sasjs/server
1
0
Fork 0
mirror of https://github.com/sasjs/server.git synced 2026-01-15 18:00:05 +00:00
Code Issues Projects Releases Wiki Activity

chore: add specs

Browse Source
This commit is contained in:
Sabir Hassan
2022-06-28 06:50:35 +05:00
parent ca64c13909
commit 66a3537271
2 changed files with 93 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

100
api/src/routes/api/spec/permission.spec.ts
View File

@@ -192,7 +192,69 @@ describe('permission', () => {
expect(res.body).toEqual({}) expect(res.body).toEqual({})
}) })
it('should respond with not found (404) if user is not found', async () => { it('should respond with Bad Request if principal type is not valid', async () => {
const res = await request(app)
.post('/SASjsApi/permission')
.auth(adminAccessToken, { type: 'bearer' })
.send({
...permission,
principalType: 'invalid'
})
.expect(400)
expect(res.text).toEqual('"principalType" must be one of [user, group]')
expect(res.body).toEqual({})
})
it('should respond with Bad Request if setting is not valid', async () => {
const res = await request(app)
.post('/SASjsApi/permission')
.auth(adminAccessToken, { type: 'bearer' })
.send({
...permission,
setting: 'invalid'
})
.expect(400)
expect(res.text).toEqual('"setting" must be one of [Grant, Deny]')
expect(res.body).toEqual({})
})
it('should respond with Bad Request if principalId is not a number', async () => {
const res = await request(app)
.post('/SASjsApi/permission')
.auth(adminAccessToken, { type: 'bearer' })
.send({
...permission,
principalId: 'someCharacters'
})
.expect(400)
expect(res.text).toEqual('"principalId" must be a number')
expect(res.body).toEqual({})
})
it('should respond with Bad Request if adding permission for admin user', async () => {
const adminUser = await userController.createUser({
...user,
username: 'adminUser',
isAdmin: true
})
const res = await request(app)
.post('/SASjsApi/permission')
.auth(adminAccessToken, { type: 'bearer' })
.send({
...permission,
principalId: adminUser.id
})
.expect(400)
expect(res.text).toEqual('Can not add permission for admin user.')
expect(res.body).toEqual({})
})
it('should respond with Not Found (404) if user is not found', async () => {
const res = await request(app) const res = await request(app)
.post('/SASjsApi/permission') .post('/SASjsApi/permission')
.auth(adminAccessToken, { type: 'bearer' }) .auth(adminAccessToken, { type: 'bearer' })
@@ -206,7 +268,7 @@ describe('permission', () => {
expect(res.body).toEqual({}) expect(res.body).toEqual({})
}) })
it('should respond with not found (404) if group is not found', async () => { it('should respond with Not Found (404) if group is not found', async () => {
const res = await request(app) const res = await request(app)
.post('/SASjsApi/permission') .post('/SASjsApi/permission')
.auth(adminAccessToken, { type: 'bearer' }) .auth(adminAccessToken, { type: 'bearer' })
@@ -220,17 +282,21 @@ describe('permission', () => {
expect(res.body).toEqual({}) expect(res.body).toEqual({})
}) })
it('should respond with Bad Request if principal type is not valid', async () => { it('should respond with Conflict (409) if permission already exists', async () => {
await permissionController.createPermission({
...permission,
principalId: dbUser.id
})
const res = await request(app) const res = await request(app)
.post('/SASjsApi/permission') .post('/SASjsApi/permission')
.auth(adminAccessToken, { type: 'bearer' }) .auth(adminAccessToken, { type: 'bearer' })
.send({ .send({ ...permission, principalId: dbUser.id })
...permission, .expect(409)
principalType: 'invalid'
})
.expect(400)
expect(res.text).toEqual('"principalType" must be one of [user, group]') expect(res.text).toEqual(
'Permission already exists with provided URI and User.'
)
expect(res.body).toEqual({}) expect(res.body).toEqual({})
}) })
}) })
@@ -295,12 +361,26 @@ describe('permission', () => {
expect(res.body).toEqual({}) expect(res.body).toEqual({})
}) })
it('should respond with Bad Request if setting is not valid', async () => {
const res = await request(app)
.post('/SASjsApi/permission')
.auth(adminAccessToken, { type: 'bearer' })
.send({
...permission,
setting: 'invalid'
})
.expect(400)
expect(res.text).toEqual('"setting" must be one of [Grant, Deny]')
expect(res.body).toEqual({})
})
it('should respond with not found (404) if permission with provided id does not exists', async () => { it('should respond with not found (404) if permission with provided id does not exists', async () => {
const res = await request(app) const res = await request(app)
.patch('/SASjsApi/permission/123') .patch('/SASjsApi/permission/123')
.auth(adminAccessToken, { type: 'bearer' }) .auth(adminAccessToken, { type: 'bearer' })
.send({ .send({
setting: 'deny' setting: PermissionSetting.deny
}) })
.expect(404) .expect(404)

4
api/src/utils/validation.ts
View File

@@ -101,7 +101,9 @@ export const registerPermissionValidation = (data: any): Joi.ValidationResult =>
export const updatePermissionValidation = (data: any): Joi.ValidationResult => export const updatePermissionValidation = (data: any): Joi.ValidationResult =>
Joi.object({ Joi.object({
setting: Joi.string().required() setting: Joi.string()
.required()
.valid(...Object.values(PermissionSetting))
}).validate(data) }).validate(data)
export const deployValidation = (data: any): Joi.ValidationResult => export const deployValidation = (data: any): Joi.ValidationResult =>