diff options
Diffstat (limited to 'test/plugs/admin_secret_authentication_plug_test.exs')
-rw-r--r-- | test/plugs/admin_secret_authentication_plug_test.exs | 75 |
1 files changed, 0 insertions, 75 deletions
diff --git a/test/plugs/admin_secret_authentication_plug_test.exs b/test/plugs/admin_secret_authentication_plug_test.exs deleted file mode 100644 index 14094eda8..000000000 --- a/test/plugs/admin_secret_authentication_plug_test.exs +++ /dev/null @@ -1,75 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.Plugs.AdminSecretAuthenticationPlugTest do - use Pleroma.Web.ConnCase - - import Mock - import Pleroma.Factory - - alias Pleroma.Plugs.AdminSecretAuthenticationPlug - alias Pleroma.Plugs.OAuthScopesPlug - alias Pleroma.Plugs.PlugHelper - alias Pleroma.Plugs.RateLimiter - - test "does nothing if a user is assigned", %{conn: conn} do - user = insert(:user) - - conn = - conn - |> assign(:user, user) - - ret_conn = - conn - |> AdminSecretAuthenticationPlug.call(%{}) - - assert conn == ret_conn - end - - describe "when secret set it assigns an admin user" do - setup do: clear_config([:admin_token]) - - setup_with_mocks([{RateLimiter, [:passthrough], []}]) do - :ok - end - - test "with `admin_token` query parameter", %{conn: conn} do - Pleroma.Config.put(:admin_token, "password123") - - conn = - %{conn | params: %{"admin_token" => "wrong_password"}} - |> AdminSecretAuthenticationPlug.call(%{}) - - refute conn.assigns[:user] - assert called(RateLimiter.call(conn, name: :authentication)) - - conn = - %{conn | params: %{"admin_token" => "password123"}} - |> AdminSecretAuthenticationPlug.call(%{}) - - assert conn.assigns[:user].is_admin - assert PlugHelper.plug_skipped?(conn, OAuthScopesPlug) - end - - test "with `x-admin-token` HTTP header", %{conn: conn} do - Pleroma.Config.put(:admin_token, "☕️") - - conn = - conn - |> put_req_header("x-admin-token", "🥛") - |> AdminSecretAuthenticationPlug.call(%{}) - - refute conn.assigns[:user] - assert called(RateLimiter.call(conn, name: :authentication)) - - conn = - conn - |> put_req_header("x-admin-token", "☕️") - |> AdminSecretAuthenticationPlug.call(%{}) - - assert conn.assigns[:user].is_admin - assert PlugHelper.plug_skipped?(conn, OAuthScopesPlug) - end - end -end |