salix/back/models/specs/vn-user.spec.js

const models = require('vn-loopback/server/server').models;
const ForbiddenError = require('vn-loopback/util/forbiddenError');

describe('loopback model VnUser', () => {
    it('should return true if the user has the given role', async() => {
        let result = await models.VnUser.hasRole(1, 'employee');

        expect(result).toBeTruthy();
    });

    it('should return false if the user doesnt have the given role', async() => {
        let result = await models.VnUser.hasRole(1, 'administrator');

        expect(result).toBeFalsy();
    });

    describe('userSecurity', () => {
        const itManagementId = 115;
        const hrId = 37;
        const employeeId = 1;

        it('should check if you are the same user', async() => {
            const ctx = {options: {accessToken: {userId: employeeId}}};
            await models.VnUser.userSecurity(ctx, employeeId);
        });

        it('should check for higher privileges', async() => {
            const ctx = {options: {accessToken: {userId: itManagementId}}};
            await models.VnUser.userSecurity(ctx, employeeId);
        });

        it('should check if you have medium privileges and the user email is not verified', async() => {
            const ctx = {options: {accessToken: {userId: hrId}}};
            await models.VnUser.userSecurity(ctx, employeeId);
        });

        it('should throw an error if you have medium privileges and the users email is verified', async() => {
            const tx = await models.VnUser.beginTransaction({});
            const ctx = {options: {accessToken: {userId: hrId}}};
            try {
                const options = {transaction: tx};
                const userToUpdate = await models.VnUser.findById(1, null, options);
                userToUpdate.updateAttribute('emailVerified', 1, options);

                await models.VnUser.userSecurity(ctx, employeeId, options);
                await tx.rollback();
            } catch (error) {
                await tx.rollback();

                expect(error).toEqual(new ForbiddenError());
            }
        });
    });
});
feat(account): send verifyEmail when change email and tests 2022-09-26 06:21:58 +00:00			`const models = require('vn-loopback/server/server').models;`
refs #6067 feat(vnUser): verifyEmail redirect to lilium 2023-10-02 12:51:19 +00:00			`const ForbiddenError = require('vn-loopback/util/forbiddenError');`
#552 account.js backend unit tests 2018-08-07 10:17:34 +00:00
refactor(account): account model refactor 2023-01-23 14:24:00 +00:00			`describe('loopback model VnUser', () => {`
#552 account.js backend unit tests 2018-08-07 10:17:34 +00:00			`it('should return true if the user has the given role', async() => {`
refactor(account): account model refactor 2023-01-23 14:24:00 +00:00			`let result = await models.VnUser.hasRole(1, 'employee');`
#552 account.js backend unit tests 2018-08-07 10:17:34 +00:00
			`expect(result).toBeTruthy();`
			`});`

			`it('should return false if the user doesnt have the given role', async() => {`
refactor(account): account model refactor 2023-01-23 14:24:00 +00:00			`let result = await models.VnUser.hasRole(1, 'administrator');`
#552 account.js backend unit tests 2018-08-07 10:17:34 +00:00
			`expect(result).toBeFalsy();`
			`});`
refs #6067 feat: vnUser use verify() and more security when update user and mailForward 2023-09-25 06:33:16 +00:00
			`describe('userSecurity', () => {`
			`const itManagementId = 115;`
			`const hrId = 37;`
			`const employeeId = 1;`

			`it('should check if you are the same user', async() => {`
			`const ctx = {options: {accessToken: {userId: employeeId}}};`
			`await models.VnUser.userSecurity(ctx, employeeId);`
			`});`

			`it('should check for higher privileges', async() => {`
			`const ctx = {options: {accessToken: {userId: itManagementId}}};`
			`await models.VnUser.userSecurity(ctx, employeeId);`
			`});`

			`it('should check if you have medium privileges and the user email is not verified', async() => {`
			`const ctx = {options: {accessToken: {userId: hrId}}};`
			`await models.VnUser.userSecurity(ctx, employeeId);`
			`});`

			`it('should throw an error if you have medium privileges and the users email is verified', async() => {`
			`const tx = await models.VnUser.beginTransaction({});`
			`const ctx = {options: {accessToken: {userId: hrId}}};`
			`try {`
			`const options = {transaction: tx};`
			`const userToUpdate = await models.VnUser.findById(1, null, options);`
			`userToUpdate.updateAttribute('emailVerified', 1, options);`

			`await models.VnUser.userSecurity(ctx, employeeId, options);`
			`await tx.rollback();`
			`} catch (error) {`
			`await tx.rollback();`

refs #6067 feat(vnUser): verifyEmail redirect to lilium 2023-10-02 12:51:19 +00:00			`expect(error).toEqual(new ForbiddenError());`
refs #6067 feat: vnUser use verify() and more security when update user and mailForward 2023-09-25 06:33:16 +00:00			`}`
			`});`
			`});`
#552 account.js backend unit tests 2018-08-07 10:17:34 +00:00			`});`