35 lines
1.0 KiB
Go
35 lines
1.0 KiB
Go
package api
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"wucher/internal/domain/auth"
|
|
)
|
|
|
|
// TestDefaultPermissionsHaveRegisteredModule guards that every seeded permission
|
|
// maps to a module declared in auth.ModuleRegistry. Adding a permission with a
|
|
// new prefix without registering its module will fail this test.
|
|
func TestDefaultPermissionsHaveRegisteredModule(t *testing.T) {
|
|
for _, p := range DefaultPermissions() {
|
|
module := auth.ModuleForKey(p.Key)
|
|
if !auth.IsRegisteredModule(module) {
|
|
t.Errorf("permission %q maps to module %q which is not in auth.ModuleRegistry", p.Key, module)
|
|
}
|
|
}
|
|
}
|
|
|
|
// TestDefaultPermissionsHaveUniqueKeys guards against accidental duplicate keys
|
|
// in the catalog (the upsert is keyed on "key").
|
|
func TestDefaultPermissionsHaveUniqueKeys(t *testing.T) {
|
|
seen := make(map[string]bool)
|
|
for _, p := range DefaultPermissions() {
|
|
if p.Key == "" {
|
|
t.Errorf("permission %q has an empty key", p.Name)
|
|
}
|
|
if seen[p.Key] {
|
|
t.Errorf("duplicate permission key %q in DefaultPermissions", p.Key)
|
|
}
|
|
seen[p.Key] = true
|
|
}
|
|
}
|