efd27aa7de
This commit removes the membersTabDescription, updates the deleteAccountDescription text in the localization files, and adds a condition to check permissions in account invitation component. It also includes test credentials in README and provides a significant amount of seed data for testing the database.
100 lines
3.0 KiB
PL/PgSQL
100 lines
3.0 KiB
PL/PgSQL
BEGIN;
|
|
create extension "basejump-supabase_test_helpers" version '0.0.6';
|
|
|
|
select no_plan();
|
|
|
|
--- we insert a user into auth.users and return the id into user_id to use
|
|
|
|
select tests.create_supabase_user('test1', 'test1@test.com');
|
|
|
|
select tests.create_supabase_user('test2');
|
|
|
|
-- Create an team account
|
|
|
|
select tests.authenticate_as('test1');
|
|
|
|
select public.create_team_account('Test');
|
|
|
|
-- the owner account has permissions to manage members
|
|
select row_eq(
|
|
$$ select public.has_permission(
|
|
auth.uid(), makerkit.get_account_id_by_slug('test'), 'members.manage'::app_permissions) $$,
|
|
row(true::boolean),
|
|
'The owner of the team account should have the members.manage permission'
|
|
);
|
|
|
|
-- the owner account has permissions to manage billing
|
|
select row_eq(
|
|
$$ select public.has_permission(
|
|
auth.uid(), makerkit.get_account_id_by_slug('test'), 'billing.manage'::app_permissions) $$,
|
|
row(true::boolean),
|
|
'The owner of the team account should have the billing.manage permission'
|
|
);
|
|
|
|
-- Foreigner should not have permissions to manage members
|
|
|
|
select tests.authenticate_as('test2');
|
|
|
|
select row_eq(
|
|
$$ select public.has_permission(
|
|
auth.uid(), makerkit.get_account_id_by_slug('test'), 'members.manage'::app_permissions) $$,
|
|
row(false::boolean),
|
|
'Foreigners should not have the members.manage permission'
|
|
);
|
|
|
|
-- Custom roles
|
|
-- New roles created for the app
|
|
|
|
set local role service_role;
|
|
|
|
-- the name should be unique
|
|
|
|
select throws_ok(
|
|
$$ insert into public.roles (name, hierarchy_level) values ('owner', 4) $$,
|
|
'duplicate key value violates unique constraint "roles_pkey"'
|
|
);
|
|
|
|
-- the hierarchy level should be unique
|
|
select throws_ok(
|
|
$$ insert into public.roles (name, hierarchy_level) values ('custom-role-2', 1) $$,
|
|
'duplicate key value violates unique constraint "idx_unique_hierarchy_per_account"'
|
|
);
|
|
|
|
-- Custom Account Role
|
|
-- Roles created specifically for the account
|
|
|
|
set local role service_role;
|
|
|
|
-- the names should be unique
|
|
select throws_ok(
|
|
$$ insert into public.roles (name, hierarchy_level, account_id) values ('owner', 1, makerkit.get_account_id_by_slug('test')) $$,
|
|
'duplicate key value violates unique constraint "roles_pkey"'
|
|
);
|
|
|
|
-- update user role to custom role
|
|
update public.accounts_memberships
|
|
set account_role = 'custom-role'
|
|
where account_id = makerkit.get_account_id_by_slug('test')
|
|
and user_id = makerkit.get_user_id('test1@test.com');
|
|
|
|
select tests.authenticate_as('test1');
|
|
|
|
-- the custom role does not have permissions to manage billing
|
|
select row_eq(
|
|
$$ select public.has_permission(
|
|
auth.uid(), makerkit.get_account_id_by_slug('test'), 'billing.manage'::app_permissions) $$,
|
|
row(false::boolean),
|
|
'The custom role should not have the billing.manage permission'
|
|
);
|
|
|
|
-- the custom role can manage members
|
|
select row_eq(
|
|
$$ select public.has_permission(
|
|
auth.uid(), makerkit.get_account_id_by_slug('test'), 'members.manage'::app_permissions) $$,
|
|
row(true::boolean),
|
|
'The custom role should have the members.manage permission'
|
|
);
|
|
|
|
select * from finish();
|
|
|
|
rollback; |