diff options
| author | Ivan Tashkinov <ivantashkinov@gmail.com> | 2019-02-19 22:28:21 +0300 |
|---|---|---|
| committer | Ivan Tashkinov <ivantashkinov@gmail.com> | 2019-02-19 22:28:21 +0300 |
| commit | 04ee877a20a849db53a307a1736e635229129b7a (patch) | |
| tree | 41cf21ea4adb798dcb33bb41d7fab5b15c5ce154 /test/web/twitter_api/util_controller_test.exs | |
| parent | c0ecbf6669948740a091bdf5b5441fb6ee55f4fc (diff) | |
| download | pleroma-04ee877a20a849db53a307a1736e635229129b7a.tar.gz pleroma-04ee877a20a849db53a307a1736e635229129b7a.zip | |
[#468] Added OAuth scopes-specific tests.
Diffstat (limited to 'test/web/twitter_api/util_controller_test.exs')
| -rw-r--r-- | test/web/twitter_api/util_controller_test.exs | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/test/web/twitter_api/util_controller_test.exs b/test/web/twitter_api/util_controller_test.exs index 007d7d8e6..fc762ab18 100644 --- a/test/web/twitter_api/util_controller_test.exs +++ b/test/web/twitter_api/util_controller_test.exs @@ -16,6 +16,25 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do assert response == "job started" end + + test "requires 'follow' permission", %{conn: conn} do + token1 = insert(:oauth_token, scopes: ["read", "write"]) + token2 = insert(:oauth_token, scopes: ["follow"]) + another_user = insert(:user) + + for token <- [token1, token2] do + conn = + conn + |> put_req_header("authorization", "Bearer #{token.token}") + |> post("/api/pleroma/follow_import", %{"list" => "#{another_user.ap_id}"}) + + if token == token1 do + assert %{"error" => "Insufficient permissions: follow."} == json_response(conn, 403) + else + assert json_response(conn, 200) + end + end + end end describe "POST /api/pleroma/blocks_import" do |