Skip to content

Commit

Permalink
chore: topics/k1ch/admin-post-personas-permissions/ API and DB tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@k1ch
k1ch committed Dec 29, 2023
1 parent d1b0df0 commit 832c203
Show file tree
Hide file tree
Showing 2 changed files with 125 additions and 9 deletions.
50 changes: 47 additions & 3 deletions database/test/db-admin-persona.test.js
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
const { describe, it } = require('mocha')
const { describe, it, before, after, afterEach } = require('mocha')
const assert = require('assert')
const adminPersonas = require('../layer/admin-persona.js')
const { usherDb } = require('../layer/knex')
Expand Down Expand Up @@ -54,7 +54,7 @@ describe('Admin persona view', () => {
})

describe('Test GET personas', () => {
const invalidPersonaKey = 0;
const invalidPersonaKey = 0
it('Should return a valid persona', async () => {
const persona = await adminPersonas.getPersona(1)
assert.strictEqual(persona.key, 1)
Expand All @@ -66,7 +66,7 @@ describe('Admin persona view', () => {
})

describe('Test GET personas permissions', () => {
const invalidPersonaKey = 0;
const invalidPersonaKey = 0
it('Should return an array of permissions for the persona', async function () {
const { personakey } = await usherDb('personapermissions').select('*').first() || {}
if (!personakey) {
Expand All @@ -80,4 +80,48 @@ describe('Admin persona view', () => {
assert.equal(personaPermissions.length, 0)
})
})

describe('Test Insert personas permissions', () => {
let testPersonaKey
let validPermissionKey
const invalidPersonaKey = 0
before(async () => {
const { key: permissionKey } = await usherDb('permissions').select('key').first()
validPermissionKey = permissionKey
const { key: tenantkey } = await usherDb('tenants').select('key').first()
const [persona] = await usherDb('personas').insert({ tenantkey, sub_claim: 'personapermission@test' }).returning('key')
testPersonaKey = persona.key
})

it('Should return an array of inserted personapermissions records', async () => {
const personaPermissions = await adminPersonas.insertPersonaPermissions(testPersonaKey, [validPermissionKey])
assert.equal(personaPermissions.length, 1)
assert.equal(personaPermissions[0].personakey, testPersonaKey)
assert.equal(personaPermissions[0].permissionkey, validPermissionKey)
})

it('Should fail due to invalid persona key', async () => {
try {
await adminPersonas.insertPersonaPermissions(invalidPersonaKey, [validPermissionKey])
} catch (err) {
assert.equal(!!err, true)
}
})

it('Should fail due to duplicate permission', async () => {
try {
await adminPersonas.insertPersonaPermissions(testPersonaKey, [validPermissionKey, validPermissionKey])
} catch (err) {
assert.equal(!!err, true)
}
})

afterEach(async () => {
await usherDb('personapermissions').where({ personakey: testPersonaKey }).del()
})

after(async () => {
await usherDb('personas').where({ key: testPersonaKey }).del()
})
})
})
84 changes: 78 additions & 6 deletions server/test/endpoint_admin_personas_permissions.test.js
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
const { describe, it, before } = require('mocha')
const { describe, it, before, after, afterEach } = require('mocha')
const fetch = require('node-fetch')
const assert = require('assert')

Expand All @@ -9,20 +9,22 @@ const { usherDb } = require('../../database/layer/knex')

describe('Admin Personas Permissions', () => {
let requestHeaders
let testPersonaKey
const url = `${getServerUrl()}`
const invalidPersona = 0

before(async () => {
const adminAccessToken = await getAdmin1IdPToken()
requestHeaders = {
'Content-Type': 'application/json',
Authorization: `Bearer ${adminAccessToken}`,
}
const { key: tenantkey } = await usherDb('tenants').select('key').first()
const [persona] = await usherDb('personas').insert({ tenantkey, sub_claim: 'personapermission@test' }).returning('key')
testPersonaKey = persona.key
})

describe('GET:/personas/{persona_key}/permissions', () => {
const invalidPersona = 0;
const validPersonaWithNoPermissions = 1

it('should return 200 and a list of permissions for the persona', async function () {
const { personakey } = await usherDb('personapermissions').select('*').first() || {}
if (!personakey) {
Expand All @@ -38,7 +40,7 @@ describe('Admin Personas Permissions', () => {
})

it('should return 200 and an empty array', async () => {
const response = await fetch(`${url}/personas/${validPersonaWithNoPermissions}/permissions`, {
const response = await fetch(`${url}/personas/${testPersonaKey}/permissions`, {
method: 'GET',
headers: requestHeaders,
})
Expand All @@ -57,7 +59,7 @@ describe('Admin Personas Permissions', () => {

it('should return 401 due to lack of proper token', async () => {
const userAccessToken = await getTestUser1IdPToken()
const response = await fetch(`${url}/personas/${validPersonaWithNoPermissions}/permissions`, {
const response = await fetch(`${url}/personas/${testPersonaKey}/permissions`, {
method: 'GET',
headers: {
...requestHeaders,
Expand All @@ -67,4 +69,74 @@ describe('Admin Personas Permissions', () => {
assert.equal(response.status, 401)
})
})

describe('POST:/personas/{persona_key}/permissions', () => {
let validPermissionKey
const postPersonasPermissions = async (requestPayload, header = requestHeaders, personaKey = testPersonaKey) => {
return await fetch(`${url}/personas/${personaKey}/permissions`, {
method: 'POST',
headers: header,
body: JSON.stringify(requestPayload)
})
}

before(async () => {
const { key: permissionKey } = await usherDb('permissions').select('key').first()
validPermissionKey = permissionKey
})

it('should return 201, empty response body, and Location header to get all the persona permissions', async () => {
const response = await postPersonasPermissions([validPermissionKey])
assert.equal(response.status, 201)
assert.equal(response.headers.get('Location'), response.url)
const responseBody = await response.text()
assert.equal(responseBody, '')
})

it('should return 400, for four different invalid request payloads', async () => {
const [emptyBodyResponse, invalidBodyResponse, invalidPermissionResponse, nonUniquePermissionsResponse] = await Promise.all(
[
postPersonasPermissions(),
postPersonasPermissions({}),
postPersonasPermissions([0]),
postPersonasPermissions([validPermissionKey, validPermissionKey])
]
)
assert.equal([
emptyBodyResponse.status,
invalidBodyResponse.status,
invalidPermissionResponse.status,
nonUniquePermissionsResponse.status].every((status) => status === 400), true)
})

it('should return 401, unauthorized token', async () => {
const userAccessToken = await getTestUser1IdPToken()
const response = await postPersonasPermissions(
[validPermissionKey],
{
...requestHeaders,
Authorization: `Bearer ${userAccessToken}`
})
assert.equal(response.status, 401)
})

it('should return 404, fail to create persona permissions for an invalid persona', async () => {
const response = await postPersonasPermissions([validPermissionKey], requestHeaders, invalidPersona)
assert.equal(response.status, 404)
})

it('should return 409, fail to create persona permissions due to duplication', async () => {
await usherDb('personapermissions').insert({ personakey: testPersonaKey, permissionkey: validPermissionKey })
const response = await postPersonasPermissions([validPermissionKey])
assert.equal(response.status, 409)
})

afterEach(async () => {
await usherDb('personapermissions').where({ personakey: testPersonaKey }).del()
})
})

after(async () => {
await usherDb('personas').where({ key: testPersonaKey }).del()
})
})

0 comments on commit 832c203

Please sign in to comment.