diff --git a/lib/auth/people_roles.ex b/lib/auth/people_roles.ex index bffd49d4..2bacfd38 100644 --- a/lib/auth/people_roles.ex +++ b/lib/auth/people_roles.ex @@ -13,7 +13,6 @@ defmodule Auth.PeopleRoles do timestamps() end - @doc """ grant_role/3 grants a role to the given person the conn must have conn.assigns.person to check for admin in order to grant the role. @@ -34,7 +33,5 @@ defmodule Auth.PeopleRoles do else AuthWeb.AuthController.unauthorized(conn) end - end - -end \ No newline at end of file +end diff --git a/lib/auth/permission.ex b/lib/auth/permission.ex index 6af06870..a26b031d 100644 --- a/lib/auth/permission.ex +++ b/lib/auth/permission.ex @@ -114,5 +114,4 @@ defmodule Auth.Permission do def change_permission(%Permission{} = permission, attrs \\ %{}) do Permission.changeset(permission, attrs) end - end diff --git a/lib/auth/role.ex b/lib/auth/role.ex index fbac1f8c..887577dc 100644 --- a/lib/auth/role.ex +++ b/lib/auth/role.ex @@ -22,8 +22,7 @@ defmodule Auth.Role do |> validate_required([:name, :desc]) end - -@doc """ + @doc """ Returns the list of roles. ## Examples @@ -117,12 +116,10 @@ defmodule Auth.Role do Role.changeset(role, attrs) end - # @doc """ # grants the default "subscriber" (6) role to the person # """ # def set_default_role(person) do - - # end + # end end diff --git a/lib/auth_web/controllers/auth_controller.ex b/lib/auth_web/controllers/auth_controller.ex index 3c5b3248..be83887e 100644 --- a/lib/auth_web/controllers/auth_controller.ex +++ b/lib/auth_web/controllers/auth_controller.ex @@ -426,7 +426,7 @@ defmodule AuthWeb.AuthController do Enum.filter(apikeys, fn k -> # if the API Key belongs to Super Admin, don't check URL as it's the "setup key": if person_id == 1 do - k.client_id == client_id + k.client_id == client_id else # check url matches the state for all other keys: k.client_id == client_id and state =~ k.url diff --git a/lib/auth_web/controllers/ping_controller.ex b/lib/auth_web/controllers/ping_controller.ex index b3f59710..dc6a207f 100644 --- a/lib/auth_web/controllers/ping_controller.ex +++ b/lib/auth_web/controllers/ping_controller.ex @@ -5,4 +5,4 @@ defmodule AuthWeb.PingController do def ping(conn, params) do Ping.render_pixel(conn, params) end -end \ No newline at end of file +end diff --git a/mix.exs b/mix.exs index 8ca755aa..3e32b768 100644 --- a/mix.exs +++ b/mix.exs @@ -73,7 +73,7 @@ defmodule Auth.Mixfile do {:ping, "~> 1.0.1"}, # Check test coverage - {:excoveralls, "~> 0.12.3", only: :test}, + {:excoveralls, "~> 0.12.3", only: :test}, #  Property based tests: github.com/dwyl/learn-property-based-testing {:stream_data, "~> 0.4.3", only: :test}, diff --git a/priv/repo/migrations/20200723143204_create_role_permissions.exs b/priv/repo/migrations/20200723143204_create_role_permissions.exs index e607b969..55bde3af 100644 --- a/priv/repo/migrations/20200723143204_create_role_permissions.exs +++ b/priv/repo/migrations/20200723143204_create_role_permissions.exs @@ -6,10 +6,10 @@ defmodule Auth.Repo.Migrations.CreateRolePermissions do add :role_id, references(:roles, on_delete: :nothing) add :permission_id, references(:permissions, on_delete: :nothing) add :granter_id, references(:people, on_delete: :nothing) - + timestamps() end - + create unique_index(:role_permissions, [:role_id, :permission_id]) end end diff --git a/priv/repo/migrations/20200723154847_create_people_roles.exs b/priv/repo/migrations/20200723154847_create_people_roles.exs index f5938f41..eb7cd985 100644 --- a/priv/repo/migrations/20200723154847_create_people_roles.exs +++ b/priv/repo/migrations/20200723154847_create_people_roles.exs @@ -6,10 +6,10 @@ defmodule Auth.Repo.Migrations.CreatePeopleRoles do add :person_id, references(:people, on_delete: :nothing) add :role_id, references(:roles, on_delete: :nothing) add :granter_id, references(:people, on_delete: :nothing) - + timestamps() end - + create unique_index(:people_roles, [:person_id, :role_id]) end end diff --git a/priv/repo/seeds.exs b/priv/repo/seeds.exs index fd72ccf0..862adb00 100644 --- a/priv/repo/seeds.exs +++ b/priv/repo/seeds.exs @@ -26,13 +26,14 @@ defmodule Auth.Seeds do person -> person end + if(Mix.env() == :test) do # don't print noise during tests else IO.inspect(person.id, label: "seeds.exs person.id") IO.puts("- - - - - - - - - - - - - - - - - - - - - - ") end - + person end @@ -59,16 +60,19 @@ defmodule Auth.Seeds do # write the key:value pair to project .env file def write_env(key, value) do # IO.inspect(File.cwd!, label: "cwd") - path = File.cwd! <> "/.env" + path = File.cwd!() <> "/.env" IO.inspect(path, label: ".env file path") {:ok, data} = File.read(path) # IO.inspect(data) - lines = String.split(data, "\n") - |> Enum.filter(fn line -> - not String.contains?(line, key) - end) - str = "export #{key}=#{value}" # |> IO.inspect + lines = + String.split(data, "\n") + |> Enum.filter(fn line -> + not String.contains?(line, key) + end) + + # |> IO.inspect + str = "export #{key}=#{value}" vars = lines ++ [str] content = Enum.join(vars, "\n") File.write!(path, content) |> File.close() @@ -78,10 +82,11 @@ defmodule Auth.Seeds do # export all the environment variables during app excution/tests def env(vars) do Enum.map(vars, fn line -> - parts = line - |> String.replace("export ", "") - |> String.replace("'", "") - |> String.split("=") + parts = + line + |> String.replace("export ", "") + |> String.replace("'", "") + |> String.split("=") # IO.inspect(List.last(parts), label: List.first(parts)) System.put_env(List.first(parts), List.last(parts)) @@ -92,14 +97,13 @@ end Auth.Seeds.create_admin() |> Auth.Seeds.create_apikey_for_admin() - # scripts for creating default roles and permissions defmodule SetupRoles do alias Auth.Role def get_json(filepath) do # IO.inspect(filepath, label: "filepath") - path = File.cwd! <> filepath + path = File.cwd!() <> filepath # IO.inspect(path, label: "path") {:ok, data} = File.read(path) json = Jason.decode!(data) @@ -109,17 +113,15 @@ defmodule SetupRoles do def create_default_roles() do json = get_json("/priv/repo/default_roles.json") - Enum.each(json, fn role -> + + Enum.each(json, fn role -> Role.create_role(role) # |> IO.inspect() end) end def assign_superadmin_role() do - end - - end -SetupRoles.create_default_roles() \ No newline at end of file +SetupRoles.create_default_roles() diff --git a/test/auth/people_roles_test.exs b/test/auth/people_roles_test.exs index b47b713d..461217a1 100644 --- a/test/auth/people_roles_test.exs +++ b/test/auth/people_roles_test.exs @@ -17,11 +17,10 @@ defmodule AuthWeb.PeopleRolesTest do test "attempt to grant_role/3 without admin should 401", %{conn: conn} do alex = %{email: "alex_grant_role_fail@gmail.com", auth_provider: "email"} grantee = Auth.Person.create_person(alex) - conn = assign(conn, :person, grantee) # + conn = assign(conn, :person, grantee) role_id = 4 conn = Auth.PeopleRoles.grant_role(conn, grantee.id, role_id) assert conn.status == 401 end - -end \ No newline at end of file +end diff --git a/test/auth/role_test.exs b/test/auth/role_test.exs index 9a425a3d..9769d67a 100644 --- a/test/auth/role_test.exs +++ b/test/auth/role_test.exs @@ -47,8 +47,7 @@ defmodule Auth.RoleTest do test "update_role/2 with invalid data returns error changeset" do role = role_fixture() - assert {:error, %Ecto.Changeset{}} = - Role.update_role(role, @invalid_attrs) + assert {:error, %Ecto.Changeset{}} = Role.update_role(role, @invalid_attrs) assert role == Role.get_role!(role.id) end @@ -91,37 +90,40 @@ defmodule Auth.RoleTest do end test "create_permission/1 with valid data creates a permission" do - assert {:ok, %Permission{} = permission} = - Permission.create_permission(@valid_attrs) + assert {:ok, %Permission{} = permission} = Permission.create_permission(@valid_attrs) assert permission.desc == "some desc" assert permission.name == "some name" end test "create_permission/1 with invalid data returns error changeset" do - assert {:error, %Ecto.Changeset{}} = - Permission.create_permission(@invalid_attrs) + assert {:error, %Ecto.Changeset{}} = Permission.create_permission(@invalid_attrs) end test "update_permission/2 with valid data updates the permission" do permission = permission_fixture() - assert {:ok, %Permission{} = permission} = - Permission.update_permission(permission, @update_attrs) + + assert {:ok, %Permission{} = permission} = + Permission.update_permission(permission, @update_attrs) + assert permission.desc == "some updated desc" assert permission.name == "some updated name" end test "update_permission/2 with invalid data returns error changeset" do permission = permission_fixture() - assert {:error, %Ecto.Changeset{}} = - Permission.update_permission(permission, @invalid_attrs) + + assert {:error, %Ecto.Changeset{}} = + Permission.update_permission(permission, @invalid_attrs) + assert permission == Permission.get_permission!(permission.id) end test "delete_permission/1 deletes the permission" do permission = permission_fixture() assert {:ok, %Permission{}} = Permission.delete_permission(permission) - assert_raise Ecto.NoResultsError, fn -> - Permission.get_permission!(permission.id) + + assert_raise Ecto.NoResultsError, fn -> + Permission.get_permission!(permission.id) end end @@ -131,16 +133,10 @@ defmodule Auth.RoleTest do end end - # create a new person and confirm they were asigned a default role of "subscriber" - - # describe "grant role" do - - - # # test "change_permission/1 returns a permission changeset" do # # permission = permission_fixture() # # assert %Ecto.Changeset{} = Permission.change_permission(permission) diff --git a/test/auth_web/controllers/apikey_controller_test.exs b/test/auth_web/controllers/apikey_controller_test.exs index 38c73115..5e19411d 100644 --- a/test/auth_web/controllers/apikey_controller_test.exs +++ b/test/auth_web/controllers/apikey_controller_test.exs @@ -74,8 +74,9 @@ defmodule AuthWeb.ApikeyControllerTest do # describe "index" do test "lists all apikeys", %{conn: conn} do - conn = admin_login(conn) - |> get(Routes.apikey_path(conn, :index)) + conn = + admin_login(conn) + |> get(Routes.apikey_path(conn, :index)) assert html_response(conn, 200) =~ "Auth API Keys" end @@ -83,8 +84,9 @@ defmodule AuthWeb.ApikeyControllerTest do describe "new apikey" do test "renders form", %{conn: conn} do - conn = admin_login(conn) - |> get(Routes.apikey_path(conn, :new)) + conn = + admin_login(conn) + |> get(Routes.apikey_path(conn, :new)) assert html_response(conn, 200) =~ "New Apikey" end @@ -92,8 +94,9 @@ defmodule AuthWeb.ApikeyControllerTest do describe "create apikey" do test "redirects to show when data is valid", %{conn: conn} do - conn = admin_login(conn) - |> post(Routes.apikey_path(conn, :create), apikey: @create_attrs) + conn = + admin_login(conn) + |> post(Routes.apikey_path(conn, :create), apikey: @create_attrs) assert %{id: id} = redirected_params(conn) assert redirected_to(conn) == Routes.apikey_path(conn, :show, id) @@ -134,7 +137,7 @@ defmodule AuthWeb.ApikeyControllerTest do auth_provider: "email" }) - conn = AuthPlug.create_jwt_session(conn, wrong_person) + conn = AuthPlug.create_jwt_session(conn, wrong_person) {:ok, key} = %{"name" => "test key", "url" => "http://localhost:4000"} diff --git a/test/auth_web/controllers/auth_controller_test.exs b/test/auth_web/controllers/auth_controller_test.exs index c3de1577..74ff3c82 100644 --- a/test/auth_web/controllers/auth_controller_test.exs +++ b/test/auth_web/controllers/auth_controller_test.exs @@ -22,8 +22,10 @@ defmodule AuthWeb.AuthControllerTest do } person = Auth.Person.create_person(data) - conn = AuthPlug.create_jwt_session(conn, Map.merge(data, %{id: person.id})) - |> get("/profile", %{}) + + conn = + AuthPlug.create_jwt_session(conn, Map.merge(data, %{id: person.id})) + |> get("/profile", %{}) assert html_response(conn, 200) =~ "Google account" end @@ -50,19 +52,20 @@ defmodule AuthWeb.AuthControllerTest do end test "get_client_secret(client_id, state) gets the secret for the given client_id" do + person = + Auth.Person.create_person(%{ + email: "alex@gmail.com", + auth_provider: "email" + }) - person = Auth.Person.create_person(%{ - email: "alex@gmail.com", - auth_provider: "email" - }) - - {:ok, key} = %{"name" => "test key", "url" => "example.com"} - |> AuthWeb.ApikeyController.make_apikey(person.id) - |> Auth.Apikey.create_apikey() + {:ok, key} = + %{"name" => "test key", "url" => "example.com"} + |> AuthWeb.ApikeyController.make_apikey(person.id) + |> Auth.Apikey.create_apikey() state = "https://www.example.com/profile?auth_client_id=#{key.client_id}" secret = AuthWeb.AuthController.get_client_secret(key.client_id, state) - + assert secret == key.client_secret end @@ -126,8 +129,9 @@ defmodule AuthWeb.AuthControllerTest do person = Auth.Person.upsert_person(data) - conn = AuthPlug.create_jwt_session(conn, person) - |> get("/auth/google/callback", %{"code" => "234", "state" => nil}) + conn = + AuthPlug.create_jwt_session(conn, person) + |> get("/auth/google/callback", %{"code" => "234", "state" => nil}) assert html_response(conn, 200) =~ "Google account" end diff --git a/test/auth_web/controllers/permission_controller_test.exs b/test/auth_web/controllers/permission_controller_test.exs index 2971e785..0c5d1fb5 100644 --- a/test/auth_web/controllers/permission_controller_test.exs +++ b/test/auth_web/controllers/permission_controller_test.exs @@ -28,9 +28,9 @@ defmodule AuthWeb.PermissionControllerTest do describe "create permission" do test "redirects to show when data is valid", %{conn: conn} do - - conn = admin_login(conn) - |> post(Routes.permission_path(conn, :create), permission: @create_attrs) + conn = + admin_login(conn) + |> post(Routes.permission_path(conn, :create), permission: @create_attrs) assert %{id: id} = redirected_params(conn) assert redirected_to(conn) == Routes.permission_path(conn, :show, id) @@ -40,8 +40,10 @@ defmodule AuthWeb.PermissionControllerTest do end test "renders errors when data is invalid", %{conn: conn} do - conn = admin_login(conn) - |> post(Routes.permission_path(conn, :create), permission: @invalid_attrs) + conn = + admin_login(conn) + |> post(Routes.permission_path(conn, :create), permission: @invalid_attrs) + assert html_response(conn, 200) =~ "New Permission" end end @@ -50,8 +52,10 @@ defmodule AuthWeb.PermissionControllerTest do setup [:create_permission] test "renders form for editing chosen permission", %{conn: conn, permission: permission} do - conn = admin_login(conn) - |> get(Routes.permission_path(conn, :edit, permission)) + conn = + admin_login(conn) + |> get(Routes.permission_path(conn, :edit, permission)) + assert html_response(conn, 200) =~ "Edit Permission" end end @@ -60,8 +64,10 @@ defmodule AuthWeb.PermissionControllerTest do setup [:create_permission] test "redirects when data is valid", %{conn: conn, permission: permission} do - conn = admin_login(conn) - |> put(Routes.permission_path(conn, :update, permission), permission: @update_attrs) + conn = + admin_login(conn) + |> put(Routes.permission_path(conn, :update, permission), permission: @update_attrs) + assert redirected_to(conn) == Routes.permission_path(conn, :show, permission) conn = get(conn, Routes.permission_path(conn, :show, permission)) @@ -69,8 +75,10 @@ defmodule AuthWeb.PermissionControllerTest do end test "renders errors when data is invalid", %{conn: conn, permission: permission} do - conn = admin_login(conn) - |> put(Routes.permission_path(conn, :update, permission), permission: @invalid_attrs) + conn = + admin_login(conn) + |> put(Routes.permission_path(conn, :update, permission), permission: @invalid_attrs) + assert html_response(conn, 200) =~ "Edit Permission" end end @@ -79,9 +87,12 @@ defmodule AuthWeb.PermissionControllerTest do setup [:create_permission] test "deletes chosen permission", %{conn: conn, permission: permission} do - conn = admin_login(conn) - |> delete(Routes.permission_path(conn, :delete, permission)) + conn = + admin_login(conn) + |> delete(Routes.permission_path(conn, :delete, permission)) + assert redirected_to(conn) == Routes.permission_path(conn, :index) + assert_error_sent 404, fn -> get(conn, Routes.permission_path(conn, :show, permission)) end diff --git a/test/auth_web/controllers/ping_controller_test.exs b/test/auth_web/controllers/ping_controller_test.exs index d6e3192a..cc536c58 100644 --- a/test/auth_web/controllers/ping_controller_test.exs +++ b/test/auth_web/controllers/ping_controller_test.exs @@ -7,4 +7,4 @@ defmodule AuthWeb.PingControllerTest do assert conn.state == :sent assert conn.resp_body =~ <<71, 73, 70, 56, 57>> end -end \ No newline at end of file +end diff --git a/test/auth_web/controllers/role_controller_test.exs b/test/auth_web/controllers/role_controller_test.exs index c6ad8b30..5bb16972 100644 --- a/test/auth_web/controllers/role_controller_test.exs +++ b/test/auth_web/controllers/role_controller_test.exs @@ -28,8 +28,9 @@ defmodule AuthWeb.RoleControllerTest do describe "create role" do test "redirects to show when data is valid", %{conn: conn} do - conn = admin_login(conn) - |> post(Routes.role_path(conn, :create), role: @create_attrs) + conn = + admin_login(conn) + |> post(Routes.role_path(conn, :create), role: @create_attrs) assert %{id: id} = redirected_params(conn) assert redirected_to(conn) == Routes.role_path(conn, :show, id) @@ -39,8 +40,10 @@ defmodule AuthWeb.RoleControllerTest do end test "renders errors when data is invalid", %{conn: conn} do - conn = admin_login(conn) - |> post(Routes.role_path(conn, :create), role: @invalid_attrs) + conn = + admin_login(conn) + |> post(Routes.role_path(conn, :create), role: @invalid_attrs) + assert html_response(conn, 200) =~ "New Role" end end @@ -49,8 +52,10 @@ defmodule AuthWeb.RoleControllerTest do setup [:create_role] test "renders form for editing chosen role", %{conn: conn, role: role} do - conn = admin_login(conn) - |> get(Routes.role_path(conn, :edit, role)) + conn = + admin_login(conn) + |> get(Routes.role_path(conn, :edit, role)) + assert html_response(conn, 200) =~ "Edit Role" end end @@ -59,8 +64,10 @@ defmodule AuthWeb.RoleControllerTest do setup [:create_role] test "redirects when data is valid", %{conn: conn, role: role} do - conn = admin_login(conn) - |> put(Routes.role_path(conn, :update, role), role: @update_attrs) + conn = + admin_login(conn) + |> put(Routes.role_path(conn, :update, role), role: @update_attrs) + assert redirected_to(conn) == Routes.role_path(conn, :show, role) conn = get(conn, Routes.role_path(conn, :show, role)) @@ -68,8 +75,10 @@ defmodule AuthWeb.RoleControllerTest do end test "renders errors when data is invalid", %{conn: conn, role: role} do - conn = admin_login(conn) - |> put(Routes.role_path(conn, :update, role), role: @invalid_attrs) + conn = + admin_login(conn) + |> put(Routes.role_path(conn, :update, role), role: @invalid_attrs) + assert html_response(conn, 200) =~ "Edit Role" end end @@ -78,9 +87,12 @@ defmodule AuthWeb.RoleControllerTest do setup [:create_role] test "deletes chosen role", %{conn: conn, role: role} do - conn = admin_login(conn) - |> delete(Routes.role_path(conn, :delete, role)) + conn = + admin_login(conn) + |> delete(Routes.role_path(conn, :delete, role)) + assert redirected_to(conn) == Routes.role_path(conn, :index) + assert_error_sent 404, fn -> get(conn, Routes.role_path(conn, :show, role)) end @@ -91,5 +103,4 @@ defmodule AuthWeb.RoleControllerTest do role = fixture(:role) %{role: role} end - end diff --git a/test/support/conn_case.ex b/test/support/conn_case.ex index 07e74d03..24e3bc1f 100644 --- a/test/support/conn_case.ex +++ b/test/support/conn_case.ex @@ -24,7 +24,7 @@ defmodule AuthWeb.ConnCase do import Phoenix.ConnTest # AuthTest is defined in test_helpers.exs # as per https://stackoverflow.com/a/58902158/1148249 - import AuthTest + import AuthTest alias AuthWeb.Router.Helpers, as: Routes # The default endpoint for testing @@ -39,8 +39,10 @@ defmodule AuthWeb.ConnCase do Ecto.Adapters.SQL.Sandbox.mode(Auth.Repo, {:shared, self()}) end - conn = Phoenix.ConnTest.build_conn() - |> Phoenix.ConnTest.init_test_session(%{}) + conn = + Phoenix.ConnTest.build_conn() + |> Phoenix.ConnTest.init_test_session(%{}) + # invoke Plug.Test.init_test_session/2 to setup the test session # before attempting to set a JWT. see: # https://github.com/dwyl/auth/issues/83#issuecomment-660052222 diff --git a/test/test_helper.exs b/test/test_helper.exs index c4d0d2a0..f0a5fa15 100644 --- a/test/test_helper.exs +++ b/test/test_helper.exs @@ -1,7 +1,6 @@ ExUnit.start() Ecto.Adapters.SQL.Sandbox.mode(Auth.Repo, :manual) - defmodule AuthTest do @moduledoc """ Test helper functions :-) @@ -14,4 +13,4 @@ defmodule AuthTest do person = Auth.Person.get_person_by_email(@admin_email) AuthPlug.create_jwt_session(conn, person) end -end \ No newline at end of file +end