Refactor & unit tests

src/tests/global-mocks.ts

@@ -0,0 +1,2 @@
+import {expect, test, beforeAll} from 'bun:test';
+import {sql} from "bun";

src/tests/test-setup.ts

@@ -0,0 +1,35 @@
+import {beforeAll, afterAll} from 'bun:test';
+import Bun from 'bun';
+import {sql} from "bun";
+
+beforeAll(async () => {
+    console.log(process.env.DATABASE_URL);
+    const scriptFile = await Bun.file('./scripts/dbCreate.sql').text();
+
+    // Drop the database in preparation for rebuild
+    await sql`DROP SCHEMA public CASCADE`;
+    await sql`CREATE SCHEMA public`;
+
+    // Run DB build script
+    await sql.unsafe(scriptFile);
+
+    // Populate initial data
+    await sql`SET search_path TO showfinder,public`;
+    await sql`INSERT INTO claims(name, is_default) VALUES ('ADMIN', false)`;
+    await sql`INSERT INTO claims(name, is_default) VALUES ('USERS_CREATE', false)`;
+    await sql`INSERT INTO claims(name, is_default) VALUES ('USERS_OTHER_UPDATE', false)`;
+    await sql`INSERT INTO claims(name, is_default) VALUES ('USERS_OTHER_DELETE', true)`;
+    await sql`INSERT INTO claims(name, is_default) VALUES ('USERS_SELF_READ', true)`;
+    await sql`INSERT INTO claims(name, is_default) VALUES ('USERS_SELF_UPDATE', true)`;
+    await sql`INSERT INTO claims(name, is_default) VALUES ('USERS_OTHER_READ', true)`;
+    await sql`INSERT INTO claims(name, is_default) VALUES ('USERS_SELF_DELETE', false)`;
+});
+
+
+
+
+
+
+
+
+

src/tests/user.test.ts

@@ -0,0 +1,130 @@
+import {expect, test} from 'bun:test';
+import user from '../endpoints/user';
+import {UnwrappedRequest} from "../utilities/guard";
+import {Claims} from "../orm/claims";
+
+test('Create user as admin', async () => {
+    const claims = new Claims();
+    claims.claims.push('ADMIN');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        json: {
+            username: 'test1',
+            password: 'test123',
+        },
+        params: {},
+    });
+
+    const response = await user.create(request);
+    expect(response.status).toBe(201);
+    expect(response.body).toBeDefined();
+});
+
+test('Create user without read access', async () => {
+    const claims = new Claims();
+    claims.claims.push('USERS_CREATE');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        json: {
+            username: 'test2',
+            password: 'test123',
+        },
+        params: {},
+    });
+
+    const response = await user.create(request);
+    expect(response.status).toBe(201);
+    expect(response.body).toBeNull();
+});
+
+test('Create user that already exists', async () => {
+    const claims = new Claims();
+    claims.claims.push('USERS_CREATE');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        json: {
+            username: 'test2',
+            password: 'test123',
+        },
+        params: {},
+    });
+
+    const response = await user.create(request);
+    expect(response.status).toBe(400);
+});
+
+test('Get user', async () => {
+    const claims = new Claims();
+    claims.claims.push('USERS_OTHER_READ');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        params: {
+            id: 1
+        },
+    });
+
+    const response = await user.get(request);
+    const retrievedUser = await response.json();
+    expect(response.status).toBe(200);
+    expect(retrievedUser.id).toBe('1');
+});
+
+test('Get user self with only self read permission', async () => {
+    const claims = new Claims();
+    claims.userId = "1";
+    claims.claims.push('USERS_OTHER_READ');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        params: {
+            id: 1
+        },
+    });
+
+    const response = await user.get(request);
+    const retrievedUser = await response.json();
+    expect(response.status).toBe(200);
+    expect(retrievedUser.id).toBe('1');
+});
+
+test('Get other user without read permissions', async () => {
+    const claims = new Claims();
+    claims.userId = "2";
+    claims.claims.push('USERS_SELF_READ');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        params: {
+            id: 1
+        },
+    });
+
+    const response = await user.get(request);
+    expect(response.status).toBe(401);
+});
+
+test('Get user that doesn\'t exist', async () => {
+    const claims = new Claims();
+    claims.claims.push('ADMIN');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        params: {
+            id: 101
+        },
+    });
+
+    const response = await user.get(request);
+    expect(response.status).toBe(404);
+});