Adocasts Adocasts
Adocasts Adocasts
Sign In Sign Up

Ready to get started?

Join Adocasts Plus for $8/mo, or sign into an existing Adocasts Plus account, to get access to all of our lessons.

Join for $8/mo Sign in
robot mascot smiling
Pragmatic Testing in AdonisJS with Japa

Pragmatic Testing in AdonisJS with Japa #6.2

Testing Authorization with Bouncer

In This Lesson

We'll learn to test AdonisJS Authentication with Bouncer for actions like deleting a post. We'll cover happy paths where authorization is granted and sad paths where authorization is denied and the action is forbidden.

Created by
@tomgobich
Published

Notes Used to Craft this Lesson

Next, let's talk about authorization, which differs from authentication. Authentication deals with determining who you are, while authorization deals with determining what you can do.

So, in addition to testing things that require an authenticated user, we also want to test what that authenticated user is allowed to do within our application. For the most part, our PostsController is just a mock; however, at the bottom, there is a real destroy handler mapped to a model and route. This destroy method also performs authorization via Bouncer that ensures only administrators or the post owner can delete the post.

Join the Discussion 0 comments

Share your thoughts!
Create a free account to join in on the discussion
robot comment bubble

Be the first to comment!