sentry - middleware - campaign - called_by_creator tests

elpiel · elpiel · commit 1a09d0d9992e · 2022-08-30T20:22:18.000+03:00
diff --git a/sentry/src/middleware/campaign.rs b/sentry/src/middleware/campaign.rs
@@ -80,16 +80,16 @@ where
     let campaign_context = request
         .extensions()
         .get::<ChainOf<Campaign>>()
-        .expect("We must have a campaign in extensions");
+        .expect("We must have a Campaign in extensions");
 
     let auth = request
         .extensions()
         .get::<Auth>()
-        .expect("request should have session");
+        .expect("request should have an Authentication");
 
     if auth.uid.to_address() != campaign_context.context.creator {
         return Err(ResponseError::Forbidden(
-            "Request not sent by campaign creator".to_string(),
+            "Request not sent by Campaign's creator".to_string(),
         ));
     }
 
@@ -107,8 +107,11 @@ mod test {
     };
     use tower::Service;
 
-    use adapter::Dummy;
-    use primitives::{test_util::CAMPAIGNS, Campaign, ChainOf};
+    use adapter::{ethereum::test_util::GANACHE_1, Dummy};
+    use primitives::{
+        test_util::{CAMPAIGNS, CREATOR, IDS, PUBLISHER},
+        Campaign, ChainOf,
+    };
 
     use crate::{
         db::{insert_campaign, insert_channel},
@@ -122,16 +125,16 @@ mod test {
         let app_guard = setup_dummy_app().await;
         let app = Arc::new(app_guard.app);
 
-        let build_request = |id: CampaignId| {
+        let campaign_context = CAMPAIGNS[0].clone();
+
+        let build_request = || {
             Request::builder()
-                .uri(format!("/{id}/test"))
+                .uri(format!("/{id}/test", id = campaign_context.context.id))
                 .extension(app.clone())
                 .body(Body::empty())
                 .expect("Should build Request")
         };
 
-        let campaign_context = CAMPAIGNS[0].clone();
-
         async fn handle(
             Extension(campaign_context): Extension<ChainOf<Campaign>>,
             Path((id, another)): Path<(CampaignId, String)>,
@@ -147,7 +150,7 @@ mod test {
 
         // bad CampaignId
         {
-            let mut request = build_request(campaign_context.context.id);
+            let mut request = build_request();
             *request.uri_mut() = "/WrongCampaignId".parse().unwrap();
 
             let response = router
@@ -164,7 +167,7 @@ mod test {
 
         // non-existent Campaign
         {
-            let request = build_request(campaign_context.context.id);
+            let request = build_request();
 
             let response = router
                 .call(request)
@@ -187,7 +190,7 @@ mod test {
                 .await
                 .expect("Should insert Campaign"));
 
-            let request = build_request(campaign_context.context.id);
+            let request = build_request();
 
             let response = router
                 .call(request)
@@ -197,4 +200,144 @@ mod test {
             assert_eq!(response.status(), StatusCode::OK);
         }
     }
+
+    #[tokio::test]
+    async fn test_called_by_creator() {
+        let app_guard = setup_dummy_app().await;
+        let app = Arc::new(app_guard.app);
+
+        let campaign_context = CAMPAIGNS[0].clone();
+
+        // insert Channel
+        insert_channel(&app.pool, &campaign_context.of_channel())
+            .await
+            .expect("Should insert Channel");
+        // insert Campaign
+        assert!(insert_campaign(&app.pool, &campaign_context.context)
+            .await
+            .expect("Should insert Campaign"));
+
+        let build_request = |auth: Auth| {
+            Request::builder()
+                .extension(app.clone())
+                .extension(campaign_context.clone())
+                .extension(auth)
+                .body(Body::empty())
+                .expect("Should build Request")
+        };
+
+        async fn handle(Extension(_campaign_context): Extension<ChainOf<Campaign>>) -> String {
+            "Ok".into()
+        }
+
+        let mut router = Router::new()
+            .route("/", get(handle))
+            .layer(from_fn(called_by_creator::<Dummy, _>));
+
+        // Not the Creator - Forbidden
+        {
+            let not_creator = Auth {
+                era: 1,
+                uid: IDS[&PUBLISHER],
+                chain: campaign_context.chain.clone(),
+            };
+            assert_ne!(
+                not_creator.uid.to_address(),
+                campaign_context.context.creator,
+                "The Auth address should not be the Campaign creator for this test!"
+            );
+            let request = build_request(not_creator);
+
+            let response = router
+                .call(request)
+                .await
+                .expect("Should make request to Router");
+
+            assert_eq!(response.status(), StatusCode::FORBIDDEN);
+        }
+
+        // The Campaign Creator - Ok
+        {
+            let the_creator = Auth {
+                era: 1,
+                uid: IDS[&campaign_context.context.creator],
+                chain: campaign_context.chain.clone(),
+            };
+
+            assert_eq!(
+                the_creator.uid.to_address(),
+                campaign_context.context.creator,
+                "The Auth address should be the Campaign creator for this test!"
+            );
+            let request = build_request(the_creator);
+
+            let response = router
+                .call(request)
+                .await
+                .expect("Should make request to Router");
+
+            assert_eq!(response.status(), StatusCode::OK);
+        }
+    }
+
+    #[tokio::test]
+    #[should_panic]
+    async fn test_called_by_creator_no_auth() {
+        let app_guard = setup_dummy_app().await;
+        let app = Arc::new(app_guard.app);
+
+        let campaign_context = CAMPAIGNS[0].clone();
+
+        async fn handle(Extension(_campaign_context): Extension<ChainOf<Campaign>>) -> String {
+            "Ok".into()
+        }
+
+        let mut router = Router::new()
+            .route("/", get(handle))
+            .layer(from_fn(called_by_creator::<Dummy, _>));
+
+        // No Auth - Unauthorized
+        let request = Request::builder()
+            .extension(app.clone())
+            .extension(campaign_context.clone())
+            .body(Body::empty())
+            .expect("Should build Request");
+
+        let _response = router
+            .call(request)
+            .await
+            .expect("Should make request to Router");
+    }
+
+    #[tokio::test]
+    #[should_panic]
+    async fn test_called_by_creator_no_campaign() {
+        let app_guard = setup_dummy_app().await;
+        let app = Arc::new(app_guard.app);
+
+        let auth = Auth {
+            era: 1,
+            uid: IDS[&CREATOR],
+            chain: GANACHE_1.clone(),
+        };
+
+        let request = Request::builder()
+            .extension(app.clone())
+            .extension(auth)
+            .body(Body::empty())
+            .expect("Should build Request");
+
+        async fn handle(Extension(_campaign_context): Extension<ChainOf<Campaign>>) -> String {
+            "Ok".into()
+        }
+
+        let mut router = Router::new()
+            .route("/", get(handle))
+            .layer(from_fn(called_by_creator::<Dummy, _>));
+
+        let _response = router
+            .call(request)
+            .await
+            .expect("Should make request to Router");
+    }
 }
