package tests import ( "context" authpb "git.techease.ru/Smart-search/smart-search-back/pkg/pb/auth" requestpb "git.techease.ru/Smart-search/smart-search-back/pkg/pb/request" supplierpb "git.techease.ru/Smart-search/smart-search-back/pkg/pb/supplier" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" ) func (s *IntegrationSuite) TestOwnership_GetMailingListByID_AnotherUsersRequest() { ctx := context.Background() loginReq := &authpb.LoginRequest{ Email: "test@example.com", Password: "testpassword", Ip: "127.0.0.1", UserAgent: "integration-test", } loginResp, err := s.authClient.Login(ctx, loginReq) s.NoError(err) validateReq := &authpb.ValidateRequest{ AccessToken: loginResp.AccessToken, } validateResp, err := s.authClient.Validate(ctx, validateReq) s.NoError(err) user1ID := validateResp.UserId createTZReq := &requestpb.CreateTZRequest{ UserId: user1ID, RequestTxt: "Нужны поставщики для теста ownership", } createTZResp, err := s.requestClient.CreateTZ(ctx, createTZReq) s.NoError(err) s.NotEmpty(createTZResp.RequestId) requestID := createTZResp.RequestId _, _, user2ID := s.createSecondTestUser() getMailingByIDReq := &requestpb.GetMailingListByIDRequest{ RequestId: requestID, UserId: user2ID, } resp, err := s.requestClient.GetMailingListByID(ctx, getMailingByIDReq) s.Error(err) s.Nil(resp) st, ok := status.FromError(err) s.True(ok) s.Equal(codes.PermissionDenied, st.Code()) } func (s *IntegrationSuite) TestOwnership_ApproveTZ_AnotherUsersRequest() { ctx := context.Background() loginReq := &authpb.LoginRequest{ Email: "test@example.com", Password: "testpassword", Ip: "127.0.0.1", UserAgent: "integration-test", } loginResp, err := s.authClient.Login(ctx, loginReq) s.NoError(err) validateReq := &authpb.ValidateRequest{ AccessToken: loginResp.AccessToken, } validateResp, err := s.authClient.Validate(ctx, validateReq) s.NoError(err) user1ID := validateResp.UserId createTZReq := &requestpb.CreateTZRequest{ UserId: user1ID, RequestTxt: "Нужны поставщики для теста ownership approve", } createTZResp, err := s.requestClient.CreateTZ(ctx, createTZReq) s.NoError(err) s.NotEmpty(createTZResp.RequestId) requestID := createTZResp.RequestId _, _, user2ID := s.createSecondTestUser() approveTZReq := &requestpb.ApproveTZRequest{ RequestId: requestID, FinalTz: "Утвержденное ТЗ от чужого пользователя", UserId: user2ID, } resp, err := s.requestClient.ApproveTZ(ctx, approveTZReq) s.Error(err) s.Nil(resp) st, ok := status.FromError(err) s.True(ok) s.Equal(codes.PermissionDenied, st.Code()) } func (s *IntegrationSuite) TestOwnership_ExportExcel_AnotherUsersRequest() { ctx := context.Background() loginReq := &authpb.LoginRequest{ Email: "test@example.com", Password: "testpassword", Ip: "127.0.0.1", UserAgent: "integration-test", } loginResp, err := s.authClient.Login(ctx, loginReq) s.NoError(err) validateReq := &authpb.ValidateRequest{ AccessToken: loginResp.AccessToken, } validateResp, err := s.authClient.Validate(ctx, validateReq) s.NoError(err) user1ID := validateResp.UserId createTZReq := &requestpb.CreateTZRequest{ UserId: user1ID, RequestTxt: "Нужны поставщики для теста ownership export", } createTZResp, err := s.requestClient.CreateTZ(ctx, createTZReq) s.NoError(err) s.NotEmpty(createTZResp.RequestId) requestID := createTZResp.RequestId approveTZReq := &requestpb.ApproveTZRequest{ RequestId: requestID, FinalTz: "Утвержденное ТЗ для экспорта", UserId: user1ID, } _, err = s.requestClient.ApproveTZ(ctx, approveTZReq) s.NoError(err) _, _, user2ID := s.createSecondTestUser() exportReq := &supplierpb.ExportExcelRequest{ RequestId: requestID, UserId: user2ID, } resp, err := s.supplierClient.ExportExcel(ctx, exportReq) s.Error(err) s.Nil(resp) st, ok := status.FromError(err) s.True(ok) s.Equal(codes.PermissionDenied, st.Code()) } func (s *IntegrationSuite) TestOwnership_GetMailingListByID_OwnRequest_Success() { ctx := context.Background() loginReq := &authpb.LoginRequest{ Email: "test@example.com", Password: "testpassword", Ip: "127.0.0.1", UserAgent: "integration-test", } loginResp, err := s.authClient.Login(ctx, loginReq) s.NoError(err) validateReq := &authpb.ValidateRequest{ AccessToken: loginResp.AccessToken, } validateResp, err := s.authClient.Validate(ctx, validateReq) s.NoError(err) userID := validateResp.UserId createTZReq := &requestpb.CreateTZRequest{ UserId: userID, RequestTxt: "Нужны поставщики для теста ownership success", } createTZResp, err := s.requestClient.CreateTZ(ctx, createTZReq) s.NoError(err) s.NotEmpty(createTZResp.RequestId) requestID := createTZResp.RequestId approveTZReq := &requestpb.ApproveTZRequest{ RequestId: requestID, FinalTz: "Утвержденное ТЗ", UserId: userID, } _, err = s.requestClient.ApproveTZ(ctx, approveTZReq) s.NoError(err) getMailingByIDReq := &requestpb.GetMailingListByIDRequest{ RequestId: requestID, UserId: userID, } resp, err := s.requestClient.GetMailingListByID(ctx, getMailingByIDReq) s.NoError(err) s.NotNil(resp) s.NotNil(resp.Detail) s.Equal(requestID, resp.Detail.RequestId) }