mirror of
https://github.com/plausible/analytics.git
synced 2024-11-30 11:13:22 +03:00
0fa6b688af
* Make TestUtils module available in all tests * Add macros patching the application env in tests Unfortunately a lot of existing functionality relies on certain application env setup. This isn't ideal because the app config is a shared state that prevents us from running the tests in parallel. Those macros encapsulate setting up new env for test purposes and make sure the changes are reverted when the test finishes. * Allow passing request opts to HTTPClient.post/4 We need this to swap custom request building in Google Analytics import. * Unify errors when listing sites * React: propagate backend error messages if available * React: catch API errors in Search Terms component * Propagate google API errors on referrer drilldown * Handle verified properties errors in SC settings * Add missing tests for SC settings controller * Unify errors for fetching search analytics queries (list stats) * Unify errors refreshing Google Auth Token * Test fetch_stats/3 errors and replace Double with Mox * Fixup makrup * s/class/className * Simplify Search Terms display in case of errors * Fix warnings
24 lines
803 B
Elixir
24 lines
803 B
Elixir
defmodule PlausibleWeb.AuthorizeSiteAccessTest do
|
|
use PlausibleWeb.ConnCase, async: true
|
|
alias PlausibleWeb.AuthorizeSiteAccess
|
|
|
|
setup [:create_user, :log_in]
|
|
|
|
test "doesn't allow :website bypass with :domain in body", %{conn: conn, user: me} do
|
|
my_site = insert(:site, memberships: [build(:site_membership, user: me, role: :owner)])
|
|
|
|
other_site =
|
|
insert(:site, memberships: [build(:site_membership, user: insert(:user), role: :owner)])
|
|
|
|
conn =
|
|
conn
|
|
|> bypass_through(PlausibleWeb.Router)
|
|
|> get("/#{other_site.domain}/settings", %{"domain" => my_site.domain})
|
|
|> AuthorizeSiteAccess.call(_allowed_roles = [:admin, :owner])
|
|
|
|
assert conn.halted
|
|
assert conn.status == 404
|
|
assert conn.path_params == %{"website" => other_site.domain}
|
|
end
|
|
end
|