fabi/PiCloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(test): admin_is_implicit_app_admin uses force=true on app delete

Browse Source 
The test creates a script in the default app earlier in the body, so a
plain DELETE /apps/default hits the soft no-cascade guard and 409s
before the capability check runs. The intent is to validate that admin
holds AppAdmin everywhere, not to exercise the cascade contract — pass
?force=true so we reach the gate we're trying to test.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
MechaCat02
2026-05-28 20:21:38 +02:00
parent f32ed73561
commit b42e273479
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
crates/picloud/tests/authz.rs
View File

@@ -325,9 +325,11 @@ async fn admin_is_implicit_app_admin_on_every_app(pool: PgPool) {
.await .await
.assert_status_ok(); .assert_status_ok();
// Allowed: delete the default app (AppAdmin). // Allowed: delete the default app (AppAdmin). ?force=true because
// the script we created above pushes us past the soft no-cascade
// guard — this test is about the capability, not the cascade.
s.server s.server
.delete("/api/v1/admin/apps/default") .delete("/api/v1/admin/apps/default?force=true")
.add_header("authorization", format!("Bearer {token}")) .add_header("authorization", format!("Bearer {token}"))
.await .await
.assert_status(axum::http::StatusCode::NO_CONTENT); .assert_status(axum::http::StatusCode::NO_CONTENT);