test(cli/org): adapt grant-denial edit case to interactive org edit
B3 dropped the flat --username/--url/... flags from `org edit`, so the ungranted-member denial test must drive the bare interactive form. The ungranted member is now rejected at manifest lookup (filter_for_member + resolve_org_query) before any prompt is read.
This commit is contained in:
adlee-was-taken
@@ -152,7 +152,9 @@ fn org_get_edit_rm_restore_purge_reject_ungranted_member() {
|
||||
);
|
||||
|
||||
for (label, args) in [
|
||||
("edit", vec!["org", "edit", "GitHub", "--username", "evil"]),
|
||||
// `org edit` is now interactive (no flat flags); the ungranted member is
|
||||
// rejected at manifest lookup, before any prompt is read.
|
||||
("edit", vec!["org", "edit", "GitHub"]),
|
||||
("rm", vec!["org", "rm", "GitHub"]),
|
||||
("restore", vec!["org", "restore", "GitHub"]),
|
||||
("purge", vec!["org", "purge", "GitHub"]),
|
||||
@@ -170,13 +172,12 @@ fn org_get_edit_rm_restore_purge_reject_ungranted_member() {
|
||||
}
|
||||
|
||||
// The item is untouched: the owner can still read the original password and
|
||||
// the username was NOT changed to the ungranted member's "evil" attempt.
|
||||
// username — the ungranted member's get/edit/rm/restore/purge were all denied.
|
||||
let owner_get = owner_dev.run(vault, &["org", "get", "GitHub", "--show"]);
|
||||
let owner_out = String::from_utf8_lossy(&owner_get.stdout).to_string();
|
||||
assert!(owner_get.status.success(), "owner should still read the item");
|
||||
assert!(owner_out.contains("hunter2"), "owner read must still show original password: {owner_out}");
|
||||
assert!(owner_out.contains("alice"), "edit by ungranted member must not have changed username: {owner_out}");
|
||||
assert!(!owner_out.contains("evil"), "ungranted edit leaked through: {owner_out}");
|
||||
assert!(owner_out.contains("alice"), "ungranted member must not have modified the item: {owner_out}");
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
||||
Reference in New Issue
Block a user