versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2025-12-06 08:28:19 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
server/api/api/v1/accounts/[id]/roles/[role_id]/index.test.ts
Jesse Wierzbinski 963173cdae
chore: ⬆️ Upgrade to Biome 2.0
2025-04-10 19:15:31 +02:00

147 lines
4.4 KiB
TypeScript
Raw Blame History

import { afterAll, beforeAll, describe, expect, test } from "bun:test";
import { RolePermission } from "@versia/client/schemas";
import { Role } from "@versia/kit/db";
import { randomUUIDv7 } from "bun";
import { generateClient, getTestUsers } from "~/tests/utils";
const { users, deleteUsers } = await getTestUsers(2);
let role: Role;
let higherPriorityRole: Role;
beforeAll(async () => {
// Create new role
role = await Role.insert({
id: randomUUIDv7(),
name: "test",
permissions: [RolePermission.ManageRoles],
priority: 2,
description: "test",
visible: true,
icon: "https://test.com",
});
expect(role).toBeDefined();
await role.linkUser(users[0].id);
// Create a role with higher priority than the user's role
higherPriorityRole = await Role.insert({
id: randomUUIDv7(),
name: "higherPriorityRole",
permissions: [RolePermission.ManageRoles],
priority: 3, // Higher priority than the user's role
description: "Higher priority role",
visible: true,
});
expect(higherPriorityRole).toBeDefined();
});
afterAll(async () => {
await role.delete();
await higherPriorityRole.delete();
await deleteUsers();
});
// /api/v1/accounts/:id/roles/:role_id
describe("/api/v1/accounts/:id/roles/:role_id", () => {
test("should return 401 if not authenticated", async () => {
await using client = await generateClient();
const { ok, raw } = await client.assignRole(users[1].id, role.id);
expect(ok).toBe(false);
expect(raw.status).toBe(401);
});
test("should return 404 if role does not exist", async () => {
await using client = await generateClient(users[0]);
const { ok, raw } = await client.assignRole(
users[1].id,
"00000000-0000-0000-0000-000000000000",
);
expect(ok).toBe(false);
expect(raw.status).toBe(404);
});
test("should return 404 if user does not exist", async () => {
await using client = await generateClient(users[0]);
const { ok, raw } = await client.assignRole(
"00000000-0000-0000-0000-000000000000",
role.id,
);
expect(ok).toBe(false);
expect(raw.status).toBe(404);
});
test("should assign role to user", async () => {
await using client = await generateClient(users[0]);
const { ok } = await client.assignRole(users[1].id, role.id);
expect(ok).toBe(true);
// Check if role was assigned
const userRoles = await Role.getUserRoles(users[1].id, false);
expect(userRoles).toContainEqual(
expect.objectContaining({ id: role.id }),
);
});
test("should return 403 if user tries to assign role with higher priority", async () => {
await using client = await generateClient(users[0]);
const { data, ok, raw } = await client.assignRole(
users[1].id,
higherPriorityRole.id,
);
expect(ok).toBe(false);
expect(raw.status).toBe(403);
expect(data).toMatchObject({
error: "Forbidden",
details:
"User with highest role priority 2 cannot assign role with priority 3",
});
});
test("should remove role from user", async () => {
await using client = await generateClient(users[0]);
const { ok } = await client.unassignRole(users[1].id, role.id);
expect(ok).toBe(true);
// Check if role was removed
const userRoles = await Role.getUserRoles(users[1].id, false);
expect(userRoles).not.toContainEqual(
expect.objectContaining({ id: role.id }),
);
});
test("should return 403 if user tries to remove role with higher priority", async () => {
await higherPriorityRole.linkUser(users[1].id);
await using client = await generateClient(users[0]);
const { data, ok, raw } = await client.unassignRole(
users[1].id,
higherPriorityRole.id,
);
expect(ok).toBe(false);
expect(raw.status).toBe(403);
expect(data).toMatchObject({
error: "Forbidden",
details:
"User with highest role priority 2 cannot remove role with priority 3",
});
await higherPriorityRole.unlinkUser(users[1].id);
});
});
Reference in a new issue View git blame Copy permalink