Added unit tests

This commit is contained in:
Mel O'Hagan 2022-11-29 16:11:53 +00:00
parent 89db22858a
commit d0909392d7
2 changed files with 18 additions and 2 deletions

View File

@ -262,6 +262,14 @@ describe("/api/global/users", () => {
expect(events.user.created).toBeCalledTimes(1) expect(events.user.created).toBeCalledTimes(1)
}) })
it("should not allow a non-admin user to create a new user", async () => {
const nonAdmin = await config.createUser(structures.users.builderUser())
await config.createSession(nonAdmin)
const newUser = structures.users.user()
await api.users.saveUser(newUser, 403, config.authHeaders(nonAdmin))
})
}) })
describe("update", () => { describe("update", () => {
@ -418,6 +426,14 @@ describe("/api/global/users", () => {
expect(user).toStrictEqual(dbUser) expect(user).toStrictEqual(dbUser)
expect(response.body.message).toBe("Email address cannot be changed") expect(response.body.message).toBe("Email address cannot be changed")
}) })
it("should allow a non-admin user to update an existing user", async () => {
const existingUser = await config.createUser(structures.users.user())
const nonAdmin = await config.createUser(structures.users.builderUser())
await config.createSession(nonAdmin)
await api.users.saveUser(existingUser, 200, config.authHeaders(nonAdmin))
})
}) })
describe("bulk (delete)", () => { describe("bulk (delete)", () => {

View File

@ -91,11 +91,11 @@ export class UserAPI {
// USER // USER
saveUser = (user: User, status?: number) => { saveUser = (user: User, status?: number, headers?: any) => {
return this.request return this.request
.post(`/api/global/users`) .post(`/api/global/users`)
.send(user) .send(user)
.set(this.config.defaultHeaders()) .set(headers ?? this.config.defaultHeaders())
.expect("Content-Type", /json/) .expect("Content-Type", /json/)
.expect(status ? status : 200) .expect(status ? status : 200)
} }