openclaw/helpyourneighbour
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
helpyourneighbour/backend/tests/roles.test.js
BibaBot 901bcf454c
Some checks are pending
Docker Test / test (push) Waiting to run
Details
feat: Add role-based access control tests and fix middleware export 
This commit adds comprehensive unit tests for the role-based access control middleware and fixes the ES module export issue. The tests verify that users with correct roles can access protected routes, while users with incorrect roles or no authentication are properly denied access.
2026-03-17 19:07:03 +00:00

88 lines
No EOL
2.3 KiB
JavaScript
Raw Blame History

import request from 'supertest';
import app from '../app.js';
import { requireRole } from '../middleware/role.middleware.js';
describe('Role-based Access Control', () => {
// Test that the middleware is properly exported
test('requireRole should be a function', () => {
expect(typeof requireRole).toBe('function');
});
// Mock user authentication for testing
const mockUser = (role) => {
return {
role: role,
id: 'test-user-id'
};
};
// Test that middleware allows access to users with correct roles
test('should allow access to users with correct roles', () => {
const req = {
user: mockUser('admin')
};
const res = {
status: jest.fn().mockReturnThis(),
json: jest.fn()
};
const next = jest.fn();
const middleware = requireRole(['admin']);
middleware(req, res, next);
expect(next).toHaveBeenCalled();
});
// Test that middleware denies access to users with incorrect roles
test('should deny access to users with incorrect roles', () => {
const req = {
user: mockUser('user')
};
const res = {
status: jest.fn().mockReturnThis(),
json: jest.fn()
};
const next = jest.fn();
const middleware = requireRole(['admin']);
middleware(req, res, next);
expect(res.status).toHaveBeenCalledWith(403);
expect(res.json).toHaveBeenCalledWith({ error: 'Insufficient permissions' });
});
// Test that middleware denies access to unauthenticated users
test('should deny access to unauthenticated users', () => {
const req = {
user: null
};
const res = {
status: jest.fn().mockReturnThis(),
json: jest.fn()
};
const next = jest.fn();
const middleware = requireRole(['admin']);
middleware(req, res, next);
expect(res.status).toHaveBeenCalledWith(401);
expect(res.json).toHaveBeenCalledWith({ error: 'Authentication required' });
});
// Test that middleware allows access to users with one of multiple roles
test('should allow access to users with one of multiple roles', () => {
const req = {
user: mockUser('moderator')
};
const res = {
status: jest.fn().mockReturnThis(),
json: jest.fn()
};
const next = jest.fn();
const middleware = requireRole(['admin', 'moderator']);
middleware(req, res, next);
expect(next).toHaveBeenCalled();
});
});
Reference in a new issue View git blame Copy permalink