jd/bgApp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0f6452fdd4e5dd57a6bef4febac3d769768a38e9
bgApp/src/tests/user.test.ts

285 lines
6.7 KiB
TypeScript
Raw Blame History

import { expect, test } from 'bun:test';
import user from '../endpoints/user';
import { UnwrappedRequest } from '../utilities/guard';
import { Claims } from '../orm/claims';
import { orm } from '../orm/orm';
import { User } from '../orm/user';
test('Create user as admin', async () => {
const claims = new Claims();
claims.claims.push(Claims.ADMIN);
const request = new UnwrappedRequest({
claims,
request: null,
json: {
username: 'test1',
password: 'test123',
},
params: {},
});
const response = await user.create(request);
expect(response.status).toBe(201);
expect(response.body).toBeDefined();
});
test('Create user without read access', async () => {
const claims = new Claims();
claims.claims.push(Claims.USERS.CREATE);
const request = new UnwrappedRequest({
claims,
request: null,
json: {
username: 'test2',
password: 'test123',
},
params: {},
});
const response = await user.create(request);
expect(response.status).toBe(201);
expect(response.body).toBeNull();
});
test('Create user that already exists', async () => {
const claims = new Claims();
claims.claims.push(Claims.USERS.CREATE);
const request = new UnwrappedRequest({
claims,
request: null,
json: {
username: 'test2',
password: 'test123',
},
params: {},
});
const response = await user.create(request);
expect(response.status).toBe(400);
});
test('Get user', async () => {
const claims = new Claims();
claims.claims.push(Claims.USERS.OTHER.READ);
const request = new UnwrappedRequest({
claims,
request: null,
params: {
id: 1,
},
});
const response = await user.get(request);
const retrievedUser = await response.json();
expect(response.status).toBe(200);
expect(retrievedUser.id).toBe('1');
});
test('Get user self with only self read permission', async () => {
const claims = new Claims();
claims.userId = '1';
claims.claims.push(Claims.USERS.OTHER.READ);
const request = new UnwrappedRequest({
claims,
request: null,
params: {
id: 1,
},
});
const response = await user.get(request);
const retrievedUser = await response.json();
expect(response.status).toBe(200);
expect(retrievedUser.id).toBe('1');
});
test('Get other user without read permissions', async () => {
const claims = new Claims();
claims.userId = '2';
claims.claims.push(Claims.USERS.SELF.READ);
const request = new UnwrappedRequest({
claims,
request: null,
params: {
id: 1,
},
});
const response = await user.get(request);
expect(response.status).toBe(401);
});
test("Get user that doesn't exist", async () => {
const claims = new Claims();
claims.claims.push(Claims.ADMIN);
const request = new UnwrappedRequest({
claims,
request: null,
params: {
id: 101,
},
});
const response = await user.get(request);
expect(response.status).toBe(404);
});
test('Update user', async () => {
const claims = new Claims();
claims.claims.push(Claims.ADMIN);
const request = new UnwrappedRequest({
claims,
request: null,
json: {
isAdmin: true,
},
params: {
id: 2,
},
});
const response = await user.update(request);
expect(response.status).toBe(200);
expect(response.body).toBeDefined();
});
test('Update user without read access', async () => {
const claims = new Claims();
claims.userId = '1';
claims.claims.push(Claims.USERS.OTHER.UPDATE);
const request = new UnwrappedRequest({
claims,
request: null,
json: {
isAdmin: true,
},
params: {
id: 2,
},
});
const response = await user.update(request);
expect(response.status).toBe(200);
expect(response.body).toBeNull();
});
test('Update user without permissions', async () => {
const claims = new Claims();
claims.userId = '1';
const request = new UnwrappedRequest({
claims,
request: null,
json: {
isAdmin: true,
},
params: {
id: 2,
},
});
const response = await user.update(request);
expect(response.status).toBe(401);
});
test("Update user that doesn't exist", async () => {
const claims = new Claims();
claims.userId = '1';
claims.claims.push(Claims.ADMIN);
const request = new UnwrappedRequest({
claims,
request: null,
json: {
isAdmin: true,
},
params: {
id: 101,
},
});
const response = await user.update(request);
expect(response.status).toBe(404);
});
test('Delete user', async () => {
const claims = new Claims();
claims.claims.push(Claims.ADMIN);
const createdUser = (await orm.users.create('test3', 'test123')) as User;
const request = new UnwrappedRequest({
claims,
request: null,
params: {
id: createdUser.id,
},
});
const response = await user.drop(request);
expect(response.status).toBe(200);
});
test('Delete user without delete permissions', async () => {
const claims = new Claims();
const createdUser = (await orm.users.create('test4', 'test123')) as User;
const request = new UnwrappedRequest({
claims,
request: null,
params: {
id: createdUser.id,
},
});
const response = await user.drop(request);
expect(response.status).toBe(401);
});
test('Delete self user with only self delete permissions', async () => {
const claims = new Claims();
claims.claims.push(Claims.USERS.SELF.DELETE);
const createdUser = (await orm.users.create('test5', 'test123')) as User;
claims.userId = createdUser.id;
const request = new UnwrappedRequest({
claims,
request: null,
params: {
id: createdUser.id,
},
});
const response = await user.drop(request);
expect(response.status).toBe(200);
});
test('Delete other user with only self delete permissions', async () => {
const claims = new Claims();
claims.userId = '1';
claims.claims.push(Claims.USERS.SELF.DELETE);
const createdUser = (await orm.users.create('test6', 'test123')) as User;
const request = new UnwrappedRequest({
claims,
request: null,
params: {
id: createdUser.id,
},
});
const response = await user.drop(request);
expect(response.status).toBe(401);
});
Reference in New Issue View Git Blame Copy Permalink