Sākums Izpētīt Palīdzība
Reģistrēties Pierakstīties
Code_Uwe
/
rhl-lieferscheine
1
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Koks: fe0ee192f9
Atzari Tagi
rhl-lieferschei...
/
app
/
api
/
branches
/
[branch]
/
years
/
route.test.js

route.test.js 3.0 KB
Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119 
  1. /* @vitest-environment node */
    2. 

  2. 

  3. import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
    4. 

  4. import fs from "node:fs/promises";
    5. 

  5. import os from "node:os";
    6. 

  6. import path from "node:path";
    7. 

  7. 

  8. vi.mock("@/lib/auth/session", () => ({
    9. 

  9. 	getSession: vi.fn(),
    10. 

  10. }));
    11. 

  11. 

  12. import { getSession } from "@/lib/auth/session";
    13. 

  13. import { GET } from "./route.js";
    14. 

  14. 

  15. describe("GET /api/branches/[branch]/years", () => {
    16. 

  16. 	let tmpRoot;
    17. 

  17. 	const originalNasRoot = process.env.NAS_ROOT_PATH;
    18. 

  18. 

  19. 	beforeEach(async () => {
    20. 

  20. 		vi.clearAllMocks();
    21. 

  21. 		tmpRoot = await fs.mkdtemp(path.join(os.tmpdir(), "api-years-"));
    22. 

  22. 		process.env.NAS_ROOT_PATH = tmpRoot;
    23. 

  23. 

  24. 		// Minimal structure for NL01
    25. 

  25. 		await fs.mkdir(path.join(tmpRoot, "NL01", "2024"), { recursive: true });
    26. 

  26. 	});
    27. 

  27. 

  28. 	afterEach(async () => {
    29. 

  29. 		process.env.NAS_ROOT_PATH = originalNasRoot;
    30. 

  30. 		if (tmpRoot) await fs.rm(tmpRoot, { recursive: true, force: true });
    31. 

  31. 	});
    32. 

  32. 

  33. 	it("returns 401 when unauthenticated", async () => {
    34. 

  34. 		getSession.mockResolvedValue(null);
    35. 

  35. 

  36. 		const res = await GET(
    37. 

  37. 			new Request("http://localhost/api/branches/NL01/years"),
    38. 

  38. 			{
    39. 

  39. 				params: Promise.resolve({ branch: "NL01" }),
    40. 

  40. 			}
    41. 

  41. 		);
    42. 

  42. 

  43. 		expect(res.status).toBe(401);
    44. 

  44. 		expect(await res.json()).toEqual({ error: "Unauthorized" });
    45. 

  45. 	});
    46. 

  46. 

  47. 	it("returns 403 when branch user accesses a different branch", async () => {
    48. 

  48. 		getSession.mockResolvedValue({
    49. 

  49. 			role: "branch",
    50. 

  50. 			branchId: "NL01",
    51. 

  51. 			userId: "u1",
    52. 

  52. 		});
    53. 

  53. 

  54. 		const res = await GET(
    55. 

  55. 			new Request("http://localhost/api/branches/NL02/years"),
    56. 

  56. 			{
    57. 

  57. 				params: Promise.resolve({ branch: "NL02" }),
    58. 

  58. 			}
    59. 

  59. 		);
    60. 

  60. 

  61. 		expect(res.status).toBe(403);
    62. 

  62. 		expect(await res.json()).toEqual({ error: "Forbidden" });
    63. 

  63. 	});
    64. 

  64. 

  65. 	it("returns years for a valid branch when allowed", async () => {
    66. 

  66. 		getSession.mockResolvedValue({
    67. 

  67. 			role: "branch",
    68. 

  68. 			branchId: "NL01",
    69. 

  69. 			userId: "u1",
    70. 

  70. 		});
    71. 

  71. 

  72. 		const res = await GET(
    73. 

  73. 			new Request("http://localhost/api/branches/NL01/years"),
    74. 

  74. 			{
    75. 

  75. 				params: Promise.resolve({ branch: "NL01" }),
    76. 

  76. 			}
    77. 

  77. 		);
    78. 

  78. 

  79. 		expect(res.status).toBe(200);
    80. 

  80. 		const body = await res.json();
    81. 

  81. 		expect(body).toEqual({ branch: "NL01", years: ["2024"] });
    82. 

  82. 	});
    83. 

  83. 

  84. 	it("returns 400 when branch param is missing (authenticated)", async () => {
    85. 

  85. 		getSession.mockResolvedValue({
    86. 

  86. 			role: "admin",
    87. 

  87. 			branchId: null,
    88. 

  88. 			userId: "u2",
    89. 

  89. 		});
    90. 

  90. 

  91. 		const res = await GET(new Request("http://localhost/api/branches//years"), {
    92. 

  92. 			params: Promise.resolve({ branch: undefined }),
    93. 

  93. 		});
    94. 

  94. 

  95. 		expect(res.status).toBe(400);
    96. 

  96. 		expect(await res.json()).toEqual({ error: "branch Parameter fehlt" });
    97. 

  97. 	});
    98. 

  98. 

  99. 	it("returns 500 when NAS_ROOT_PATH is invalid (authenticated)", async () => {
    100. 

  100. 		getSession.mockResolvedValue({
    101. 

  101. 			role: "admin",
    102. 

  102. 			branchId: null,
    103. 

  103. 			userId: "u2",
    104. 

  104. 		});
    105. 

  105. 

  106. 		process.env.NAS_ROOT_PATH = path.join(tmpRoot, "does-not-exist");
    107. 

  107. 

  108. 		const res = await GET(
    109. 

  109. 			new Request("http://localhost/api/branches/NL01/years"),
    110. 

  110. 			{
    111. 

  111. 				params: Promise.resolve({ branch: "NL01" }),
    112. 

  112. 			}
    113. 

  113. 		);
    114. 

  114. 

  115. 		expect(res.status).toBe(500);
    116. 

  116. 		const body = await res.json();
    117. 

  117. 		expect(body.error).toContain("Fehler beim Lesen der Jahre:");
    118. 

  118. 	});
    119. 

  119. });
    120.