Test for anonymous writes.

5 years ago · 37c74d8bde
2 changed files with 98 additions and 33 deletions
--- a/backend/tools/TestSuite/TestSuite.ApiTests/AnonymousTests.cs
+++ b/backend/tools/TestSuite/TestSuite.ApiTests/AnonymousTests.cs
@ -0,0 +1,98 @@
 // ==========================================================================
 //  Squidex Headless CMS
 // ==========================================================================
 //  Copyright (c) Squidex UG (haftungsbeschraenkt)
 //  All rights reserved. Licensed under the MIT license.
 // ==========================================================================
 using System;
 using System.Net;
 using System.Net.Http;
 using System.Threading.Tasks;
 using Squidex.ClientLibrary.Management;
 using TestSuite.Fixtures;
 using Xunit;
 #pragma warning disable SA1300 // Element should begin with upper-case letter
 #pragma warning disable SA1507 // Code should not contain multiple blank lines in a row
 namespace TestSuite.ApiTests
 {
    public class AnonymousTests : IClassFixture<ClientFixture>
    {
        public ClientFixture _ { get; }
        public AnonymousTests(ClientFixture fixture)
        {
            _ = fixture;
        }
        [Fact]
        public async Task Should_create_app_with_anonymous_read_access()
        {
            var appName = Guid.NewGuid().ToString();
            // STEP 1: Create app
            var createRequest = new CreateAppDto { Name = appName };
            var app = await _.Apps.PostAppAsync(createRequest);
            // Should return create app with correct name.
            Assert.Equal(appName, app.Name);
            // STEP 2: Make the client anonymous.
            var clientRequest = new UpdateClientDto { AllowAnonymous = true };
            await _.Apps.PutClientAsync(appName, "default", clientRequest);
            // STEP 3: Check anonymous permission
            var url = $"{_.ClientManager.Options.Url}/api/apps/{appName}/settings";
            using (var httpClient = new HttpClient())
            {
                var response = await httpClient.GetAsync(url);
                Assert.Equal(HttpStatusCode.OK, response.StatusCode);
            }
        }
        [Fact]
        public async Task Should_create_app_with_anonymous_write_access()
        {
            var appName = Guid.NewGuid().ToString();
            // STEP 1: Create app
            var createRequest = new CreateAppDto { Name = appName };
            var app = await _.Apps.PostAppAsync(createRequest);
            // Should return create app with correct name.
            Assert.Equal(appName, app.Name);
            // STEP 2: Make the client anonymous.
            var clientRequest = new UpdateClientDto { AllowAnonymous = true };
            await _.Apps.PutClientAsync(appName, "default", clientRequest);
            // STEP 3: Create schema
            var schemaRequest = new CreateSchemaDto { Name = "my-content", IsPublished = true };
            await _.Schemas.PostSchemaAsync(appName, schemaRequest);
            // STEP 3: Create a content.
            var url = $"{_.ClientManager.Options.Url}/api/content/{appName}/my-content";
            using (var httpClient = new HttpClient())
            {
                var response = await httpClient.PostAsync(url, new StringContent("{}", null, "text/json"));
                Assert.Equal(HttpStatusCode.Created, response.StatusCode);
            }
        }
    }
 }
--- a/backend/tools/TestSuite/TestSuite.ApiTests/AppCreationTests.cs
+++ b/backend/tools/TestSuite/TestSuite.ApiTests/AppCreationTests.cs
@ -6,8 +6,6 @@
 // ==========================================================================
 using System;
 using System.Net;
 using System.Net.Http;
 using System.Threading.Tasks;
 using Squidex.ClientLibrary.Management;
 using TestSuite.Fixtures;
@ -62,37 +60,6 @@ namespace TestSuite.ApiTests
            Assert.Contains(clients.Items, x => x.Id == "default");
        }
        [Fact]
        public async Task Should_create_app_with_anonymous_access()
        {
            var appName = Guid.NewGuid().ToString();
            // STEP 1: Create app
            var createRequest = new CreateAppDto { Name = appName };
            var app = await _.Apps.PostAppAsync(createRequest);
            // Should return create app with correct name.
            Assert.Equal(appName, app.Name);
            // STEP 2: Make the client anonymous.
            var request = new UpdateClientDto
            {
                AllowAnonymous = true, Role = "Owner"
            };
            await _.Apps.PutClientAsync(appName, "default", request);
            // STEP 3: Check anonymous permission
            var url = $"{_.ClientManager.Options.Url}/api/apps/{appName}/contributors";
            var response = await new HttpClient().GetAsync(url);
            Assert.Equal(HttpStatusCode.OK, response.StatusCode);
        }
        [Fact]
        public async Task Should_archive_app()
        {