commit 6726bb63376a074dd5c8a4af0f17d80150d097fd
parent e60dd7180b0aa606cf84c79e657193897790672b
Author: MS <ms@taler.net>
Date: Wed, 8 Feb 2023 14:31:44 +0100
testing the implementation of #7521
Diffstat:
1 file changed, 35 insertions(+), 0 deletions(-)
diff --git a/nexus/src/test/kotlin/SandboxCircuitApiTest.kt b/nexus/src/test/kotlin/SandboxCircuitApiTest.kt
@@ -122,6 +122,41 @@ class SandboxCircuitApiTest {
}
}
+ // Testing that only the admin can change an account legal name.
+ @Test
+ fun patchPerm() {
+ withTestDatabase {
+ prepSandboxDb()
+ testApplication {
+ application(sandboxApp)
+ val R =client.patch("/demobanks/default/circuit-api/accounts/foo") {
+ contentType(ContentType.Application.Json)
+ basicAuth("foo", "foo")
+ expectSuccess = false
+ setBody("""
+ {
+ "name": "new name",
+ "contact_data": {},
+ "cashout_address": "payto://iban/OUTSIDE"
+ }
+ """.trimIndent())
+ }
+ assert(R.status.value == HttpStatusCode.Forbidden.value)
+ client.patch("/demobanks/default/circuit-api/accounts/foo") {
+ contentType(ContentType.Application.Json)
+ basicAuth("admin", "foo")
+ expectSuccess = true
+ setBody("""
+ {
+ "name": "new name",
+ "contact_data": {},
+ "cashout_address": "payto://iban/OUTSIDE"
+ }
+ """.trimIndent())
+ }
+ }
+ }
+ }
// Tests the creation and confirmation of a cash-out operation.
@Test
fun cashout() {
