From e4c8222833dd87f409bf28189b72ce33c67b66be Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Fri, 1 Feb 2019 09:42:31 +0100 Subject: [PATCH] Add group resolver tests --- lib/mobilizon_web/resolvers/group.ex | 2 +- .../resolvers/group_resolver_test.exs | 91 +++++++++++++++++++ 2 files changed, 92 insertions(+), 1 deletion(-) diff --git a/lib/mobilizon_web/resolvers/group.ex b/lib/mobilizon_web/resolvers/group.ex index 8a045c590..b063691ae 100644 --- a/lib/mobilizon_web/resolvers/group.ex +++ b/lib/mobilizon_web/resolvers/group.ex @@ -98,7 +98,7 @@ defmodule MobilizonWeb.Resolvers.Group do {:error, "Actor id is not a member of this group"} {:is_admin, false} -> - {:error, "User is not an administrator of the selected group"} + {:error, "Actor id is not an administrator of the selected group"} end end diff --git a/test/mobilizon_web/resolvers/group_resolver_test.exs b/test/mobilizon_web/resolvers/group_resolver_test.exs index 6c5557d9f..0a41270d4 100644 --- a/test/mobilizon_web/resolvers/group_resolver_test.exs +++ b/test/mobilizon_web/resolvers/group_resolver_test.exs @@ -143,5 +143,96 @@ defmodule MobilizonWeb.Resolvers.GroupResolverTest do assert hd(json_response(res, 200)["errors"])["message"] =~ "not found" end + + test "delete_group/3 should check user authentication", %{conn: conn, actor: actor} do + group = insert(:group) + insert(:member, parent: group, actor: actor, role: 2) + + mutation = """ + mutation { + deleteGroup( + actor_id: #{actor.id}, + group_id: #{group.id} + ) { + id + } + } + """ + + res = + conn + |> post("/api", AbsintheHelpers.mutation_skeleton(mutation)) + + assert hd(json_response(res, 200)["errors"])["message"] =~ "logged-in" + end + + test "delete_group/3 should checks the actor is owned by the user", %{conn: conn, user: user, actor: actor} do + group = insert(:group) + insert(:member, parent: group, actor: actor, role: 2) + + mutation = """ + mutation { + deleteGroup( + actor_id: 159, + group_id: #{group.id} + ) { + id + } + } + """ + + res = + conn + |> auth_conn(user) + |> post("/api", AbsintheHelpers.mutation_skeleton(mutation)) + + assert hd(json_response(res, 200)["errors"])["message"] =~ "not owned" + end + + test "delete_group/3 should checks the actor is a member of this group", %{conn: conn, user: user, actor: actor} do + group = insert(:group) + + mutation = """ + mutation { + deleteGroup( + actor_id: #{actor.id}, + group_id: #{group.id} + ) { + id + } + } + """ + + res = + conn + |> auth_conn(user) + |> post("/api", AbsintheHelpers.mutation_skeleton(mutation)) + + assert hd(json_response(res, 200)["errors"])["message"] =~ "not a member" + end + + test "delete_group/3 should checks the actor is an administrator of this group", %{conn: conn, user: user, actor: actor} do + group = insert(:group) + insert(:member, parent: group, actor: actor, role: 1) + + mutation = """ + mutation { + deleteGroup( + actor_id: #{actor.id}, + group_id: #{group.id} + ) { + id + } + } + """ + + res = + conn + |> auth_conn(user) + |> post("/api", AbsintheHelpers.mutation_skeleton(mutation)) + + assert hd(json_response(res, 200)["errors"])["message"] =~ "not an administrator" + end + end end