diff --git a/src/presentation/http/router/note.test.ts b/src/presentation/http/router/note.test.ts index 9ab72fd5..7e7231c8 100644 --- a/src/presentation/http/router/note.test.ts +++ b/src/presentation/http/router/note.test.ts @@ -1,6 +1,7 @@ import { MemberRole } from '@domain/entities/team.js'; import { describe, test, expect, beforeEach } from 'vitest'; import type User from '@domain/entities/user.js'; +import { memberRight } from '@tests/utils/team-rights'; describe('Note API', () => { beforeEach(async () => { @@ -243,39 +244,11 @@ describe('Note API', () => { }); describe('PATCH note/:notePublicId ', () => { - test.each([ - /** Returns 200 if user is team member with a Write role */ - { - role: MemberRole.Write, - isAuthorized: true, - expectedStatusCode: 200, - }, + test.each(memberRight) + ('Patch note by public id', async ({ testContext }) => { + /** Get data from context */ + const { role, isAuthorized, expectedStatusCode, expectedMessage } = testContext; - /** Returns 403 if user is team member with a Read role */ - { - role: MemberRole.Read, - isAuthorized: true, - expectedStatusCode: 403, - expectedMessage: 'Permission denied', - }, - - /** Returns 403 if user is not in the team */ - { - role: null, - isAuthorized: true, - expectedStatusCode: 403, - expectedMessage: 'Permission denied', - }, - - /** Returns 401 if user is not authorized */ - { - role: null, - isAuthorized: false, - expectedStatusCode: 401, - expectedMessage: 'You must be authenticated to access this resource', - }, - ]) - ('Patch note by public id', async ({ role, isAuthorized, expectedStatusCode, expectedMessage }) => { /** Only if user has a Write role, he can edit the note */ const canEdit = role === MemberRole.Write; @@ -459,39 +432,11 @@ describe('Note API', () => { }); describe('DELETE /note/:notePublicId', () => { - test.each([ - /** Returns 200 if user is team member with a Write role */ - { - role: MemberRole.Write, - isAuthorized: true, - expectedStatusCode: 200, - }, - - /** Returns 403 if user is team member with a Read role */ - { - role: MemberRole.Read, - isAuthorized: true, - expectedStatusCode: 403, - expectedMessage: 'Permission denied', - }, - - /** Returns 403 if user is not in the team */ - { - role: null, - isAuthorized: true, - expectedStatusCode: 403, - expectedMessage: 'Permission denied', - }, + test.each(memberRight) + ('Delete note by public id', async ({ testContext }) => { + /** Get data from context */ + const { role, isAuthorized, expectedStatusCode, expectedMessage } = testContext; - /** Returns 401 if user is not authorized */ - { - role: null, - isAuthorized: false, - expectedStatusCode: 401, - expectedMessage: 'You must be authenticated to access this resource', - }, - ]) - ('Delete note by public id', async ({ role, isAuthorized, expectedStatusCode, expectedMessage }) => { /** Create test user - creator of note */ const creator = await global.db.insertUser(); @@ -674,39 +619,11 @@ describe('Note API', () => { accessToken = global.auth(user.id); }); - test.each([ - /** Returns 200 if user is team member with a Write role */ - { - role: MemberRole.Write, - isAuthorized: true, - expectedStatusCode: 200, - }, + test.each(memberRight) + ('Unlink any parent from note by it\'s public id', async ({ testContext }) => { + /** Get data from context */ + const { role, isAuthorized, expectedStatusCode, expectedMessage } = testContext; - /** Returns 403 if user is team member with a Read role */ - { - role: MemberRole.Read, - isAuthorized: true, - expectedStatusCode: 403, - expectedMessage: 'Permission denied', - }, - - /** Returns 403 if user is not in the team */ - { - role: null, - isAuthorized: true, - expectedStatusCode: 403, - expectedMessage: 'Permission denied', - }, - - /** Returns 401 if user is not authorized */ - { - role: null, - isAuthorized: false, - expectedStatusCode: 401, - expectedMessage: 'You must be authenticated to access this resource', - }, - ]) - ('Unlink any parent from note by it\'s public id', async ({ role, isAuthorized, expectedStatusCode, expectedMessage }) => { /* Create second user, who will be the creator of the note */ const creator = await global.db.insertUser(); diff --git a/src/presentation/http/router/noteSettings.test.ts b/src/presentation/http/router/noteSettings.test.ts index 8df0d878..5470f5cc 100644 --- a/src/presentation/http/router/noteSettings.test.ts +++ b/src/presentation/http/router/noteSettings.test.ts @@ -1,5 +1,6 @@ import { describe, test, expect, beforeEach } from 'vitest'; import { MemberRole } from '@domain/entities/team.js'; +import { memberRight } from '@tests/utils/team-rights'; describe('NoteSettings API', () => { beforeEach(async () => { @@ -12,39 +13,11 @@ describe('NoteSettings API', () => { await global.db.truncateTables(); }); describe('GET /note-settings/:notePublicId ', () => { - test.each([ - /** Returns 401 when the user is not authorized */ - { - role: null, - isAuthorized: false, - expectedStatusCode: 401, - expectedMessage: 'You must be authenticated to access this resource', - }, - - /** Returns 200 if user is a team member with a Write role */ - { - role: MemberRole.Write, - isAuthorized: true, - expectedStatusCode: 200, - }, - - /** Returns 403 when user is a team member with a Read role */ - { - role: MemberRole.Read, - isAuthorized: true, - expectedStatusCode: 403, - expectedMessage: 'Permission denied', - }, - - /** Returns 403 when user is not in the team */ - { - role: null, - isAuthorized: true, - expectedStatusCode: 403, - expectedMessage: 'Permission denied', - }, - ]) - ('Get note settings and team by public id', async ({ role, isAuthorized, expectedStatusCode, expectedMessage }) => { + test.each(memberRight) + ('Get note settings and team by public id', async ({ testContext }) => { + /** Get data from context */ + const { role, isAuthorized, expectedStatusCode, expectedMessage } = testContext; + /** Create test user - creator of a note */ const creator = await global.db.insertUser(); @@ -156,39 +129,11 @@ describe('NoteSettings API', () => { }); describe('GET /note-settings/:notePublicId/team ', () => { - test.each([ - /** Returns 200 if user is a team member with a Write role */ - { - role: MemberRole.Write, - isAuthorized: true, - expectedStatusCode: 200, - }, - - /** Returns 403 if user is a team member with a Read role */ - { - role: MemberRole.Read, - isAuthorized: true, - expectedStatusCode: 403, - expectedMessage: 'Permission denied', - }, - - /** Returns 401 when the user is not authorized */ - { - role: null, - isAuthorized: false, - expectedStatusCode: 401, - expectedMessage: 'You must be authenticated to access this resource', - }, - - /** Returns 403 when the the user is not in the team */ - { - role: null, - isAuthorized: true, - expectedStatusCode: 403, - expectedMessage: 'Permission denied', - }, - ]) - ('Get note team by public id', async ({ role, isAuthorized, expectedStatusCode, expectedMessage }) => { + test.each(memberRight) + ('Get note team by public id', async ({ testContext }) => { + /** Get data from context */ + const { role, isAuthorized, expectedStatusCode, expectedMessage } = testContext; + /** Create test user - creator of a note */ const creator = await global.db.insertUser(); @@ -282,36 +227,11 @@ describe('NoteSettings API', () => { }); describe('PATCH /note-settings/:notePublicId ', () => { - test.each([ - /** Returns 200 if user is a team member with a Write role */ - { - role: MemberRole.Write, - isAuthorized: true, - expectedStatusCode: 200, - }, - - /** Returns 403 if user is a team member with a Read role */ - { - role: MemberRole.Read, - isAuthorized: true, - expectedStatusCode: 403, - }, - - /** Returns 403 if user is not in the team */ - { - role: null, - isAuthorized: true, - expectedStatusCode: 403, - }, - - /** Returns 401 if user is not authorized */ - { - role: null, - isAuthorized: false, - expectedStatusCode: 401, - }, - ]) - ('Update note settings by public id', async ({ role, isAuthorized, expectedStatusCode }) => { + test.each(memberRight) + ('Update note settings by public id', async ({ testContext }) => { + /** Get data from context */ + const { role, isAuthorized, expectedStatusCode } = testContext; + /** Create test user - creator of a note */ const creator = await global.db.insertUser(); @@ -399,36 +319,11 @@ describe('NoteSettings API', () => { }); describe('PATCH /note-settings/:notePublicId/invitation-hash ', () => { - test.each([ - /** Returns 200 if user is a team member with a Write role */ - { - role: MemberRole.Write, - isAuthorized: true, - expectedStatusCode: 200, - }, - - /** Returns 403 if user is a team member with a Read role */ - { - role: MemberRole.Read, - isAuthorized: true, - expectedStatusCode: 403, - }, - - /** Returns 403 if user is not in the team */ - { - role: null, - isAuthorized: true, - expectedStatusCode: 403, - }, - - /** Returns 401 if user is not authorized */ - { - role: null, - isAuthorized: false, - expectedStatusCode: 401, - }, - ]) - ('Generate invitation hash', async ({ role, isAuthorized, expectedStatusCode }) => { + test.each(memberRight) + ('Generate invitation hash', async ({ testContext }) => { + /** Get data from context */ + const { role, isAuthorized, expectedStatusCode } = testContext; + /** Create test user - creator of a note */ const creator = await global.db.insertUser(); @@ -521,36 +416,11 @@ describe('NoteSettings API', () => { }); describe('PATCH /note-settings/:notePublicId/team', () => { - test.each([ - /** Returns 200 if user is a team member with a Write role */ - { - role: MemberRole.Write, - isAuthorized: true, - expectedStatusCode: 200, - }, - - /** Returns 403 if user is a team member with a Read role */ - { - role: MemberRole.Read, - isAuthorized: true, - expectedStatusCode: 403, - }, - - /** Returns 403 if user is not in the team */ - { - role: null, - isAuthorized: true, - expectedStatusCode: 403, - }, - - /** Returns 401 if user is not authorized */ - { - role: null, - isAuthorized: false, - expectedStatusCode: 401, - }, - ]) - ('Update team member role by user id and note id', async ({ role, isAuthorized, expectedStatusCode }) => { + test.each(memberRight) + ('Update team member role by user id and note id', async ({ testContext }) => { + /** Get data from context */ + const { role, isAuthorized, expectedStatusCode } = testContext; + /** Create test user - creator of a note */ const creator = await global.db.insertUser(); @@ -659,36 +529,11 @@ describe('NoteSettings API', () => { }); describe('DELETE /:notePublicId/team', () => { - test.each([ - /** Returns 200 if user is a team member with a Write role */ - { - role: MemberRole.Write, - isAuthorized: true, - expectedStatusCode: 200, - }, - - /** Returns 403 if user is a team member with a Read role */ - { - role: MemberRole.Read, - isAuthorized: true, - expectedStatusCode: 403, - }, - - /** Returns 403 if user is not in the team */ - { - role: null, - isAuthorized: true, - expectedStatusCode: 403, - }, - - /** Returns 401 if user is not authorized */ - { - role: null, - isAuthorized: false, - expectedStatusCode: 401, - }, - ]) - ('Delete user from the team', async ( { role, isAuthorized, expectedStatusCode } ) => { + test.each(memberRight) + ('Delete user from the team', async ({ testContext }) => { + /** Get data from context */ + const { role, isAuthorized, expectedStatusCode } = testContext; + const creator = await global.db.insertUser(); const user = await global.db.insertUser(); diff --git a/src/tests/utils/team-rights.ts b/src/tests/utils/team-rights.ts new file mode 100644 index 00000000..c9340503 --- /dev/null +++ b/src/tests/utils/team-rights.ts @@ -0,0 +1,42 @@ +import { MemberRole } from '@domain/entities/team.js'; + +export const memberRight = [ + /** Returns 200 if user is team member with a Write role */ + { + testContext: { + role: MemberRole.Write, + isAuthorized: true, + expectedStatusCode: 200, + }, + }, + + /** Returns 403 if user is team member with a Read role */ + { + testContext: { + role: MemberRole.Read, + isAuthorized: true, + expectedStatusCode: 403, + expectedMessage: 'Permission denied', + }, + }, + + /** Returns 403 if user is not in the team */ + { + testContext:{ + role: null, + isAuthorized: true, + expectedStatusCode: 403, + expectedMessage: 'Permission denied', + }, + }, + + /** Returns 401 if user is not authorized */ + { + testContext: { + role: null, + isAuthorized: false, + expectedStatusCode: 401, + expectedMessage: 'You must be authenticated to access this resource', + }, + }, +];