az/morz-infoboard
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
morz-infoboard/server/backend/internal/httpapi/manage/media_test.go
Jesko Anschütz 865c5e7ca8 feat(manage): canDeleteMedia + role-aware handlers für restricted users 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-28 09:07:13 +01:00

57 lines
1.3 KiB
Go
Raw Blame History

package manage
import (
"testing"
"git.az-it.net/az/morz-infoboard/server/backend/internal/store"
)
func TestCanDeleteMedia(t *testing.T) {
asset := &store.MediaAsset{TenantID: "t1", CreatedByUserID: "u1"}
tests := []struct {
name string
user *store.User
allowed bool
}{
{
name: "admin darf immer",
user: &store.User{Role: "admin", TenantID: "t2", ID: "x"},
allowed: true,
},
{
name: "screen_user eigener Tenant",
user: &store.User{Role: "screen_user", TenantID: "t1", ID: "x"},
allowed: true,
},
{
name: "screen_user fremder Tenant",
user: &store.User{Role: "screen_user", TenantID: "t2", ID: "x"},
allowed: false,
},
{
name: "restricted eigenes Medium",
user: &store.User{Role: "restricted", TenantID: "t1", ID: "u1"},
allowed: true,
},
{
name: "restricted fremdes Medium gleicher Tenant",
user: &store.User{Role: "restricted", TenantID: "t1", ID: "u2"},
allowed: false,
},
{
name: "restricted fremder Tenant",
user: &store.User{Role: "restricted", TenantID: "t2", ID: "u1"},
allowed: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got := canDeleteMedia(tt.user, asset)
if got != tt.allowed {
t.Errorf("canDeleteMedia() = %v, want %v", got, tt.allowed)
}
})
}
}
Reference in a new issue View git blame Copy permalink