From 3155d8b87445e534260c401d66f5871e5aa019fb Mon Sep 17 00:00:00 2001 From: hlibbabii Date: Sun, 23 Jul 2023 14:01:01 +0300 Subject: [PATCH] controller tests for un-setting the role (#2556) --- .../server/admin.users.server.routes.tests.js | 94 +++++++++++++++++-- 1 file changed, 87 insertions(+), 7 deletions(-) diff --git a/modules/admin/tests/server/admin.users.server.routes.tests.js b/modules/admin/tests/server/admin.users.server.routes.tests.js index 836437617c..7d2cfe1d63 100644 --- a/modules/admin/tests/server/admin.users.server.routes.tests.js +++ b/modules/admin/tests/server/admin.users.server.routes.tests.js @@ -277,7 +277,7 @@ describe('Admin User CRUD tests', () => { }); describe('Changing user roles', () => { - it('non-admin users should not be allowed to change user roles', async () => { + it('non-admin users should not be allowed to add user roles', async () => { await utils.signIn(credentialsRegular, agent); await agent @@ -286,9 +286,18 @@ describe('Admin User CRUD tests', () => { .expect(403); }); + it('non-admin users should not be allowed to remove user roles', async () => { + await utils.signIn(credentialsRegular, agent); + + await agent + .post('/api/admin/user/change-role') + .send({ id: userRegularId, role: 'suspended', unset: true }) + .expect(403); + }); + // Allowed roles ['moderator', 'shadowban', 'suspended'].map(role => { - it(`admin users should be allowed change user role to ${role}`, async () => { + it(`admin users should be allowed to add user role: ${role}`, async () => { await utils.signIn(credentialsAdmin, agent); await agent @@ -296,9 +305,18 @@ describe('Admin User CRUD tests', () => { .send({ id: userRegularId, role }) .expect(200); }); + + it(`admin users should be allowed to remove user role: ${role}`, async () => { + await utils.signIn(credentialsAdmin, agent); + + await agent + .post('/api/admin/user/change-role') + .send({ id: userRegularId, role, unset: true }) + .expect(200); + }); }); - it('missing id should not change user role', async () => { + it('missing id should not add user role', async () => { await utils.signIn(credentialsAdmin, agent); const { body } = await agent @@ -309,7 +327,18 @@ describe('Admin User CRUD tests', () => { should(body.message).equal('Cannot interpret id.'); }); - it('invalid role should not be change user roles', async () => { + it('missing id should not remove user role', async () => { + await utils.signIn(credentialsAdmin, agent); + + const { body } = await agent + .post('/api/admin/user/change-role') + .send({ id: '', role: 'suspended', unset: true }) + .expect(400); + + should(body.message).equal('Cannot interpret id.'); + }); + + it('invalid role should not be added', async () => { await utils.signIn(credentialsAdmin, agent); const { body } = await agent @@ -320,7 +349,18 @@ describe('Admin User CRUD tests', () => { should(body.message).equal('Invalid role.'); }); - it('cannot change user role to admin', async () => { + it('invalid role should not be removed', async () => { + await utils.signIn(credentialsAdmin, agent); + + const { body } = await agent + .post('/api/admin/user/change-role') + .send({ id: userRegularId, role: 'fake', unset: true }) + .expect(400); + + should(body.message).equal('Invalid role.'); + }); + + it('cannot add admin user role', async () => { await utils.signIn(credentialsAdmin, agent); const { body } = await agent @@ -331,7 +371,18 @@ describe('Admin User CRUD tests', () => { should(body.message).equal('Invalid role.'); }); - it('invalid id should not change user roles', async () => { + it('cannot remove admin user role', async () => { + await utils.signIn(credentialsAdmin, agent); + + const { body } = await agent + .post('/api/admin/user/change-role') + .send({ id: userRegularId, role: 'admin', unset: true }) + .expect(400); + + should(body.message).equal('Invalid role.'); + }); + + it('invalid id should not add user roles', async () => { await utils.signIn(credentialsAdmin, agent); const { body } = await agent @@ -342,7 +393,18 @@ describe('Admin User CRUD tests', () => { should(body.message).equal('Cannot interpret id.'); }); - it(`changing role should show up as an admin note`, async () => { + it('invalid id should not remove user roles', async () => { + await utils.signIn(credentialsAdmin, agent); + + const { body } = await agent + .post('/api/admin/user/change-role') + .send({ id: '123', role: 'suspended', unset: true }) + .expect(400); + + should(body.message).equal('Cannot interpret id.'); + }); + + it(`adding role should show up as an admin note`, async () => { await utils.signIn(credentialsAdmin, agent); await agent @@ -359,6 +421,24 @@ describe('Admin User CRUD tests', () => { ); body[0].admin._id.should.equal(userAdminId); }); + + it(`removing role should show up as an admin note`, async () => { + await utils.signIn(credentialsAdmin, agent); + + await agent + .post('/api/admin/user/change-role') + .send({ id: userRegularId, role: 'suspended', unset: true }) + .expect(200); + + const { body } = await agent + .get(`/api/admin/notes?userId=${userRegularId}`) + .expect(200); + + body[0].note.should.equal( + '

Performed action:

User removed from role:suspended.

', + ); + body[0].admin._id.should.equal(userAdminId); + }); }); }); });