Refactor & unit tests

2026-02-13 22:06:49 +00:00
parent eca7405974
commit 387a9a36f3
20 changed files with 423 additions and 148 deletions
--- a/src/tests/user.test.ts
+++ b/src/tests/user.test.ts
@@ -0,0 +1,130 @@
+import {expect, test} from 'bun:test';
+import user from '../endpoints/user';
+import {UnwrappedRequest} from "../utilities/guard";
+import {Claims} from "../orm/claims";
+
+test('Create user as admin', async () => {
+    const claims = new Claims();
+    claims.claims.push('ADMIN');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        json: {
+            username: 'test1',
+            password: 'test123',
+        },
+        params: {},
+    });
+
+    const response = await user.create(request);
+    expect(response.status).toBe(201);
+    expect(response.body).toBeDefined();
+});
+
+test('Create user without read access', async () => {
+    const claims = new Claims();
+    claims.claims.push('USERS_CREATE');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        json: {
+            username: 'test2',
+            password: 'test123',
+        },
+        params: {},
+    });
+
+    const response = await user.create(request);
+    expect(response.status).toBe(201);
+    expect(response.body).toBeNull();
+});
+
+test('Create user that already exists', async () => {
+    const claims = new Claims();
+    claims.claims.push('USERS_CREATE');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        json: {
+            username: 'test2',
+            password: 'test123',
+        },
+        params: {},
+    });
+
+    const response = await user.create(request);
+    expect(response.status).toBe(400);
+});
+
+test('Get user', async () => {
+    const claims = new Claims();
+    claims.claims.push('USERS_OTHER_READ');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        params: {
+            id: 1
+        },
+    });
+
+    const response = await user.get(request);
+    const retrievedUser = await response.json();
+    expect(response.status).toBe(200);
+    expect(retrievedUser.id).toBe('1');
+});
+
+test('Get user self with only self read permission', async () => {
+    const claims = new Claims();
+    claims.userId = "1";
+    claims.claims.push('USERS_OTHER_READ');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        params: {
+            id: 1
+        },
+    });
+
+    const response = await user.get(request);
+    const retrievedUser = await response.json();
+    expect(response.status).toBe(200);
+    expect(retrievedUser.id).toBe('1');
+});
+
+test('Get other user without read permissions', async () => {
+    const claims = new Claims();
+    claims.userId = "2";
+    claims.claims.push('USERS_SELF_READ');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        params: {
+            id: 1
+        },
+    });
+
+    const response = await user.get(request);
+    expect(response.status).toBe(401);
+});
+
+test('Get user that doesn\'t exist', async () => {
+    const claims = new Claims();
+    claims.claims.push('ADMIN');
+
+    const request = new UnwrappedRequest({
+        claims,
+        request: null,
+        params: {
+            id: 101
+        },
+    });
+
+    const response = await user.get(request);
+    expect(response.status).toBe(404);
+});