helpyourneighbour/backend/tests/roles.test.js

import request from 'supertest';
import app from '../app.js';
import { requireRole } from '../middleware/role.middleware.js';

describe('Role-based Access Control', () => {
  // Test that the middleware is properly exported
  test('requireRole should be a function', () => {
    expect(typeof requireRole).toBe('function');
  });

  // Mock user authentication for testing
  const mockUser = (role) => {
    return {
      role: role,
      id: 'test-user-id'
    };
  };

  // Test that middleware allows access to users with correct roles
  test('should allow access to users with correct roles', () => {
    const req = {
      user: mockUser('admin')
    };
    const res = {
      status: jest.fn().mockReturnThis(),
      json: jest.fn()
    };
    const next = jest.fn();

    const middleware = requireRole(['admin']);
    middleware(req, res, next);

    expect(next).toHaveBeenCalled();
  });

  // Test that middleware denies access to users with incorrect roles
  test('should deny access to users with incorrect roles', () => {
    const req = {
      user: mockUser('user')
    };
    const res = {
      status: jest.fn().mockReturnThis(),
      json: jest.fn()
    };
    const next = jest.fn();

    const middleware = requireRole(['admin']);
    middleware(req, res, next);

    expect(res.status).toHaveBeenCalledWith(403);
    expect(res.json).toHaveBeenCalledWith({ error: 'Insufficient permissions' });
  });

  // Test that middleware denies access to unauthenticated users
  test('should deny access to unauthenticated users', () => {
    const req = {
      user: null
    };
    const res = {
      status: jest.fn().mockReturnThis(),
      json: jest.fn()
    };
    const next = jest.fn();

    const middleware = requireRole(['admin']);
    middleware(req, res, next);

    expect(res.status).toHaveBeenCalledWith(401);
    expect(res.json).toHaveBeenCalledWith({ error: 'Authentication required' });
  });

  // Test that middleware allows access to users with one of multiple roles
  test('should allow access to users with one of multiple roles', () => {
    const req = {
      user: mockUser('moderator')
    };
    const res = {
      status: jest.fn().mockReturnThis(),
      json: jest.fn()
    };
    const next = jest.fn();

    const middleware = requireRole(['admin', 'moderator']);
    middleware(req, res, next);

    expect(next).toHaveBeenCalled();
  });
});
feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`import request from 'supertest';`
			`import app from '../app.js';`
			`import { requireRole } from '../middleware/role.middleware.js';`
feat: Implement role-based access control middleware and tests 2026-03-17 10:09:15 +00:00
test: add role-based access control tests Added integration tests for the role-based access control middleware to ensure proper permission checks for different user roles. 2026-03-17 17:06:42 +00:00			`describe('Role-based Access Control', () => {`
feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`// Test that the middleware is properly exported`
Add unit tests for role-based access control 2026-03-17 11:07:20 +00:00			`test('requireRole should be a function', () => {`
			`expect(typeof requireRole).toBe('function');`
feat: Add role-based access control tests and update server 2026-03-16 21:07:16 +00:00			`});`

feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`// Mock user authentication for testing`
			`const mockUser = (role) => {`
			`return {`
			`role: role,`
			`id: 'test-user-id'`
			`};`
			`};`

			`// Test that middleware allows access to users with correct roles`
			`test('should allow access to users with correct roles', () => {`
			`const req = {`
			`user: mockUser('admin')`
			`};`
			`const res = {`
feat: Add unit tests for role-based access control 2026-03-17 18:07:07 +00:00			`status: jest.fn().mockReturnThis(),`
			`json: jest.fn()`
			`};`
feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`const next = jest.fn();`
feat: Add unit tests for role-based access control 2026-03-17 18:07:07 +00:00
test: add role-based access control tests Added integration tests for the role-based access control middleware to ensure proper permission checks for different user roles. 2026-03-17 17:06:42 +00:00			`const middleware = requireRole(['admin']);`
feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`middleware(req, res, next);`
feat: Add unit tests for role-based access control 2026-03-17 18:07:07 +00:00
feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`expect(next).toHaveBeenCalled();`
test: add role-based access control tests Added integration tests for the role-based access control middleware to ensure proper permission checks for different user roles. 2026-03-17 17:06:42 +00:00			`});`

feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`// Test that middleware denies access to users with incorrect roles`
			`test('should deny access to users with incorrect roles', () => {`
			`const req = {`
			`user: mockUser('user')`
			`};`
			`const res = {`
feat: Add unit tests for role-based access control 2026-03-17 18:07:07 +00:00			`status: jest.fn().mockReturnThis(),`
			`json: jest.fn()`
			`};`
feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`const next = jest.fn();`
feat: Add unit tests for role-based access control 2026-03-17 18:07:07 +00:00
			`const middleware = requireRole(['admin']);`
feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`middleware(req, res, next);`
feat: Add unit tests for role-based access control 2026-03-17 18:07:07 +00:00
feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`expect(res.status).toHaveBeenCalledWith(403);`
			`expect(res.json).toHaveBeenCalledWith({ error: 'Insufficient permissions' });`
feat: Add unit tests for role-based access control 2026-03-17 18:07:07 +00:00			`});`

feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`// Test that middleware denies access to unauthenticated users`
			`test('should deny access to unauthenticated users', () => {`
			`const req = {`
			`user: null`
			`};`
			`const res = {`
feat: Add unit tests for role-based access control 2026-03-17 18:07:07 +00:00			`status: jest.fn().mockReturnThis(),`
			`json: jest.fn()`
			`};`
feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`const next = jest.fn();`
feat: Add unit tests for role-based access control 2026-03-17 18:07:07 +00:00
test: add role-based access control tests Added integration tests for the role-based access control middleware to ensure proper permission checks for different user roles. 2026-03-17 17:06:42 +00:00			`const middleware = requireRole(['admin']);`
feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`middleware(req, res, next);`

			`expect(res.status).toHaveBeenCalledWith(401);`
			`expect(res.json).toHaveBeenCalledWith({ error: 'Authentication required' });`
			`});`

			`// Test that middleware allows access to users with one of multiple roles`
			`test('should allow access to users with one of multiple roles', () => {`
			`const req = {`
			`user: mockUser('moderator')`
			`};`
			`const res = {`
			`status: jest.fn().mockReturnThis(),`
			`json: jest.fn()`
			`};`
			`const next = jest.fn();`

			`const middleware = requireRole(['admin', 'moderator']);`
			`middleware(req, res, next);`
feat: Add unit tests for role-based access control 2026-03-17 18:07:07 +00:00
feat: Add role-based access control tests and fix middleware export This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access. 2026-03-17 19:07:03 +00:00			`expect(next).toHaveBeenCalled();`
feat: Add role-based access control tests and update server 2026-03-16 21:07:16 +00:00			`});`
			`});`