server/tests/oauth-scopes.test.ts

import { describe, expect, it } from "bun:test";
import { checkIfOauthIsValid } from "@/oauth";
import { Application, type ApplicationType } from "@versia/kit/db";

describe("checkIfOauthIsValid", () => {
    it("should return true when routeScopes and application.scopes are empty", () => {
        const application = new Application({ scopes: "" } as ApplicationType);
        const routeScopes: string[] = [];
        const result = checkIfOauthIsValid(application, routeScopes);
        expect(result).toBe(true);
    });

    it("should return true when routeScopes is empty and application.scopes contains write:* or write", () => {
        const application = new Application({
            scopes: "write:*",
        } as ApplicationType);
        const routeScopes: string[] = [];
        const result = checkIfOauthIsValid(application, routeScopes);
        expect(result).toBe(true);
    });

    it("should return true when routeScopes is empty and application.scopes contains read:* or read", () => {
        const application = new Application({
            scopes: "read:*",
        } as ApplicationType);
        const routeScopes: string[] = [];
        const result = checkIfOauthIsValid(application, routeScopes);
        expect(result).toBe(true);
    });

    it("should return true when routeScopes contains only write: permissions and application.scopes contains write:* or write", () => {
        const application = new Application({
            scopes: "write:*",
        } as ApplicationType);
        const routeScopes = ["write:users", "write:posts"];
        const result = checkIfOauthIsValid(application, routeScopes);
        expect(result).toBe(true);
    });

    it("should return true when routeScopes contains only read: permissions and application.scopes contains read:* or read", () => {
        const application = new Application({
            scopes: "read:*",
        } as ApplicationType);
        const routeScopes = ["read:users", "read:posts"];
        const result = checkIfOauthIsValid(application, routeScopes);
        expect(result).toBe(true);
    });

    it("should return true when routeScopes contains both write: and read: permissions and application.scopes contains write:* or write and read:* or read", () => {
        const application = new Application({
            scopes: "write:* read:*",
        } as ApplicationType);
        const routeScopes = ["write:users", "read:posts"];
        const result = checkIfOauthIsValid(application, routeScopes);
        expect(result).toBe(true);
    });

    it("should return false when routeScopes contains write: permissions but application.scopes does not contain write:* or write", () => {
        const application = new Application({
            scopes: "read:*",
        } as ApplicationType);
        const routeScopes = ["write:users", "write:posts"];
        const result = checkIfOauthIsValid(application, routeScopes);
        expect(result).toBe(false);
    });

    it("should return false when routeScopes contains read: permissions but application.scopes does not contain read:* or read", () => {
        const application = new Application({
            scopes: "write:*",
        } as ApplicationType);
        const routeScopes = ["read:users", "read:posts"];
        const result = checkIfOauthIsValid(application, routeScopes);
        expect(result).toBe(false);
    });

    it("should return false when routeScopes contains both write: and read: permissions but application.scopes does not contain write:* or write and read:* or read", () => {
        const application = new Application({ scopes: "" } as ApplicationType);
        const routeScopes = ["write:users", "read:posts"];
        const result = checkIfOauthIsValid(application, routeScopes);
        expect(result).toBe(false);
    });

    it("should return true when routeScopes contains a mix of valid and invalid permissions and application.scopes contains all the required permissions", () => {
        const application = new Application({
            scopes: "write:* read:*",
        } as ApplicationType);
        const routeScopes = ["write:users", "invalid:permission", "read:posts"];
        const result = checkIfOauthIsValid(application, routeScopes);
        expect(result).toBe(true);
    });

    it("should return false when routeScopes contains a mix of valid and invalid permissions but application.scopes does not contain all the required permissions", () => {
        const application = new Application({
            scopes: "write:*",
        } as ApplicationType);
        const routeScopes = ["write:users", "invalid:permission", "read:posts"];
        const result = checkIfOauthIsValid(application, routeScopes);
        expect(result).toBe(false);
    });

    it("should return true when routeScopes contains a mix of valid write and read permissions and application.scopes contains all the required permissions", () => {
        const application = new Application({
            scopes: "write:* read:posts",
        } as ApplicationType);
        const routeScopes = ["write:users", "read:posts"];
        const result = checkIfOauthIsValid(application, routeScopes);
        expect(result).toBe(true);
    });

    it("should return false when routeScopes contains a mix of valid write and read permissions but application.scopes does not contain all the required permissions", () => {
        const application = new Application({
            scopes: "write:*",
        } as ApplicationType);
        const routeScopes = ["write:users", "read:posts"];
        const result = checkIfOauthIsValid(application, routeScopes);
        expect(result).toBe(false);
    });
});
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00			`import { describe, expect, it } from "bun:test";`
refactor: :truck: Add slash to typescript path shortcuts 2024-05-29 02:59:49 +02:00			`import { checkIfOauthIsValid } from "@/oauth";`
refactor(database): :truck: Only import ORM abstractions from @versia/kit 2024-11-01 20:57:16 +01:00			`import { Application, type ApplicationType } from "@versia/kit/db";`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00
			`describe("checkIfOauthIsValid", () => {`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`it("should return true when routeScopes and application.scopes are empty", () => {`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const application = new Application({ scopes: "" } as ApplicationType);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`const routeScopes: string[] = [];`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const result = checkIfOauthIsValid(application, routeScopes);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`expect(result).toBe(true);`
			`});`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`it("should return true when routeScopes is empty and application.scopes contains write:* or write", () => {`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const application = new Application({`
			`scopes: "write:*",`
			`} as ApplicationType);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`const routeScopes: string[] = [];`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const result = checkIfOauthIsValid(application, routeScopes);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`expect(result).toBe(true);`
			`});`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`it("should return true when routeScopes is empty and application.scopes contains read:* or read", () => {`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const application = new Application({`
			`scopes: "read:*",`
			`} as ApplicationType);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`const routeScopes: string[] = [];`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const result = checkIfOauthIsValid(application, routeScopes);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`expect(result).toBe(true);`
			`});`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`it("should return true when routeScopes contains only write: permissions and application.scopes contains write:* or write", () => {`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const application = new Application({`
			`scopes: "write:*",`
			`} as ApplicationType);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`const routeScopes = ["write:users", "write:posts"];`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const result = checkIfOauthIsValid(application, routeScopes);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`expect(result).toBe(true);`
			`});`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`it("should return true when routeScopes contains only read: permissions and application.scopes contains read:* or read", () => {`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const application = new Application({`
			`scopes: "read:*",`
			`} as ApplicationType);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`const routeScopes = ["read:users", "read:posts"];`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const result = checkIfOauthIsValid(application, routeScopes);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`expect(result).toBe(true);`
			`});`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`it("should return true when routeScopes contains both write: and read: permissions and application.scopes contains write:* or write and read:* or read", () => {`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const application = new Application({`
			`scopes: "write:* read:*",`
			`} as ApplicationType);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`const routeScopes = ["write:users", "read:posts"];`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const result = checkIfOauthIsValid(application, routeScopes);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`expect(result).toBe(true);`
			`});`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`it("should return false when routeScopes contains write: permissions but application.scopes does not contain write:* or write", () => {`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const application = new Application({`
			`scopes: "read:*",`
			`} as ApplicationType);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`const routeScopes = ["write:users", "write:posts"];`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const result = checkIfOauthIsValid(application, routeScopes);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`expect(result).toBe(false);`
			`});`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`it("should return false when routeScopes contains read: permissions but application.scopes does not contain read:* or read", () => {`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const application = new Application({`
			`scopes: "write:*",`
			`} as ApplicationType);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`const routeScopes = ["read:users", "read:posts"];`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const result = checkIfOauthIsValid(application, routeScopes);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`expect(result).toBe(false);`
			`});`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`it("should return false when routeScopes contains both write: and read: permissions but application.scopes does not contain write:* or write and read:* or read", () => {`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const application = new Application({ scopes: "" } as ApplicationType);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`const routeScopes = ["write:users", "read:posts"];`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const result = checkIfOauthIsValid(application, routeScopes);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`expect(result).toBe(false);`
			`});`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`it("should return true when routeScopes contains a mix of valid and invalid permissions and application.scopes contains all the required permissions", () => {`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const application = new Application({`
			`scopes: "write:* read:*",`
			`} as ApplicationType);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`const routeScopes = ["write:users", "invalid:permission", "read:posts"];`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const result = checkIfOauthIsValid(application, routeScopes);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`expect(result).toBe(true);`
			`});`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`it("should return false when routeScopes contains a mix of valid and invalid permissions but application.scopes does not contain all the required permissions", () => {`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const application = new Application({`
			`scopes: "write:*",`
			`} as ApplicationType);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`const routeScopes = ["write:users", "invalid:permission", "read:posts"];`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const result = checkIfOauthIsValid(application, routeScopes);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`expect(result).toBe(false);`
			`});`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`it("should return true when routeScopes contains a mix of valid write and read permissions and application.scopes contains all the required permissions", () => {`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const application = new Application({`
			`scopes: "write:* read:posts",`
			`} as ApplicationType);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`const routeScopes = ["write:users", "read:posts"];`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const result = checkIfOauthIsValid(application, routeScopes);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`expect(result).toBe(true);`
			`});`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`it("should return false when routeScopes contains a mix of valid write and read permissions but application.scopes does not contain all the required permissions", () => {`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const application = new Application({`
			`scopes: "write:*",`
			`} as ApplicationType);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`const routeScopes = ["write:users", "read:posts"];`
refactor(database): :recycle: Move Applications to our custom ORM 2024-10-23 17:56:47 +02:00			`const result = checkIfOauthIsValid(application, routeScopes);`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`expect(result).toBe(false);`
			`});`
Add new oauth matching function with tests for it 2023-11-22 05:16:31 +01:00			`});`