alphonse/zero2prod
1
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects Releases Wiki Activity

Posts editing tests
All checks were successful
Rust / Test (push) Successful in 6m17s
Details
Rust / Rustfmt (push) Successful in 24s
Details
Rust / Clippy (push) Successful in 1m35s
Details
Rust / Code coverage (push) Successful in 5m9s
Details

Browse Source
This commit is contained in:
Alphonse Paix
2025-10-08 00:13:56 +02:00
parent d27196d7e5
commit 8a5605812c
7 changed files with 250 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tests/api/comments.rs
View File

@@ -21,7 +21,7 @@ async fn visitor_can_leave_a_comment(connection_pool: PgPool) {
"idempotency_key": "key",
});
app.post_comment(&post_id, &comment_body).await;
let post = app.get_post_html(post_id).await;
let post = app.get_post_html(&post_id).await;
assert!(post.contains(comment_author));
assert!(post.contains(comment_content));
}
@@ -44,7 +44,7 @@ async fn visitor_can_comment_anonymously(connection_pool: PgPool) {
"idempotency_key": "key",
});
app.post_comment(&post_id, &comment_body).await;
let post = app.get_post_html(post_id).await;
let post = app.get_post_html(&post_id).await;
assert!(post.contains("Anonymous"));
assert!(post.contains(comment_content));
}

16
tests/api/helpers.rs
View File

@@ -289,6 +289,18 @@ impl TestApp {
self.get_admin_dashboard().await.text().await.unwrap()
}
pub async fn edit_post<Body>(&self, body: &Body, post_id: &Uuid) -> reqwest::Response
where
Body: serde::Serialize,
{
self.api_client
.put(format!("{}/posts/{}", self.address, post_id))
.form(body)
.send()
.await
.expect("Failed to execute request")
}
pub async fn get_posts(&self) -> reqwest::Response {
self.api_client
.get(format!("{}/posts", &self.address))
@@ -301,7 +313,7 @@ impl TestApp {
self.get_posts().await.text().await.unwrap()
}
pub async fn get_post(&self, post_id: Uuid) -> reqwest::Response {
pub async fn get_post(&self, post_id: &Uuid) -> reqwest::Response {
self.api_client
.get(format!("{}/posts/{}", &self.address, post_id))
.send()
@@ -309,7 +321,7 @@ impl TestApp {
.expect("Failed to execute request")
}
pub async fn get_post_html(&self, post_id: Uuid) -> String {
pub async fn get_post_html(&self, post_id: &Uuid) -> String {
self.get_post(post_id).await.text().await.unwrap()
}

112
tests/api/posts.rs
View File

@@ -144,7 +144,7 @@ async fn new_posts_are_visible_on_the_website(connection_pool: PgPool) {
.fetch_one(&app.connection_pool)
.await
.unwrap();
let html = app.get_post_html(post.post_id).await;
let html = app.get_post_html(&post.post_id).await;
assert!(html.contains(&title));
}
@@ -171,7 +171,7 @@ async fn visitor_can_read_a_blog_post(connection_pool: PgPool) {
.fetch_one(&app.connection_pool)
.await
.unwrap();
let html = app.get_post_html(post.post_id).await;
let html = app.get_post_html(&post.post_id).await;
assert!(html.contains(&title));
}
@@ -197,7 +197,7 @@ async fn a_deleted_blog_post_returns_404(connection_pool: PgPool) {
app.delete_post(post.post_id).await;
let html = app.get_post_html(post.post_id).await;
let html = app.get_post_html(&post.post_id).await;
assert!(html.contains("Not Found"));
}
@@ -234,3 +234,109 @@ async fn clicking_the_notification_link_marks_the_email_as_opened(connection_poo
.opened
);
}
#[sqlx::test]
async fn only_post_author_can_access_the_edit_form(connection_pool: PgPool) {
let app = TestApp::spawn(connection_pool).await;
app.admin_login().await;
let username = "alphonse";
let password = "123456789abc";
app.create_user(username, password, false).await;
let login_body = serde_json::json!({
"username": username,
"password": password
});
app.post_login(&login_body).await;
app.post_create_post(&fake_post_body()).await;
let post_id = sqlx::query!("SELECT post_id FROM posts")
.fetch_one(&app.connection_pool)
.await
.unwrap()
.post_id;
let html = app.get_post_html(&post_id).await;
assert!(html.contains("Edit"));
app.logout().await;
app.admin_login().await;
let html = app.get_post_html(&post_id).await;
assert!(!html.contains("Edit"));
}
#[sqlx::test]
async fn only_post_author_can_edit_post(connection_pool: PgPool) {
let app = TestApp::spawn(connection_pool).await;
app.admin_login().await;
let username = "alphonse";
let password = "123456789abc";
app.create_user(username, password, false).await;
let login_body = serde_json::json!({
"username": username,
"password": password
});
app.post_login(&login_body).await;
app.post_create_post(&fake_post_body()).await;
let post_id = sqlx::query!("SELECT post_id FROM posts")
.fetch_one(&app.connection_pool)
.await
.unwrap()
.post_id;
let new_title = "Stunning new title";
let new_content = "Astonishing content";
let edit_body = serde_json::json!({
"title": new_title,
"content": new_content,
});
let response = app.edit_post(&edit_body, &post_id).await;
let text = response.text().await.unwrap();
assert!(text.contains("Your changes have been saved"));
let text = app.get_post_html(&post_id).await;
assert!(text.contains(new_title));
assert!(text.contains(new_content));
app.logout().await;
app.admin_login().await;
let response = app.edit_post(&edit_body, &post_id).await;
let text = response.text().await.unwrap();
assert!(text.contains("You are not authorized."));
}
#[sqlx::test]
async fn invalid_fields_are_rejected(connection_pool: PgPool) {
let app = TestApp::spawn(connection_pool).await;
app.admin_login().await;
app.post_create_post(&fake_post_body()).await;
let post_id = sqlx::query!("SELECT post_id FROM posts")
.fetch_one(&app.connection_pool)
.await
.unwrap()
.post_id;
let test_cases = [
(
serde_json::json!({
"title": "",
"content": "content"
}),
"Title must be at least one character",
"title was empty",
),
(
serde_json::json!({
"title": "Title",
"content": ""
}),
"Content must be at least one character",
"content was empty",
),
];
for (invalid_body, expected_error_message, explaination) in test_cases {
let response = app.edit_post(&invalid_body, &post_id).await;
let text = response.text().await.unwrap();
assert!(
text.contains(expected_error_message),
"The API did not reject the changes when the {}",
explaination
);
}
}