test(picloud): integration tests for Phase 3.5 authz (11 cases)
Covers the matrix laid out in the plan: * bootstrap admin lands as Owner * owner / admin / member access matrices on the default app * bearer pic_ key and cookie session resolve to the same Principal * read-only key cannot write (scope intersection) * bound key cannot escape its app * member listing isolation at SQL for /admin/apps + /admin/scripts * deactivating a user expires every API key for them * mint rejects bound key carrying instance:* scopes (422) * list_active_owners returns the right set for the startup warning Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
MechaCat02
2
Cargo.lock
generated
2
Cargo.lock
generated
@@ -1317,6 +1317,7 @@ dependencies = [
|
||||
"async-trait",
|
||||
"axum",
|
||||
"axum-test",
|
||||
"chrono",
|
||||
"figment",
|
||||
"picloud-executor-core",
|
||||
"picloud-manager-core",
|
||||
@@ -1331,6 +1332,7 @@ dependencies = [
|
||||
"tower-http",
|
||||
"tracing",
|
||||
"tracing-subscriber",
|
||||
"uuid",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
|
||||
Reference in New Issue
Block a user