111 lines
3.0 KiB
JavaScript
111 lines
3.0 KiB
JavaScript
import { describe, it, beforeEach } from 'vitest';
|
|
import request from 'supertest';
|
|
import Crypto from 'crypto';
|
|
import app from '../../../../app.js';
|
|
import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
|
|
import { createUser } from '../../../../../test/factories/user.js';
|
|
import { createFlow } from '../../../../../test/factories/flow.js';
|
|
import { createPermission } from '../../../../../test/factories/permission.js';
|
|
|
|
describe('DELETE /api/v1/flows/:flowId', () => {
|
|
let currentUser, currentUserRole, token;
|
|
|
|
beforeEach(async () => {
|
|
currentUser = await createUser();
|
|
currentUserRole = await currentUser.$relatedQuery('role');
|
|
|
|
token = await createAuthTokenByUserId(currentUser.id);
|
|
});
|
|
|
|
it('should remove the current user flow and return no content', async () => {
|
|
const currentUserFlow = await createFlow({ userId: currentUser.id });
|
|
|
|
await createPermission({
|
|
action: 'read',
|
|
subject: 'Flow',
|
|
roleId: currentUserRole.id,
|
|
conditions: ['isCreator'],
|
|
});
|
|
|
|
await createPermission({
|
|
action: 'delete',
|
|
subject: 'Flow',
|
|
roleId: currentUserRole.id,
|
|
conditions: ['isCreator'],
|
|
});
|
|
|
|
await request(app)
|
|
.delete(`/api/v1/flows/${currentUserFlow.id}`)
|
|
.set('Authorization', token)
|
|
.expect(204);
|
|
});
|
|
|
|
it('should remove another user flow and return no content', async () => {
|
|
const anotherUser = await createUser();
|
|
const anotherUserFlow = await createFlow({ userId: anotherUser.id });
|
|
|
|
await createPermission({
|
|
action: 'read',
|
|
subject: 'Flow',
|
|
roleId: currentUserRole.id,
|
|
conditions: [],
|
|
});
|
|
|
|
await createPermission({
|
|
action: 'delete',
|
|
subject: 'Flow',
|
|
roleId: currentUserRole.id,
|
|
conditions: [],
|
|
});
|
|
|
|
await request(app)
|
|
.delete(`/api/v1/flows/${anotherUserFlow.id}`)
|
|
.set('Authorization', token)
|
|
.expect(204);
|
|
});
|
|
|
|
it('should return not found response for not existing flow UUID', async () => {
|
|
await createPermission({
|
|
action: 'read',
|
|
subject: 'Flow',
|
|
roleId: currentUserRole.id,
|
|
conditions: ['isCreator'],
|
|
});
|
|
|
|
await createPermission({
|
|
action: 'delete',
|
|
subject: 'Flow',
|
|
roleId: currentUserRole.id,
|
|
conditions: ['isCreator'],
|
|
});
|
|
|
|
const notExistingFlowUUID = Crypto.randomUUID();
|
|
|
|
await request(app)
|
|
.delete(`/api/v1/flows/${notExistingFlowUUID}`)
|
|
.set('Authorization', token)
|
|
.expect(404);
|
|
});
|
|
|
|
it('should return bad request response for invalid UUID', async () => {
|
|
await createPermission({
|
|
action: 'read',
|
|
subject: 'Flow',
|
|
roleId: currentUserRole.id,
|
|
conditions: ['isCreator'],
|
|
});
|
|
|
|
await createPermission({
|
|
action: 'delete',
|
|
subject: 'Flow',
|
|
roleId: currentUserRole.id,
|
|
conditions: ['isCreator'],
|
|
});
|
|
|
|
await request(app)
|
|
.delete('/api/v1/flows/invalidFlowUUID')
|
|
.set('Authorization', token)
|
|
.expect(400);
|
|
});
|
|
});
|