32 lines
1 KiB
JavaScript
32 lines
1 KiB
JavaScript
|
const request = require('supertest');
|
||
|
|
const app = require('../src/server');
|
||
|
|
const { requireRole } = require('../middleware/role.middleware');
|
||
|
|
|
||
|
|
describe('Role Middleware', () => {
|
||
|
|
// Test for a route that requires 'admin' role
|
||
|
|
it('should deny access to users without admin role', async () => {
|
||
|
|
const response = await request(app)
|
||
|
|
.get('/admin/users')
|
||
|
|
.set('Authorization', 'Bearer invalid-token');
|
||
|
|
|
||
|
|
expect(response.status).toBe(401);
|
||
|
|
});
|
||
|
|
|
||
|
|
// Test for a route that requires 'moderator' role
|
||
|
|
it('should deny access to users without moderator role', async () => {
|
||
|
|
const response = await request(app)
|
||
|
|
.get('/moderator/reports')
|
||
|
|
.set('Authorization', 'Bearer invalid-token');
|
||
|
|
|
||
|
|
expect(response.status).toBe(401);
|
||
|
|
});
|
||
|
|
|
||
|
|
// Test for a route that requires 'user' role
|
||
|
|
it('should deny access to users without user role', async () => {
|
||
|
|
const response = await request(app)
|
||
|
|
.get('/profile')
|
||
|
|
.set('Authorization', 'Bearer invalid-token');
|
||
|
|
|
||
|
|
expect(response.status).toBe(401);
|
||
|
|
});
|
||
|
|
});
|