From 04ad98973ac1ab33e88428d7377980c28a6f23f3 Mon Sep 17 00:00:00 2001 From: adlee-was-taken Date: Sat, 20 Jun 2026 20:49:12 -0400 Subject: [PATCH] test(cli/org): adapt grant-denial edit case to interactive org edit B3 dropped the flat --username/--url/... flags from `org edit`, so the ungranted-member denial test must drive the bare interactive form. The ungranted member is now rejected at manifest lookup (filter_for_member + resolve_org_query) before any prompt is read. --- crates/relicario-cli/tests/org_authz.rs | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/crates/relicario-cli/tests/org_authz.rs b/crates/relicario-cli/tests/org_authz.rs index 0017a29..d8b4e06 100644 --- a/crates/relicario-cli/tests/org_authz.rs +++ b/crates/relicario-cli/tests/org_authz.rs @@ -152,7 +152,9 @@ fn org_get_edit_rm_restore_purge_reject_ungranted_member() { ); for (label, args) in [ - ("edit", vec!["org", "edit", "GitHub", "--username", "evil"]), + // `org edit` is now interactive (no flat flags); the ungranted member is + // rejected at manifest lookup, before any prompt is read. + ("edit", vec!["org", "edit", "GitHub"]), ("rm", vec!["org", "rm", "GitHub"]), ("restore", vec!["org", "restore", "GitHub"]), ("purge", vec!["org", "purge", "GitHub"]), @@ -170,13 +172,12 @@ fn org_get_edit_rm_restore_purge_reject_ungranted_member() { } // The item is untouched: the owner can still read the original password and - // the username was NOT changed to the ungranted member's "evil" attempt. + // username — the ungranted member's get/edit/rm/restore/purge were all denied. let owner_get = owner_dev.run(vault, &["org", "get", "GitHub", "--show"]); let owner_out = String::from_utf8_lossy(&owner_get.stdout).to_string(); assert!(owner_get.status.success(), "owner should still read the item"); assert!(owner_out.contains("hunter2"), "owner read must still show original password: {owner_out}"); - assert!(owner_out.contains("alice"), "edit by ungranted member must not have changed username: {owner_out}"); - assert!(!owner_out.contains("evil"), "ungranted edit leaked through: {owner_out}"); + assert!(owner_out.contains("alice"), "ungranted member must not have modified the item: {owner_out}"); } #[test]