openclaw/helpyourneighbour
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: add unit tests for role middleware
Some checks are pending
Docker Test / test (push) Waiting to run
Details

Browse source 
This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control.
This commit is contained in:
BibaBot 2026-03-17 08:06:50 +00:00
parent c294e2e9ae
commit 6e973936a7
1 changed files with 27 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

53
backend/tests/roles.test.js
View file

@ -1,5 +1,6 @@
const request = require('supertest'); const request = require('supertest');
const app = require('../app'); const app = require('../app');
const { requireRole } = require('../middleware/role.middleware');
describe('Role Middleware', () => { describe('Role Middleware', () => {
// Mock a user with a specific role for testing // Mock a user with a specific role for testing
@ -12,71 +13,71 @@ describe('Role Middleware', () => {
// Test that the middleware allows access to users with correct roles // Test that the middleware allows access to users with correct roles
test('should allow access to users with correct roles', () => { test('should allow access to users with correct roles', () => {
const req = { const mockReq = {
user: mockUserWithRole('admin') user: mockUserWithRole('admin')
}; };
const res = { const mockRes = {
status: jest.fn().mockReturnThis(), status: jest.fn().mockReturnThis(),
json: jest.fn() json: jest.fn()
}; };
const next = jest.fn(); const mockNext = jest.fn();
const middleware = require('../middleware/role.middleware'); const middleware = requireRole(['admin']);
middleware.requireRole(['admin'])(req, res, next); middleware(mockReq, mockRes, mockNext);
expect(next).toHaveBeenCalled(); expect(mockNext).toHaveBeenCalled();
}); });
// Test that the middleware denies access to users with incorrect roles // Test that the middleware denies access to users with incorrect roles
test('should deny access to users with incorrect roles', () => { test('should deny access to users with incorrect roles', () => {
const req = { const mockReq = {
user: mockUserWithRole('user') user: mockUserWithRole('user')
}; };
const res = { const mockRes = {
status: jest.fn().mockReturnThis(), status: jest.fn().mockReturnThis(),
json: jest.fn() json: jest.fn()
}; };
const next = jest.fn(); const mockNext = jest.fn();
const middleware = require('../middleware/role.middleware'); const middleware = requireRole(['admin']);
middleware.requireRole(['admin'])(req, res, next); middleware(mockReq, mockRes, mockNext);
expect(res.status).toHaveBeenCalledWith(403); expect(mockRes.status).toHaveBeenCalledWith(403);
expect(res.json).toHaveBeenCalledWith({ error: 'Forbidden' }); expect(mockRes.json).toHaveBeenCalledWith({ error: 'Forbidden' });
}); });
// Test that the middleware denies access to users without roles // Test that the middleware denies access to users without roles
test('should deny access to users without roles', () => { test('should deny access to users without roles', () => {
const req = { const mockReq = {
user: null user: null
}; };
const res = { const mockRes = {
status: jest.fn().mockReturnThis(), status: jest.fn().mockReturnThis(),
json: jest.fn() json: jest.fn()
}; };
const next = jest.fn(); const mockNext = jest.fn();
const middleware = require('../middleware/role.middleware'); const middleware = requireRole(['admin']);
middleware.requireRole(['admin'])(req, res, next); middleware(mockReq, mockRes, mockNext);
expect(res.status).toHaveBeenCalledWith(401); expect(mockRes.status).toHaveBeenCalledWith(401);
expect(res.json).toHaveBeenCalledWith({ error: 'Unauthorized' }); expect(mockRes.json).toHaveBeenCalledWith({ error: 'Unauthorized' });
}); });
// Test that the middleware allows access to users with one of multiple required roles // Test that the middleware allows access to users with one of multiple required roles
test('should allow access to users with one of multiple required roles', () => { test('should allow access to users with one of multiple required roles', () => {
const req = { const mockReq = {
user: mockUserWithRole('moderator') user: mockUserWithRole('moderator')
}; };
const res = { const mockRes = {
status: jest.fn().mockReturnThis(), status: jest.fn().mockReturnThis(),
json: jest.fn() json: jest.fn()
}; };
const next = jest.fn(); const mockNext = jest.fn();
const middleware = require('../middleware/role.middleware'); const middleware = requireRole(['admin', 'moderator']);
middleware.requireRole(['admin', 'moderator'])(req, res, next); middleware(mockReq, mockRes, mockNext);
expect(next).toHaveBeenCalled(); expect(mockNext).toHaveBeenCalled();
}); });
}); });