summaryrefslogtreecommitdiff
path: root/packages/backend/test/e2e/api.ts
diff options
context:
space:
mode:
Diffstat (limited to 'packages/backend/test/e2e/api.ts')
-rw-r--r--packages/backend/test/e2e/api.ts43
1 files changed, 42 insertions, 1 deletions
diff --git a/packages/backend/test/e2e/api.ts b/packages/backend/test/e2e/api.ts
index 15da74931d..cf24228b83 100644
--- a/packages/backend/test/e2e/api.ts
+++ b/packages/backend/test/e2e/api.ts
@@ -7,7 +7,7 @@ process.env.NODE_ENV = 'test';
import * as assert from 'assert';
import { IncomingMessage } from 'http';
-import { signup, api, startServer, successfulApiCall, failedApiCall, uploadFile, waitFire, connectStream, relativeFetch } from '../utils.js';
+import { signup, api, startServer, successfulApiCall, failedApiCall, uploadFile, waitFire, connectStream, relativeFetch, createAppToken } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import type * as misskey from 'misskey-js';
@@ -89,6 +89,11 @@ describe('API', () => {
});
test('管理者専用のAPIのアクセス制限', async () => {
+ const application = await createAppToken(alice, ['read:account']);
+ const application2 = await createAppToken(alice, ['read:admin:index-stats']);
+ const application3 = await createAppToken(bob, []);
+ const application4 = await createAppToken(bob, ['read:admin:index-stats']);
+
// aliceは管理者、APIを使える
await successfulApiCall({
endpoint: '/admin/get-index-stats',
@@ -128,6 +133,42 @@ describe('API', () => {
code: 'AUTHENTICATION_FAILED',
id: 'b0a7f5f8-dc2f-4171-b91f-de88ad238e14',
});
+
+ await successfulApiCall({
+ endpoint: '/admin/get-index-stats',
+ parameters: {},
+ user: { token: application2 },
+ });
+
+ await failedApiCall({
+ endpoint: '/admin/get-index-stats',
+ parameters: {},
+ user: { token: application },
+ }, {
+ status: 403,
+ code: 'PERMISSION_DENIED',
+ id: '1370e5b7-d4eb-4566-bb1d-7748ee6a1838',
+ });
+
+ await failedApiCall({
+ endpoint: '/admin/get-index-stats',
+ parameters: {},
+ user: { token: application3 },
+ }, {
+ status: 403,
+ code: 'ROLE_PERMISSION_DENIED',
+ id: 'c3d38592-54c0-429d-be96-5636b0431a61',
+ });
+
+ await failedApiCall({
+ endpoint: '/admin/get-index-stats',
+ parameters: {},
+ user: { token: application4 },
+ }, {
+ status: 403,
+ code: 'ROLE_PERMISSION_DENIED',
+ id: 'c3d38592-54c0-429d-be96-5636b0431a61',
+ });
});
describe('Authentication header', () => {
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-04-24 18:48:06 +0000