Unofficial Dub Package Documentation 
1 module tests.management.accessRights;
2 
3 import tests.management.setup;
4 
5 
6 
7 /// It should redirect to login on missing auth
8 unittest {
9   auto paths = [
10     "/admin/users",
11     "/admin/users/1",
12     "/admin/users/1/account",
13     "/admin/users/1/delete",
14     "/admin/users/1/security",
15     "/admin/users/1/security/make-admin",
16     "/admin/users/1/security/revoke-admin"
17   ];
18 
19   foreach(path; paths) {
20     testRouter
21       .request
22       .get(path)
23       .expectStatusCode(302)
24       .expectHeader("Location", "http://localhost:0/login")
25       .end;
26   }
27 
28   paths = [
29     "/admin/users/1/update",
30     "/admin/users/1/account/update",
31     "/admin/users/1/delete",
32     "/admin/users/1/security/make-admin",
33     "/admin/users/1/security/revoke-admin"
34   ];
35 
36   foreach(path; paths) {
37     testRouter
38       .request
39       .post(path)
40       .expectStatusCode(302)
41       .expectHeader("Location", "http://localhost:0/login")
42       .end;
43   }
44 }
45 
46 /// It should not access the other users profiles when the loged user is not admin
47 unittest {
48   auto paths = [
49     "/admin/users",
50     "/admin/users/1",
51     "/admin/users/1/account",
52     "/admin/users/1/delete",
53     "/admin/users/1/security",
54     "/admin/users/1/security/make-admin",
55     "/admin/users/1/security/revoke-admin"
56   ];
57 
58   foreach(path; paths) {
59     auto router = testRouter;
60 
61     auto otherUser = new User("bravo@gmail.com", "other-password");
62     otherUser.name = "John Bravo";
63     otherUser.username = "test2";
64     otherUser.id = 2;
65     collection.add(otherUser);
66     authToken = collection.createToken(otherUser.email, Clock.currTime + 3600.seconds, [], "webLogin");
67 
68     router
69       .request
70       .get(path)
71       .header("Cookie", "auth-token=" ~ authToken.name)
72       .expectStatusCode(404)
73       .end;
74   }
75 
76 
77   paths = [
78     "/admin/users/1/update",
79     "/admin/users/1/account/update",
80     "/admin/users/1/delete",
81     "/admin/users/1/security/make-admin",
82     "/admin/users/1/security/revoke-admin"
83   ];
84 
85   foreach(path; paths) {
86     auto router = testRouter;
87 
88     auto otherUser = new User("bravo@gmail.com", "other-password");
89     otherUser.name = "John Bravo";
90     otherUser.username = "test2";
91     otherUser.id = 2;
92     collection.add(otherUser);
93     authToken = collection.createToken(otherUser.email, Clock.currTime + 3600.seconds, [], "webLogin");
94 
95     router
96       .request
97       .post(path)
98       .header("Cookie", "auth-token=" ~ authToken.name)
99       .expectStatusCode(404)
100       .end;
101   }
102 }

Page generated by adrdox