalf(
"expected 403 when missing acl:set:user, got %d: %s",
unauthorizedResp.StatusCode,
readResponseBody(unauthorizedResp),
)
}
unauthorizedResp.Body.Close()
setUserACLs(t, client, admin.UserID, []string{"admin:authenticate", "acl:set:user"})
authorizedResp, err := client.postJSONWithAuth("/admin/users/set-acls", payload, admin.Token)
if err != nil {
t.Fatalf("failed to call set-acls with acl:set:user: %v", err)
}
if authorizedResp.StatusCode != http.StatusOK {
t.Fatalf(
"expected 200 when acl:set:user is present, got %d: %s",
authorizedResp.StatusCode,
readResponseBody(authorizedResp),
)
}
authorizedResp.Body.Close()
}