Live endpoints that require authentication are piped through the :pro…

…tected pipeline (#498) * Add :protected to protected live view routes * Add test for /microblog/preferences * Add additional authentication tests * Add test for editing password * Undo errorneous delete
beyond-all-reason · Oct 4, 2024 · 016c005 · 016c005
1 parent ed73402
commit 016c005
Show file tree

Hide file tree

Showing 13 changed files with 244 additions and 35 deletions.
diff --git a/lib/teiserver_web/router.ex b/lib/teiserver_web/router.ex
@@ -74,7 +74,7 @@ defmodule TeiserverWeb.Router do
   end
 
   scope "/", TeiserverWeb.General do
-    pipe_through([:live_browser, :nomenu_layout])
+    pipe_through([:live_browser, :nomenu_layout, :protected])
 
     live_session :general_index,
       on_mount: [
@@ -95,6 +95,10 @@ defmodule TeiserverWeb.Router do
       live "/all", BlogLive.Index, :all
       live "/show/:post_id", BlogLive.Show, :index
     end
+  end
+
+  scope "/microblog", TeiserverWeb.Microblog do
+    pipe_through([:live_browser, :app_layout, :protected])
 
     live_session :microblog_user,
       on_mount: [
@@ -477,7 +481,7 @@ defmodule TeiserverWeb.Router do
   end
 
   scope "/moderation", TeiserverWeb.Moderation do
-    pipe_through([:browser, :app_layout])
+    pipe_through([:browser, :app_layout, :protected])
 
     live_session :overwatch,
       on_mount: [
@@ -488,6 +492,10 @@ defmodule TeiserverWeb.Router do
       live "/overwatch/target/:target_id", OverwatchLive.User, :user
       live "/overwatch/report_group/:id", OverwatchLive.ReportGroupDetail, :index
     end
+  end
+
+  scope "/moderation", TeiserverWeb.Moderation do
+    pipe_through([:browser, :app_layout])
 
     live_session :report_user,
       on_mount: [

diff --git a/test/teiserver_web/controllers/account/security_controller_test.exs b/test/teiserver_web/controllers/account/security_controller_test.exs
@@ -0,0 +1,16 @@
+defmodule TeiserverWeb.Account.SecurityControllerTest do
+  use TeiserverWeb.ConnCase
+
+  alias Central.Helpers.GeneralTestLib
+
+  test "redirected to edit password once logged in" do
+    {:ok, kw} = GeneralTestLib.conn_setup([], [:no_login])
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+    {:ok, user} = Keyword.fetch(kw, :user)
+
+    conn = get(conn, ~p"/teiserver/account/security/edit_password")
+    assert redirected_to(conn) == ~p"/login"
+    conn = GeneralTestLib.login(conn, user.email)
+    assert redirected_to(conn) == ~p"/teiserver/account/security/edit_password"
+  end
+end
diff --git a/test/teiserver_web/live/account/relationship/index_live_test.exs b/test/teiserver_web/live/account/relationship/index_live_test.exs
@@ -0,0 +1,27 @@
+defmodule TeiserverWeb.Account.RelationshipLive.IndexLiveTest do
+  use TeiserverWeb.ConnCase, async: true
+
+  alias Central.Helpers.GeneralTestLib
+
+  test "account relationship endpoints requires authentication" do
+    {:ok, kw} =
+      GeneralTestLib.conn_setup([], [:no_login])
+      |> Teiserver.TeiserverTestLib.conn_setup()
+
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+
+    conn = get(conn, ~p"/account/relationship")
+    assert redirected_to(conn) == ~p"/login"
+  end
+
+  test "can access account relationship when authenticated" do
+    {:ok, kw} =
+      GeneralTestLib.conn_setup()
+      |> Teiserver.TeiserverTestLib.conn_setup()
+
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+
+    conn = get(conn, ~p"/account/relationship")
+    html_response(conn, 200)
+  end
+end
diff --git a/test/teiserver_web/live/account/settings/index_live_test.exs b/test/teiserver_web/live/account/settings/index_live_test.exs
@@ -0,0 +1,27 @@
+defmodule TeiserverWeb.Account.SettingsLive.IndexLiveTest do
+  use TeiserverWeb.ConnCase, async: true
+
+  alias Central.Helpers.GeneralTestLib
+
+  test "account settings endpoints requires authentication" do
+    {:ok, kw} =
+      GeneralTestLib.conn_setup([], [:no_login])
+      |> Teiserver.TeiserverTestLib.conn_setup()
+
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+
+    conn = get(conn, ~p"/account/settings")
+    assert redirected_to(conn) == ~p"/login"
+  end
+
+  test "can access account settings when authenticated" do
+    {:ok, kw} =
+      GeneralTestLib.conn_setup()
+      |> Teiserver.TeiserverTestLib.conn_setup()
+
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+
+    conn = get(conn, ~p"/account/settings")
+    html_response(conn, 200)
+  end
+end
diff --git a/test/teiserver_web/live/admin/chat/index_live_test.exs b/test/teiserver_web/live/admin/chat/index_live_test.exs
@@ -0,0 +1,26 @@
+defmodule TeiserverWeb.Admin.ChatLive.IndexLiveTest do
+  use TeiserverWeb.ConnCase, async: true
+
+  alias Central.Helpers.GeneralTestLib
+
+  test "cannot access admin chat without authenticating" do
+    {:ok, kw} = GeneralTestLib.conn_setup([], [:no_login])
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+    conn = get(conn, ~p"/admin/chat")
+    assert redirected_to(conn) == ~p"/login"
+  end
+
+  test "cannot access admin chat when unauthorized" do
+    {:ok, kw} = GeneralTestLib.conn_setup()
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+    conn = get(conn, ~p"/admin/chat")
+    assert redirected_to(conn) == ~p"/"
+  end
+
+  test "can access admin chat when authorized" do
+    {:ok, kw} = GeneralTestLib.conn_setup(["Reviewer"])
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+    conn = get(conn, ~p"/admin/chat")
+    html_response(conn, 200)
+  end
+end
diff --git a/test/teiserver_web/live/battles/match/chat_live_test.exs b/test/teiserver_web/live/battles/match/chat_live_test.exs
@@ -0,0 +1,39 @@
+defmodule TeiserverWeb.Battle.MatchLive.ChatLiveTest do
+  use TeiserverWeb.ConnCase
+  import Phoenix.LiveViewTest
+
+  alias Central.Helpers.GeneralTestLib
+
+  setup do
+    {:ok, kw} = GeneralTestLib.conn_setup(["Overwatch"], [:no_login])
+
+    {:ok, user} = Keyword.fetch(kw, :user)
+
+    battle =
+      Teiserver.TeiserverTestLib.make_battle(%{
+        name: "LiveBattle",
+        founder_id: user.id,
+        founder_name: user.name
+      })
+
+    {:ok, kw ++ [battle: battle]}
+  end
+
+  test "battle chat endpoints requires authentication", %{conn: conn, battle: battle} do
+    conn = get(conn, ~p"/battle/chat/#{battle.id}")
+    assert redirected_to(conn) == ~p"/login"
+  end
+
+  test "can access battle chat when authenticated", %{conn: conn, battle: battle, user: user} do
+    conn = GeneralTestLib.login(conn, user.email)
+    conn = get(conn, ~p"/battle/chat/#{battle.id}")
+    html_response(conn, 200)
+  end
+
+  test "unauthorized user cannot access battle chat", %{conn: conn, battle: battle} do
+    user = GeneralTestLib.make_user()
+    conn = GeneralTestLib.login(conn, user.email)
+    conn = get(conn, ~p"/battle/chat/#{battle.id}")
+    assert redirected_to(conn) == ~p"/"
+  end
+end
diff --git a/test/teiserver_web/live/battles/match/ratings_live_test.exs b/test/teiserver_web/live/battles/match/ratings_live_test.exs
@@ -0,0 +1,27 @@
+defmodule TeiserverWeb.Battle.MatchLive.RatingsLiveTest do
+  use TeiserverWeb.ConnCase, async: true
+
+  alias Central.Helpers.GeneralTestLib
+
+  test "battle ratings endpoints requires authentication" do
+    {:ok, kw} =
+      GeneralTestLib.conn_setup([], [:no_login])
+      |> Teiserver.TeiserverTestLib.conn_setup()
+
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+
+    conn = get(conn, ~p"/battle/ratings")
+    assert redirected_to(conn) == ~p"/login"
+  end
+
+  test "can access battle ratings when authenticated" do
+    {:ok, kw} =
+      GeneralTestLib.conn_setup()
+      |> Teiserver.TeiserverTestLib.conn_setup()
+
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+
+    conn = get(conn, ~p"/battle/ratings")
+    html_response(conn, 200)
+  end
+end
diff --git a/test/teiserver_web/live/communication/chat/index_live_test.exs b/test/teiserver_web/live/communication/chat/index_live_test.exs
@@ -0,0 +1,19 @@
+defmodule TeiserverWeb.Communication.ChatLive.IndexLiveTest do
+  use TeiserverWeb.ConnCase, async: true
+
+  alias Central.Helpers.GeneralTestLib
+
+  test "cannot access chat without authenticating" do
+    {:ok, kw} = GeneralTestLib.conn_setup([], [:no_login])
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+    conn = get(conn, ~p"/chat")
+    assert redirected_to(conn) == ~p"/login"
+  end
+
+  test "can access chat once authenticated" do
+    {:ok, kw} = GeneralTestLib.conn_setup()
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+    conn = get(conn, ~p"/chat")
+    html_response(conn, 200)
+  end
+end
diff --git a/test/teiserver_web/live/general/home/index_live_test.exs b/test/teiserver_web/live/general/home/index_live_test.exs
@@ -4,21 +4,21 @@ defmodule TeiserverWeb.General.Home.IndexLiveTest do
 
   import Phoenix.LiveViewTest
 
-  @moduletag :needs_attention
-
   defp auth_setup(_) do
     Central.Helpers.GeneralTestLib.conn_setup()
     |> Teiserver.TeiserverTestLib.conn_setup()
   end
 
-  describe "Anon" do
-    test "index", %{conn: conn} do
+  describe "Visit index without authentication" do
+    test "index get", %{conn: conn} do
+      conn = get(conn, ~p"/")
+      assert redirected_to(conn) == ~p"/login"
+    end
+
+    test "index live", %{conn: conn} do
       {:error, {:redirect, resp}} = live(conn, ~p"/")
 
-      assert resp == %{
-               flash: %{"error" => "You must log in to access this page."},
-               to: ~p"/login"
-             }
+      assert resp.to == ~p"/login"
     end
   end
 

diff --git a/test/teiserver_web/live/microblog/admin/post_live_test.exs b/test/teiserver_web/live/microblog/admin/post_live_test.exs
@@ -29,34 +29,43 @@ defmodule TeiserverWeb.PostLiveTest do
   describe "Anon auth test" do
     setup [:create_post]
 
-    test "anon", %{conn: conn, post: post} do
+    test "anon get posts", %{conn: conn} do
+      conn = get(conn, ~p"/microblog/admin/posts")
+
+      assert redirected_to(conn) == ~p"/login"
+    end
+
+    test "anon visit post", %{conn: conn, post: post} do
+      conn = get(conn, ~p"/microblog/admin/posts/#{post}")
+
+      assert redirected_to(conn) == ~p"/login"
+    end
+
+    test "anon live", %{conn: conn, post: post} do
       {:error, {:redirect, resp}} = live(conn, ~p"/microblog/admin/posts")
 
-      assert resp == %{
-               flash: %{"error" => "You must log in to access this page."},
-               to: ~p"/login"
-             }
+      assert resp.to == ~p"/login"
 
       {:error, {:redirect, resp}} = live(conn, ~p"/microblog/admin/posts/#{post}")
 
-      assert resp == %{
-               flash: %{"error" => "You must log in to access this page."},
-               to: ~p"/login"
-             }
+      assert resp.to == ~p"/login"
     end
   end
 
   describe "Basic auth test" do
     setup [:unauth_setup, :create_post]
 
-    @tag :needs_attention
-    test "basic user", %{post: post, conn: conn} do
+    test "cannot visit admin posts", %{post: post, conn: conn} do
       {:error, {:redirect, resp}} = live(conn, ~p"/microblog/admin/posts")
-      assert resp == %{flash: %{"info" => "Welcome back!"}, to: ~p"/microblog"}
+      assert resp.to == ~p"/"
+    end
 
+    test "cannot visit an admin's post", %{post: post, conn: conn} do
       {:error, {:redirect, resp}} = live(conn, ~p"/microblog/admin/posts/#{post}")
-      assert resp == %{flash: %{"info" => "Welcome back!"}, to: ~p"/microblog"}
+      assert resp.to == ~p"/"
+    end
 
+    test "can visit my post", %{post: post, conn: conn} do
       {:ok, _show_live, html} = live(conn, ~p"/microblog/show/#{post}")
       refute html =~ "Delete post"
     end

diff --git a/test/teiserver_web/live/microblog/admin/tag_live_test.exs b/test/teiserver_web/live/microblog/admin/tag_live_test.exs
@@ -29,33 +29,26 @@ defmodule TeiserverWeb.TagLiveTest do
   describe "Anon auth test" do
     setup [:create_tag]
 
-    test "anon", %{conn: conn, tag: tag} do
+    test "unauthenticated user cannot visit", %{conn: conn, tag: tag} do
       {:error, {:redirect, resp}} = live(conn, ~p"/microblog/admin/tags")
 
-      assert resp == %{
-               flash: %{"error" => "You must log in to access this page."},
-               to: ~p"/login"
-             }
+      assert resp.to == ~p"/login"
 
       {:error, {:redirect, resp}} = live(conn, ~p"/microblog/admin/tags/#{tag}")
 
-      assert resp == %{
-               flash: %{"error" => "You must log in to access this page."},
-               to: ~p"/login"
-             }
+      assert resp.to == ~p"/login"
     end
   end
 
   describe "Basic auth test" do
     setup [:unauth_setup, :create_tag]
 
-    @tag :needs_attention
     test "basic user", %{tag: tag, conn: conn} do
       {:error, {:redirect, resp}} = live(conn, ~p"/microblog/admin/tags")
-      assert resp == %{flash: %{"info" => "Welcome back!"}, to: ~p"/microblog"}
+      assert resp.to == ~p"/"
 
       {:error, {:redirect, resp}} = live(conn, ~p"/microblog/admin/tags/#{tag}")
-      assert resp == %{flash: %{"info" => "Welcome back!"}, to: ~p"/microblog"}
+      assert resp.to == ~p"/"
     end
   end
 

diff --git a/test/teiserver_web/live/microblog/blog/preference_live_test.exs b/test/teiserver_web/live/microblog/blog/preference_live_test.exs
@@ -12,6 +12,17 @@ defmodule TeiserverWeb.Microblog.Blog.PreferenceLiveTest do
     |> TeiserverTestLib.conn_setup()
   end
 
+  test "microblog preferences requires authentication" do
+    {:ok, kw} =
+      GeneralTestLib.conn_setup([], [:no_login])
+      |> Teiserver.TeiserverTestLib.conn_setup()
+
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+
+    conn = get(conn, ~p"/microblog/preferences")
+    assert redirected_to(conn) == ~p"/login"
+  end
+
   describe "Preference" do
     setup [:auth_setup]
 

diff --git a/test/teiserver_web/live/moderation/overwatch/index_test.exs b/test/teiserver_web/live/moderation/overwatch/index_test.exs
@@ -11,6 +11,13 @@ defmodule TeiserverWeb.Moderation.Overwatch.IndexLiveTest do
     |> TeiserverTestLib.conn_setup()
   end
 
+  test "cannot access moderation overwatch without authenticating" do
+    {:ok, kw} = GeneralTestLib.conn_setup()
+    {:ok, conn} = Keyword.fetch(kw, :conn)
+    conn = get(conn, ~p"/moderation/overwatch")
+    assert redirected_to(conn) == ~p"/"
+  end
+
   describe "Index" do
     setup [:auth_setup]