diff --git a/test/trento_web/controllers/v1/database_controller_test.exs b/test/trento_web/controllers/v1/database_controller_test.exs index 265b80a6a3..4a65dbe9b1 100644 --- a/test/trento_web/controllers/v1/database_controller_test.exs +++ b/test/trento_web/controllers/v1/database_controller_test.exs @@ -113,6 +113,41 @@ defmodule TrentoWeb.V1.DatabaseControllerTest do |> json_response(404) |> assert_schema("NotFound", api_spec) end + + test "should allow the request when the user has cleanup:database_instance ability", %{ + conn: conn + } do + %{id: database_id} = build(:database) + + %{host_id: host_id, instance_number: instance_number} = + build(:database_instance, database_id: database_id) + + %{id: user_id} = insert(:user) + + %{id: ability_id} = insert(:ability, name: "cleanup", resource: "database_instance") + insert(:users_abilities, user_id: user_id, ability_id: ability_id) + + conn = + conn + |> Pow.Plug.assign_current_user(%{"user_id" => user_id}, Pow.Plug.fetch_config(conn)) + |> put_req_header("content-type", "application/json") + + expect( + Trento.Commanded.Mock, + :dispatch, + fn %DeregisterDatabaseInstance{ + database_id: ^database_id, + host_id: ^host_id, + instance_number: ^instance_number + } -> + :ok + end + ) + + conn + |> delete("/api/v1/databases/#{database_id}/hosts/#{host_id}/instances/#{instance_number}") + |> response(204) + end end describe "forbidden response" do diff --git a/test/trento_web/controllers/v1/host_controller_test.exs b/test/trento_web/controllers/v1/host_controller_test.exs index 4e4f031a80..f782ae6a2c 100644 --- a/test/trento_web/controllers/v1/host_controller_test.exs +++ b/test/trento_web/controllers/v1/host_controller_test.exs @@ -329,6 +329,34 @@ defmodule TrentoWeb.V1.HostControllerTest do |> json_response(404) |> assert_schema("NotFound", api_spec) end + + test "should allow the request when the user has cleanup:host ability", %{ + conn: conn + } do + %{id: host_id} = insert(:host) + + %{id: user_id} = insert(:user) + + %{id: ability_id} = insert(:ability, name: "cleanup", resource: "host") + insert(:users_abilities, user_id: user_id, ability_id: ability_id) + + conn = + conn + |> Pow.Plug.assign_current_user(%{"user_id" => user_id}, Pow.Plug.fetch_config(conn)) + |> put_req_header("content-type", "application/json") + + expect( + Trento.Commanded.Mock, + :dispatch, + fn %RequestHostDeregistration{host_id: ^host_id} -> + :ok + end + ) + + conn + |> delete("/api/v1/hosts/#{host_id}") + |> response(204) + end end describe "forbidden response" do diff --git a/test/trento_web/controllers/v1/sap_system_controller_test.exs b/test/trento_web/controllers/v1/sap_system_controller_test.exs index 499d2dd719..f418bc06cb 100644 --- a/test/trento_web/controllers/v1/sap_system_controller_test.exs +++ b/test/trento_web/controllers/v1/sap_system_controller_test.exs @@ -121,6 +121,43 @@ defmodule TrentoWeb.V1.SapSystemControllerTest do |> json_response(404) |> assert_schema("NotFound", api_spec) end + + test "should allow the request when the user has cleanup:application_instance ability", %{ + conn: conn + } do + %{id: sap_system_id} = build(:sap_system) + + %{host_id: host_id, instance_number: instance_number} = + build(:application_instance, sap_system_id: sap_system_id) + + %{id: user_id} = insert(:user) + + %{id: ability_id} = insert(:ability, name: "cleanup", resource: "application_instance") + insert(:users_abilities, user_id: user_id, ability_id: ability_id) + + conn = + conn + |> Pow.Plug.assign_current_user(%{"user_id" => user_id}, Pow.Plug.fetch_config(conn)) + |> put_req_header("content-type", "application/json") + + expect( + Trento.Commanded.Mock, + :dispatch, + fn %DeregisterApplicationInstance{ + sap_system_id: ^sap_system_id, + host_id: ^host_id, + instance_number: ^instance_number + } -> + :ok + end + ) + + conn + |> delete( + "/api/v1/sap_systems/#{sap_system_id}/hosts/#{host_id}/instances/#{instance_number}" + ) + |> response(204) + end end describe "forbidden response" do