test(permissions): add unit and e2e tests for GET /permissions (#115)

Handler is static (no DB), tests verify the 9 known permissions are returned with correct id/nom shapes.
2026-04-26 14:07:51 +02:00
parent e2f5bf7b95
commit 0f32cee620
2 changed files with 109 additions and 0 deletions
@@ -0,0 +1,44 @@
+// #115 - E2E tests for GET /permissions
+// Handler statique (pas de DB), test direct du handler
+
+import { assertEquals, assertExists } from "@std/assert";
+import { makeEmployeeContext, makeGetRequest } from "../helpers/handler.ts";
+import { handler as permissionsHandler } from "$apps/admin/api/permissions.ts";
+
+Deno.test({
+  name: "e2e permissions: GET /permissions returns all 9 permissions",
+  fn() {
+    const res = permissionsHandler.GET!(
+      makeGetRequest("/permissions"),
+      makeEmployeeContext(),
+    );
+    assertEquals(res.status, 200);
+    const body = JSON.parse(res.body ? "" : "[]");
+    // handler returns synchronously — parse via text
+    return res.text().then((text) => {
+      const data = JSON.parse(text);
+      assertEquals(data.length, 9);
+      assertExists(data.find((p: { id: string }) => p.id === "student_read"));
+      assertExists(data.find((p: { id: string }) => p.id === "role_write"));
+    });
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});
+
+Deno.test({
+  name: "e2e permissions: GET /permissions - all entries have id and nom",
+  async fn() {
+    const res = permissionsHandler.GET!(
+      makeGetRequest("/permissions"),
+      makeEmployeeContext(),
+    );
+    const data: { id: string; nom: string }[] = await res.json();
+    for (const p of data) {
+      assertEquals(typeof p.id, "string");
+      assertEquals(typeof p.nom, "string");
+    }
+  },
+  sanitizeResources: false,
+  sanitizeOps: false,
+});