test: added authorization tests for the category context

mario-nt · mario-nt · commit f2f1c5752eef · 2024-08-14T16:04:23.000+02:00
diff --git a/tests/e2e/web/api/v1/contexts/category/contract.rs b/tests/e2e/web/api/v1/contexts/category/contract.rs
@@ -4,13 +4,11 @@ use torrust_index::web::api;
 
 use crate::common::asserts::assert_json_ok_response;
 use crate::common::client::Client;
-use crate::common::contexts::category::asserts::{assert_added_category_response, assert_deleted_category_response};
-use crate::common::contexts::category::fixtures::random_category_name;
-use crate::common::contexts::category::forms::{AddCategoryForm, DeleteCategoryForm};
+use crate::common::contexts::category::forms::AddCategoryForm;
 use crate::common::contexts::category::responses::ListResponse;
 use crate::e2e::environment::TestEnv;
 use crate::e2e::web::api::v1::contexts::category::steps::{add_category, add_random_category};
-use crate::e2e::web::api::v1::contexts::user::steps::{new_logged_in_admin, new_logged_in_user};
+use crate::e2e::web::api::v1::contexts::user::steps::new_logged_in_admin;
 
 #[tokio::test]
 async fn it_should_return_an_empty_category_list_when_there_are_no_categories() {
@@ -48,151 +46,226 @@ async fn it_should_return_a_category_list() {
 }
 
 #[tokio::test]
-async fn it_should_not_allow_adding_a_new_category_to_unauthenticated_users() {
+async fn it_should_not_allow_adding_empty_categories() {
     let mut env = TestEnv::new();
     env.start(api::Version::V1).await;
 
-    let client = Client::unauthenticated(&env.server_socket_addr().unwrap());
+    let logged_in_admin = new_logged_in_admin(&env).await;
+    let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_admin.token);
 
-    let response = client
-        .add_category(AddCategoryForm {
-            name: "CATEGORY NAME".to_string(),
-            icon: None,
-        })
-        .await;
+    let invalid_category_names = vec![String::new(), " ".to_string()];
 
-    assert_eq!(response.status, 401);
+    for invalid_name in invalid_category_names {
+        let response = client
+            .add_category(AddCategoryForm {
+                name: invalid_name,
+                icon: None,
+            })
+            .await;
+
+        assert_eq!(response.status, 400);
+    }
 }
 
 #[tokio::test]
-async fn it_should_not_allow_adding_a_new_category_to_non_admins() {
+async fn it_should_not_allow_adding_duplicated_categories() {
     let mut env = TestEnv::new();
     env.start(api::Version::V1).await;
 
-    let logged_non_admin = new_logged_in_user(&env).await;
-
-    let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_non_admin.token);
+    let added_category_name = add_random_category(&env).await;
 
-    let response = client
-        .add_category(AddCategoryForm {
-            name: "CATEGORY NAME".to_string(),
-            icon: None,
-        })
-        .await;
+    // Try to add the same category again
+    let response = add_category(&added_category_name, &env).await;
 
-    assert_eq!(response.status, 403);
+    assert_eq!(response.status, 400);
 }
 
-#[tokio::test]
-async fn it_should_allow_admins_to_add_new_categories() {
-    let mut env = TestEnv::new();
-    env.start(api::Version::V1).await;
+mod for_guest_users {
+    use torrust_index::web::api;
 
-    let logged_in_admin = new_logged_in_admin(&env).await;
-    let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_admin.token);
+    use crate::common::client::Client;
+    use crate::common::contexts::category::forms::{AddCategoryForm, DeleteCategoryForm};
+    use crate::e2e::environment::TestEnv;
+    use crate::e2e::web::api::v1::contexts::category::steps::add_random_category;
 
-    let category_name = random_category_name();
+    #[tokio::test]
+    async fn it_should_allow_guest_users_to_get_the_categories() {
+        let mut env = TestEnv::new();
 
-    let response = client
-        .add_category(AddCategoryForm {
-            name: category_name.to_string(),
-            icon: None,
-        })
-        .await;
+        env.start(api::Version::V1).await;
 
-    assert_added_category_response(&response, &category_name);
-}
+        let client = Client::unauthenticated(&env.server_socket_addr().unwrap());
 
-#[tokio::test]
-async fn it_should_not_allow_adding_empty_categories() {
-    let mut env = TestEnv::new();
-    env.start(api::Version::V1).await;
+        let response = client.get_categories().await;
 
-    let logged_in_admin = new_logged_in_admin(&env).await;
-    let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_admin.token);
+        assert_eq!(response.status, 200);
+    }
 
-    let invalid_category_names = vec![String::new(), " ".to_string()];
+    #[tokio::test]
+    async fn it_should_not_allow_adding_a_new_category_to_guest_users() {
+        let mut env = TestEnv::new();
+        env.start(api::Version::V1).await;
+
+        let client = Client::unauthenticated(&env.server_socket_addr().unwrap());
 
-    for invalid_name in invalid_category_names {
         let response = client
             .add_category(AddCategoryForm {
-                name: invalid_name,
+                name: "CATEGORY NAME".to_string(),
                 icon: None,
             })
             .await;
 
-        assert_eq!(response.status, 400);
+        assert_eq!(response.status, 401);
     }
-}
 
-#[tokio::test]
-async fn it_should_not_allow_adding_duplicated_categories() {
-    let mut env = TestEnv::new();
-    env.start(api::Version::V1).await;
+    #[tokio::test]
+    async fn it_should_not_allow_guests_to_delete_categories() {
+        let mut env = TestEnv::new();
+        env.start(api::Version::V1).await;
 
-    let added_category_name = add_random_category(&env).await;
+        let client = Client::unauthenticated(&env.server_socket_addr().unwrap());
 
-    // Try to add the same category again
-    let response = add_category(&added_category_name, &env).await;
+        let added_category_name = add_random_category(&env).await;
 
-    assert_eq!(response.status, 400);
+        let response = client
+            .delete_category(DeleteCategoryForm {
+                name: added_category_name.to_string(),
+                icon: None,
+            })
+            .await;
+
+        assert_eq!(response.status, 401);
+    }
 }
 
-#[tokio::test]
-async fn it_should_allow_admins_to_delete_categories() {
-    let mut env = TestEnv::new();
-    env.start(api::Version::V1).await;
+mod for_authenticated_users {
+    use torrust_index::web::api;
 
-    let logged_in_admin = new_logged_in_admin(&env).await;
-    let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_admin.token);
+    use crate::common::client::Client;
+    use crate::common::contexts::category::forms::{AddCategoryForm, DeleteCategoryForm};
+    use crate::e2e::environment::TestEnv;
+    use crate::e2e::web::api::v1::contexts::category::steps::add_random_category;
+    use crate::e2e::web::api::v1::contexts::user::steps::new_logged_in_user;
 
-    let added_category_name = add_random_category(&env).await;
+    #[tokio::test]
+    async fn it_should_allow_authenticated_users_to_get_the_categories() {
+        let mut env = TestEnv::new();
 
-    let response = client
-        .delete_category(DeleteCategoryForm {
-            name: added_category_name.to_string(),
-            icon: None,
-        })
-        .await;
+        env.start(api::Version::V1).await;
 
-    assert_deleted_category_response(&response, &added_category_name);
-}
+        let authenticated_user = new_logged_in_user(&env).await;
 
-#[tokio::test]
-async fn it_should_not_allow_non_admins_to_delete_categories() {
-    let mut env = TestEnv::new();
-    env.start(api::Version::V1).await;
+        let client = Client::authenticated(&env.server_socket_addr().unwrap(), &authenticated_user.token);
 
-    let added_category_name = add_random_category(&env).await;
+        let response = client.get_categories().await;
 
-    let logged_in_non_admin = new_logged_in_user(&env).await;
-    let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_non_admin.token);
+        assert_eq!(response.status, 200);
+    }
 
-    let response = client
-        .delete_category(DeleteCategoryForm {
-            name: added_category_name.to_string(),
-            icon: None,
-        })
-        .await;
+    #[tokio::test]
+    async fn it_should_not_allow_adding_a_new_category_to_authenticated_users() {
+        let mut env = TestEnv::new();
+        env.start(api::Version::V1).await;
 
-    assert_eq!(response.status, 403);
+        let logged_non_admin = new_logged_in_user(&env).await;
+
+        let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_non_admin.token);
+
+        let response = client
+            .add_category(AddCategoryForm {
+                name: "CATEGORY NAME".to_string(),
+                icon: None,
+            })
+            .await;
+
+        assert_eq!(response.status, 403);
+    }
+
+    #[tokio::test]
+    async fn it_should_not_allow_authenticated_users_to_delete_categories() {
+        let mut env = TestEnv::new();
+        env.start(api::Version::V1).await;
+
+        let added_category_name = add_random_category(&env).await;
+
+        let logged_in_non_admin = new_logged_in_user(&env).await;
+        let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_non_admin.token);
+
+        let response = client
+            .delete_category(DeleteCategoryForm {
+                name: added_category_name.to_string(),
+                icon: None,
+            })
+            .await;
+
+        assert_eq!(response.status, 403);
+    }
 }
 
-#[tokio::test]
-async fn it_should_not_allow_guests_to_delete_categories() {
-    let mut env = TestEnv::new();
-    env.start(api::Version::V1).await;
+mod for_admin_users {
 
-    let client = Client::unauthenticated(&env.server_socket_addr().unwrap());
+    use torrust_index::web::api;
 
-    let added_category_name = add_random_category(&env).await;
+    use crate::common::client::Client;
+    use crate::common::contexts::category::asserts::{assert_added_category_response, assert_deleted_category_response};
+    use crate::common::contexts::category::fixtures::random_category_name;
+    use crate::common::contexts::category::forms::{AddCategoryForm, DeleteCategoryForm};
+    use crate::e2e::environment::TestEnv;
+    use crate::e2e::web::api::v1::contexts::category::steps::add_random_category;
+    use crate::e2e::web::api::v1::contexts::user::steps::new_logged_in_admin;
+
+    #[tokio::test]
+    async fn it_should_allow_admins_to_get_categories() {
+        let mut env = TestEnv::new();
 
-    let response = client
-        .delete_category(DeleteCategoryForm {
-            name: added_category_name.to_string(),
-            icon: None,
-        })
-        .await;
+        env.start(api::Version::V1).await;
 
-    assert_eq!(response.status, 401);
+        let logged_in_admin = new_logged_in_admin(&env).await;
+
+        let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_admin.token);
+
+        let response = client.get_categories().await;
+
+        assert_eq!(response.status, 200);
+    }
+
+    #[tokio::test]
+    async fn it_should_allow_admins_to_add_new_categories() {
+        let mut env = TestEnv::new();
+        env.start(api::Version::V1).await;
+
+        let logged_in_admin = new_logged_in_admin(&env).await;
+        let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_admin.token);
+
+        let category_name = random_category_name();
+
+        let response = client
+            .add_category(AddCategoryForm {
+                name: category_name.to_string(),
+                icon: None,
+            })
+            .await;
+
+        assert_added_category_response(&response, &category_name);
+    }
+
+    #[tokio::test]
+    async fn it_should_allow_admins_to_delete_categories() {
+        let mut env = TestEnv::new();
+        env.start(api::Version::V1).await;
+
+        let logged_in_admin = new_logged_in_admin(&env).await;
+        let client = Client::authenticated(&env.server_socket_addr().unwrap(), &logged_in_admin.token);
+
+        let added_category_name = add_random_category(&env).await;
+
+        let response = client
+            .delete_category(DeleteCategoryForm {
+                name: added_category_name.to_string(),
+                icon: None,
+            })
+            .await;
+
+        assert_deleted_category_response(&response, &added_category_name);
+    }
 }
