zaid.marzguioui/myeasycms-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0935ecd90f79352ffd66e0cad3a8dd09ce148f44
myeasycms-v2/apps/web/supabase/tests/database/invitations.test.sql
giancarlo a501bb5444 Update SQL tests and schema definitions for membership and invitation management 
This commit includes updates to the SQL tests for the database layer handling memberships and invitations. Test cases are improved and expanded. It also introduces some changes to the underlying schema, including creation of new indices on the 'accounts' table and several adjustments to function definitions with regard to how user IDs are accessed. Also, some views related to user accounts are redefined for better data handling.
2024-05-08 17:16:33 +07:00

97 lines
4.2 KiB
PL/PgSQL
Raw Blame History

begin;
create extension "basejump-supabase_test_helpers" version '0.0.6';
select no_plan();
-- test
select makerkit.set_identifier('test', 'test@makerkit.dev');
select makerkit.set_identifier('member', 'member@makerkit.dev');
select makerkit.set_identifier('custom', 'custom@makerkit.dev');
select tests.authenticate_as('test');
select lives_ok(
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite1@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'member', gen_random_uuid()); $$,
'owner should be able to create invitations'
);
-- check two invitations to the same email/account are not allowed
select throws_ok(
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite1@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'member', gen_random_uuid()) $$,
'duplicate key value violates unique constraint "invitations_email_account_id_key"'
);
select tests.authenticate_as('member');
-- check a member cannot invite members with higher roles
select throws_ok(
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite2@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'owner', gen_random_uuid()) $$,
'new row violates row-level security policy for table "invitations"'
);
-- check a member can invite members with the same or lower roles
select lives_ok(
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite2@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'member', gen_random_uuid()) $$,
'member should be able to create invitations for members or lower roles'
);
-- authenticate_as the custom role
select tests.authenticate_as('custom');
-- it will fail because the custom role does not have the invites.manage permission
select throws_ok(
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite3@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'custom-role', gen_random_uuid()) $$,
'new row violates row-level security policy for table "invitations"'
);
set local role postgres;
-- add permissions to invite members to the custom role
insert into public.role_permissions (role, permission) values ('custom-role', 'invites.manage');
-- authenticate_as the custom role
select tests.authenticate_as('custom');
select lives_ok(
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite3@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'custom-role', gen_random_uuid()) $$,
'custom role should be able to create invitations'
);
select lives_ok(
$$ SELECT public.add_invitations_to_account('makerkit', ARRAY[ROW('example@makerkit.dev', 'custom-role')::public.invitation]); $$,
'custom role should be able to create invitations using the function public.add_invitations_to_account'
);
select throws_ok(
$$ SELECT public.add_invitations_to_account('makerkit', ARRAY[ROW('example2@makerkit.dev', 'owner')::public.invitation]); $$,
'new row violates row-level security policy for table "invitations"',
'cannot invite members with higher roles'
);
-- Foreigners should not be able to create invitations
select tests.create_supabase_user('user');
select tests.authenticate_as('user');
-- it will fail because the user is not a member of the account
select throws_ok(
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite4@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'member', gen_random_uuid()) $$,
'new row violates row-level security policy for table "invitations"'
);
select throws_ok(
$$ SELECT public.add_invitations_to_account('makerkit', ARRAY[ROW('example@example.com', 'member')::public.invitation]); $$,
'new row violates row-level security policy for table "invitations"'
);
select is_empty($$
select * from public.invitations where account_id = makerkit.get_account_id_by_slug('makerkit') $$,
'no invitations should be listed'
);
select * from finish();
rollback;
Reference in New Issue View Git Blame Copy Permalink