From eb23cd484bbf04a2c52434614c997525e7d003c7 Mon Sep 17 00:00:00 2001 From: Guilherme Peixoto Date: Thu, 30 Jan 2025 20:32:00 -0300 Subject: [PATCH] init tests fixes --- src/Middlewares/accessControlMiddleware.js | 26 ++-- src/__tests__/bankAccountController.test.js | 117 +++++++++++------- .../financialMovementsController.test.js | 22 +++- src/__tests__/suppllierFormController.test.js | 20 +-- src/__tests__/utils.test.js | 77 ++++++++++++ 5 files changed, 190 insertions(+), 72 deletions(-) diff --git a/src/Middlewares/accessControlMiddleware.js b/src/Middlewares/accessControlMiddleware.js index f283d00..f92ad09 100644 --- a/src/Middlewares/accessControlMiddleware.js +++ b/src/Middlewares/accessControlMiddleware.js @@ -1,23 +1,27 @@ -const jwt = require('jsonwebtoken'); - +const jwt = require("jsonwebtoken"); const checkPermissions = (permissionName) => { return async (req, res, next) => { - try{ - const decoded = jwt.decode(req.headers.authorization?.split(" ")[1]); - - const permission = decoded._doc.permissions.find( - (perm) => perm.name === permissionName + try { + const decoded = jwt.decode( + req.headers.authorization?.split(" ")[1] + ); + if (!decoded) { + return res + .status(401) + .json({ mensagem: "Tokem não fornecido." }); + } + const permission = decoded.permissions.find( + (perm) => perm === permissionName ); - + if (!permission) { return res .status(400) .send("user has no permission to access resource"); } - next(); - } - catch(error){ + next(); + } catch (error) { next(error); } }; diff --git a/src/__tests__/bankAccountController.test.js b/src/__tests__/bankAccountController.test.js index a7b0da5..9767a4f 100644 --- a/src/__tests__/bankAccountController.test.js +++ b/src/__tests__/bankAccountController.test.js @@ -3,10 +3,14 @@ const express = require("express"); const mongoose = require("mongoose"); const { MongoMemoryServer } = require("mongodb-memory-server"); const bankAccountRouter = require("../routes"); // Atualize o caminho para o arquivo de rotas +const { mockedToken } = require('./utils.test') + let mongoServer; let app = express(); + + beforeAll(async () => { mongoServer = await MongoMemoryServer.create(); const uri = mongoServer.getUri(); @@ -24,10 +28,13 @@ afterAll(async () => { await mongoServer.stop(); }); + + describe("BankAccount API", () => { - it("should create a new bank account", async () => { + it("should create a new bank account", async () => { const response = await request(app) - .post("/finance/createBankAccount") // Atualize o caminho da rota + .post("/finance/createBankAccount") + .set("Authorization", `Bearer ${mockedToken()}`) // Atualize o caminho da rota .send({ formData: { name: "Conta Teste", @@ -38,15 +45,14 @@ describe("BankAccount API", () => { }, }); - console.log("Create Response:", response); // Adicione um log para depuração - expect(response.status).toBe(201); expect(response.body).toHaveProperty("name", "Conta Teste"); }); it("should not create a bank account with an existing name", async () => { await request(app) - .post("/finance/createBankAccount") // Atualize o caminho da rota + .post("/finance/createBankAccount") + .set("Authorization", `Bearer ${mockedToken()}`) // Atualize o caminho da rota .send({ formData: { name: "Conta Teste", @@ -58,7 +64,8 @@ describe("BankAccount API", () => { }); const response = await request(app) - .post("/finance/createBankAccount") // Atualize o caminho da rota + .post("/finance/createBankAccount") + .set("Authorization", `Bearer ${mockedToken()}`) // Atualize o caminho da rota .send({ formData: { name: "Conta Teste", @@ -76,6 +83,7 @@ describe("BankAccount API", () => { it("should not create a bank account with a blank name", async () => { const response = await request(app) .post("/finance/createBankAccount") // Atualize o caminho da rota + .set("Authorization", `Bearer ${mockedToken()}`) .send({ formData: { name: "", @@ -93,6 +101,7 @@ describe("BankAccount API", () => { it("should fetch a bank account by ID", async () => { const newAccount = await request(app) .post("/finance/createBankAccount") // Atualize o caminho da rota + .set("Authorization", `Bearer ${mockedToken()}`) .send({ formData: { name: "Conta Teste ID", @@ -105,7 +114,7 @@ describe("BankAccount API", () => { const response = await request(app).get( `/finance/bankAccount/${newAccount.body._id}` - ); // Atualize o caminho da rota + ).set("Authorization", `Bearer ${mockedToken()}`); // Atualize o caminho da rota console.log("Fetch By ID Response:", response.body); // Adicione um log para depuração @@ -115,7 +124,8 @@ describe("BankAccount API", () => { it("should not fetch a bank account without ID", async () => { await request(app) - .post("/finance/createBankAccount") // Atualize o caminho da rota + .post("/finance/createBankAccount") + .set("Authorization", `Bearer ${mockedToken()}`) // Atualize o caminho da rota .send({ formData: { name: "Conta Teste ID", @@ -126,14 +136,14 @@ describe("BankAccount API", () => { }, }); - const response = await request(app).get(`/finance/bankAccount/${null}`); // Atualize o caminho da rota + const response = await request(app).get(`/finance/bankAccount/${null}`).set("Authorization", `Bearer ${mockedToken()}`); // Atualize o caminho da rota console.log("Fetch By ID Response:", response.body); // Adicione um log para depuração expect(response.status).toBe(500); }); it("should fetch all bank accounts", async () => { - const response = await request(app).get("/finance/getBankAccount"); // Atualize o caminho da rota + const response = await request(app).get("/finance/getBankAccount").set("Authorization", `Bearer ${mockedToken()}`); // Atualize o caminho da rota console.log("Fetch All Response:", response.body); // Adicione um log para depuração @@ -143,7 +153,8 @@ describe("BankAccount API", () => { it("should update a bank account", async () => { const newAccount = await request(app) - .post("/finance/createBankAccount") // Atualize o caminho da rota + .post("/finance/createBankAccount") + .set("Authorization", `Bearer ${mockedToken()}`) // Atualize o caminho da rota .send({ formData: { name: "Conta a ser Atualizada", @@ -155,7 +166,8 @@ describe("BankAccount API", () => { }); const response = await request(app) - .patch(`/finance/updateBankAccount/${newAccount.body._id}`) // Atualize o caminho da rota + .patch(`/finance/updateBankAccount/${newAccount.body._id}`) + .set("Authorization", `Bearer ${mockedToken()}`) // Atualize o caminho da rota .send({ name: "Conta Atualizada" }); console.log("Update Response:", response.body); // Adicione um log para depuração @@ -166,7 +178,8 @@ describe("BankAccount API", () => { it("should not update a bank account without id", async () => { await request(app) - .post("/finance/createBankAccount") // Atualize o caminho da rota + .post("/finance/createBankAccount") + .set("Authorization", `Bearer ${mockedToken()}`) // Atualize o caminho da rota .send({ formData: { name: "Conta a ser Atualizada", @@ -178,7 +191,8 @@ describe("BankAccount API", () => { }); const response = await request(app) - .patch(`/finance/updateBankAccount/${null}`) // Atualize o caminho da rota + .patch(`/finance/updateBankAccount/${null}`) + .set("Authorization", `Bearer ${mockedToken()}`) // Atualize o caminho da rota .send({ name: "Conta Atualizada" }); console.log("Update Response:", response.body); // Adicione um log para depuração @@ -188,7 +202,8 @@ describe("BankAccount API", () => { it("should delete a bank account", async () => { const newAccount = await request(app) - .post("/finance/createBankAccount") // Atualize o caminho da rota + .post("/finance/createBankAccount") + .set("Authorization", `Bearer ${mockedToken()}`) // Atualize o caminho da rota .send({ formData: { name: "Conta a ser Deletada", @@ -201,7 +216,7 @@ describe("BankAccount API", () => { const response = await request(app).delete( `/finance/deleteBankAccount/${newAccount.body._id}` - ); // Atualize o caminho da rota + ).set("Authorization", `Bearer ${mockedToken()}`); // Atualize o caminho da rota console.log("Delete Response:", response.body); // Adicione um log para depuração @@ -211,7 +226,7 @@ describe("BankAccount API", () => { it("should delete a bank account", async () => { const response = await request(app).delete( `/finance/deleteBankAccount/${null}` - ); // Atualize o caminho da rota + ).set("Authorization", `Bearer ${mockedToken()}`); // Atualize o caminho da rota expect(response.status).toBe(500); }); @@ -221,13 +236,13 @@ describe("BankAccount API", () => { const response = await request(app).get( `/finance/getBankAccountbyId/${invalidId}` - ); + ).set("Authorization", `Bearer ${mockedToken()}`); expect(response.status).toBe(404); }); }); it("should return 500 when fetching a bank account with invalid ID", async () => { - const response = await request(app).get(`/finance/bankAccount/${null}`); + const response = await request(app).get(`/finance/bankAccount/${null}`).set("Authorization", `Bearer ${mockedToken()}`); expect(response.status).toBe(500); expect(response.body.error).toBe("ID inválido ou ausente"); @@ -235,52 +250,58 @@ it("should return 500 when fetching a bank account with invalid ID", async () => it("should return 500 when updating a bank account with invalid ID", async () => { const response = await request(app) .patch(`/finance/updateBankAccount/${null}`) + .set("Authorization", `Bearer ${mockedToken()}`) .send({ name: "Conta Atualizada" }); expect(response.status).toBe(500); expect(response.body.error).toBe("ID inválido ou ausente"); }); - it("should delete a bank account", async () => { +it("should delete a bank account", async () => { const newAccount = await request(app) .post("/finance/createBankAccount") + .set("Authorization", `Bearer ${mockedToken()}`) .send({ formData: { - name: "Conta a ser Deletada", + name: "Conta a ser Deletada 2", bank: "Banco Teste Deletar", - + accaccountNumber: "33333333", status: "Ativo", accountType: "Conta Corrente", }, - }); const response = await request(app).delete( + }); + + console.log("TESTEEEEEEEEEEEEEEEE", newAccount.body) + + const response = await request(app).delete( `/finance/deleteBankAccount/${newAccount.body._id}` - ); + ).set("Authorization", `Bearer ${mockedToken()}`); - expect(response.status).toBe(200); - expect(response.body.message).toBe("Conta deletada com sucesso"); - }); + expect(response.status).toBe(200); + expect(response.body.message).toBe("Conta deletada com sucesso"); +}); - it("should return 500 when deleting a bank account with invalid ID", async () => { - const response = await request(app).delete(`/finance/deleteBankAccount/${null}`); +it("should return 500 when deleting a bank account with invalid ID", async () => { + const response = await request(app).delete(`/finance/deleteBankAccount/${null}`).set("Authorization", `Bearer ${mockedToken()}`); - expect(response.status).toBe(500); - expect(response.body.error).toBe("ID inválido ou ausente"); - }); + expect(response.status).toBe(500); + expect(response.body.error).toBe("ID inválido ou ausente"); +}); - it("should return 500 if the name is invalid", async () => { - const response = await request(app) - .post("/finance/createBankAccount") - .send({ - formData: { - name: 12345, // Tipo inválido - bank: "Banco Teste", - accountNumber: "98765432", - status: "Ativo", - accountType: "Conta Corrente", - }, - }); +it("should return 500 if the name is invalid", async () => { + const response = await request(app) + .post("/finance/createBankAccount") + .set("Authorization", `Bearer ${mockedToken()}`) + .send({ + formData: { + name: 12345, // Tipo inválido + bank: "Banco Teste", + accountNumber: "98765432", + status: "Ativo", + accountType: "Conta Corrente", + }, + }); - expect(response.status).toBe(500); - expect(response.body.error).toBe("Tipo de dado incorreto"); - }); - \ No newline at end of file + expect(response.status).toBe(500); + expect(response.body.error).toBe("Tipo de dado incorreto"); +}); diff --git a/src/__tests__/financialMovementsController.test.js b/src/__tests__/financialMovementsController.test.js index 74a4595..2d8d289 100644 --- a/src/__tests__/financialMovementsController.test.js +++ b/src/__tests__/financialMovementsController.test.js @@ -5,6 +5,7 @@ const cors = require("cors"); const routes = require("../routes"); const financialMovementsModel = require("../Models/financialMovementsSchema"); const { MongoMemoryServer } = require("mongodb-memory-server"); +const { mockedToken } = require('./utils.test') let mongoServer; let app = express(); @@ -42,6 +43,7 @@ describe("FinancialMovements API", () => { it("should create a new financial movement", async () => { const res = await request(app) .post("/financialMovements/create") + .set("Authorization", `Bearer ${mockedToken()}`) .send({ financialMovementsData: { contaOrigem: "12345", @@ -69,6 +71,7 @@ describe("FinancialMovements API", () => { it("should get financial movement by id", async () => { const { body: createdFMovements } = await request(app) .post("/financialMovements/create") + .set("Authorization", `Bearer ${mockedToken()}`) .send({ financialMovementsData: { contaOrigem: "12345", @@ -92,7 +95,7 @@ describe("FinancialMovements API", () => { const res = await request(app).get( `/financialMovements/${createdFMovements._id}` - ); + ).set("Authorization", `Bearer ${mockedToken()}`); expect(res.body).toMatchObject(createdFMovements); expect(res.status).toBe(200); @@ -101,7 +104,7 @@ describe("FinancialMovements API", () => { it("should get financial movements", async () => { const financialMovementsModelCount = await financialMovementsModel.countDocuments({}); - const res = await request(app).get("/financialMovements"); + const res = await request(app).get("/financialMovements").set("Authorization", `Bearer ${mockedToken()}`); expect(res.body.length).toBe(financialMovementsModelCount); expect(res.status).toBe(200); @@ -110,6 +113,7 @@ describe("FinancialMovements API", () => { it("should delete financial movement", async () => { const { body: createdFMovements } = await request(app) .post("/financialMovements/create") + .set("Authorization", `Bearer ${mockedToken()}`) .send({ financialMovementsData: { contaOrigem: "12345", @@ -133,7 +137,7 @@ describe("FinancialMovements API", () => { const res = await request(app).delete( `/financialMovements/delete/${createdFMovements._id}` - ); + ).set("Authorization", `Bearer ${mockedToken()}`); expect(res.body).toMatchObject(createdFMovements); expect(res.status).toBe(200); @@ -142,6 +146,7 @@ describe("FinancialMovements API", () => { it("should update financial movement", async () => { const { body: createdFMovements } = await request(app) .post("/financialMovements/create") + .set("Authorization", `Bearer ${mockedToken()}`) .send({ financialMovementsData: { contaOrigem: "12345", @@ -165,7 +170,7 @@ describe("FinancialMovements API", () => { const res = await request(app).patch( `/financialMovements/update/${createdFMovements._id}` - ); + ).set("Authorization", `Bearer ${mockedToken()}`); expect(res.status).toBe(200); }); @@ -173,6 +178,7 @@ describe("FinancialMovements API", () => { it("should reject creating financial movement with missing data", async () => { const res = await request(app) .post("/financialMovements/create") + .set("Authorization", `Bearer ${mockedToken()}`) .send({}); // Enviar dados incompletos expect(res.status).toBe(400); @@ -180,7 +186,7 @@ describe("FinancialMovements API", () => { }); it("should return 404 if financial movement not found on GET by ID", async () => { const nonExistingId = "60f8e8b1d3b99c4b8c6c3bbd"; // ID fictício - const res = await request(app).get(`/financialMovements/${nonExistingId}`); + const res = await request(app).get(`/financialMovements/${nonExistingId}`).set("Authorization", `Bearer ${mockedToken()}`); expect(res.status).toBe(404); expect(res.body).toHaveProperty("error", "Financial Movement not found"); @@ -188,7 +194,7 @@ describe("FinancialMovements API", () => { it("should return 404 if financial movement not found on DELETE", async () => { const nonExistingId = "60f8e8b1d3b99c4b8c6c3bbd"; // ID fictício - const res = await request(app).delete(`/financialMovements/delete/${nonExistingId}`); + const res = await request(app).delete(`/financialMovements/delete/${nonExistingId}`).set("Authorization", `Bearer ${mockedToken()}`); expect(res.status).toBe(404); expect(res.body).toHaveProperty("error", "Financial Movement not found"); @@ -196,6 +202,7 @@ describe("FinancialMovements API", () => { it("should update a financial movement with partial data", async () => { const { body: createdFMovements } = await request(app) .post("/financialMovements/create") + .set("Authorization", `Bearer ${mockedToken()}`) .send({ financialMovementsData: { contaOrigem: "12345", @@ -223,6 +230,7 @@ describe("FinancialMovements API", () => { const res = await request(app) .patch(`/financialMovements/update/${createdFMovements._id}`) + .set("Authorization", `Bearer ${mockedToken()}`) .send({ financialMovementsData: updatedData }); expect(res.status).toBe(200); @@ -233,6 +241,7 @@ describe("FinancialMovements API", () => { it("should update 'baixada' status", async () => { const { body: createdFMovements } = await request(app) .post("/financialMovements/create") + .set("Authorization", `Bearer ${mockedToken()}`) .send({ financialMovementsData: { contaOrigem: "12345", @@ -255,6 +264,7 @@ describe("FinancialMovements API", () => { const res = await request(app) .patch(`/financialMovements/update/${createdFMovements._id}`) + .set("Authorization", `Bearer ${mockedToken()}`) // Atualize o caminho da rota .send({ financialMovementsData: { baixada: true } }); expect(res.status).toBe(200); diff --git a/src/__tests__/suppllierFormController.test.js b/src/__tests__/suppllierFormController.test.js index 2b17c38..193666b 100644 --- a/src/__tests__/suppllierFormController.test.js +++ b/src/__tests__/suppllierFormController.test.js @@ -4,6 +4,7 @@ const mongoose = require("mongoose"); const cors = require("cors"); const routes = require("../routes"); const { MongoMemoryServer } = require("mongodb-memory-server"); +const { mockedToken } = require('./utils.test') const app = express(); let mongoServer; @@ -45,6 +46,7 @@ describe("Supplier Form Controller Tests", () => { it("should create a new supplier form", async () => { const res = await request(app) .post("/SupplierForm/create") + .set("Authorization", `Bearer ${mockedToken()}`) .send({ supplierData: { nome: "Test Supplier", @@ -79,6 +81,7 @@ describe("Supplier Form Controller Tests", () => { it("should fail create a new supplier form without name", async () => { const res = await request(app) .post("/SupplierForm/create") + .set("Authorization", `Bearer ${mockedToken()}`) .send({ supplierData: { nome: "", @@ -107,21 +110,21 @@ describe("Supplier Form Controller Tests", () => { }); it("should get all supplier forms", async () => { - const res = await request(app).get("/SupplierForm"); + const res = await request(app).get("/SupplierForm").set("Authorization", `Bearer ${mockedToken()}`); expect(res.status).toBe(200); expect(Array.isArray(res.body)).toBe(true); }); it("should get a supplier form by ID", async () => { - const res = await request(app).get(`/SupplierForm/${supplierId}`); + const res = await request(app).get(`/SupplierForm/${supplierId}`).set("Authorization", `Bearer ${mockedToken()}`); expect(res.status).toBe(200); expect(res.body).toHaveProperty("nome", "Test Supplier"); }); it("should fail get a supplier form without ID", async () => { - const res = await request(app).get(`/SupplierForm/${null}`); + const res = await request(app).get(`/SupplierForm/${null}`).set("Authorization", `Bearer ${mockedToken()}`); expect(res.status).toBe(400); }); @@ -129,6 +132,7 @@ describe("Supplier Form Controller Tests", () => { it("should update a supplier form by ID", async () => { const res = await request(app) .patch(`/SupplierForm/update/${supplierId}`) + .set("Authorization", `Bearer ${mockedToken()}`) .send({ supplierData: { nome: "Updated Supplier" } }); expect(res.status).toBe(200); @@ -138,6 +142,7 @@ describe("Supplier Form Controller Tests", () => { it("should fail to update a supplier form without ID", async () => { const res = await request(app) .patch(`/SupplierForm/update/${null}`) + .set("Authorization", `Bearer ${mockedToken()}`) .send({ supplierData: { nome: "Updated Supplier" } }); expect(res.status).toBe(400); @@ -146,26 +151,27 @@ describe("Supplier Form Controller Tests", () => { it("should delete a supplier form by ID", async () => { const res = await request(app).delete( `/SupplierForm/delete/${supplierId}` - ); + ).set("Authorization", `Bearer ${mockedToken()}`); expect(res.status).toBe(200); const checkSupplier = await request(app).get( `/SupplierForm/delete/${supplierId}` - ); + ).set("Authorization", `Bearer ${mockedToken()}`); expect(checkSupplier.status).toBe(404); }); it("should fail to delete a supplier form without ID", async () => { const res = await request(app).delete( `/SupplierForm/delete/${supplierId}` - ); + ).set("Authorization", `Bearer ${mockedToken()}`) // Atualize o caminho da rota + ; expect(res.status).toBe(200); const checkSupplier = await request(app).get( `/SupplierForm/delete/${supplierId}` - ); + ).set("Authorization", `Bearer ${mockedToken()}`); expect(checkSupplier.status).toBe(404); }); }); diff --git a/src/__tests__/utils.test.js b/src/__tests__/utils.test.js index 299aa79..4f29076 100644 --- a/src/__tests__/utils.test.js +++ b/src/__tests__/utils.test.js @@ -1,4 +1,80 @@ const { validator } = require("../Util/utils"); +const jwt = require("jsonwebtoken"); +require("dotenv").config(); + +mockedToken = () =>{ + let jwtTemp = { + "id": "6783471ed9b501ccc074f977", + "_id": "6783471ed9b501ccc074f96a", + "name": "administrador", + "permissions": [ + "perfis_editar", + "perfis_deletar", + "perfis_visualizar", + "orgaos_criar", + "orgaos_editar", + "orgaos_deletar", + "orgaos_visualizar", + "fornecedores_criar", + "fornecedores_editar", + "fornecedores_deletar", + "fornecedores_visualizar", + "contas_bancarias_criar", + "contas_bancarias_editar", + "contas_bancarias_deletar", + "contas_bancarias_visualizar", + "movimentacao_financeira_criar", + "movimentacao_financeira_editar", + "movimentacao_financeira_deletar", + "movimentacao_financeira_visualizar", + "permissoes_criar", + "permissoes_editar", + "permissoes_deletar", + "permissoes_visualizar", + "beneficios_criar", + "beneficios_visualizar", + "beneficios_editar", + "beneficios_deletar", + "usuarios_visualizar", + "usuarios_editar", + "usuarios_deletar", + "usuarios_criar", + "create", + "read", + "update", + "delete", + "usuarios_visualizar_historico\t", + "associados_criar", + "associados_deletar", + "associados_editar", + "associados_visualizar", + "perfis_criar", + "filiados_cadastrar", + "usuarios_visualizar_historico", + "sindicalizado_visualizar_status", + "filiado_visualizar_carteirinha" + ] + , + "user": { + "situation": "", + "description": "", + "_id": "6783471ed9b501ccc074f977", + "name": "Admin", + "email": "admin@admin.com", + "phone": "1234567890", + "role": "6783471ed9b501ccc074f96a", + "status": true, + "isProtected": true, + "createdAt": "2025-01-12T04:37:50.966Z", + "updatedAt": "2025-01-12T04:37:50.966Z", + "__v": 0 + }, + } + const token = jwt.sign(jwtTemp, process.env.SECRET, { + expiresIn: "30d", + }); + return token.trim(); +} describe("Supplier Data Validator", () => { it("should return an error for invalid nome", () => { @@ -136,3 +212,4 @@ describe("Supplier Data Validator", () => { expect(result).toBeNull(); }); }); +module.exports = { mockedToken } \ No newline at end of file