helpyourneighbour/backend/tests/roles.test.js

// Mock the middleware directly for testing
const { requireRole } = require('../middleware/role.middleware');

describe('Role-based Access Control', () => {
  // Test that the middleware exists and is a function
  test('requireRole should be a function', () => {
    expect(typeof requireRole).toBe('function');
  });

  // Test that middleware allows access for users with correct role
  test('should allow access for user with correct role', () => {
    const mockReq = {
      user: { role: 'admin' }
    };
    
    const mockRes = {
      status: jest.fn().mockReturnThis(),
      json: jest.fn()
    };
    
    const mockNext = jest.fn();
    
    const middleware = requireRole(['admin']);
    middleware(mockReq, mockRes, mockNext);
    
    expect(mockNext).toHaveBeenCalled();
  });

  // Test that middleware denies access for users with incorrect role
  test('should deny access for user with incorrect role', () => {
    const mockReq = {
      user: { role: 'user' }
    };
    
    const mockRes = {
      status: jest.fn().mockReturnThis(),
      json: jest.fn()
    };
    
    const mockNext = jest.fn();
    
    const middleware = requireRole(['admin']);
    middleware(mockReq, mockRes, mockNext);
    
    expect(mockRes.status).toHaveBeenCalledWith(403);
    expect(mockRes.json).toHaveBeenCalled();
  });

  // Test that middleware denies access for unauthenticated users
  test('should deny access for unauthenticated user', () => {
    const mockReq = {};
    
    const mockRes = {
      status: jest.fn().mockReturnThis(),
      json: jest.fn()
    };
    
    const mockNext = jest.fn();
    
    const middleware = requireRole(['admin']);
    middleware(mockReq, mockRes, mockNext);
    
    expect(mockRes.status).toHaveBeenCalledWith(401);
    expect(mockRes.json).toHaveBeenCalled();
  });
});
Add unit tests for role-based access control 2026-03-17 11:07:20 +00:00			`// Mock the middleware directly for testing`
			`const { requireRole } = require('../middleware/role.middleware');`
feat: Implement role-based access control middleware and tests 2026-03-17 10:09:15 +00:00
Add unit tests for role-based access control 2026-03-17 11:07:20 +00:00			`describe('Role-based Access Control', () => {`
			`// Test that the middleware exists and is a function`
			`test('requireRole should be a function', () => {`
			`expect(typeof requireRole).toBe('function');`
feat: Add role-based access control tests and update server 2026-03-16 21:07:16 +00:00			`});`

Add unit tests for role-based access control 2026-03-17 11:07:20 +00:00			`// Test that middleware allows access for users with correct role`
			`test('should allow access for user with correct role', () => {`
			`const mockReq = {`
			`user: { role: 'admin' }`
			`};`

			`const mockRes = {`
			`status: jest.fn().mockReturnThis(),`
			`json: jest.fn()`
			`};`

			`const mockNext = jest.fn();`

			`const middleware = requireRole(['admin']);`
			`middleware(mockReq, mockRes, mockNext);`

			`expect(mockNext).toHaveBeenCalled();`
			`});`

			`// Test that middleware denies access for users with incorrect role`
			`test('should deny access for user with incorrect role', () => {`
			`const mockReq = {`
			`user: { role: 'user' }`
			`};`

			`const mockRes = {`
			`status: jest.fn().mockReturnThis(),`
			`json: jest.fn()`
			`};`

			`const mockNext = jest.fn();`

			`const middleware = requireRole(['admin']);`
			`middleware(mockReq, mockRes, mockNext);`

			`expect(mockRes.status).toHaveBeenCalledWith(403);`
			`expect(mockRes.json).toHaveBeenCalled();`
			`});`

			`// Test that middleware denies access for unauthenticated users`
			`test('should deny access for unauthenticated user', () => {`
			`const mockReq = {};`

			`const mockRes = {`
			`status: jest.fn().mockReturnThis(),`
			`json: jest.fn()`
			`};`

			`const mockNext = jest.fn();`

			`const middleware = requireRole(['admin']);`
			`middleware(mockReq, mockRes, mockNext);`

			`expect(mockRes.status).toHaveBeenCalledWith(401);`
			`expect(mockRes.json).toHaveBeenCalled();`
feat: Add role-based access control tests and update server 2026-03-16 21:07:16 +00:00			`});`
			`});`