plausible/analytics
1
1
Fork 0
mirror of https://github.com/plausible/analytics.git synced 2024-11-23 11:12:15 +03:00
Code Issues Packages Projects Releases Wiki Activity
eaa7020230
analytics/test/plausible_web/plugs/authorize_plugins_api_test.exs
hq1 19b2239eb9
Track tokens usage (#3438) 
* Migration: track last seen usage for Plugins API Tokens

* Track and interpret Token.last_seen_at

* Display last used

* Order tokens by inserted date, rather than UUID :clown:

* s/Last seen/Last used in the UI

* Test for "Last used" column presence

* Fix table layout for very long descriptions

* Update lib/plausible/plugins/api/tokens.ex

Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>

* Update lib/plausible/plugins/api/token.ex

Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>

* Update test/plausible/plugins/api/token_test.exs

Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>

* s/last_seen_at/last_used_at

* Update lib/plausible_web/live/plugins/api/settings.ex

Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>

* fixup

* Document reasoning behind 5m windows

* s/last_seen/last_used

* Mute credo

---------

Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
2023-10-18 14:14:30 +02:00

91 lines
2.4 KiB
Elixir
Raw Blame History

defmodule PlausibleWeb.Plugs.AuthorizePluginsAPITest do
use PlausibleWeb.ConnCase, async: true
alias Plausible.Plugins.API.{Token, Tokens}
alias PlausibleWeb.Plugs.AuthorizePluginsAPI
alias Plausible.Repo
import Plug.Conn
test "plug passes when a token is found" do
%{id: site_id} = site = insert(:site, domain: "pass.example.com")
{:ok, _, raw} = Tokens.create(site, "Some token")
credentials = "Basic " <> Base.encode64("#{site.domain}:#{raw}")
conn =
build_conn()
|> put_req_header("authorization", credentials)
|> AuthorizePluginsAPI.call()
refute conn.halted
assert %Plausible.Site{id: ^site_id} = conn.assigns.authorized_site
end
test "plug passes when a token is found, no domain provided" do
%{id: site_id} = site = insert(:site, domain: "pass.example.com")
{:ok, _, raw} = Tokens.create(site, "Some token")
credentials = "Basic " <> Base.encode64(raw)
conn =
build_conn()
|> put_req_header("authorization", credentials)
|> AuthorizePluginsAPI.call()
refute conn.halted
assert %Plausible.Site{id: ^site_id} = conn.assigns.authorized_site
end
test "plug halts when a token is not found" do
site = insert(:site, domain: "pass.example.com")
credentials = "Basic " <> Base.encode64("#{site.domain}:invalid-token")
conn =
build_conn()
|> put_req_header("authorization", credentials)
|> AuthorizePluginsAPI.call()
assert conn.halted
assert json_response(conn, 401) == %{
"errors" => [
%{"detail" => "Plugins API: unauthorized"}
]
}
end
test "plug halts when no authorization header is passed" do
conn =
build_conn()
|> AuthorizePluginsAPI.call()
assert conn.halted
assert json_response(conn, 401) == %{
"errors" => [
%{"detail" => "Plugins API: unauthorized"}
]
}
end
test "plug updates last seen timestamp" do
site = insert(:site, domain: "pass.example.com")
{:ok, token, raw} = Tokens.create(site, "Some token")
refute token.last_used_at
assert Token.last_used_humanize(token) == "Not yet"
credentials = "Basic " <> Base.encode64(raw)
build_conn()
|> put_req_header("authorization", credentials)
|> AuthorizePluginsAPI.call()
token = Repo.reload!(token)
assert token.last_used_at
assert Token.last_used_humanize(token) == "Just recently"
end
end
Reference in New Issue View Git Blame Copy Permalink