unleash.unleash/src/lib/db/access-store.test.ts

import dbInit, { ITestDb } from '../../test/e2e/helpers/database-init';
import getLogger from '../../test/fixtures/no-logger';
import { PermissionRef } from 'lib/services/access-service';
import { AccessStore } from './access-store';
import { BadDataError } from '../../lib/error';

let db: ITestDb;

beforeAll(async () => {
    db = await dbInit('access_store_serial', getLogger);
});

afterAll(async () => {
    if (db) {
        await db.destroy();
    }
});

// Helper function to make the test cases more readable
const args = (permissions: PermissionRef[], expectations?: PermissionRef[]) => {
    if (expectations) {
        return [permissions, expectations];
    } else {
        return [permissions];
    }
};

test('resolvePermissions returns empty list if undefined', async () => {
    const access = db.stores.accessStore as AccessStore;
    const result = await access.resolvePermissions(
        undefined as unknown as PermissionRef[],
    );
    expect(result).toStrictEqual([]);
});

test('resolvePermissions returns empty list if empty list', async () => {
    const access = db.stores.accessStore as AccessStore;
    const result = await access.resolvePermissions([] as PermissionRef[]);
    expect(result).toStrictEqual([]);
});

test.each([
    args([{ name: 'CREATE_CONTEXT_FIELD' }]),
    args([{ name: 'CREATE_FEATURE', environment: 'development' }]),
    args([
        { name: 'CREATE_CONTEXT_FIELD' },
        { name: 'CREATE_FEATURE', environment: 'development' },
    ]),
])(
    'resolvePermissions with permission names (%o) will return the list unmodified',
    async (permissions) => {
        const access = db.stores.accessStore as AccessStore;
        const result = await access.resolvePermissions(permissions);
        expect(result).toStrictEqual(permissions);
    },
);

test.each([
    args([{ id: 1 }], [{ id: 1, name: 'ADMIN' }]),
    args(
        [{ id: 4, environment: 'development' }],
        [{ id: 4, name: 'CREATE_ADDON', environment: 'development' }],
    ),
    args(
        [
            { id: 1, environment: 'development' },
            { id: 2, name: 'ignore this name' },
        ],
        [
            { id: 1, name: 'ADMIN', environment: 'development' },
            { id: 2, name: 'ignore this name' },
        ],
    ),
])(
    'resolvePermissions with only permission ids (%o) will resolve to named permissions without an id',
    async (permissions, expected) => {
        const access = db.stores.accessStore as AccessStore;
        const result = await access.resolvePermissions(permissions);
        expect(result).toStrictEqual(expected);
    },
);

test.each([
    args(
        [
            { name: 'CREATE_CONTEXT_FIELD' },
            { id: 3 },
            { name: 'CREATE_FEATURE', environment: 'development' },
            { id: 15, environment: 'development' },
            { name: 'UPDATE_FEATURE', environment: 'development' },
        ],
        [
            { name: 'CREATE_CONTEXT_FIELD' },
            { id: 3, name: 'CREATE_STRATEGY' },
            { name: 'CREATE_FEATURE', environment: 'development' },
            { id: 15, name: 'UPDATE_STRATEGY', environment: 'development' },
            { name: 'UPDATE_FEATURE', environment: 'development' },
        ],
    ),
])(
    'resolvePermissions mixed ids and names (%o) will inject the names where they are missing',
    async (permissions, expected) => {
        const access = db.stores.accessStore as AccessStore;
        const result = await access.resolvePermissions(permissions);
        expect(result).toStrictEqual(expected);
    },
);

describe('addAccessToProject', () => {
    test.each(['roles', 'groups', 'users'])(
        'should throw a bad data error if there is invalid data in the %s property of the addAccessToProject payload',
        async (property) => {
            const access = db.stores.accessStore as AccessStore;

            const payload = {
                roles: [4, 5],
                groups: [],
                users: [],
                [property]: [123456789],
            };

            await expect(() =>
                access.addAccessToProject(
                    payload.roles,
                    payload.groups,
                    payload.users,
                    'projectId',
                    'createdBy',
                ),
            ).rejects.toThrow(BadDataError);
        },
    );
});
Biome1.5.1 (#5867) Lots of work here, mostly because I didn't want to turn off the `noImplicitAnyLet` lint. This PR tries its best to type all the untyped lets biome complained about (Don't ask me how many hours that took or how many lints that was >200...), which in the future will force test authors to actually type their global variables setup in `beforeAll`. --------- Co-authored-by: Gastón Fournier <gaston@getunleash.io> 2024-01-12 10:25:59 +01:00			`import dbInit, { ITestDb } from '../../test/e2e/helpers/database-init';`
chore: Improve access service iter 2 (#4779) ## About the changes In https://github.com/Unleash/unleash/pull/4689 I forgot to add backward compatibility for a public method that was being used in Enterprise. 2023-09-19 16:15:27 +02:00			`import getLogger from '../../test/fixtures/no-logger';`
			`import { PermissionRef } from 'lib/services/access-service';`
			`import { AccessStore } from './access-store';`
fix: return 400 on invalid POST data to project access endpoint (#5610) This PR fixes the issue discussed in SR-234, where you would get a 200 OK response even if your POST request to `/api/admin/projects/<project-name>/access` contains invalid data (and nothing is persisted). 2023-12-12 14:46:23 +01:00			`import { BadDataError } from '../../lib/error';`
chore: Improve access service iter 2 (#4779) ## About the changes In https://github.com/Unleash/unleash/pull/4689 I forgot to add backward compatibility for a public method that was being used in Enterprise. 2023-09-19 16:15:27 +02:00
Biome1.5.1 (#5867) Lots of work here, mostly because I didn't want to turn off the `noImplicitAnyLet` lint. This PR tries its best to type all the untyped lets biome complained about (Don't ask me how many hours that took or how many lints that was >200...), which in the future will force test authors to actually type their global variables setup in `beforeAll`. --------- Co-authored-by: Gastón Fournier <gaston@getunleash.io> 2024-01-12 10:25:59 +01:00			`let db: ITestDb;`
chore: Improve access service iter 2 (#4779) ## About the changes In https://github.com/Unleash/unleash/pull/4689 I forgot to add backward compatibility for a public method that was being used in Enterprise. 2023-09-19 16:15:27 +02:00
			`beforeAll(async () => {`
			`db = await dbInit('access_store_serial', getLogger);`
			`});`

			`afterAll(async () => {`
			`if (db) {`
			`await db.destroy();`
			`}`
			`});`

			`// Helper function to make the test cases more readable`
			`const args = (permissions: PermissionRef[], expectations?: PermissionRef[]) => {`
			`if (expectations) {`
			`return [permissions, expectations];`
			`} else {`
			`return [permissions];`
			`}`
			`};`

			`test('resolvePermissions returns empty list if undefined', async () => {`
			`const access = db.stores.accessStore as AccessStore;`
			`const result = await access.resolvePermissions(`
			`undefined as unknown as PermissionRef[],`
			`);`
			`expect(result).toStrictEqual([]);`
			`});`

			`test('resolvePermissions returns empty list if empty list', async () => {`
			`const access = db.stores.accessStore as AccessStore;`
			`const result = await access.resolvePermissions([] as PermissionRef[]);`
			`expect(result).toStrictEqual([]);`
			`});`

			`test.each([`
refactor: favor permission name over id (#5409) https://linear.app/unleash/issue/2-1664/create-db-migration-that-favors-the-name-column-over-id-for Similar to https://github.com/Unleash/unleash/pull/5398, but non-breaking (semver). This keeps the permissions `id` column intact, however favors the permission name whenever possible. 2023-11-27 12:12:09 +01:00			`args([{ name: 'CREATE_CONTEXT_FIELD' }]),`
			`args([{ name: 'CREATE_FEATURE', environment: 'development' }]),`
chore: Improve access service iter 2 (#4779) ## About the changes In https://github.com/Unleash/unleash/pull/4689 I forgot to add backward compatibility for a public method that was being used in Enterprise. 2023-09-19 16:15:27 +02:00			`args([`
refactor: favor permission name over id (#5409) https://linear.app/unleash/issue/2-1664/create-db-migration-that-favors-the-name-column-over-id-for Similar to https://github.com/Unleash/unleash/pull/5398, but non-breaking (semver). This keeps the permissions `id` column intact, however favors the permission name whenever possible. 2023-11-27 12:12:09 +01:00			`{ name: 'CREATE_CONTEXT_FIELD' },`
			`{ name: 'CREATE_FEATURE', environment: 'development' },`
chore: Improve access service iter 2 (#4779) ## About the changes In https://github.com/Unleash/unleash/pull/4689 I forgot to add backward compatibility for a public method that was being used in Enterprise. 2023-09-19 16:15:27 +02:00			`]),`
			`])(`
refactor: favor permission name over id (#5409) https://linear.app/unleash/issue/2-1664/create-db-migration-that-favors-the-name-column-over-id-for Similar to https://github.com/Unleash/unleash/pull/5398, but non-breaking (semver). This keeps the permissions `id` column intact, however favors the permission name whenever possible. 2023-11-27 12:12:09 +01:00			`'resolvePermissions with permission names (%o) will return the list unmodified',`
chore: Improve access service iter 2 (#4779) ## About the changes In https://github.com/Unleash/unleash/pull/4689 I forgot to add backward compatibility for a public method that was being used in Enterprise. 2023-09-19 16:15:27 +02:00			`async (permissions) => {`
			`const access = db.stores.accessStore as AccessStore;`
			`const result = await access.resolvePermissions(permissions);`
			`expect(result).toStrictEqual(permissions);`
			`},`
			`);`

			`test.each([`
refactor: favor permission name over id (#5409) https://linear.app/unleash/issue/2-1664/create-db-migration-that-favors-the-name-column-over-id-for Similar to https://github.com/Unleash/unleash/pull/5398, but non-breaking (semver). This keeps the permissions `id` column intact, however favors the permission name whenever possible. 2023-11-27 12:12:09 +01:00			`args([{ id: 1 }], [{ id: 1, name: 'ADMIN' }]),`
chore: Improve access service iter 2 (#4779) ## About the changes In https://github.com/Unleash/unleash/pull/4689 I forgot to add backward compatibility for a public method that was being used in Enterprise. 2023-09-19 16:15:27 +02:00			`args(`
refactor: favor permission name over id (#5409) https://linear.app/unleash/issue/2-1664/create-db-migration-that-favors-the-name-column-over-id-for Similar to https://github.com/Unleash/unleash/pull/5398, but non-breaking (semver). This keeps the permissions `id` column intact, however favors the permission name whenever possible. 2023-11-27 12:12:09 +01:00			`[{ id: 4, environment: 'development' }],`
			`[{ id: 4, name: 'CREATE_ADDON', environment: 'development' }],`
chore: Improve access service iter 2 (#4779) ## About the changes In https://github.com/Unleash/unleash/pull/4689 I forgot to add backward compatibility for a public method that was being used in Enterprise. 2023-09-19 16:15:27 +02:00			`),`
			`args(`
			`[`
refactor: favor permission name over id (#5409) https://linear.app/unleash/issue/2-1664/create-db-migration-that-favors-the-name-column-over-id-for Similar to https://github.com/Unleash/unleash/pull/5398, but non-breaking (semver). This keeps the permissions `id` column intact, however favors the permission name whenever possible. 2023-11-27 12:12:09 +01:00			`{ id: 1, environment: 'development' },`
			`{ id: 2, name: 'ignore this name' },`
chore: Improve access service iter 2 (#4779) ## About the changes In https://github.com/Unleash/unleash/pull/4689 I forgot to add backward compatibility for a public method that was being used in Enterprise. 2023-09-19 16:15:27 +02:00			`],`
			`[`
refactor: favor permission name over id (#5409) https://linear.app/unleash/issue/2-1664/create-db-migration-that-favors-the-name-column-over-id-for Similar to https://github.com/Unleash/unleash/pull/5398, but non-breaking (semver). This keeps the permissions `id` column intact, however favors the permission name whenever possible. 2023-11-27 12:12:09 +01:00			`{ id: 1, name: 'ADMIN', environment: 'development' },`
			`{ id: 2, name: 'ignore this name' },`
chore: Improve access service iter 2 (#4779) ## About the changes In https://github.com/Unleash/unleash/pull/4689 I forgot to add backward compatibility for a public method that was being used in Enterprise. 2023-09-19 16:15:27 +02:00			`],`
			`),`
			`])(`
refactor: favor permission name over id (#5409) https://linear.app/unleash/issue/2-1664/create-db-migration-that-favors-the-name-column-over-id-for Similar to https://github.com/Unleash/unleash/pull/5398, but non-breaking (semver). This keeps the permissions `id` column intact, however favors the permission name whenever possible. 2023-11-27 12:12:09 +01:00			`'resolvePermissions with only permission ids (%o) will resolve to named permissions without an id',`
chore: Improve access service iter 2 (#4779) ## About the changes In https://github.com/Unleash/unleash/pull/4689 I forgot to add backward compatibility for a public method that was being used in Enterprise. 2023-09-19 16:15:27 +02:00			`async (permissions, expected) => {`
			`const access = db.stores.accessStore as AccessStore;`
			`const result = await access.resolvePermissions(permissions);`
			`expect(result).toStrictEqual(expected);`
			`},`
			`);`

			`test.each([`
			`args(`
			`[`
			`{ name: 'CREATE_CONTEXT_FIELD' },`
			`{ id: 3 },`
			`{ name: 'CREATE_FEATURE', environment: 'development' },`
			`{ id: 15, environment: 'development' },`
			`{ name: 'UPDATE_FEATURE', environment: 'development' },`
			`],`
			`[`
refactor: favor permission name over id (#5409) https://linear.app/unleash/issue/2-1664/create-db-migration-that-favors-the-name-column-over-id-for Similar to https://github.com/Unleash/unleash/pull/5398, but non-breaking (semver). This keeps the permissions `id` column intact, however favors the permission name whenever possible. 2023-11-27 12:12:09 +01:00			`{ name: 'CREATE_CONTEXT_FIELD' },`
			`{ id: 3, name: 'CREATE_STRATEGY' },`
			`{ name: 'CREATE_FEATURE', environment: 'development' },`
			`{ id: 15, name: 'UPDATE_STRATEGY', environment: 'development' },`
			`{ name: 'UPDATE_FEATURE', environment: 'development' },`
chore: Improve access service iter 2 (#4779) ## About the changes In https://github.com/Unleash/unleash/pull/4689 I forgot to add backward compatibility for a public method that was being used in Enterprise. 2023-09-19 16:15:27 +02:00			`],`
			`),`
			`])(`
refactor: favor permission name over id (#5409) https://linear.app/unleash/issue/2-1664/create-db-migration-that-favors-the-name-column-over-id-for Similar to https://github.com/Unleash/unleash/pull/5398, but non-breaking (semver). This keeps the permissions `id` column intact, however favors the permission name whenever possible. 2023-11-27 12:12:09 +01:00			`'resolvePermissions mixed ids and names (%o) will inject the names where they are missing',`
chore: Improve access service iter 2 (#4779) ## About the changes In https://github.com/Unleash/unleash/pull/4689 I forgot to add backward compatibility for a public method that was being used in Enterprise. 2023-09-19 16:15:27 +02:00			`async (permissions, expected) => {`
			`const access = db.stores.accessStore as AccessStore;`
			`const result = await access.resolvePermissions(permissions);`
			`expect(result).toStrictEqual(expected);`
			`},`
			`);`
fix: return 400 on invalid POST data to project access endpoint (#5610) This PR fixes the issue discussed in SR-234, where you would get a 200 OK response even if your POST request to `/api/admin/projects/<project-name>/access` contains invalid data (and nothing is persisted). 2023-12-12 14:46:23 +01:00
			`describe('addAccessToProject', () => {`
			`test.each(['roles', 'groups', 'users'])(`
			`'should throw a bad data error if there is invalid data in the %s property of the addAccessToProject payload',`
			`async (property) => {`
			`const access = db.stores.accessStore as AccessStore;`

			`const payload = {`
			`roles: [4, 5],`
			`groups: [],`
			`users: [],`
			`[property]: [123456789],`
			`};`

			`await expect(() =>`
			`access.addAccessToProject(`
			`payload.roles,`
			`payload.groups,`
			`payload.users,`
			`'projectId',`
			`'createdBy',`
			`),`
			`).rejects.toThrow(BadDataError);`
			`},`
			`);`
			`});`