MCPcopy Index your code
hub / github.com/coder/coder / TestInTX

Function TestInTX

coderd/database/dbauthz/dbauthz_test.go:88–126  ·  view source on GitHub ↗

TestInTX is not perfect, just checks that it properly checks auth.

(t *testing.T)

Source from the content-addressed store, hash-verified

86
87// TestInTX is not perfect, just checks that it properly checks auth.
88func TestInTX(t *testing.T) {
89 t.Parallel()
90
91 var (
92 ctrl = gomock.NewController(t)
93 db = dbmock.NewMockStore(ctrl)
94 mTx = dbmock.NewMockStore(ctrl) // to record the 'in tx' calls
95 faker = gofakeit.New(0)
96 w = testutil.Fake(t, faker, database.Workspace{})
97 actor = rbac.Subject{
98 ID: uuid.NewString(),
99 Roles: rbac.RoleIdentifiers{rbac.RoleOwner()},
100 Groups: []string{},
101 Scope: rbac.ScopeAll,
102 }
103 ctx = dbauthz.As(context.Background(), actor)
104 )
105
106 db.EXPECT().Wrappers().Times(1).Return([]string{}) // called by dbauthz.New
107 q := dbauthz.New(db, &coderdtest.RecordingAuthorizer{
108 Wrapped: (&coderdtest.FakeAuthorizer{}).AlwaysReturn(xerrors.New("custom error")),
109 }, slog.Make(), coderdtest.AccessControlStorePointer())
110
111 db.EXPECT().InTx(gomock.Any(), gomock.Any()).Times(1).DoAndReturn(
112 func(f func(database.Store) error, _ *database.TxOptions) error {
113 return f(mTx)
114 },
115 )
116 mTx.EXPECT().Wrappers().Times(1).Return([]string{})
117 mTx.EXPECT().GetWorkspaceByID(gomock.Any(), gomock.Any()).Times(1).Return(w, nil)
118 err := q.InTx(func(tx database.Store) error {
119 // The inner tx should use the parent's authz
120 _, err := tx.GetWorkspaceByID(ctx, w.ID)
121 return err
122 }, nil)
123 require.ErrorContains(t, err, "custom error", "must be our custom error")
124 require.ErrorAs(t, err, &dbauthz.NotAuthorizedError{}, "must be an authorized error")
125 require.True(t, dbauthz.IsNotAuthorizedError(err), "must be an authorized error")
126}
127
128// TestNew should not double wrap a querier.
129func TestNew(t *testing.T) {

Callers

nothing calls this directly

Calls 13

NewMockStoreFunction · 0.92
FakeFunction · 0.92
RoleOwnerFunction · 0.92
AsFunction · 0.92
NewFunction · 0.92
IsNotAuthorizedErrorFunction · 0.92
AlwaysReturnMethod · 0.80
NewMethod · 0.65
WrappersMethod · 0.65
InTxMethod · 0.65
GetWorkspaceByIDMethod · 0.65

Tested by

no test coverage detected