69 lines
No EOL
1.7 KiB
JavaScript
69 lines
No EOL
1.7 KiB
JavaScript
const { requireRole } = require('../middleware/role.middleware');
|
|
|
|
describe('Role Middleware', () => {
|
|
test('should allow access to users with correct roles', () => {
|
|
const req = {
|
|
user: { role: 'admin' }
|
|
};
|
|
const res = {
|
|
status: jest.fn().mockReturnThis(),
|
|
json: jest.fn()
|
|
};
|
|
const next = jest.fn();
|
|
|
|
const middleware = requireRole(['admin']);
|
|
middleware(req, res, next);
|
|
|
|
expect(next).toHaveBeenCalled();
|
|
});
|
|
|
|
test('should deny access to users with incorrect roles', () => {
|
|
const req = {
|
|
user: { role: 'user' }
|
|
};
|
|
const res = {
|
|
status: jest.fn().mockReturnThis(),
|
|
json: jest.fn()
|
|
};
|
|
const next = jest.fn();
|
|
|
|
const middleware = requireRole(['admin']);
|
|
middleware(req, res, next);
|
|
|
|
expect(res.status).toHaveBeenCalledWith(403);
|
|
expect(res.json).toHaveBeenCalledWith({ error: 'Forbidden' });
|
|
});
|
|
|
|
test('should deny access to users without roles', () => {
|
|
const req = {
|
|
user: null
|
|
};
|
|
const res = {
|
|
status: jest.fn().mockReturnThis(),
|
|
json: jest.fn()
|
|
};
|
|
const next = jest.fn();
|
|
|
|
const middleware = requireRole(['admin']);
|
|
middleware(req, res, next);
|
|
|
|
expect(res.status).toHaveBeenCalledWith(401);
|
|
expect(res.json).toHaveBeenCalledWith({ error: 'Unauthorized' });
|
|
});
|
|
|
|
test('should allow access to users with one of multiple required roles', () => {
|
|
const req = {
|
|
user: { role: 'moderator' }
|
|
};
|
|
const res = {
|
|
status: jest.fn().mockReturnThis(),
|
|
json: jest.fn()
|
|
};
|
|
const next = jest.fn();
|
|
|
|
const middleware = requireRole(['admin', 'moderator']);
|
|
middleware(req, res, next);
|
|
|
|
expect(next).toHaveBeenCalled();
|
|
});
|
|
}); |