aboutsummaryrefslogtreecommitdiff
path: root/test/plugs/admin_secret_authentication_plug_test.exs
diff options
context:
space:
mode:
Diffstat (limited to 'test/plugs/admin_secret_authentication_plug_test.exs')
-rw-r--r--test/plugs/admin_secret_authentication_plug_test.exs46
1 files changed, 33 insertions, 13 deletions
diff --git a/test/plugs/admin_secret_authentication_plug_test.exs b/test/plugs/admin_secret_authentication_plug_test.exs
index e1d4b391f..100016c62 100644
--- a/test/plugs/admin_secret_authentication_plug_test.exs
+++ b/test/plugs/admin_secret_authentication_plug_test.exs
@@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Plugs.AdminSecretAuthenticationPlugTest do
@@ -22,21 +22,41 @@ defmodule Pleroma.Plugs.AdminSecretAuthenticationPlugTest do
assert conn == ret_conn
end
- test "with secret set and given in the 'admin_token' parameter, it assigns an admin user", %{
- conn: conn
- } do
- Pleroma.Config.put(:admin_token, "password123")
+ describe "when secret set it assigns an admin user" do
+ setup do: clear_config([:admin_token])
- conn =
- %{conn | params: %{"admin_token" => "wrong_password"}}
- |> AdminSecretAuthenticationPlug.call(%{})
+ test "with `admin_token` query parameter", %{conn: conn} do
+ Pleroma.Config.put(:admin_token, "password123")
- refute conn.assigns[:user]
+ conn =
+ %{conn | params: %{"admin_token" => "wrong_password"}}
+ |> AdminSecretAuthenticationPlug.call(%{})
- conn =
- %{conn | params: %{"admin_token" => "password123"}}
- |> AdminSecretAuthenticationPlug.call(%{})
+ refute conn.assigns[:user]
+
+ conn =
+ %{conn | params: %{"admin_token" => "password123"}}
+ |> AdminSecretAuthenticationPlug.call(%{})
+
+ assert conn.assigns[:user].is_admin
+ end
+
+ test "with `x-admin-token` HTTP header", %{conn: conn} do
+ Pleroma.Config.put(:admin_token, "☕️")
+
+ conn =
+ conn
+ |> put_req_header("x-admin-token", "🥛")
+ |> AdminSecretAuthenticationPlug.call(%{})
+
+ refute conn.assigns[:user]
+
+ conn =
+ conn
+ |> put_req_header("x-admin-token", "☕️")
+ |> AdminSecretAuthenticationPlug.call(%{})
- assert conn.assigns[:user].info.is_admin
+ assert conn.assigns[:user].is_admin
+ end
end
end
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-26 03:18:48 +0000