Sha256: d4b1c2fce7f7f5061d2e2fc90d39dd4443f72af2cf6d0f40c2b59a1e5c50dcf7
Contents?: true
Size: 1.37 KB
Versions: 40
Compression:
Stored size: 1.37 KB
Contents
require 'spec_helper'
feature 'not found private on app', organization_workspace: :base do
before { set_subdomain_host! Organization.base.name }
before { Organization.base.switch! }
let(:admin) { create(:user, permissions: {admin: '*'}) }
let(:student_api_client) { create :api_client, role: :student, grant: 'central/*' }
let(:admin_api_client) { create :api_client, role: :admin, grant: '*' }
scenario 'app without authentication' do
visit '/nonexistentroute'
expect(page).to have_text 'You are not allowed to see this content'
end
scenario 'app with authentication' do
set_current_user! admin
visit '/nonexistentroute'
expect(page).to have_text 'You may have mistyped the address or the page may have moved'
end
scenario 'api without authorization' do
Capybara.current_session.driver.header 'Authorization', "Bearer #{student_api_client.token}"
visit '/api/nonexistentroute'
expect(page.text).to json_eq errors: [
'The operation on organization base' +
' was forbidden to user foo+1@bar.com' +
' with permissions !student:central/*;teacher:;headmaster:;janitor:;admin:;owner:']
end
scenario 'api with authentication' do
Capybara.current_session.driver.header 'Authorization', "Bearer #{admin_api_client.token}"
visit '/api/nonexistentroute'
expect(page.text).to json_eq errors: ['not found']
end
end
Version data entries
40 entries across 40 versions & 1 rubygems