mirror of
https://github.com/maybe-finance/maybe.git
synced 2025-07-19 13:19:39 +02:00
c7c281073f
* Initial impersonation * Impersonation audit * Keep super admin separate * Remove vscode settings * Comment cleanup * Comment out impersonation fixtures for now * Remove unused controlelr * Add impersonation testing (#1326) * Add impersonation testing * Remove unused method * Update schema.rb * Update brakeman --------- Co-authored-by: Zach Gollwitzer <zach@maybe.co>
40 lines
1 KiB
Ruby
40 lines
1 KiB
Ruby
require "test_helper"
|
|
|
|
class ImpersonationSessionTest < ActiveSupport::TestCase
|
|
test "only super admin can impersonate" do
|
|
regular_user = users(:family_member)
|
|
|
|
assert_not regular_user.super_admin?
|
|
|
|
assert_raises(ActiveRecord::RecordInvalid) do
|
|
ImpersonationSession.create!(
|
|
impersonator: regular_user,
|
|
impersonated: users(:maybe_support_staff)
|
|
)
|
|
end
|
|
end
|
|
|
|
test "super admin cannot be impersonated" do
|
|
super_admin = users(:maybe_support_staff)
|
|
|
|
assert super_admin.super_admin?
|
|
|
|
assert_raises(ActiveRecord::RecordInvalid) do
|
|
ImpersonationSession.create!(
|
|
impersonator: users(:family_member),
|
|
impersonated: super_admin
|
|
)
|
|
end
|
|
end
|
|
|
|
test "impersonation session must have different impersonator and impersonated" do
|
|
super_admin = users(:maybe_support_staff)
|
|
|
|
assert_raises(ActiveRecord::RecordInvalid) do
|
|
ImpersonationSession.create!(
|
|
impersonator: super_admin,
|
|
impersonated: super_admin
|
|
)
|
|
end
|
|
end
|
|
end
|