djalim
30486d7b48
- unit: fixture shapes, mock API (GET/POST/PUT/DELETE), mock DB CRUD - integration: list, create, assign permissions, update, reset perms, delete - e2e: handler calls with mock context + real DB, covers 400/404 cases
173 lines
4.7 KiB
TypeScript
173 lines
4.7 KiB
TypeScript
// #112 - E2E tests for /roles endpoints
|
|
|
|
import { assertEquals, assertExists } from "@std/assert";
|
|
import {
|
|
makeEmployeeContext,
|
|
makeGetRequest,
|
|
makeJsonRequest,
|
|
} from "../helpers/handler.ts";
|
|
import { seedRoles, testDb, truncateAll } from "../helpers/db_integration.ts";
|
|
import { permissions } from "$root/databases/schema.ts";
|
|
import { handler as rolesHandler } from "$apps/admin/api/roles.ts";
|
|
import { handler as roleHandler } from "$apps/admin/api/roles/[idRole].ts";
|
|
|
|
// --- GET /roles ---
|
|
|
|
Deno.test({
|
|
name: "e2e roles: GET /roles returns all with permissions",
|
|
async fn() {
|
|
await truncateAll();
|
|
await seedRoles([{ nom: "admin" }, { nom: "employee" }]);
|
|
const res = await rolesHandler.GET!(makeGetRequest("/roles"), makeEmployeeContext());
|
|
assertEquals(res.status, 200);
|
|
const body = await res.json();
|
|
assertEquals(body.length, 2);
|
|
assertExists(body[0].permissions);
|
|
assertEquals(Array.isArray(body[0].permissions), true);
|
|
},
|
|
sanitizeResources: false,
|
|
sanitizeOps: false,
|
|
});
|
|
|
|
// --- POST /roles ---
|
|
|
|
Deno.test({
|
|
name: "e2e roles: POST /roles creates role (201)",
|
|
async fn() {
|
|
await truncateAll();
|
|
const res = await rolesHandler.POST!(
|
|
makeJsonRequest("/roles", "POST", { nom: "viewer" }),
|
|
makeEmployeeContext(),
|
|
);
|
|
assertEquals(res.status, 201);
|
|
const body = await res.json();
|
|
assertExists(body.id);
|
|
assertEquals(body.nom, "viewer");
|
|
assertEquals(body.permissions, []);
|
|
},
|
|
sanitizeResources: false,
|
|
sanitizeOps: false,
|
|
});
|
|
|
|
Deno.test({
|
|
name: "e2e roles: POST /roles 400 on missing nom",
|
|
async fn() {
|
|
await truncateAll();
|
|
const res = await rolesHandler.POST!(
|
|
makeJsonRequest("/roles", "POST", {}),
|
|
makeEmployeeContext(),
|
|
);
|
|
assertEquals(res.status, 400);
|
|
},
|
|
sanitizeResources: false,
|
|
sanitizeOps: false,
|
|
});
|
|
|
|
// --- GET /roles/:id ---
|
|
|
|
Deno.test({
|
|
name: "e2e roles: GET /roles/:id returns role with permissions",
|
|
async fn() {
|
|
await truncateAll();
|
|
const [role] = await seedRoles([{ nom: "admin" }]);
|
|
await testDb.insert(permissions).values([
|
|
{ id: "student_read", nom: "Consulter les élèves" },
|
|
]);
|
|
const res = await roleHandler.GET!(
|
|
makeGetRequest(`/roles/${role.id}`),
|
|
makeEmployeeContext({ idRole: String(role.id) }),
|
|
);
|
|
assertEquals(res.status, 200);
|
|
const body = await res.json();
|
|
assertEquals(body.nom, "admin");
|
|
assertEquals(Array.isArray(body.permissions), true);
|
|
},
|
|
sanitizeResources: false,
|
|
sanitizeOps: false,
|
|
});
|
|
|
|
Deno.test({
|
|
name: "e2e roles: GET /roles/:id 404 when not found",
|
|
async fn() {
|
|
await truncateAll();
|
|
const res = await roleHandler.GET!(
|
|
makeGetRequest("/roles/9999"),
|
|
makeEmployeeContext({ idRole: "9999" }),
|
|
);
|
|
assertEquals(res.status, 404);
|
|
},
|
|
sanitizeResources: false,
|
|
sanitizeOps: false,
|
|
});
|
|
|
|
// --- PUT /roles/:id ---
|
|
|
|
Deno.test({
|
|
name: "e2e roles: PUT /roles/:id updates nom and permissions",
|
|
async fn() {
|
|
await truncateAll();
|
|
const [role] = await seedRoles([{ nom: "employee" }]);
|
|
await testDb.insert(permissions).values([
|
|
{ id: "note_read", nom: "Consulter les notes" },
|
|
]);
|
|
const res = await roleHandler.PUT!(
|
|
makeJsonRequest(`/roles/${role.id}`, "PUT", {
|
|
nom: "teacher",
|
|
permissions: ["note_read"],
|
|
}),
|
|
makeEmployeeContext({ idRole: String(role.id) }),
|
|
);
|
|
assertEquals(res.status, 200);
|
|
const body = await res.json();
|
|
assertEquals(body.nom, "teacher");
|
|
assertEquals(body.permissions, ["note_read"]);
|
|
},
|
|
sanitizeResources: false,
|
|
sanitizeOps: false,
|
|
});
|
|
|
|
Deno.test({
|
|
name: "e2e roles: PUT /roles/:id 404 when not found",
|
|
async fn() {
|
|
await truncateAll();
|
|
const res = await roleHandler.PUT!(
|
|
makeJsonRequest("/roles/9999", "PUT", { nom: "ghost", permissions: [] }),
|
|
makeEmployeeContext({ idRole: "9999" }),
|
|
);
|
|
assertEquals(res.status, 404);
|
|
},
|
|
sanitizeResources: false,
|
|
sanitizeOps: false,
|
|
});
|
|
|
|
// --- DELETE /roles/:id ---
|
|
|
|
Deno.test({
|
|
name: "e2e roles: DELETE /roles/:id returns 204",
|
|
async fn() {
|
|
await truncateAll();
|
|
const [role] = await seedRoles([{ nom: "moderator" }]);
|
|
const res = await roleHandler.DELETE!(
|
|
makeGetRequest(`/roles/${role.id}`),
|
|
makeEmployeeContext({ idRole: String(role.id) }),
|
|
);
|
|
assertEquals(res.status, 204);
|
|
},
|
|
sanitizeResources: false,
|
|
sanitizeOps: false,
|
|
});
|
|
|
|
Deno.test({
|
|
name: "e2e roles: DELETE /roles/:id 404 when not found",
|
|
async fn() {
|
|
await truncateAll();
|
|
const res = await roleHandler.DELETE!(
|
|
makeGetRequest("/roles/9999"),
|
|
makeEmployeeContext({ idRole: "9999" }),
|
|
);
|
|
assertEquals(res.status, 404);
|
|
},
|
|
sanitizeResources: false,
|
|
sanitizeOps: false,
|
|
});
|