mirror of
https://github.com/hexastack/hexabot
synced 2024-11-28 06:52:20 +00:00
fix: use req + update unit tests
This commit is contained in:
parent
a999604472
commit
d2f61eebcd
@ -12,7 +12,7 @@ import { ForbiddenException, NotFoundException } from '@nestjs/common';
|
|||||||
import { EventEmitter2 } from '@nestjs/event-emitter';
|
import { EventEmitter2 } from '@nestjs/event-emitter';
|
||||||
import { MongooseModule } from '@nestjs/mongoose';
|
import { MongooseModule } from '@nestjs/mongoose';
|
||||||
import { Test, TestingModule } from '@nestjs/testing';
|
import { Test, TestingModule } from '@nestjs/testing';
|
||||||
import { Session as ExpressSession } from 'express-session';
|
import { Request } from 'express';
|
||||||
|
|
||||||
import { AttachmentRepository } from '@/attachment/repositories/attachment.repository';
|
import { AttachmentRepository } from '@/attachment/repositories/attachment.repository';
|
||||||
import { AttachmentModel } from '@/attachment/schemas/attachment.schema';
|
import { AttachmentModel } from '@/attachment/schemas/attachment.schema';
|
||||||
@ -191,45 +191,48 @@ describe('RoleController', () => {
|
|||||||
|
|
||||||
describe('deleteOne', () => {
|
describe('deleteOne', () => {
|
||||||
it("should throw ForbiddenException if the role is part of the user's roles", async () => {
|
it("should throw ForbiddenException if the role is part of the user's roles", async () => {
|
||||||
const session = { passport: { user: { id: 'user1' } } } as ExpressSession;
|
const req = { user: { roles: ['role1'] } } as unknown as Request;
|
||||||
const roleId = 'role1';
|
const roleId = 'role1';
|
||||||
|
|
||||||
userService.findOneAndPopulate = jest.fn().mockResolvedValue({
|
userService.findOne = jest.fn().mockResolvedValue(null);
|
||||||
roles: [{ id: roleId }],
|
|
||||||
});
|
|
||||||
|
|
||||||
await expect(roleController.deleteOne(roleId, session)).rejects.toThrow(
|
await expect(roleController.deleteOne(roleId, req)).rejects.toThrow(
|
||||||
|
ForbiddenException,
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should throw ForbiddenException if the role is associated with other users', async () => {
|
||||||
|
const req = { user: { roles: ['role2'] } } as unknown as Request;
|
||||||
|
const roleId = 'role1';
|
||||||
|
|
||||||
|
userService.findOne = jest.fn().mockResolvedValue({ id: 'user2' });
|
||||||
|
|
||||||
|
await expect(roleController.deleteOne(roleId, req)).rejects.toThrow(
|
||||||
ForbiddenException,
|
ForbiddenException,
|
||||||
);
|
);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should throw NotFoundException if the role is not found', async () => {
|
it('should throw NotFoundException if the role is not found', async () => {
|
||||||
const session = { passport: { user: { id: 'user1' } } } as ExpressSession;
|
const req = { user: { roles: ['role2'] } } as unknown as Request;
|
||||||
const roleId = 'role2';
|
const roleId = 'role1';
|
||||||
|
|
||||||
userService.findOneAndPopulate = jest.fn().mockResolvedValue({
|
|
||||||
roles: [{ id: 'role1' }],
|
|
||||||
});
|
|
||||||
|
|
||||||
|
userService.findOne = jest.fn().mockResolvedValue(null);
|
||||||
roleService.deleteOne = jest.fn().mockResolvedValue({ deletedCount: 0 });
|
roleService.deleteOne = jest.fn().mockResolvedValue({ deletedCount: 0 });
|
||||||
|
|
||||||
await expect(roleController.deleteOne(roleId, session)).rejects.toThrow(
|
await expect(roleController.deleteOne(roleId, req)).rejects.toThrow(
|
||||||
NotFoundException,
|
NotFoundException,
|
||||||
);
|
);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should return the result if the role is successfully deleted', async () => {
|
it('should return the result if the role is successfully deleted', async () => {
|
||||||
const session = { passport: { user: { id: 'user1' } } } as ExpressSession;
|
const req = { user: { roles: ['role2'] } } as unknown as Request;
|
||||||
const roleId = 'role2';
|
const roleId = 'role1';
|
||||||
|
|
||||||
userService.findOneAndPopulate = jest.fn().mockResolvedValue({
|
|
||||||
roles: [{ id: 'role1' }],
|
|
||||||
});
|
|
||||||
|
|
||||||
|
userService.findOne = jest.fn().mockResolvedValue(null);
|
||||||
const deleteResult = { deletedCount: 1 };
|
const deleteResult = { deletedCount: 1 };
|
||||||
roleService.deleteOne = jest.fn().mockResolvedValue(deleteResult);
|
roleService.deleteOne = jest.fn().mockResolvedValue(deleteResult);
|
||||||
|
|
||||||
const result = await roleController.deleteOne(roleId, session);
|
const result = await roleController.deleteOne(roleId, req);
|
||||||
expect(result).toEqual(deleteResult);
|
expect(result).toEqual(deleteResult);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
@ -20,10 +20,10 @@ import {
|
|||||||
Query,
|
Query,
|
||||||
UseInterceptors,
|
UseInterceptors,
|
||||||
ForbiddenException,
|
ForbiddenException,
|
||||||
Session,
|
Req,
|
||||||
} from '@nestjs/common';
|
} from '@nestjs/common';
|
||||||
import { CsrfCheck } from '@tekuconcept/nestjs-csrf';
|
import { CsrfCheck } from '@tekuconcept/nestjs-csrf';
|
||||||
import { Session as ExpressSession } from 'express-session';
|
import { Request } from 'express';
|
||||||
import { TFilterQuery } from 'mongoose';
|
import { TFilterQuery } from 'mongoose';
|
||||||
|
|
||||||
import { CsrfInterceptor } from '@/interceptors/csrf.interceptor';
|
import { CsrfInterceptor } from '@/interceptors/csrf.interceptor';
|
||||||
@ -36,6 +36,7 @@ import { SearchFilterPipe } from '@/utils/pipes/search-filter.pipe';
|
|||||||
|
|
||||||
import { RoleCreateDto, RoleUpdateDto } from '../dto/role.dto';
|
import { RoleCreateDto, RoleUpdateDto } from '../dto/role.dto';
|
||||||
import { Role, RoleFull, RolePopulate, RoleStub } from '../schemas/role.schema';
|
import { Role, RoleFull, RolePopulate, RoleStub } from '../schemas/role.schema';
|
||||||
|
import { User } from '../schemas/user.schema';
|
||||||
import { RoleService } from '../services/role.service';
|
import { RoleService } from '../services/role.service';
|
||||||
import { UserService } from '../services/user.service';
|
import { UserService } from '../services/user.service';
|
||||||
|
|
||||||
@ -152,19 +153,16 @@ export class RoleController extends BaseController<
|
|||||||
@CsrfCheck(true)
|
@CsrfCheck(true)
|
||||||
@Delete(':id')
|
@Delete(':id')
|
||||||
@HttpCode(204)
|
@HttpCode(204)
|
||||||
async deleteOne(@Param('id') id: string, @Session() session: ExpressSession) {
|
async deleteOne(@Param('id') id: string, @Req() req: Request) {
|
||||||
const currentUser = await this.userService.findOneAndPopulate(
|
const userRoles = (req.user as User).roles;
|
||||||
session.passport.user.id,
|
|
||||||
['roles'],
|
|
||||||
);
|
|
||||||
if (!currentUser) {
|
|
||||||
throw new NotFoundException('User not found');
|
|
||||||
}
|
|
||||||
|
|
||||||
const roles = currentUser.roles.map((role) => role.id);
|
const associatedUser = await this.userService.findOne({
|
||||||
|
roles: { $in: [id] },
|
||||||
if (roles.includes(id)) {
|
});
|
||||||
|
if (userRoles.includes(id)) {
|
||||||
throw new ForbiddenException("Your account's role can't be deleted");
|
throw new ForbiddenException("Your account's role can't be deleted");
|
||||||
|
} else if (associatedUser) {
|
||||||
|
throw new ForbiddenException('Role is associated with other users');
|
||||||
} else {
|
} else {
|
||||||
try {
|
try {
|
||||||
const result = await this.roleService.deleteOne(id);
|
const result = await this.roleService.deleteOne(id);
|
||||||
|
Loading…
Reference in New Issue
Block a user