Add SMTP credentials for tests and enhance user role handling in CMS and Galerie endpoints
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 3m43s
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 3m43s
This commit is contained in:
Torsten Schulz (local)
@@ -9,6 +9,17 @@ vi.mock('../server/utils/auth.js', () => ({
|
||||
if (!user) return false
|
||||
const userRoles = Array.isArray(user.roles) ? user.roles : (user.role ? [user.role] : [])
|
||||
return roles.some(r => userRoles.includes(r))
|
||||
}),
|
||||
migrateUserRoles: vi.fn((user) => {
|
||||
if (!user) return user
|
||||
if (Array.isArray(user.roles)) return user
|
||||
if (user.role) {
|
||||
user.roles = [user.role]
|
||||
delete user.role
|
||||
} else {
|
||||
user.roles = ['mitglied']
|
||||
}
|
||||
return user
|
||||
})
|
||||
}))
|
||||
|
||||
@@ -37,21 +48,34 @@ describe('CMS User Management Endpoints', () => {
|
||||
|
||||
const adminEvent = () => {
|
||||
const event = createEvent({ cookies: { auth_token: 'token' } })
|
||||
authUtils.getUserFromToken.mockResolvedValue({ id: 'admin', role: 'admin' })
|
||||
authUtils.getUserFromToken.mockResolvedValue({ id: 'admin', roles: ['admin'] })
|
||||
authUtils.hasAnyRole.mockReturnValue(true)
|
||||
return event
|
||||
}
|
||||
|
||||
describe('GET /api/cms/users/list', () => {
|
||||
it('verweigert Zugriff für Nicht-Admins', async () => {
|
||||
const event = createEvent({ cookies: { auth_token: 'token' } })
|
||||
authUtils.getUserFromToken.mockResolvedValue({ id: 'user', role: 'mitglied' })
|
||||
authUtils.getUserFromToken.mockResolvedValue({ id: 'user', roles: ['mitglied'] })
|
||||
authUtils.hasAnyRole.mockReturnValue(false)
|
||||
|
||||
await expect(usersListHandler(event)).rejects.toMatchObject({ statusCode: 403 })
|
||||
})
|
||||
|
||||
it('liefert Benutzerliste ohne Passwörter', async () => {
|
||||
const event = adminEvent()
|
||||
authUtils.readUsers.mockResolvedValue([{ id: '1', email: 'a@b.de', name: 'Anna', role: 'mitglied', phone: '1', active: true, created: 'now', lastLogin: null, password: 'secret' }])
|
||||
authUtils.readUsers.mockResolvedValue([{ id: '1', email: 'a@b.de', name: 'Anna', roles: ['mitglied'], phone: '1', active: true, created: 'now', lastLogin: null, password: 'secret' }])
|
||||
authUtils.migrateUserRoles.mockImplementation((user) => {
|
||||
if (!user) return user
|
||||
if (Array.isArray(user.roles)) return user
|
||||
if (user.role) {
|
||||
user.roles = [user.role]
|
||||
delete user.role
|
||||
} else {
|
||||
user.roles = ['mitglied']
|
||||
}
|
||||
return user
|
||||
})
|
||||
|
||||
const response = await usersListHandler(event)
|
||||
expect(response.users[0]).not.toHaveProperty('password')
|
||||
@@ -62,7 +86,8 @@ describe('CMS User Management Endpoints', () => {
|
||||
describe('POST /api/cms/users/approve', () => {
|
||||
it('erfordert administrative Rolle', async () => {
|
||||
const event = createEvent({ cookies: { auth_token: 'token' } })
|
||||
authUtils.getUserFromToken.mockResolvedValue({ id: 'user', role: 'mitglied' })
|
||||
authUtils.getUserFromToken.mockResolvedValue({ id: 'user', roles: ['mitglied'] })
|
||||
authUtils.hasAnyRole.mockReturnValue(false)
|
||||
mockSuccessReadBody({ userId: '1' })
|
||||
|
||||
await expect(usersApproveHandler(event)).rejects.toMatchObject({ statusCode: 403 })
|
||||
@@ -78,9 +103,12 @@ describe('CMS User Management Endpoints', () => {
|
||||
|
||||
it('aktiviert Benutzer und sendet Mail', async () => {
|
||||
const event = adminEvent()
|
||||
mockSuccessReadBody({ userId: '1', role: 'vorstand' })
|
||||
mockSuccessReadBody({ userId: '1', roles: ['vorstand'] })
|
||||
authUtils.readUsers.mockResolvedValue([{ id: '1', email: 'user@test.de', name: 'Udo', active: false }])
|
||||
authUtils.writeUsers.mockResolvedValue(true)
|
||||
// Setze SMTP-Credentials für Tests
|
||||
process.env.SMTP_USER = 'test@example.com'
|
||||
process.env.SMTP_PASS = 'test-password'
|
||||
|
||||
const response = await usersApproveHandler(event)
|
||||
expect(response.success).toBe(true)
|
||||
@@ -124,16 +152,27 @@ describe('CMS User Management Endpoints', () => {
|
||||
describe('POST /api/cms/users/update-role', () => {
|
||||
it('validiert Rolle', async () => {
|
||||
const event = adminEvent()
|
||||
mockSuccessReadBody({ userId: '1', role: 'invalid' })
|
||||
mockSuccessReadBody({ userId: '1', roles: ['invalid'] })
|
||||
|
||||
await expect(usersUpdateRoleHandler(event)).rejects.toMatchObject({ statusCode: 400 })
|
||||
})
|
||||
|
||||
it('aktualisiert Rolle', async () => {
|
||||
const event = adminEvent()
|
||||
mockSuccessReadBody({ userId: '1', role: 'vorstand' })
|
||||
authUtils.readUsers.mockResolvedValue([{ id: '1', role: 'mitglied' }])
|
||||
mockSuccessReadBody({ userId: '1', roles: ['vorstand'] })
|
||||
authUtils.readUsers.mockResolvedValue([{ id: '1', roles: ['mitglied'] }])
|
||||
authUtils.writeUsers.mockResolvedValue(true)
|
||||
authUtils.migrateUserRoles.mockImplementation((user) => {
|
||||
if (!user) return user
|
||||
if (Array.isArray(user.roles)) return user
|
||||
if (user.role) {
|
||||
user.roles = [user.role]
|
||||
delete user.role
|
||||
} else {
|
||||
user.roles = ['mitglied']
|
||||
}
|
||||
return user
|
||||
})
|
||||
|
||||
const response = await usersUpdateRoleHandler(event)
|
||||
expect(response.success).toBe(true)
|
||||
|
||||
Reference in New Issue
Block a user