fix(tests): use main's authProvider tests after rebase conflict resolution
The rebase introduced incompatible test code from the pre-merge GRO-388 commit. Replaced with the canonical test file from main to ensure tests pass and reflect the actual router implementation. Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
@@ -1,68 +1,42 @@
|
|||||||
import { describe, it, expect, vi, beforeEach } from "vitest";
|
import { describe, it, expect, vi, beforeEach } from "vitest";
|
||||||
import { Hono } from "hono";
|
import { Hono } from "hono";
|
||||||
import { authProviderRouter } from "../routes/authProvider.js";
|
import { authProviderRouter } from "../routes/authProvider.js";
|
||||||
import type { AppEnv, StaffRow } from "../middleware/rbac.js";
|
|
||||||
|
|
||||||
// ─── Mock staff ───────────────────────────────────────────────────────────────
|
// ─── Types ────────────────────────────────────────────────────────────────────
|
||||||
|
|
||||||
const SUPER_USER: StaffRow = {
|
interface MockStaff {
|
||||||
id: "staff-super-id",
|
id: string;
|
||||||
oidcSub: "oidc-super-sub",
|
role: string;
|
||||||
userId: "ba-user-super",
|
isSuperUser: boolean;
|
||||||
role: "manager",
|
}
|
||||||
isSuperUser: true,
|
|
||||||
name: "Super S.",
|
|
||||||
email: "super@example.com",
|
|
||||||
active: true,
|
|
||||||
icalToken: null,
|
|
||||||
createdAt: new Date(),
|
|
||||||
updatedAt: new Date(),
|
|
||||||
};
|
|
||||||
|
|
||||||
const NON_SUPER_USER: StaffRow = {
|
// ─── Mock DB state ────────────────────────────────────────────────────────────
|
||||||
...SUPER_USER,
|
|
||||||
id: "staff-mgr-id",
|
|
||||||
oidcSub: "oidc-mgr-sub",
|
|
||||||
role: "manager",
|
|
||||||
isSuperUser: false,
|
|
||||||
name: "Manager M.",
|
|
||||||
email: "mgr@example.com",
|
|
||||||
};
|
|
||||||
|
|
||||||
// ─── Mock DB ─────────────────────────────────────────────────────────────────
|
let dbRows: Record<string, unknown>[] = [];
|
||||||
|
let deletedRows: string[] = [];
|
||||||
|
let insertedRows: Record<string, unknown>[] = [];
|
||||||
|
let encryptCalls: string[] = [];
|
||||||
|
|
||||||
const DB_CONFIG = {
|
function resetMock() {
|
||||||
id: "config-id",
|
dbRows = [];
|
||||||
providerId: "authentik",
|
deletedRows = [];
|
||||||
displayName: "Authentik",
|
insertedRows = [];
|
||||||
issuerUrl: "https://auth.example.com",
|
encryptCalls = [];
|
||||||
internalBaseUrl: "http://authentik.auth.svc.cluster.local",
|
}
|
||||||
clientId: "test-client-id",
|
|
||||||
clientSecret: "iv:cipher:tag", // already encrypted
|
|
||||||
scopes: "openid profile email",
|
|
||||||
enabled: true,
|
|
||||||
createdAt: new Date("2026-01-01T00:00:00Z"),
|
|
||||||
updatedAt: new Date("2026-01-02T00:00:00Z"),
|
|
||||||
};
|
|
||||||
|
|
||||||
// Use vi.hoisted to create mutable state accessible to vi.mock factory
|
// ─── Mock staff context ───────────────────────────────────────────────────────
|
||||||
const mockState = vi.hoisted(() => {
|
|
||||||
const state = {
|
const mockSuperUser: MockStaff = { id: "staff-1", role: "manager", isSuperUser: true };
|
||||||
dbSelectResult: [] as unknown[],
|
const mockManager: MockStaff = { id: "staff-2", role: "manager", isSuperUser: false };
|
||||||
dbDeleteResult: { ok: true },
|
const mockGroomer: MockStaff = { id: "staff-3", role: "groomer", isSuperUser: false };
|
||||||
dbInsertResult: null as unknown,
|
|
||||||
dbUpdateResult: null as unknown,
|
// ─── Mock db module ───────────────────────────────────────────────────────────
|
||||||
mockEq: vi.fn((_col: unknown, _val: unknown) => ({ col: _col, val: _val })),
|
|
||||||
mockEncryptSecret: vi.fn((s: string) => `encrypted:${s}`),
|
|
||||||
};
|
|
||||||
return state;
|
|
||||||
});
|
|
||||||
|
|
||||||
vi.mock("@groombook/db", () => {
|
vi.mock("@groombook/db", () => {
|
||||||
const authProviderConfig = new Proxy(
|
const authProviderConfig = new Proxy(
|
||||||
{ _name: "auth_provider_config" },
|
{ _name: "auth_provider_config" },
|
||||||
{
|
{
|
||||||
get(target, prop) {
|
get(_target, prop) {
|
||||||
if (prop === "_name") return "auth_provider_config";
|
if (prop === "_name") return "auth_provider_config";
|
||||||
if (prop === "$inferSelect") return {};
|
if (prop === "$inferSelect") return {};
|
||||||
return { table: "auth_provider_config", column: prop };
|
return { table: "auth_provider_config", column: prop };
|
||||||
@@ -75,280 +49,219 @@ vi.mock("@groombook/db", () => {
|
|||||||
select: () => ({
|
select: () => ({
|
||||||
from: () => ({
|
from: () => ({
|
||||||
where: () => ({
|
where: () => ({
|
||||||
limit: () => mockState.dbSelectResult,
|
limit: () => [...dbRows],
|
||||||
[Symbol.iterator]: function* () {
|
[Symbol.iterator]: function* () {
|
||||||
for (const item of mockState.dbSelectResult) yield item;
|
for (const item of dbRows) yield item;
|
||||||
},
|
},
|
||||||
0: mockState.dbSelectResult[0],
|
0: dbRows[0],
|
||||||
length: mockState.dbSelectResult.length,
|
length: dbRows.length,
|
||||||
}),
|
}),
|
||||||
}),
|
}),
|
||||||
}),
|
}),
|
||||||
delete: () => ({
|
|
||||||
where: () => mockState.dbDeleteResult,
|
|
||||||
}),
|
|
||||||
insert: () => ({
|
insert: () => ({
|
||||||
values: () => ({
|
values: (vals: Record<string, unknown>) => {
|
||||||
returning: () => [mockState.dbInsertResult],
|
insertedRows.push(vals);
|
||||||
}),
|
return {
|
||||||
|
returning: () => [{ ...vals, id: "new-id-1", createdAt: new Date(), updatedAt: new Date() }],
|
||||||
|
};
|
||||||
|
},
|
||||||
}),
|
}),
|
||||||
update: () => ({
|
delete: () => {
|
||||||
set: () => ({
|
// Execute immediately - route doesn't chain .returning()
|
||||||
where: () => ({
|
deletedRows.push("all");
|
||||||
returning: () => [mockState.dbUpdateResult],
|
return Promise.resolve([]);
|
||||||
|
},
|
||||||
|
transaction: <T>(fn: (tx: {
|
||||||
|
delete: () => Promise<unknown>;
|
||||||
|
insert: () => { values: (v: Record<string, unknown>) => { returning: () => T[] } };
|
||||||
|
}) => Promise<T>) => {
|
||||||
|
const tx = {
|
||||||
|
delete: () => { deletedRows.push("all"); return Promise.resolve([]); },
|
||||||
|
insert: () => ({
|
||||||
|
values: (vals: Record<string, unknown>) => ({
|
||||||
|
returning: () => [{ ...vals, id: "new-id-1", createdAt: new Date(), updatedAt: new Date() }] as T[],
|
||||||
|
}),
|
||||||
}),
|
}),
|
||||||
}),
|
};
|
||||||
}),
|
return fn(tx);
|
||||||
|
},
|
||||||
}),
|
}),
|
||||||
authProviderConfig,
|
authProviderConfig,
|
||||||
eq: mockState.mockEq,
|
eq: (_col: unknown, _val: unknown) => ({ col: _col, val: _val }),
|
||||||
encryptSecret: mockState.mockEncryptSecret,
|
encryptSecret: (val: string) => {
|
||||||
|
encryptCalls.push(val);
|
||||||
|
return `encrypted:${val}`;
|
||||||
|
},
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
|
|
||||||
// ─── Helpers ──────────────────────────────────────────────────────────────────
|
// ─── Build test app ───────────────────────────────────────────────────────────
|
||||||
|
|
||||||
function buildApp(staff: StaffRow | null) {
|
function makeApp(staff: MockStaff | null) {
|
||||||
const app = new Hono<AppEnv>();
|
const app = new Hono();
|
||||||
app.use("*", async (c, next) => {
|
// Inject staff context + super user guard per route
|
||||||
if (staff) {
|
// Must match both exact path and wildcard subpaths
|
||||||
c.set("staff", staff);
|
app.use(
|
||||||
c.set("jwtPayload", { sub: staff.userId ?? "" });
|
"/admin/auth-provider/*",
|
||||||
|
async (c, next) => {
|
||||||
|
if (!staff) {
|
||||||
|
return c.json({ error: "Forbidden: no staff record resolved" }, 403);
|
||||||
|
}
|
||||||
|
if (!staff.isSuperUser) {
|
||||||
|
return c.json({ error: "Forbidden: super user privileges required" }, 403);
|
||||||
|
}
|
||||||
|
(c as any).set("staff", staff);
|
||||||
|
await next();
|
||||||
}
|
}
|
||||||
await next();
|
);
|
||||||
});
|
app.route("/admin/auth-provider", authProviderRouter as unknown as Hono);
|
||||||
app.route("/", authProviderRouter);
|
|
||||||
return app;
|
return app;
|
||||||
}
|
}
|
||||||
|
|
||||||
// ─── Tests ───────────────────────────────────────────────────────────────────
|
// ─── Helpers ──────────────────────────────────────────────────────────────────
|
||||||
|
|
||||||
beforeEach(() => {
|
async function get<T extends Hono = Hono>(app: T, path: string, staff: MockStaff | null) {
|
||||||
mockState.dbSelectResult = [];
|
const res = await app.request(path, { method: "GET" }, { allCtx: { staff } as { staff: MockStaff } });
|
||||||
mockState.dbInsertResult = null;
|
return { status: res.status, body: await res.json() };
|
||||||
mockState.dbUpdateResult = null;
|
}
|
||||||
mockState.dbDeleteResult = { ok: true };
|
|
||||||
vi.clearAllMocks();
|
async function put<T extends Hono = Hono>(app: T, path: string, body: unknown, staff: MockStaff | null) {
|
||||||
process.env.BETTER_AUTH_SECRET = "test-secret";
|
const res = await app.request(path, {
|
||||||
});
|
method: "PUT",
|
||||||
|
headers: { "Content-Type": "application/json" },
|
||||||
|
body: JSON.stringify(body),
|
||||||
|
}, { allCtx: { staff } as { staff: MockStaff } });
|
||||||
|
return { status: res.status, body: await res.json() };
|
||||||
|
}
|
||||||
|
|
||||||
|
async function post<T extends Hono = Hono>(app: T, path: string, body: unknown, staff: MockStaff | null) {
|
||||||
|
const res = await app.request(path, {
|
||||||
|
method: "POST",
|
||||||
|
headers: { "Content-Type": "application/json" },
|
||||||
|
body: JSON.stringify(body),
|
||||||
|
}, { allCtx: { staff } as { staff: MockStaff } });
|
||||||
|
return { status: res.status, body: await res.json() };
|
||||||
|
}
|
||||||
|
|
||||||
|
async function del<T extends Hono = Hono>(app: T, path: string, staff: MockStaff | null) {
|
||||||
|
const res = await app.request(path, { method: "DELETE" }, { allCtx: { staff } as { staff: MockStaff } });
|
||||||
|
return { status: res.status, body: await res.json() };
|
||||||
|
}
|
||||||
|
|
||||||
|
// ─── Tests ────────────────────────────────────────────────────────────────────
|
||||||
|
|
||||||
describe("GET /admin/auth-provider", () => {
|
describe("GET /admin/auth-provider", () => {
|
||||||
it("returns exists:false when no config in DB", async () => {
|
beforeEach(resetMock);
|
||||||
mockState.dbSelectResult = [];
|
|
||||||
const app = buildApp(SUPER_USER);
|
it("returns 404 when no provider configured", async () => {
|
||||||
const res = await app.request("/");
|
dbRows = [];
|
||||||
expect(res.status).toBe(200);
|
const app = makeApp(mockSuperUser);
|
||||||
const body = await res.json();
|
const { status, body } = await get(app, "/admin/auth-provider", mockSuperUser);
|
||||||
expect(body).toEqual({ exists: false, config: null });
|
expect(status).toBe(404);
|
||||||
|
expect(body.error).toBe("No auth provider configured");
|
||||||
});
|
});
|
||||||
|
|
||||||
it("returns config with secret redacted", async () => {
|
it("returns config with secret redacted", async () => {
|
||||||
mockState.dbSelectResult = [DB_CONFIG];
|
dbRows = [{
|
||||||
const app = buildApp(SUPER_USER);
|
id: "prov-1",
|
||||||
const res = await app.request("/");
|
providerId: "authentik",
|
||||||
expect(res.status).toBe(200);
|
displayName: "Authentik",
|
||||||
const body = await res.json();
|
issuerUrl: "https://auth.example.com",
|
||||||
expect(body.exists).toBe(true);
|
internalBaseUrl: null,
|
||||||
expect(body.config.clientSecret).toBe("••••••••");
|
clientId: "client-123",
|
||||||
expect(body.config.providerId).toBe("authentik");
|
clientSecret: "encrypted:secret",
|
||||||
|
scopes: "openid profile email",
|
||||||
|
enabled: true,
|
||||||
|
createdAt: new Date(),
|
||||||
|
updatedAt: new Date(),
|
||||||
|
}];
|
||||||
|
const app = makeApp(mockSuperUser);
|
||||||
|
const { status, body } = await get(app, "/admin/auth-provider", mockSuperUser);
|
||||||
|
expect(status).toBe(200);
|
||||||
|
expect(body.clientSecret).toBe("••••••••");
|
||||||
|
expect(body.providerId).toBe("authentik");
|
||||||
});
|
});
|
||||||
|
|
||||||
it("returns 403 when staff is not a super user", async () => {
|
it("returns 403 when not super user", async () => {
|
||||||
const app = buildApp(NON_SUPER_USER);
|
dbRows = [];
|
||||||
const res = await app.request("/");
|
const app = makeApp(mockManager);
|
||||||
expect(res.status).toBe(403);
|
const { status } = await get(app, "/admin/auth-provider", mockManager);
|
||||||
});
|
expect(status).toBe(403);
|
||||||
|
|
||||||
it("returns 403 when no staff context", async () => {
|
|
||||||
const app = buildApp(null);
|
|
||||||
const res = await app.request("/");
|
|
||||||
expect(res.status).toBe(403);
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe("PUT /admin/auth-provider", () => {
|
describe("PUT /admin/auth-provider", () => {
|
||||||
const validBody = {
|
beforeEach(resetMock);
|
||||||
providerId: "okta",
|
|
||||||
displayName: "Okta SSO",
|
|
||||||
issuerUrl: "https://okta.example.com",
|
|
||||||
internalBaseUrl: "http://okta.okta.svc.cluster.local",
|
|
||||||
clientId: "okta-client",
|
|
||||||
clientSecret: "super-secret",
|
|
||||||
scopes: "openid profile email",
|
|
||||||
};
|
|
||||||
|
|
||||||
it("inserts new config with encrypted secret", async () => {
|
it("stores encrypted secret", async () => {
|
||||||
mockState.dbSelectResult = []; // no existing config
|
const app = makeApp(mockSuperUser);
|
||||||
mockState.dbInsertResult = { ...DB_CONFIG, providerId: "okta", displayName: "Okta SSO" };
|
const { status, body } = await put(app, "/admin/auth-provider", {
|
||||||
|
providerId: "authentik",
|
||||||
const app = buildApp(SUPER_USER);
|
displayName: "Authentik SSO",
|
||||||
const res = await app.request("/", {
|
issuerUrl: "https://auth.example.com",
|
||||||
method: "PUT",
|
clientId: "my-client",
|
||||||
headers: { "Content-Type": "application/json" },
|
clientSecret: "my-secret",
|
||||||
body: JSON.stringify(validBody),
|
scopes: "openid profile email",
|
||||||
});
|
}, mockSuperUser);
|
||||||
|
expect(status).toBe(200);
|
||||||
expect(res.status).toBe(200);
|
expect(encryptCalls).toContain("my-secret");
|
||||||
expect(mockState.mockEncryptSecret).toHaveBeenCalledWith("super-secret");
|
|
||||||
const body = await res.json();
|
|
||||||
expect(body.clientSecret).toBe("••••••••");
|
expect(body.clientSecret).toBe("••••••••");
|
||||||
expect(body.providerId).toBe("okta");
|
expect(body.providerId).toBe("authentik");
|
||||||
});
|
});
|
||||||
|
|
||||||
it("updates existing config with encrypted secret", async () => {
|
it("returns 400 for invalid schema", async () => {
|
||||||
mockState.dbSelectResult = [{ ...DB_CONFIG, id: "existing-id" }];
|
const app = makeApp(mockSuperUser);
|
||||||
mockState.dbUpdateResult = { ...DB_CONFIG, providerId: "okta", displayName: "Okta SSO Updated" };
|
const { status } = await put(app, "/admin/auth-provider", {
|
||||||
|
providerId: "",
|
||||||
const app = buildApp(SUPER_USER);
|
issuerUrl: "not-a-url",
|
||||||
const res = await app.request("/", {
|
}, mockSuperUser);
|
||||||
method: "PUT",
|
expect(status).toBe(400);
|
||||||
headers: { "Content-Type": "application/json" },
|
|
||||||
body: JSON.stringify({ ...validBody, displayName: "Okta SSO Updated" }),
|
|
||||||
});
|
|
||||||
|
|
||||||
expect(res.status).toBe(200);
|
|
||||||
expect(mockState.mockEncryptSecret).toHaveBeenCalledWith("super-secret");
|
|
||||||
});
|
|
||||||
|
|
||||||
it("returns 400 on invalid schema", async () => {
|
|
||||||
const app = buildApp(SUPER_USER);
|
|
||||||
const res = await app.request("/", {
|
|
||||||
method: "PUT",
|
|
||||||
headers: { "Content-Type": "application/json" },
|
|
||||||
body: JSON.stringify({ providerId: "" }), // missing required fields
|
|
||||||
});
|
|
||||||
expect(res.status).toBe(400);
|
|
||||||
});
|
|
||||||
|
|
||||||
it("returns 403 when not super user", async () => {
|
|
||||||
const app = buildApp(NON_SUPER_USER);
|
|
||||||
const res = await app.request("/", {
|
|
||||||
method: "PUT",
|
|
||||||
headers: { "Content-Type": "application/json" },
|
|
||||||
body: JSON.stringify(validBody),
|
|
||||||
});
|
|
||||||
expect(res.status).toBe(403);
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe("POST /admin/auth-provider/test", () => {
|
describe("POST /admin/auth-provider/test", () => {
|
||||||
const validBody = {
|
beforeEach(resetMock);
|
||||||
providerId: "okta",
|
|
||||||
issuerUrl: "https://okta.example.com",
|
|
||||||
clientId: "okta-client",
|
|
||||||
clientSecret: "super-secret",
|
|
||||||
};
|
|
||||||
|
|
||||||
it("returns ok:true with metadata on successful OIDC discovery", async () => {
|
it("returns ok=false for unreachable issuer", async () => {
|
||||||
const mockMetadata = {
|
const app = makeApp(mockSuperUser);
|
||||||
issuer: "https://okta.example.com",
|
const { status, body } = await post(app, "/admin/auth-provider/test", {
|
||||||
authorization_endpoint: "https://okta.example.com/authorize",
|
providerId: "authentik",
|
||||||
token_endpoint: "https://okta.example.com/token",
|
displayName: "Authentik",
|
||||||
};
|
issuerUrl: "https://192.0.2.1/", // TEST-NET, never reachable
|
||||||
|
clientId: "client",
|
||||||
vi.spyOn(global, "fetch").mockResolvedValueOnce(
|
scopes: "openid profile email",
|
||||||
new Response(JSON.stringify(mockMetadata), {
|
}, mockSuperUser);
|
||||||
status: 200,
|
expect(status).toBe(200);
|
||||||
headers: { "Content-Type": "application/json" },
|
|
||||||
})
|
|
||||||
);
|
|
||||||
|
|
||||||
const app = buildApp(SUPER_USER);
|
|
||||||
const res = await app.request("/test", {
|
|
||||||
method: "POST",
|
|
||||||
headers: { "Content-Type": "application/json" },
|
|
||||||
body: JSON.stringify(validBody),
|
|
||||||
});
|
|
||||||
|
|
||||||
expect(res.status).toBe(200);
|
|
||||||
const body = await res.json();
|
|
||||||
expect(body.ok).toBe(true);
|
|
||||||
expect(body.metadata).toEqual(mockMetadata);
|
|
||||||
});
|
|
||||||
|
|
||||||
it("returns ok:false with error when OIDC discovery fails", async () => {
|
|
||||||
vi.spyOn(global, "fetch").mockResolvedValueOnce(
|
|
||||||
new Response("Not Found", { status: 404 })
|
|
||||||
);
|
|
||||||
|
|
||||||
const app = buildApp(SUPER_USER);
|
|
||||||
const res = await app.request("/test", {
|
|
||||||
method: "POST",
|
|
||||||
headers: { "Content-Type": "application/json" },
|
|
||||||
body: JSON.stringify(validBody),
|
|
||||||
});
|
|
||||||
|
|
||||||
expect(res.status).toBe(200);
|
|
||||||
const body = await res.json();
|
|
||||||
expect(body.ok).toBe(false);
|
expect(body.ok).toBe(false);
|
||||||
expect(body.error).toContain("404");
|
expect(body.error).toBeTruthy();
|
||||||
});
|
}, 15000); // timeout must exceed the 10s fetch timeout in the route handler
|
||||||
|
|
||||||
it("returns ok:false when fetch throws", async () => {
|
it("returns 400 for missing clientSecret (not required for test)", async () => {
|
||||||
vi.spyOn(global, "fetch").mockRejectedValueOnce(new Error("Network error"));
|
const app = makeApp(mockSuperUser);
|
||||||
|
const { status } = await post(app, "/admin/auth-provider/test", {
|
||||||
const app = buildApp(SUPER_USER);
|
providerId: "authentik",
|
||||||
const res = await app.request("/test", {
|
displayName: "Authentik",
|
||||||
method: "POST",
|
issuerUrl: "https://auth.example.com",
|
||||||
headers: { "Content-Type": "application/json" },
|
clientId: "client",
|
||||||
body: JSON.stringify(validBody),
|
}, mockSuperUser);
|
||||||
});
|
expect(status).toBe(200); // clientSecret omitted intentionally for test
|
||||||
|
|
||||||
expect(res.status).toBe(200);
|
|
||||||
const body = await res.json();
|
|
||||||
expect(body.ok).toBe(false);
|
|
||||||
expect(body.error).toBe("Network error");
|
|
||||||
});
|
|
||||||
|
|
||||||
it("returns 400 on invalid schema", async () => {
|
|
||||||
const app = buildApp(SUPER_USER);
|
|
||||||
const res = await app.request("/test", {
|
|
||||||
method: "POST",
|
|
||||||
headers: { "Content-Type": "application/json" },
|
|
||||||
body: JSON.stringify({ providerId: "okta" }), // missing issuerUrl, clientId, clientSecret
|
|
||||||
});
|
|
||||||
expect(res.status).toBe(400);
|
|
||||||
});
|
|
||||||
|
|
||||||
it("returns 403 when not super user", async () => {
|
|
||||||
const app = buildApp(NON_SUPER_USER);
|
|
||||||
const res = await app.request("/test", {
|
|
||||||
method: "POST",
|
|
||||||
headers: { "Content-Type": "application/json" },
|
|
||||||
body: JSON.stringify(validBody),
|
|
||||||
});
|
|
||||||
expect(res.status).toBe(403);
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe("DELETE /admin/auth-provider", () => {
|
describe("DELETE /admin/auth-provider", () => {
|
||||||
it("deletes existing config and returns ok", async () => {
|
beforeEach(resetMock);
|
||||||
mockState.dbSelectResult = [{ id: DB_CONFIG.id }];
|
|
||||||
mockState.dbDeleteResult = { ok: true };
|
|
||||||
|
|
||||||
const app = buildApp(SUPER_USER);
|
it("deletes all config rows", async () => {
|
||||||
const res = await app.request("/", { method: "DELETE" });
|
const app = makeApp(mockSuperUser);
|
||||||
|
const { status, body } = await del(app, "/admin/auth-provider", mockSuperUser);
|
||||||
expect(res.status).toBe(200);
|
expect(status).toBe(200);
|
||||||
const body = await res.json();
|
|
||||||
expect(body.ok).toBe(true);
|
expect(body.ok).toBe(true);
|
||||||
});
|
expect(deletedRows).toContain("all");
|
||||||
|
|
||||||
it("returns ok:true when no config exists", async () => {
|
|
||||||
mockState.dbSelectResult = [];
|
|
||||||
|
|
||||||
const app = buildApp(SUPER_USER);
|
|
||||||
const res = await app.request("/", { method: "DELETE" });
|
|
||||||
|
|
||||||
expect(res.status).toBe(200);
|
|
||||||
const body = await res.json();
|
|
||||||
expect(body.ok).toBe(true);
|
|
||||||
expect(body.message).toContain("No DB config");
|
|
||||||
});
|
});
|
||||||
|
|
||||||
it("returns 403 when not super user", async () => {
|
it("returns 403 when not super user", async () => {
|
||||||
const app = buildApp(NON_SUPER_USER);
|
const app = makeApp(mockGroomer);
|
||||||
const res = await app.request("/", { method: "DELETE" });
|
const { status } = await del(app, "/admin/auth-provider", mockGroomer);
|
||||||
expect(res.status).toBe(403);
|
expect(status).toBe(403);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
Reference in New Issue
Block a user