chore: k1ch / introduce test for GET:/permissions

server/test/endpoint_permissions.test.js

@@ -0,0 +1,85 @@
+const { describe, it } = require('mocha')
+const fetch = require('node-fetch')
+const assert = require('node:assert')
+const { usherDb } = require('database/layer/knex')
+const { getAdmin1IdPToken, getTestUser1IdPToken } = require('./lib/tokens')
+const { getServerUrl } = require('./lib/urls')
+
+describe('Admin Roles API Tests', () => {
+  const url = getServerUrl()
+  let requestHeaders
+  before(async () => {
+    const adminAccessToken = await getAdmin1IdPToken()
+    requestHeaders = {
+      'Content-Type': 'application/json',
+      Authorization: `Bearer ${adminAccessToken}`,
+    }
+  })
+
+  describe('GET:/permissions', () => {
+    /**
+     * GET /permissions
+     * HTTP request to retrieve a list of permissions
+     *
+     * @param {string} query - The query params to be added to the URL (E.g. ?name=value1&client_id=value2&client_key=value3)
+     * @param {Object} header - The request headers
+     * @returns {Promise<fetch.response>} - A Promise which resolves to fetch.response
+     */
+    const getPermissions = async (query = '', header = requestHeaders) => {
+      return await fetch(`${url}/permissions${query}`, {
+        method: 'GET',
+        headers: header,
+      })
+    }
+
+    it('should return 200, return all the permissions', async () => {
+      const { count: totalCount } = await usherDb('permissions').count('*').first()
+      const response = await getPermissions()
+      assert.equal(response.status, 200)
+      const permissions = await response.json()
+      assert.equal(permissions.length, Number(totalCount))
+    })
+
+    it('should return 200, return all the permissions for a client', async () => {
+      const { client_id: validClientId, key: validClientKey } = await usherDb('clients').select('*').first()
+      const { count: totalCount } = await usherDb('permissions').where({ clientkey: validClientKey }).count('*').first()
+      const response = await getPermissions(`?client_id=${validClientId}`)
+      assert.equal(response.status, 200)
+      const permissions = await response.json()
+      assert.equal(permissions.length, Number(totalCount))
+      assert.equal(permissions[0]['client_id'], validClientId)
+    })
+
+    it('should return 200, return a permission with two filter parameters', async () => {
+      const validPermission = await usherDb('permissions').select('*').first()
+      const { clientkey, name } = validPermission
+      const response = await getPermissions(`?client_key=${clientkey}&name=${name}`)
+      assert.equal(response.status, 200)
+      const permissions = await response.json()
+      assert.ok(permissions.every(permission => permission.clientkey === clientkey))
+      assert.ok(permissions.every(permission => permission.name === name))
+    })
+
+    it('should return 200, return empty array for invalid client_id', async () => {
+      const response = await getPermissions('?client_id=invalid')
+      assert.equal(response.status, 200)
+      const permissions = await response.json()
+      assert.equal(permissions.length, 0)
+    })
+
+    it('should return 400, due to invalid query param', async () => {
+      const response = await getPermissions('?client_key=string,')
+      assert.equal(response.status, 400)
+    })
+
+    it('should return 401, unauthorized token', async () => {
+      const userAccessToken = await getTestUser1IdPToken()
+      const response = await getPermissions('',
+        {
+          ...requestHeaders,
+          Authorization: `Bearer ${userAccessToken}`
+        })
+      assert.equal(response.status, 401)
+    })
+  })
+})