Skip to content
Snippets Groups Projects
Normal view Permalink
visualizer_test.go 2.59 KiB
Newer Older
  • Learn to ignore specific revisions
    • Alexis POYEN's avatar
    Resolve "API user capturer"
    Alexis POYEN committed
    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 
    package rootmux

import (
	"encoding/json"
	"testing"

	"forge.grandlyon.com/apoyen/elections/internal/auth"
	"forge.grandlyon.com/apoyen/sdk-go/pkg/tester"
)

/**
Banker TESTS (those tests are to check the bankers rights)
**/
func VisualizerTests(t *testing.T) {
	// Create the tester
	ts, do, _ := createTester(t)
	defer ts.Close() // Close the tester
	tests := func() {
		// Get the XSRF Token
		response := do("GET", "/api/common/WhoAmI", noH, "", 200, "")
		token := auth.TokenData{}
		json.Unmarshal([]byte(response), &token)
		xsrfHeader := tester.Header{Key: "XSRF-TOKEN", Value: token.XSRFToken}

		// Create a capturer should fail with 405
		do("POST", "/api/Capturer", xsrfHeader, `{"userID":2,"name":"Capturer"}`, 405, `You're not authorize to execute this method on this ressource.`)
		// Get a capturer should fail with 405
		do("GET", "/api/Capturer/1", xsrfHeader, "", 405, `You're not authorize to execute this method on this ressource.`)
		// Get all the capturer should fail with 405
		do("GET", "/api/Capturer/", xsrfHeader, "", 405, `You're not authorize to execute this method on this ressource.`)
		// Update a capturer should fail with 405
		do("PUT", "/api/Capturer/1", xsrfHeader, `{"ID":1,"UserID":2,"Name":"capturer"}`, 405, `You're not authorize to execute this method on this ressource.`)
		// Delete a capturer should fail with 405
		do("DELETE", "/api/Capturer/1", xsrfHeader, ``, 405, `You're not authorize to execute this method on this ressource.`)
    Alexis POYEN's avatar
    Resolve "Election API"  
    Alexis POYEN committed
    36 37 38 39 40 41 42 43 44 45 46 
    		// Create an election should fail with 405
		do("POST", "/api/Election", xsrfHeader, `{"Name":"Grand Lyon 2020", "BallotType":"metropolitan-direct"}`, 405, `You're not authorize to execute this method on this ressource.`)
		// Get an Election should fail with 405
		do("GET", "/api/Election/1", xsrfHeader, "", 405, `You're not authorize to execute this method on this ressource.`)
		// Get all the elections should fail with 405
		do("GET", "/api/Election/", xsrfHeader, "", 405, `You're not authorize to execute this method on this ressource.`)
		// Update an election should fail with 405
		do("PUT", "/api/Election/1", xsrfHeader, `{"Name":"Grand Lyon 2020", "BallotType":"metropolitan-direct"}`, 405, `You're not authorize to execute this method on this ressource.`)
		// Delete an election should fail with 405
		do("DELETE", "/api/Election/1", xsrfHeader, ``, 405, `You're not authorize to execute this method on this ressource.`)
    Alexis POYEN's avatar
    Resolve "API user capturer"
    Alexis POYEN committed
    47 48 49 50 51 52 53 
    	}
	// Do a in memory login with an known admin
	do("POST", "/Login", noH, `{"login": "visualizer","password": "password"}`, 200, "")
	tests()
	// Try to logout (must pass)
	do("GET", "/Logout", noH, "", 200, "Logout OK")
}