groot/automatisch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test(user): write tests for authorizedSteps

Browse Source
This commit is contained in:
Ali BARIN
2024-11-08 14:27:49 +00:00
committed by Faruk AYDIN
parent b5310afb90
commit 3e28af670c
1 changed files with 66 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
packages/backend/src/models/user.test.js
View File

@@ -16,6 +16,7 @@ import { createUser } from '../../test/factories/user.js';
import { createRole } from '../../test/factories/role.js'; import { createRole } from '../../test/factories/role.js';
import { createPermission } from '../../test/factories/permission.js'; import { createPermission } from '../../test/factories/permission.js';
import { createFlow } from '../../test/factories/flow.js'; import { createFlow } from '../../test/factories/flow.js';
import { createStep } from '../../test/factories/step.js';
describe('User model', () => { describe('User model', () => {
it('tableName should return correct name', () => { it('tableName should return correct name', () => {
@@ -307,4 +308,69 @@ describe('User model', () => {
); );
}); });
}); });
describe('authorizedSteps', () => {
it('should return user steps with isCreator condition', async () => {
const userRole = await createRole({ name: 'User' });
await createPermission({
roleId: userRole.id,
subject: 'Flow',
action: 'read',
conditions: ['isCreator'],
});
const user = await createUser({ roleId: userRole.id });
const userWithRoleAndPermissions = await user
.$query()
.withGraphFetched({ role: true, permissions: true });
const userFlow = await createFlow({ userId: user.id });
const userFlowStep = await createStep({ flowId: userFlow.id });
const anotherUserFlow = await createFlow();
await createStep({ flowId: anotherUserFlow.id });
expect(await userWithRoleAndPermissions.authorizedSteps).toStrictEqual([
userFlowStep,
]);
});
it('should return all steps without isCreator condition', async () => {
const userRole = await createRole({ name: 'User' });
await createPermission({
roleId: userRole.id,
subject: 'Flow',
action: 'read',
conditions: [],
});
const user = await createUser({ roleId: userRole.id });
const userWithRoleAndPermissions = await user
.$query()
.withGraphFetched({ role: true, permissions: true });
const userFlow = await createFlow({ userId: user.id });
const userFlowStep = await createStep({ flowId: userFlow.id });
const anotherUserFlow = await createFlow();
const anotherUserFlowStep = await createStep({
flowId: anotherUserFlow.id,
});
expect(await userWithRoleAndPermissions.authorizedSteps).toStrictEqual([
userFlowStep,
anotherUserFlowStep,
]);
});
it('should throw an authorization error without Flow read permission', async () => {
const user = new User();
expect(() => user.authorizedSteps).toThrowError(
'The user is not authorized!'
);
});
});
}); });