Decouple tests from specific routes

lib/plausible_web/plugs/authorize_site_access.ex

@@ -84,6 +84,7 @@ defmodule PlausibleWeb.Plugs.AuthorizeSiteAccess do
 
   defp get_domain(conn, site_param) do
     domain = conn.params[site_param]
+
     if is_binary(domain) do
       {:ok, domain}
     else

lib/plausible_web/router.ex

@@ -32,26 +32,22 @@ defmodule PlausibleWeb.Router do
     plug :accepts, ["json"]
   end
 
+  pipeline :api_base do
+    plug :accepts, ["json"]
+    plug :fetch_session
+    plug PlausibleWeb.AuthPlug
+  end
+
   pipeline :api do
-    plug :accepts, ["json"]
-    plug :fetch_session
-    plug PlausibleWeb.AuthPlug
+    plug :api_base
   end
 
-  pipeline :internal_stats_api do
-    plug :accepts, ["json"]
-    plug :fetch_session
-    plug PlausibleWeb.AuthPlug
+  pipeline :stats_internal_api_site_access do
     plug PlausibleWeb.Plugs.AuthorizeSiteAccess
-    plug PlausibleWeb.Plugs.NoRobots
   end
 
-  pipeline :docs_stats_api do
-    plug :accepts, ["json"]
-    plug :fetch_session
-    plug PlausibleWeb.AuthPlug
+  pipeline :docs_internal_api_site_access do
     plug PlausibleWeb.Plugs.AuthorizeSiteAccess, {[:admin, :super_admin, :owner], "site_id"}
-    plug PlausibleWeb.Plugs.NoRobots
   end
 
   pipeline :public_api do
@@ -146,7 +142,7 @@ defmodule PlausibleWeb.Router do
   end
 
   scope "/api/stats", PlausibleWeb.Api do
-    pipe_through :internal_stats_api
+    pipe_through([:api_base, :stats_internal_api_site_access, PlausibleWeb.Plugs.NoRobots])
 
     on_ee do
       get "/:domain/funnels/:id", StatsController, :funnel
@@ -198,7 +194,7 @@ defmodule PlausibleWeb.Router do
     get "/query/schema.json", ExternalQueryApiController, :schema
 
     scope [] do
-      pipe_through :docs_stats_api
+      pipe_through([:api_base, :docs_internal_api_site_access, PlausibleWeb.Plugs.NoRobots])
 
       post "/query", ExternalQueryApiController, :query
     end

test/plausible_web/controllers/api/internal_controller/docs_query_test.exs

@@ -1,5 +1,5 @@
 defmodule PlausibleWeb.Api.InternalController.DocsQueryTest do
-  use PlausibleWeb.ConnCase, async: true
+  use PlausibleWeb.ConnCase, async: false
   use Plausible.Repo
   @user_id Enum.random(1000..9999)
 

test/plausible_web/plugs/authorize_site_access_test.exs

@@ -63,8 +63,8 @@ defmodule PlausibleWeb.Plugs.AuthorizeSiteAccessTest do
 
     conn =
       conn
-      |> bypass_through(PlausibleWeb.Router)
-      |> get("/api/docs/query/schema.json", %{"wrong_key" => site.domain})
+      |> bypass_through(PlausibleWeb.Router, [:api_base])
+      |> get("/", %{"wrong_key" => site.domain})
       |> AuthorizeSiteAccess.call(opts)
 
     assert conn.halted
@@ -81,11 +81,11 @@ defmodule PlausibleWeb.Plugs.AuthorizeSiteAccessTest do
 
     conn =
       conn
-      |> bypass_through(PlausibleWeb.Router)
-      |> get("/api/docs/query/schema.json", %{"some_key" => site.domain})
+      |> bypass_through(PlausibleWeb.Router, [:api_base])
+      |> post("/api/docs/query", %{"some_key" => site.domain})
       |> AuthorizeSiteAccess.call(opts)
 
-    assert conn.status == 200
+    refute conn.halted
     assert conn.assigns.site.id == site.id
   end