mirror of
https://github.com/maybe-finance/maybe.git
synced 2025-07-24 15:49:39 +02:00
Impersonation (#1325)
* Initial impersonation * Impersonation audit * Keep super admin separate * Remove vscode settings * Comment cleanup * Comment out impersonation fixtures for now * Remove unused controlelr * Add impersonation testing (#1326) * Add impersonation testing * Remove unused method * Update schema.rb * Update brakeman --------- Co-authored-by: Zach Gollwitzer <zach@maybe.co>
This commit is contained in:
Josh Pigford
GitHub
parent
4a3685f503
commit
c7c281073f
29 changed files with 477 additions and 16 deletions
40
test/models/impersonation_session_test.rb
Normal file
40
test/models/impersonation_session_test.rb
Normal file
|
|
@ -0,0 +1,40 @@
|
|||
require "test_helper"
|
||||
|
||||
class ImpersonationSessionTest < ActiveSupport::TestCase
|
||||
test "only super admin can impersonate" do
|
||||
regular_user = users(:family_member)
|
||||
|
||||
assert_not regular_user.super_admin?
|
||||
|
||||
assert_raises(ActiveRecord::RecordInvalid) do
|
||||
ImpersonationSession.create!(
|
||||
impersonator: regular_user,
|
||||
impersonated: users(:maybe_support_staff)
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
test "super admin cannot be impersonated" do
|
||||
super_admin = users(:maybe_support_staff)
|
||||
|
||||
assert super_admin.super_admin?
|
||||
|
||||
assert_raises(ActiveRecord::RecordInvalid) do
|
||||
ImpersonationSession.create!(
|
||||
impersonator: users(:family_member),
|
||||
impersonated: super_admin
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
test "impersonation session must have different impersonator and impersonated" do
|
||||
super_admin = users(:maybe_support_staff)
|
||||
|
||||
assert_raises(ActiveRecord::RecordInvalid) do
|
||||
ImpersonationSession.create!(
|
||||
impersonator: super_admin,
|
||||
impersonated: super_admin
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
Loading…
Add table
Add a link
Reference in a new issue