// #112 - E2E tests for /roles endpoints import { assertEquals, assertExists } from "@std/assert"; import { makeEmployeeContext, makeGetRequest, makeJsonRequest, } from "../helpers/handler.ts"; import { seedRoles, testDb, truncateAll } from "../helpers/db_integration.ts"; import { permissions } from "$root/databases/schema.ts"; import { handler as rolesHandler } from "$apps/admin/api/roles.ts"; import { handler as roleHandler } from "$apps/admin/api/roles/[idRole].ts"; // --- GET /roles --- Deno.test({ name: "e2e roles: GET /roles returns all with permissions", async fn() { await truncateAll(); await seedRoles([{ nom: "admin" }, { nom: "employee" }]); const res = await rolesHandler.GET!( makeGetRequest("/roles"), makeEmployeeContext(), ); assertEquals(res.status, 200); const body = await res.json(); assertEquals(body.length, 2); assertExists(body[0].permissions); assertEquals(Array.isArray(body[0].permissions), true); }, sanitizeResources: false, sanitizeOps: false, }); // --- POST /roles --- Deno.test({ name: "e2e roles: POST /roles creates role (201)", async fn() { await truncateAll(); const res = await rolesHandler.POST!( makeJsonRequest("/roles", "POST", { nom: "viewer" }), makeEmployeeContext(), ); assertEquals(res.status, 201); const body = await res.json(); assertExists(body.id); assertEquals(body.nom, "viewer"); assertEquals(body.permissions, []); }, sanitizeResources: false, sanitizeOps: false, }); Deno.test({ name: "e2e roles: POST /roles 400 on missing nom", async fn() { await truncateAll(); const res = await rolesHandler.POST!( makeJsonRequest("/roles", "POST", {}), makeEmployeeContext(), ); assertEquals(res.status, 400); }, sanitizeResources: false, sanitizeOps: false, }); // --- GET /roles/:id --- Deno.test({ name: "e2e roles: GET /roles/:id returns role with permissions", async fn() { await truncateAll(); const [role] = await seedRoles([{ nom: "admin" }]); await testDb.insert(permissions).values([ { id: "student_read", nom: "Consulter les élèves" }, ]); const res = await roleHandler.GET!( makeGetRequest(`/roles/${role.id}`), makeEmployeeContext({ idRole: String(role.id) }), ); assertEquals(res.status, 200); const body = await res.json(); assertEquals(body.nom, "admin"); assertEquals(Array.isArray(body.permissions), true); }, sanitizeResources: false, sanitizeOps: false, }); Deno.test({ name: "e2e roles: GET /roles/:id 404 when not found", async fn() { await truncateAll(); const res = await roleHandler.GET!( makeGetRequest("/roles/9999"), makeEmployeeContext({ idRole: "9999" }), ); assertEquals(res.status, 404); }, sanitizeResources: false, sanitizeOps: false, }); // --- PUT /roles/:id --- Deno.test({ name: "e2e roles: PUT /roles/:id updates nom and permissions", async fn() { await truncateAll(); const [role] = await seedRoles([{ nom: "employee" }]); await testDb.insert(permissions).values([ { id: "note_read", nom: "Consulter les notes" }, ]); const res = await roleHandler.PUT!( makeJsonRequest(`/roles/${role.id}`, "PUT", { nom: "teacher", permissions: ["note_read"], }), makeEmployeeContext({ idRole: String(role.id) }), ); assertEquals(res.status, 200); const body = await res.json(); assertEquals(body.nom, "teacher"); assertEquals(body.permissions, ["note_read"]); }, sanitizeResources: false, sanitizeOps: false, }); Deno.test({ name: "e2e roles: PUT /roles/:id 404 when not found", async fn() { await truncateAll(); const res = await roleHandler.PUT!( makeJsonRequest("/roles/9999", "PUT", { nom: "ghost", permissions: [] }), makeEmployeeContext({ idRole: "9999" }), ); assertEquals(res.status, 404); }, sanitizeResources: false, sanitizeOps: false, }); // --- DELETE /roles/:id --- Deno.test({ name: "e2e roles: DELETE /roles/:id returns 204", async fn() { await truncateAll(); const [role] = await seedRoles([{ nom: "moderator" }]); const res = await roleHandler.DELETE!( makeGetRequest(`/roles/${role.id}`), makeEmployeeContext({ idRole: String(role.id) }), ); assertEquals(res.status, 204); }, sanitizeResources: false, sanitizeOps: false, }); Deno.test({ name: "e2e roles: DELETE /roles/:id 404 when not found", async fn() { await truncateAll(); const res = await roleHandler.DELETE!( makeGetRequest("/roles/9999"), makeEmployeeContext({ idRole: "9999" }), ); assertEquals(res.status, 404); }, sanitizeResources: false, sanitizeOps: false, });