From 0809c025d1209231d0a00a19f19d72694391f3b5 Mon Sep 17 00:00:00 2001 From: mike12345567 Date: Wed, 7 Dec 2022 18:37:23 +0000 Subject: [PATCH] Adding unit test. --- .../src/api/routes/global/tests/users.spec.ts | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/packages/worker/src/api/routes/global/tests/users.spec.ts b/packages/worker/src/api/routes/global/tests/users.spec.ts index 31a99a61f1..3b732cb3d9 100644 --- a/packages/worker/src/api/routes/global/tests/users.spec.ts +++ b/packages/worker/src/api/routes/global/tests/users.spec.ts @@ -1,4 +1,4 @@ -import { InviteUsersResponse } from "@budibase/types" +import { InviteUsersResponse, User } from "@budibase/types" jest.mock("nodemailer") import { @@ -298,6 +298,23 @@ describe("/api/global/users", () => { expect(events.user.passwordForceReset).not.toBeCalled() }) + it("should not allow a user to update their own admin/builder status", async () => { + const user = (await config.api.users.getUser(config.defaultUser?._id!)) + .body as User + await config.api.users.saveUser({ + ...user, + admin: { + global: false, + }, + builder: { + global: false, + }, + }) + const userOut = (await config.api.users.getUser(user._id!)).body + expect(userOut.admin.global).toBe(true) + expect(userOut.builder.global).toBe(true) + }) + it("should be able to force reset password", async () => { const user = await config.createUser() jest.clearAllMocks()