Created
December 4, 2021 12:56
-
-
Save adamcameron/ee48671dba46c713580facc8d3f265d6 to your computer and use it in GitHub Desktop.
Code with formatting for https://blog.adamcameron.me/2021/04/tdd-is-not-testing-strategy.html#comment-5632941486
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // test/unit/services/SecurityFilterService | |
| describe("Tests for SecurityFilterService", () => { | |
| describe("Tests for isAuthorised", () => { | |
| it("will reject a user that is not authorised to access the resource", () => { | |
| service = new SecurityFilterSerivce() // might need mocked dependencies | |
| result = service.isAuthorised("juniorUser", "/email/approve-copy", "patch") | |
| expect result.toBeFalse() | |
| }) | |
| }) | |
| }) | |
| // test/functional/controllers/EmailController | |
| describe("Tests for EmailController", () => { | |
| describe("Tests for approveCopy (ie: proofread)", () => { | |
| it("should respond with a 403 if the user is a junior", () => { | |
| securityFilter = createMock(SecurityFilterService) | |
| securityFilter.mockMethod("isAuthorised").withArguments("juniorUser").willReturn(false) | |
| controller = new EmailController(securityFilter) | |
| request = new Request(url="/email/approve-copy", method="patch") // and whatever is necessary to identify the user as a juniorUser | |
| response = controller.processRequest(request) // processRequest uses the SecurityFilter to check the user is legit according to its own rules (which we have mocked here) | |
| expect(response.status).toBe(403) | |
| }) | |
| }) | |
| }) | |
| // test/acceptance/services/SecurityFilterService | |
| describe("Tests for SecurityFilterService", () => { | |
| describe("Tests for /email/approve-copy", () => { | |
| describe("Tests for GET (requesting the approval UI)", () => { | |
| it("should respond with a 403 if the user is a junior", () => { | |
| loginResponse = curl("/url/to/login", "juniorUser", "password") | |
| approveCopyResponse = curl("/email/approve-copy", "get", loginResponse.stuffThatConfirmsAuthentication) | |
| expect(approveCopyResponse.statusCode).toBe(403) | |
| }) | |
| }) | |
| describe("Tests for PATCH (submitting the approval request)", () => { | |
| it("should respond with a 403 if the user is a junior", () => { | |
| loginResponse = curl("/url/to/login", "juniorUser", "password") | |
| approveCopyResponse = curl("/email/approve-copy", "patch", loginResponse.stuffThatConfirmsAuthentication) | |
| expect(approveCopyResponse.statusCode).toBe(403) | |
| }) | |
| }) | |
| }) | |
| }) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment