helpyourneighbour/test/roles.test.js

const { describe, it, beforeEach, afterEach } = require('node:test');
const assert = require('assert');
const { requireRole } = require('../backend/middleware/role.middleware');

describe('requireRole middleware', () => {
  let req, res, next;

  beforeEach(() => {
    req = {
      user: {}
    };
    res = {
      status: (code) => {
        res.statusCode = code;
        return res;
      },
      json: (body) => {
        res.body = body;
        return res;
      }
    };
    next = () => {};
  });

  it('should allow access when user has required role', () => {
    req.user.role = 'admin';
    const middleware = requireRole(['admin']);
    
    let calledNext = false;
    next = () => {
      calledNext = true;
    };

    middleware(req, res, next);
    assert.strictEqual(calledNext, true);
  });

  it('should deny access when user does not have required role', () => {
    req.user.role = 'user';
    const middleware = requireRole(['admin']);
    
    let statusCode = null;
    let body = null;
    
    res.status = (code) => {
      statusCode = code;
      return res;
    };
    
    res.json = (data) => {
      body = data;
      return res;
    };

    middleware(req, res, next);
    assert.strictEqual(statusCode, 403);
    assert.deepStrictEqual(body, { error: 'Forbidden' });
  });

  it('should deny access when no user role is present', () => {
    req.user.role = undefined;
    const middleware = requireRole(['admin']);
    
    let statusCode = null;
    let body = null;
    
    res.status = (code) => {
      statusCode = code;
      return res;
    };
    
    res.json = (data) => {
      body = data;
      return res;
    };

    middleware(req, res, next);
    assert.strictEqual(statusCode, 401);
    assert.deepStrictEqual(body, { error: 'Unauthorized' });
  });

  it('should allow access when user has one of multiple required roles', () => {
    req.user.role = 'moderator';
    const middleware = requireRole(['admin', 'moderator']);
    
    let calledNext = false;
    next = () => {
      calledNext = true;
    };

    middleware(req, res, next);
    assert.strictEqual(calledNext, true);
  });
});
test: add unit tests for role middleware This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control implementation. 2026-03-16 11:07:06 +00:00			`const { describe, it, beforeEach, afterEach } = require('node:test');`
			`const assert = require('assert');`
			`const { requireRole } = require('../backend/middleware/role.middleware');`
feat: Implement role management API endpoints 2026-03-16 05:07:56 +00:00
test: add unit tests for role middleware This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control implementation. 2026-03-16 11:07:06 +00:00			`describe('requireRole middleware', () => {`
			`let req, res, next;`
feat: Implement role management API endpoints 2026-03-16 05:07:56 +00:00
			`beforeEach(() => {`
test: add unit tests for role middleware This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control implementation. 2026-03-16 11:07:06 +00:00			`req = {`
			`user: {}`
			`};`
			`res = {`
			`status: (code) => {`
			`res.statusCode = code;`
			`return res;`
			`},`
			`json: (body) => {`
			`res.body = body;`
			`return res;`
			`}`
			`};`
			`next = () => {};`
feat: Implement role management API endpoints 2026-03-16 05:07:56 +00:00			`});`

test: add unit tests for role middleware This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control implementation. 2026-03-16 11:07:06 +00:00			`it('should allow access when user has required role', () => {`
			`req.user.role = 'admin';`
			`const middleware = requireRole(['admin']);`

			`let calledNext = false;`
Add unit tests for role middleware and package.json 2026-03-16 13:10:19 +00:00			`next = () => {`
			`calledNext = true;`
			`};`
feat: Implement role management API endpoints 2026-03-16 05:07:56 +00:00
test: add unit tests for role middleware This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control implementation. 2026-03-16 11:07:06 +00:00			`middleware(req, res, next);`
			`assert.strictEqual(calledNext, true);`
feat: Implement role management API endpoints 2026-03-16 05:07:56 +00:00			`});`

test: add unit tests for role middleware This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control implementation. 2026-03-16 11:07:06 +00:00			`it('should deny access when user does not have required role', () => {`
			`req.user.role = 'user';`
			`const middleware = requireRole(['admin']);`

			`let statusCode = null;`
			`let body = null;`
Add unit tests for role middleware and package.json 2026-03-16 13:10:19 +00:00
test: add unit tests for role middleware This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control implementation. 2026-03-16 11:07:06 +00:00			`res.status = (code) => {`
			`statusCode = code;`
			`return res;`
			`};`
Add unit tests for role middleware and package.json 2026-03-16 13:10:19 +00:00
test: add unit tests for role middleware This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control implementation. 2026-03-16 11:07:06 +00:00			`res.json = (data) => {`
			`body = data;`
			`return res;`
			`};`

			`middleware(req, res, next);`
			`assert.strictEqual(statusCode, 403);`
			`assert.deepStrictEqual(body, { error: 'Forbidden' });`
feat: Implement role management API endpoints 2026-03-16 05:07:56 +00:00			`});`

test: add unit tests for role middleware This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control implementation. 2026-03-16 11:07:06 +00:00			`it('should deny access when no user role is present', () => {`
			`req.user.role = undefined;`
			`const middleware = requireRole(['admin']);`

			`let statusCode = null;`
			`let body = null;`
Add unit tests for role middleware and package.json 2026-03-16 13:10:19 +00:00
test: add unit tests for role middleware This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control implementation. 2026-03-16 11:07:06 +00:00			`res.status = (code) => {`
			`statusCode = code;`
			`return res;`
			`};`
Add unit tests for role middleware and package.json 2026-03-16 13:10:19 +00:00
test: add unit tests for role middleware This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control implementation. 2026-03-16 11:07:06 +00:00			`res.json = (data) => {`
			`body = data;`
			`return res;`
			`};`

			`middleware(req, res, next);`
			`assert.strictEqual(statusCode, 401);`
			`assert.deepStrictEqual(body, { error: 'Unauthorized' });`
			`});`
feat: Implement role management API endpoints 2026-03-16 05:07:56 +00:00
test: add unit tests for role middleware This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control implementation. 2026-03-16 11:07:06 +00:00			`it('should allow access when user has one of multiple required roles', () => {`
			`req.user.role = 'moderator';`
			`const middleware = requireRole(['admin', 'moderator']);`

			`let calledNext = false;`
Add unit tests for role middleware and package.json 2026-03-16 13:10:19 +00:00			`next = () => {`
			`calledNext = true;`
			`};`
feat: Implement role management API endpoints 2026-03-16 05:07:56 +00:00
test: add unit tests for role middleware This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control implementation. 2026-03-16 11:07:06 +00:00			`middleware(req, res, next);`
			`assert.strictEqual(calledNext, true);`
feat: Implement role management API endpoints 2026-03-16 05:07:56 +00:00			`});`
			`});`