Merge pull request #1345 from automatisch/refactor/tests

test: Correct get current user test descriptions

packages/backend/package.json

@@ -10,7 +10,7 @@
     "build:watch": "nodemon --watch 'src/**/*.ts' --watch 'bin/**/*.ts' --exec yarn build --ext ts",
     "start": "node dist/src/server.js",
     "pretest": "APP_ENV=test ts-node ./test/setup/prepare-test-env.ts",
-    "test": "APP_ENV=test jest",
+    "test": "APP_ENV=test jest --verbose",
     "lint": "eslint . --ignore-path ../../.eslintignore",
     "db:create": "ts-node ./bin/database/create.ts",
     "db:seed:user": "ts-node ./bin/database/seed-user.ts",

packages/backend/src/graphql/queries/get-current-user.test.ts

@@ -6,7 +6,7 @@ import createUser from '../../../test/fixtures/user';
 import { IRole, IUser } from '@automatisch/types';
 
 describe('graphQL getCurrentUser query', () => {
-  describe('with unauthorized user', () => {
+  describe('with unauthenticated user', () => {
     it('should throw not authorized error', async () => {
       const invalidUserToken = 'invalid-token';
 
@@ -30,7 +30,7 @@ describe('graphQL getCurrentUser query', () => {
     });
   });
 
-  describe('with authorized user', () => {
+  describe('with authenticated user', () => {
     let role: IRole, currentUser: IUser, token: string, requestObject: Test;
 
     beforeEach(async () => {
@@ -44,9 +44,7 @@ describe('graphQL getCurrentUser query', () => {
       });
 
       token = createAuthTokenByUserId(currentUser.id);
-      requestObject = request(app)
-        .post('/graphql')
-        .set('Authorization', token);
+      requestObject = request(app).post('/graphql').set('Authorization', token);
     });
 
     it('should return user data', async () => {

packages/backend/src/graphql/queries/get-user.test.ts

@@ -8,7 +8,7 @@ import createUser from '../../../test/fixtures/user';
 import { IRole, IUser } from '@automatisch/types';
 
 describe('graphQL getUser query', () => {
-  describe('with unauthorized user', () => {
+  describe('with unauthenticated user', () => {
     it('should throw not authorized error', async () => {
       const invalidUserId = '123123123';
 
@@ -32,7 +32,35 @@ describe('graphQL getUser query', () => {
     });
   });
 
-  describe('with authorized user', () => {
+  describe('with authenticated user', () => {
+    describe('and without permissions', () => {
+      it('should throw not authorized error', async () => {
+        const userWithoutPermissions = await createUser();
+        const anotherUser = await createUser();
+
+        const query = `
+          query {
+            getUser(id: "${anotherUser.id}") {
+              id
+              email
+            }
+          }
+        `;
+
+        const token = createAuthTokenByUserId(userWithoutPermissions.id);
+
+        const response = await request(app)
+          .post('/graphql')
+          .set('Authorization', token)
+          .send({ query })
+          .expect(200);
+
+        expect(response.body.errors).toBeDefined();
+        expect(response.body.errors[0].message).toEqual('Not authorized!');
+      });
+    });
+
+    describe('and correct permissions', () => {
       let role: IRole,
         currentUser: IUser,
         anotherUser: IUser,
@@ -146,4 +174,5 @@ describe('graphQL getUser query', () => {
         expect(response.body.errors[0].message).toEqual('NotFoundError');
       });
     });
+  });
 });