From 41cbaf7db2fabe29a3bbd9c18d3f59bb50a71f61 Mon Sep 17 00:00:00 2001 From: Mario Date: Sat, 2 Nov 2024 18:37:54 +0100 Subject: [PATCH] test: registered users authorization tests --- .../e2e/web/api/v1/contexts/user/contract.rs | 71 +++++++++++++++++++ 1 file changed, 71 insertions(+) diff --git a/tests/e2e/web/api/v1/contexts/user/contract.rs b/tests/e2e/web/api/v1/contexts/user/contract.rs index a88538dd..98984e42 100644 --- a/tests/e2e/web/api/v1/contexts/user/contract.rs +++ b/tests/e2e/web/api/v1/contexts/user/contract.rs @@ -283,4 +283,75 @@ mod authorization { assert_eq!(response.status, 401); } } + + mod for_registered_users { + use torrust_index::web::api; + + use crate::common::client::Client; + use crate::common::contexts::user::fixtures::{DEFAULT_PASSWORD, VALID_PASSWORD}; + use crate::common::contexts::user::forms::{ChangePasswordForm, RegistrationForm, Username}; + use crate::e2e::environment::TestEnv; + use crate::e2e::web::api::v1::contexts::user::steps::{new_logged_in_user, new_registered_user}; + + #[tokio::test] + async fn it_should_not_allow_a_registered_user_to_register() { + let mut env = TestEnv::new(); + env.start(api::Version::V1).await; + + let logged_in_user = new_logged_in_user(&env).await; + + let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_user.token); + + let response = client + .register_user(RegistrationForm { + username: logged_in_user.username, + email: Some("test@email.com".to_string()), + password: VALID_PASSWORD.to_string(), + confirm_password: VALID_PASSWORD.to_string(), + }) + .await; + + assert_eq!(response.status, 400); + } + + #[tokio::test] + async fn it_should_allow_registered_users_to_change_their_passwords() { + let mut env = TestEnv::new(); + env.start(api::Version::V1).await; + + let logged_in_user = new_logged_in_user(&env).await; + + let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_user.token); + + let new_password = VALID_PASSWORD.to_string(); + + let response = client + .change_password( + Username::new(logged_in_user.username.clone()), + ChangePasswordForm { + current_password: DEFAULT_PASSWORD.to_string(), + password: new_password.clone(), + confirm_password: new_password.clone(), + }, + ) + .await; + + assert_eq!(response.status, 200); + } + #[tokio::test] + async fn it_should_not_allow_a_registered_to_ban_a_user() { + let mut env = TestEnv::new(); + env.start(api::Version::V1).await; + + let logged_in_user = new_logged_in_user(&env).await; + + let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_user.token); + + let registered_user = new_registered_user(&env).await; + + let response = client.ban_user(Username::new(registered_user.username.clone())).await; + + assert_eq!(response.status, 403); + } + } }