Harden permissions spec

If we expect an error to be thrown, the test should fail if no error was raised.
2025-12-13 07:45:56 +00:00 · 2019-02-19 22:55:23 +01:00 · 2019-02-19 22:55:23 +01:00 · e6a996e0dd
commit e6a996e0dd
parent f703164f1d
1 changed files with 16 additions and 7 deletions
--- a/src/middleware/permissionsMiddleware.spec.js
+++ b/src/middleware/permissionsMiddleware.spec.js
@ -33,11 +33,14 @@ describe('authorization', () => {
      }

      describe('not logged in', async () => {
+        it('rejects', async () => {
+          await expect(action(headers)).rejects.toThrow('Not Authorised!')
+        })
+
        it('does not expose the owner\'s email address', async () => {
-          try {
+          try{
            await action(headers)
-          } catch (error) {
-            expect(error.response.errors[0].message).toEqual('Not Authorised!')
+          } catch(error) {
            expect(error.response.data).toEqual({ User: [ { email: null } ] })
          }
        })
@ -54,15 +57,21 @@ describe('authorization', () => {
      })

      describe('as someone else', () => {
-        it('does not expose the owner\'s email address', async () => {
+        beforeEach(async () => {
          headers = await authenticatedHeaders({
            email: 'someone@example.org',
            password: 'else'
          })
-          try {
+        })
+
+        it('rejects', async () => {
+          await expect(action(headers)).rejects.toThrow('Not Authorised!')
+        })
+
+        it('does not expose the owner\'s email address', async () => {
+          try{
            await action(headers)
-          } catch (error) {
-            expect(error.response.errors[0].message).toEqual('Not Authorised!')
+          } catch(error) {
            expect(error.response.data).toEqual({ User: [ { email: null } ] })
          }
        })