tests: Fix tests.

Author: jnms-me

tests/mailinglist.rs

@@ -7,8 +7,8 @@ use serde_json::Value;
 use zauth::DbConn;
 use zauth::models::client::{Client, NewClient};
 use zauth::models::mail::NewMail;
-use zauth::models::role::NewRole;
 use zauth::models::role::Role;
+use zauth::models::role::{NewRole, RoleVisibility};
 use zauth::models::user::*;
 
 use crate::common::{HttpClient, config};
@@ -335,7 +335,7 @@ async fn authorized_client_can_use_mailinglist() {
 			NewRole {
 				name: config().mailer_role.to_string(),
 				description: "test".into(),
-				client_id: None,
+				visibility: RoleVisibility::Global,
 			},
 			&db,
 		)

tests/oauth.rs

@@ -17,6 +17,7 @@ use zauth::controllers::oauth_controller::UserToken;
 use zauth::models::client::{Client, NewClient};
 use zauth::models::role::NewRole;
 use zauth::models::role::Role;
+use zauth::models::role::RoleVisibility;
 use zauth::models::user::{NewUser, User};
 use zauth::token_store::TokenStore;
 
@@ -63,17 +64,30 @@ async fn create_client(db: &DbConn, name: &str) -> Client {
 	client.update(db).await.expect("client updated")
 }
 
-async fn create_role(db: &DbConn, name: &str, client_id: Option<i32>) -> Role {
-	Role::create(
+async fn create_role(
+	db: &DbConn,
+	name: &str,
+	visibility: RoleVisibility,
+	limited_to_client_ids: Vec<i32>,
+) -> Role {
+	let role = Role::create(
 		NewRole {
 			name: name.into(),
 			description: "test".into(),
-			client_id,
+			visibility,
 		},
 		db,
 	)
 	.await
-	.expect("role created")
+	.expect("role created");
+
+	for client_id in limited_to_client_ids {
+		role.add_client_to_limited_to(client_id, db)
+			.await
+			.expect("limited_to client added to role");
+	}
+
+	role
 }
 
 // Test all the usual oauth requests until `access_token/id_token` is retrieved.
@@ -363,14 +377,37 @@ async fn roles_flow() {
 		let user = create_user(&db).await;
 		let client = create_client(&db, CLIENT_ID).await;
 		let client_not_used = create_client(&db, "not_used").await;
-		let role_global = create_role(&db, "global", None).await;
-		let role_client = create_role(&db, "client", Some(client.id)).await;
-		let role_client_not_used =
-			create_role(&db, "client_not_used", Some(client_not_used.id)).await;
-		let _role_global_not_mapped =
-			create_role(&db, "global_not_mapped", None).await;
-		let _role_client_not_mapped =
-			create_role(&db, "client_not_mapped", Some(client.id)).await;
+		let role_global =
+			create_role(&db, "global", RoleVisibility::Global, Vec::from([]))
+				.await;
+		let role_client = create_role(
+			&db,
+			"client",
+			RoleVisibility::Limited,
+			Vec::from([client.id]),
+		)
+		.await;
+		let role_client_not_used = create_role(
+			&db,
+			"client_not_used",
+			RoleVisibility::Limited,
+			Vec::from([client_not_used.id]),
+		)
+		.await;
+		let _role_global_not_mapped = create_role(
+			&db,
+			"global_not_mapped",
+			RoleVisibility::Global,
+			Vec::from([]),
+		)
+		.await;
+		let _role_client_not_mapped = create_role(
+			&db,
+			"client_not_mapped",
+			RoleVisibility::Limited,
+			Vec::from([client.id]),
+		)
+		.await;
 
 		role_global
 			.add_user(user.id, &db)
@@ -456,7 +493,9 @@ async fn roles_flow() {
 async fn client_credentials_flow() {
 	common::as_visitor(async move |http_client, db| {
 		let client = create_client(&db, CLIENT_ID).await;
-		let role_global = create_role(&db, "global", None).await;
+		let role_global =
+			create_role(&db, "global", RoleVisibility::Global, Vec::from([]))
+				.await;
 		role_global
 			.add_client(client.id, &db)
 			.await

tests/roles.rs

@@ -2,8 +2,7 @@ mod common;
 
 use rocket::http::{Accept, ContentType, Status};
 
-use zauth::models::client::{Client, NewClient};
-use zauth::models::role::{NewRole, Role};
+use zauth::models::role::{NewRole, Role, RoleVisibility};
 use zauth::models::user::User;
 
 use crate::common::HttpClient;
@@ -51,8 +50,9 @@ async fn create_role_as_user() {
 async fn create_global_role() {
 	common::as_admin(async move |http_client: HttpClient, db, _user| {
 		let role_name = "test";
-		let role_form =
-			format!("name={role_name}&description=test_description");
+		let role_form = format!(
+			"name={role_name}&description=test_description&visibility=global"
+		);
 
 		let response = http_client
 			.post("/roles")
@@ -70,27 +70,17 @@ async fn create_global_role() {
 
 		assert_eq!(created.name, role_name);
 		assert_eq!(created.description, "test_description");
-		assert_eq!(created.client_id, None);
+		assert_eq!(created.visibility, RoleVisibility::Global);
 	})
 	.await;
 }
 
 #[rocket::async_test]
-async fn create_client_role() {
+async fn create_limited_role() {
 	common::as_admin(async move |http_client: HttpClient, db, _user| {
-		let client = Client::create(
-			NewClient {
-				name: String::from("test"),
-			},
-			&db,
-		)
-		.await
-		.unwrap();
-
 		let role_name = "test";
 		let role_form = format!(
-			"name={role_name}&description=test_description&client_id={}",
-			client.id
+			"name={role_name}&description=test_description&visibility=limited",
 		);
 
 		let response = http_client
@@ -109,7 +99,7 @@ async fn create_client_role() {
 
 		assert_eq!(created.name, role_name);
 		assert_eq!(created.description, "test_description");
-		assert_eq!(created.client_id, Some(client.id));
+		assert_eq!(created.visibility, RoleVisibility::Limited);
 	})
 	.await;
 }
@@ -121,7 +111,7 @@ async fn show_role_as_user() {
 			NewRole {
 				name: "test".into(),
 				description: "test".into(),
-				client_id: None,
+				visibility: RoleVisibility::Global,
 			},
 			&db,
 		)
@@ -145,7 +135,7 @@ async fn show_role_as_admin() {
 			NewRole {
 				name: "test".into(),
 				description: "test".into(),
-				client_id: None,
+				visibility: RoleVisibility::Global,
 			},
 			&db,
 		)
@@ -168,7 +158,7 @@ async fn delete_role() {
 			NewRole {
 				name: "test".into(),
 				description: "test".into(),
-				client_id: None,
+				visibility: RoleVisibility::Global,
 			},
 			&db,
 		)
@@ -194,7 +184,7 @@ async fn add_user_to_role_as_user() {
 			NewRole {
 				name: "test".into(),
 				description: "test".into(),
-				client_id: None,
+				visibility: RoleVisibility::Global,
 			},
 			&db,
 		)
@@ -223,7 +213,7 @@ async fn add_user_to_role_as_admin() {
 			NewRole {
 				name: "test".into(),
 				description: "test".into(),
-				client_id: None,
+				visibility: RoleVisibility::Global,
 			},
 			&db,
 		)
@@ -264,7 +254,7 @@ async fn add_role_to_user_as_user() {
 			NewRole {
 				name: "test".into(),
 				description: "test".into(),
-				client_id: None,
+				visibility: RoleVisibility::Global,
 			},
 			&db,
 		)
@@ -293,7 +283,7 @@ async fn add_role_to_user_as_admin() {
 			NewRole {
 				name: "test".into(),
 				description: "test".into(),
-				client_id: None,
+				visibility: RoleVisibility::Global,
 			},
 			&db,
 		)