I’m trying to use Ash.Changeset.for_create(:register_with_password, attrs) in a test fixture. But because of the default policy on Accounts.User (forbid unless bypass AshAuthenticationInteraction ) it fails with a forbidden warning. What’s the right path here?
- Do I try to set the authenticationinteraction context in my test fixture?
- Do I add a different policy to be more permissive?
- Is there something obvious I’m missing?
(This is all regarding the auto-generated auth code from mix igniter.install ash_authentication on ash_authentication 4.2.0)
There are a few options, it depends a bit on what you want to do.
If you’re just testing out the changeset behavior
You could add authorize?: false to your opts to bypass authorization.
If you just want to call the action
You can use AshAuthentication.Strategy.Password.Actions.register/3. It requires a strategy, so you’d use AshAuthentication.Info.strategy!(User, :password) to get the strategy, and pass that to the register function.
strategy = AshAuthentication.Info.strategy!(User, :password)
AshAuthentication.Strategy.Password.Actions.register(
strategy,
%{"email" => ..., "password" => ..., "password_confirmation" => ...},
[]
)
If you want to call this in your application from some other context
Like if you’re making some kind of alternative registration mechanism, then adding a policy that allows that to happen would make sense, perhaps by passing in some kind of system user or setting some custom context that you use in your policy.
Awesome, thanks.
register/3 is the way to go for me, this is a fixture to use real code paths in tests, but I’m not testing the changeset specifically.
(And I’ll end up benchmarking driving PhoenixTest through the real signup flow and using that if it’s not 10x slower)
1 Like
