2023-11-22 05:16:31 +01:00
import { describe , expect , it } from "bun:test" ;
2024-04-07 07:30:49 +02:00
import { checkIfOauthIsValid } from "@oauth" ;
2024-04-14 02:46:33 +02:00
import type { Application } from "~database/entities/Application" ;
2023-11-22 05:16:31 +01:00
describe ( "checkIfOauthIsValid" , ( ) = > {
2024-04-07 07:30:49 +02:00
it ( "should return true when routeScopes and application.scopes are empty" , ( ) = > {
const application = { scopes : "" } ;
const routeScopes : string [ ] = [ ] ;
const result = checkIfOauthIsValid (
application as Application ,
routeScopes ,
) ;
expect ( result ) . toBe ( true ) ;
} ) ;
2023-11-22 05:16:31 +01:00
2024-04-07 07:30:49 +02:00
it ( "should return true when routeScopes is empty and application.scopes contains write:* or write" , ( ) = > {
const application = { scopes : "write:*" } ;
const routeScopes : string [ ] = [ ] ;
const result = checkIfOauthIsValid (
application as Application ,
routeScopes ,
) ;
expect ( result ) . toBe ( true ) ;
} ) ;
2023-11-22 05:16:31 +01:00
2024-04-07 07:30:49 +02:00
it ( "should return true when routeScopes is empty and application.scopes contains read:* or read" , ( ) = > {
const application = { scopes : "read:*" } ;
const routeScopes : string [ ] = [ ] ;
const result = checkIfOauthIsValid (
application as Application ,
routeScopes ,
) ;
expect ( result ) . toBe ( true ) ;
} ) ;
2023-11-22 05:16:31 +01:00
2024-04-07 07:30:49 +02:00
it ( "should return true when routeScopes contains only write: permissions and application.scopes contains write:* or write" , ( ) = > {
const application = { scopes : "write:*" } ;
const routeScopes = [ "write:users" , "write:posts" ] ;
const result = checkIfOauthIsValid (
application as Application ,
routeScopes ,
) ;
expect ( result ) . toBe ( true ) ;
} ) ;
2023-11-22 05:16:31 +01:00
2024-04-07 07:30:49 +02:00
it ( "should return true when routeScopes contains only read: permissions and application.scopes contains read:* or read" , ( ) = > {
const application = { scopes : "read:*" } ;
const routeScopes = [ "read:users" , "read:posts" ] ;
const result = checkIfOauthIsValid (
application as Application ,
routeScopes ,
) ;
expect ( result ) . toBe ( true ) ;
} ) ;
2023-11-22 05:16:31 +01:00
2024-04-07 07:30:49 +02:00
it ( "should return true when routeScopes contains both write: and read: permissions and application.scopes contains write:* or write and read:* or read" , ( ) = > {
const application = { scopes : "write:* read:*" } ;
const routeScopes = [ "write:users" , "read:posts" ] ;
const result = checkIfOauthIsValid (
application as Application ,
routeScopes ,
) ;
expect ( result ) . toBe ( true ) ;
} ) ;
2023-11-22 05:16:31 +01:00
2024-04-07 07:30:49 +02:00
it ( "should return false when routeScopes contains write: permissions but application.scopes does not contain write:* or write" , ( ) = > {
const application = { scopes : "read:*" } ;
const routeScopes = [ "write:users" , "write:posts" ] ;
const result = checkIfOauthIsValid (
application as Application ,
routeScopes ,
) ;
expect ( result ) . toBe ( false ) ;
} ) ;
2023-11-22 05:16:31 +01:00
2024-04-07 07:30:49 +02:00
it ( "should return false when routeScopes contains read: permissions but application.scopes does not contain read:* or read" , ( ) = > {
const application = { scopes : "write:*" } ;
const routeScopes = [ "read:users" , "read:posts" ] ;
const result = checkIfOauthIsValid (
application as Application ,
routeScopes ,
) ;
expect ( result ) . toBe ( false ) ;
} ) ;
2023-11-22 05:16:31 +01:00
2024-04-07 07:30:49 +02:00
it ( "should return false when routeScopes contains both write: and read: permissions but application.scopes does not contain write:* or write and read:* or read" , ( ) = > {
const application = { scopes : "" } ;
const routeScopes = [ "write:users" , "read:posts" ] ;
const result = checkIfOauthIsValid (
application as Application ,
routeScopes ,
) ;
expect ( result ) . toBe ( false ) ;
} ) ;
2023-11-22 05:16:31 +01:00
2024-04-07 07:30:49 +02:00
it ( "should return true when routeScopes contains a mix of valid and invalid permissions and application.scopes contains all the required permissions" , ( ) = > {
const application = { scopes : "write:* read:*" } ;
const routeScopes = [ "write:users" , "invalid:permission" , "read:posts" ] ;
const result = checkIfOauthIsValid (
application as Application ,
routeScopes ,
) ;
expect ( result ) . toBe ( true ) ;
} ) ;
2023-11-22 05:16:31 +01:00
2024-04-07 07:30:49 +02:00
it ( "should return false when routeScopes contains a mix of valid and invalid permissions but application.scopes does not contain all the required permissions" , ( ) = > {
const application = { scopes : "write:*" } ;
const routeScopes = [ "write:users" , "invalid:permission" , "read:posts" ] ;
const result = checkIfOauthIsValid (
application as Application ,
routeScopes ,
) ;
expect ( result ) . toBe ( false ) ;
} ) ;
2023-11-22 05:16:31 +01:00
2024-04-07 07:30:49 +02:00
it ( "should return true when routeScopes contains a mix of valid write and read permissions and application.scopes contains all the required permissions" , ( ) = > {
const application = { scopes : "write:* read:posts" } ;
const routeScopes = [ "write:users" , "read:posts" ] ;
const result = checkIfOauthIsValid (
application as Application ,
routeScopes ,
) ;
expect ( result ) . toBe ( true ) ;
} ) ;
2023-11-22 05:16:31 +01:00
2024-04-07 07:30:49 +02:00
it ( "should return false when routeScopes contains a mix of valid write and read permissions but application.scopes does not contain all the required permissions" , ( ) = > {
const application = { scopes : "write:*" } ;
const routeScopes = [ "write:users" , "read:posts" ] ;
const result = checkIfOauthIsValid (
application as Application ,
routeScopes ,
) ;
expect ( result ) . toBe ( false ) ;
} ) ;
2023-11-22 05:16:31 +01:00
} ) ;
