vrr/Pulse
2
0
Fork 0
mirror of https://github.com/rcourtman/Pulse.git synced 2026-05-07 08:57:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
Pulse/internal/api/authorization_additional_test.go
rcourtman 778a2577b6 feat: Pulse v6 release
2026-03-18 16:06:30 +00:00

53 lines
1.6 KiB
Go
Raw Blame History

package api
import (
"testing"
"github.com/rcourtman/pulse-go-rewrite/internal/models"
)
func TestMultiTenantOrganizationLoader_NoPersistence(t *testing.T) {
loader := NewMultiTenantOrganizationLoader(nil)
if _, err := loader.GetOrganization("org"); err == nil {
t.Fatalf("expected error when persistence is nil")
}
}
func TestDefaultAuthorizationChecker_CanAccessOrg_Default(t *testing.T) {
// Default org is always accessible to any authenticated user,
// even without an organization loader configured.
checker := NewAuthorizationChecker(nil)
if !checker.CanAccessOrg("user", nil, "default") {
t.Fatalf("expected default org to be accessible to any authenticated user")
}
}
type staticOrgLoader struct {
org *models.Organization
err error
}
func (s staticOrgLoader) GetOrganization(string) (*models.Organization, error) {
return s.org, s.err
}
func TestDefaultAuthorizationChecker_CanAccessOrg_DefaultWithMembershipConfigured(t *testing.T) {
// Default org is always accessible to any authenticated user,
// regardless of membership configuration.
checker := NewAuthorizationChecker(staticOrgLoader{
org: &models.Organization{
ID: "default",
Members: []models.OrganizationMember{
{UserID: "owner", Role: models.OrgRoleOwner},
},
},
})
// Both member and non-member should be able to access the default org.
if !checker.CanAccessOrg("user", nil, "default") {
t.Fatalf("expected default org to be accessible to non-member user")
}
if !checker.CanAccessOrg("owner", nil, "default") {
t.Fatalf("expected default org to be accessible to owner")
}
}
Reference in a new issue View git blame Copy permalink