openclaw/helpyourneighbour
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: add unit tests for role middleware
Some checks are pending
Docker Test / test (push) Waiting to run
Details

Browse source 
This commit adds comprehensive unit tests for the requireRole middleware to ensure proper role-based access control.
This commit is contained in:
BibaBot 2026-03-17 08:06:50 +00:00
parent c294e2e9ae
commit 6e973936a7
1 changed files with 27 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

53
backend/tests/roles.test.js
View file

@ -1,5 +1,6 @@
const request = require('supertest');
const app = require('../app');
const { requireRole } = require('../middleware/role.middleware');
describe('Role Middleware', () => {
// Mock a user with a specific role for testing
@ -12,71 +13,71 @@ describe('Role Middleware', () => {
// Test that the middleware allows access to users with correct roles
test('should allow access to users with correct roles', () => {
const req = {
const mockReq = {
user: mockUserWithRole('admin')
};
const res = {
const mockRes = {
status: jest.fn().mockReturnThis(),
json: jest.fn()
};
const next = jest.fn();
const mockNext = jest.fn();
const middleware = require('../middleware/role.middleware');
middleware.requireRole(['admin'])(req, res, next);
const middleware = requireRole(['admin']);
middleware(mockReq, mockRes, mockNext);
expect(next).toHaveBeenCalled();
expect(mockNext).toHaveBeenCalled();
});
// Test that the middleware denies access to users with incorrect roles
test('should deny access to users with incorrect roles', () => {
const req = {
const mockReq = {
user: mockUserWithRole('user')
};
const res = {
const mockRes = {
status: jest.fn().mockReturnThis(),
json: jest.fn()
};
const next = jest.fn();
const mockNext = jest.fn();
const middleware = require('../middleware/role.middleware');
middleware.requireRole(['admin'])(req, res, next);
const middleware = requireRole(['admin']);
middleware(mockReq, mockRes, mockNext);
expect(res.status).toHaveBeenCalledWith(403);
expect(res.json).toHaveBeenCalledWith({ error: 'Forbidden' });
expect(mockRes.status).toHaveBeenCalledWith(403);
expect(mockRes.json).toHaveBeenCalledWith({ error: 'Forbidden' });
});
// Test that the middleware denies access to users without roles
test('should deny access to users without roles', () => {
const req = {
const mockReq = {
user: null
};
const res = {
const mockRes = {
status: jest.fn().mockReturnThis(),
json: jest.fn()
};
const next = jest.fn();
const mockNext = jest.fn();
const middleware = require('../middleware/role.middleware');
middleware.requireRole(['admin'])(req, res, next);
const middleware = requireRole(['admin']);
middleware(mockReq, mockRes, mockNext);
expect(res.status).toHaveBeenCalledWith(401);
expect(res.json).toHaveBeenCalledWith({ error: 'Unauthorized' });
expect(mockRes.status).toHaveBeenCalledWith(401);
expect(mockRes.json).toHaveBeenCalledWith({ error: 'Unauthorized' });
});
// Test that the middleware allows access to users with one of multiple required roles
test('should allow access to users with one of multiple required roles', () => {
const req = {
const mockReq = {
user: mockUserWithRole('moderator')
};
const res = {
const mockRes = {
status: jest.fn().mockReturnThis(),
json: jest.fn()
};
const next = jest.fn();
const mockNext = jest.fn();
const middleware = require('../middleware/role.middleware');
middleware.requireRole(['admin', 'moderator'])(req, res, next);
const middleware = requireRole(['admin', 'moderator']);
middleware(mockReq, mockRes, mockNext);
expect(next).toHaveBeenCalled();
expect(mockNext).toHaveBeenCalled();
});
});