diff --git a/app/src/forms/auth/middleware/userAccess.js b/app/src/forms/auth/middleware/userAccess.js index 2661e3abc..24099068c 100644 --- a/app/src/forms/auth/middleware/userAccess.js +++ b/app/src/forms/auth/middleware/userAccess.js @@ -356,6 +356,10 @@ const hasRoleModifyPermissions = async (req, _res, next) => { if (userRoles.includes(Roles.OWNER)) { // Can't remove a different user's owner role unless you are an owner. + // + // TODO: Remove this if statement and just throw the exception. It's not + // possible for userId === currentUser.id since we're in an if that we + // are !isOwner but also that userRoles.includes(Roles.OWNER). if (userId !== currentUser.id) { throw new Problem(401, { detail: "You can't update an owner's roles.", diff --git a/app/tests/unit/components/idpService.spec.js b/app/tests/unit/components/idpService.spec.js index 724f4fd6a..300d6274b 100644 --- a/app/tests/unit/components/idpService.spec.js +++ b/app/tests/unit/components/idpService.spec.js @@ -136,19 +136,19 @@ describe('idpService', () => { it('should return a user search', async () => { const s = await idpService.userSearch({ idpCode: 'idir', email: 'em@il.com' }); expect(s).toBeFalsy(); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.modify).toHaveBeenCalledTimes(9); - expect(MockModel.modify).toHaveBeenCalledWith('filterIdpCode', 'idir'); - expect(MockModel.modify).toHaveBeenCalledWith('filterEmail', 'em@il.com', false); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.modify).toBeCalledTimes(9); + expect(MockModel.modify).toBeCalledWith('filterIdpCode', 'idir'); + expect(MockModel.modify).toBeCalledWith('filterEmail', 'em@il.com', false); }); it('should return a customized user search', async () => { const s = await idpService.userSearch({ idpCode: 'bceid-business', email: 'em@il.com' }); expect(s).toBeFalsy(); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.modify).toHaveBeenCalledWith('filterIdpCode', 'bceid-business'); - expect(MockModel.modify).toHaveBeenCalledWith('filterEmail', 'em@il.com', true); - expect(MockModel.modify).toHaveBeenCalledTimes(9); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.modify).toBeCalledWith('filterIdpCode', 'bceid-business'); + expect(MockModel.modify).toBeCalledWith('filterEmail', 'em@il.com', true); + expect(MockModel.modify).toBeCalledTimes(9); }); it('should throw error when customized user search fails validation', async () => { diff --git a/app/tests/unit/components/jwtService.spec.js b/app/tests/unit/components/jwtService.spec.js index 33b3d9d57..92869fc12 100644 --- a/app/tests/unit/components/jwtService.spec.js +++ b/app/tests/unit/components/jwtService.spec.js @@ -39,8 +39,8 @@ describe('jwtService', () => { const req = getMockReq({ headers: { authorization: 'Bearer JWT' } }); const r = await jwtService.getTokenPayload(req); expect(r).toBe(payload); - expect(jwtService.getBearerToken).toHaveBeenCalledTimes(1); - expect(jwtService._verify).toHaveBeenCalledTimes(1); + expect(jwtService.getBearerToken).toBeCalledTimes(1); + expect(jwtService._verify).toBeCalledTimes(1); }); it('should error if token not valid', async () => { @@ -59,8 +59,8 @@ describe('jwtService', () => { expect(e).toBeInstanceOf(jose.errors.JWTClaimValidationFailed); expect(payload).toBe(undefined); } - expect(jwtService.getBearerToken).toHaveBeenCalledTimes(1); - expect(jwtService._verify).toHaveBeenCalledTimes(1); + expect(jwtService.getBearerToken).toBeCalledTimes(1); + expect(jwtService._verify).toBeCalledTimes(1); }); it('should validate access token on good jwt', async () => { @@ -71,7 +71,7 @@ describe('jwtService', () => { const req = getMockReq({ headers: { authorization: 'Bearer JWT' } }); const r = await jwtService.validateAccessToken(req); expect(r).toBeTruthy(); - expect(jwtService._verify).toHaveBeenCalledTimes(1); + expect(jwtService._verify).toBeCalledTimes(1); }); it('should not validate access token on jwt error', async () => { @@ -84,7 +84,7 @@ describe('jwtService', () => { const r = await jwtService.validateAccessToken(req); expect(r).toBeFalsy(); - expect(jwtService._verify).toHaveBeenCalledTimes(1); + expect(jwtService._verify).toBeCalledTimes(1); }); it('should throw problem when validate access token catches (non-jwt) error)', async () => { @@ -104,7 +104,7 @@ describe('jwtService', () => { expect(e).toBeInstanceOf(Problem); expect(r).toBe(undefined); - expect(jwtService._verify).toHaveBeenCalledTimes(1); + expect(jwtService._verify).toBeCalledTimes(1); }); it('should pass middleware protect with valid jwt)', async () => { @@ -122,8 +122,8 @@ describe('jwtService', () => { const middleware = jwtService.protect(); await middleware(req, res, next); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); it('should fail middleware protect with invalid jwt', async () => { @@ -142,8 +142,8 @@ describe('jwtService', () => { const middleware = jwtService.protect(); await middleware(req, res, next); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 401 })); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 401 })); }); it('should pass middleware protect with valid jwt and role', async () => { @@ -161,8 +161,8 @@ describe('jwtService', () => { const middleware = jwtService.protect('admin'); await middleware(req, res, next); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); it('should fail middleware protect with valid jwt and but no role', async () => { @@ -180,7 +180,7 @@ describe('jwtService', () => { const middleware = jwtService.protect('admin'); await middleware(req, res, next); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 401 })); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 401 })); }); }); diff --git a/app/tests/unit/forms/admin/controller.spec.js b/app/tests/unit/forms/admin/controller.spec.js index d31bbd93c..7174f5b5b 100644 --- a/app/tests/unit/forms/admin/controller.spec.js +++ b/app/tests/unit/forms/admin/controller.spec.js @@ -23,7 +23,7 @@ describe('form controller', () => { service.createFormComponentsProactiveHelp = jest.fn().mockReturnValue(formComponentsProactiveHelp); await controller.createFormComponentsProactiveHelp(req, {}, jest.fn()); - expect(service.createFormComponentsProactiveHelp).toHaveBeenCalledTimes(1); + expect(service.createFormComponentsProactiveHelp).toBeCalledTimes(1); }); it('should update proactive help component publish status', async () => { @@ -43,13 +43,13 @@ describe('form controller', () => { service.updateFormComponentsProactiveHelp = jest.fn().mockReturnValue(formComponentsProactiveHelp); await controller.updateFormComponentsProactiveHelp(req, {}, jest.fn()); - expect(service.updateFormComponentsProactiveHelp).toHaveBeenCalledTimes(1); + expect(service.updateFormComponentsProactiveHelp).toBeCalledTimes(1); }); it('should get list of all proactive help components', async () => { service.listFormComponentsProactiveHelp = jest.fn().mockReturnValue({}); await controller.listFormComponentsProactiveHelp(req, {}, jest.fn()); - expect(service.listFormComponentsProactiveHelp).toHaveBeenCalledTimes(1); + expect(service.listFormComponentsProactiveHelp).toBeCalledTimes(1); }); }); diff --git a/app/tests/unit/forms/auth/authService.spec.js b/app/tests/unit/forms/auth/authService.spec.js index e9d297f79..38a7384dd 100644 --- a/app/tests/unit/forms/auth/authService.spec.js +++ b/app/tests/unit/forms/auth/authService.spec.js @@ -54,10 +54,10 @@ describe('login', () => { service.getUserId = jest.fn().mockReturnValue({ user: 'me' }); const token = 'token'; const result = await service.login(token); - expect(idpService.parseToken).toHaveBeenCalledTimes(1); - expect(idpService.parseToken).toHaveBeenCalledWith(token); - expect(service.getUserId).toHaveBeenCalledTimes(1); - expect(service.getUserId).toHaveBeenCalledWith({ idp: 'fake' }); + expect(idpService.parseToken).toBeCalledTimes(1); + expect(idpService.parseToken).toBeCalledWith(token); + expect(service.getUserId).toBeCalledTimes(1); + expect(service.getUserId).toBeCalledWith({ idp: 'fake' }); expect(result).toBeTruthy(); expect(result).toEqual(resultSample); }); diff --git a/app/tests/unit/forms/auth/middleware/apiAccess.spec.js b/app/tests/unit/forms/auth/middleware/apiAccess.spec.js index dd41280e5..b82ca8b75 100644 --- a/app/tests/unit/forms/auth/middleware/apiAccess.spec.js +++ b/app/tests/unit/forms/auth/middleware/apiAccess.spec.js @@ -37,10 +37,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); it('should pass through with bearer authorization', async () => { @@ -50,10 +50,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); it('should be unauthorized with no uuid in the params', async () => { @@ -63,10 +63,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 401 })); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 401 })); }); }); @@ -81,10 +81,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 400 })); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 400 })); }); it('should be unauthorized when db api key result is missing', async () => { @@ -98,10 +98,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(1); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 401 })); + expect(mockReadApiKey).toBeCalledTimes(1); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 401 })); }); it('should be unauthorized when db api key result is empty', async () => { @@ -115,10 +115,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(1); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 401 })); + expect(mockReadApiKey).toBeCalledTimes(1); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 401 })); }); it('should be unauthorized when db api key does not match', async () => { @@ -132,9 +132,9 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(1); - expect(res.status).toHaveBeenCalledWith(401); - expect(next).toHaveBeenCalledTimes(0); + expect(mockReadApiKey).toBeCalledTimes(1); + expect(res.status).toBeCalledWith(401); + expect(next).toBeCalledTimes(0); }); it('should flag apiUser as true with valid form id and credentials', async () => { @@ -148,10 +148,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeTruthy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(1); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(); + expect(mockReadApiKey).toBeCalledTimes(1); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); }); @@ -166,10 +166,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 400 })); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 400 })); }); it('should pass exceptions through when form submission does not exist', async () => { @@ -183,10 +183,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.any(Error)); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.any(Error)); }); it('should be unauthorized when form submission is empty', async () => { @@ -200,10 +200,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 401 })); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 401 })); }); it('should be unauthorized when form submission has no form id', async () => { @@ -217,10 +217,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 401 })); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 401 })); }); it('should be unauthorized when db api key does not match', async () => { @@ -235,9 +235,9 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(1); - expect(res.status).toHaveBeenCalledWith(401); - expect(next).toHaveBeenCalledTimes(0); + expect(mockReadApiKey).toBeCalledTimes(1); + expect(res.status).toBeCalledWith(401); + expect(next).toBeCalledTimes(0); }); it('should flag apiUser as true with valid form submission id and credentials', async () => { @@ -252,10 +252,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeTruthy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(1); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(); + expect(mockReadApiKey).toBeCalledTimes(1); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); }); @@ -270,10 +270,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 400 })); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 400 })); }); it('should pass exceptions through when file does not exist', async () => { @@ -287,10 +287,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.any(Error)); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.any(Error)); }); it('should be unauthorized when file is empty', async () => { @@ -304,10 +304,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 500 })); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 500 })); }); it('should be unauthorized when file has no form submission id', async () => { @@ -321,10 +321,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 500 })); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 500 })); }); it('should be unauthorized when form submission does not exist', async () => { @@ -339,10 +339,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 401 })); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 401 })); }); it('should be unauthorized when form submission is empty', async () => { @@ -357,10 +357,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 401 })); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 401 })); }); it('should be unauthorized when form submission has no form id', async () => { @@ -375,10 +375,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(0); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 401 })); + expect(mockReadApiKey).toBeCalledTimes(0); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 401 })); }); it('should be unauthorized when db api key does not match', async () => { @@ -394,9 +394,9 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeFalsy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(1); - expect(res.status).toHaveBeenCalledWith(401); - expect(next).toHaveBeenCalledTimes(0); + expect(mockReadApiKey).toBeCalledTimes(1); + expect(res.status).toBeCalledWith(401); + expect(next).toBeCalledTimes(0); }); it('should flag apiUser as true with valid file id and credentials', async () => { @@ -412,10 +412,10 @@ describe('apiAccess', () => { await apiAccess(req, res, next); expect(req.apiUser).toBeTruthy(); - expect(mockReadApiKey).toHaveBeenCalledTimes(1); - expect(res.status).not.toHaveBeenCalled(); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(); + expect(mockReadApiKey).toBeCalledTimes(1); + expect(res.status).not.toBeCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); it('should be forbidden if filesApiAccess is false', async () => { @@ -430,11 +430,11 @@ describe('apiAccess', () => { await apiAccess(req, res, next); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(expect.objectContaining({ status: 403 })); - expect(res.status).not.toHaveBeenCalled(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining({ status: 403 })); + expect(res.status).not.toBeCalled(); expect(req.apiUser).toBeUndefined(); - expect(mockReadApiKey).toHaveBeenCalledTimes(1); + expect(mockReadApiKey).toBeCalledTimes(1); }); it('should allow access to files if filesAPIAccess is true', async () => { @@ -447,8 +447,8 @@ describe('apiAccess', () => { await apiAccess(req, res, next); - expect(next).toHaveBeenCalledTimes(1); - expect(mockReadApiKey).toHaveBeenCalledTimes(1); + expect(next).toBeCalledTimes(1); + expect(mockReadApiKey).toBeCalledTimes(1); expect(req.apiUser).toBeTruthy(); }); }); diff --git a/app/tests/unit/forms/auth/middleware/userAccess.spec.js b/app/tests/unit/forms/auth/middleware/userAccess.spec.js index ce0db68ec..efa1c5189 100644 --- a/app/tests/unit/forms/auth/middleware/userAccess.spec.js +++ b/app/tests/unit/forms/auth/middleware/userAccess.spec.js @@ -1614,7 +1614,7 @@ describe('hasRoleDeletePermissions', () => { describe('400 response when', () => { const expectedStatus = { status: 400 }; - test('removing and user id not a uuid', async () => { + test('user id not a uuid', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -1649,7 +1649,7 @@ describe('hasRoleDeletePermissions', () => { describe('401 response when', () => { const expectedStatus = { status: 401 }; - test('removing and owner cannot remove self', async () => { + test('owner cannot remove self', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -1680,7 +1680,7 @@ describe('hasRoleDeletePermissions', () => { ); }); - test('removing and non-owner cannot remove an owner', async () => { + test('non-owner cannot remove an owner', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -1712,7 +1712,7 @@ describe('hasRoleDeletePermissions', () => { ); }); - test('removing and non-owner cannot remove a form designer', async () => { + test('non-owner cannot remove a form designer', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -1746,7 +1746,7 @@ describe('hasRoleDeletePermissions', () => { }); describe('allows', () => { - test('deleting and non-owner can remove submission reviewer', async () => { + test('non-owner can remove submission reviewer', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -1773,7 +1773,7 @@ describe('hasRoleDeletePermissions', () => { expect(next).toBeCalledWith(); }); - test('deleting and owner can remove an owner', async () => { + test('owner can remove an owner', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -1799,7 +1799,7 @@ describe('hasRoleDeletePermissions', () => { expect(next).toBeCalledWith(); }); - test('deleting and owner can remove a form designer', async () => { + test('owner can remove a form designer', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -1825,7 +1825,7 @@ describe('hasRoleDeletePermissions', () => { expect(next).toBeCalledWith(); }); - test('deleting and owner can remove a form designer with form id in query', async () => { + test('owner can remove a form designer with form id in query', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -1922,7 +1922,7 @@ describe('hasRoleModifyPermissions', () => { describe('400 response when', () => { const expectedStatus = { status: 400 }; - test('updating and user id missing', async () => { + test('user id missing', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -1952,7 +1952,7 @@ describe('hasRoleModifyPermissions', () => { ); }); - test('updating and user id not a uuid', async () => { + test('user id not a uuid', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -1987,7 +1987,7 @@ describe('hasRoleModifyPermissions', () => { describe('401 response when', () => { const expectedStatus = { status: 401 }; - test('updating and non-owner cannot remove own team manager', async () => { + test('non-owner cannot remove own team manager', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -2020,7 +2020,7 @@ describe('hasRoleModifyPermissions', () => { ); }); - test('updating and non-owner cannot update an owner', async () => { + test('non-owner cannot update an owner', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -2053,7 +2053,7 @@ describe('hasRoleModifyPermissions', () => { ); }); - test('updating and non-owner cannot add an owner', async () => { + test('non-owner cannot add an owner', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -2086,7 +2086,7 @@ describe('hasRoleModifyPermissions', () => { ); }); - test('updating and non-owner cannot remove designer', async () => { + test('non-owner cannot remove designer', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -2119,7 +2119,7 @@ describe('hasRoleModifyPermissions', () => { ); }); - test('updating and non-owner cannot add designer', async () => { + test('non-owner cannot add designer', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, @@ -2154,16 +2154,55 @@ describe('hasRoleModifyPermissions', () => { }); describe('allows', () => { - test('updating and non-owner can add approver', async () => { + test('non-owner can add approver', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, roles: [Roles.TEAM_MANAGER], }, ]); - rbacService.readUserRole.mockReturnValueOnce([{ role: Roles.FORM_SUBMITTER }]); + rbacService.readUserRole.mockReturnValueOnce([]); const req = getMockReq({ - body: [{ role: Roles.SUBMISSION_APPROVER }], + body: [ + { + role: Roles.SUBMISSION_APPROVER, + }, + ], + currentUser: { + id: userId, + }, + params: { + formId: formId, + userId: userId2, + }, + }); + const { res, next } = getMockRes(); + + await hasRoleModifyPermissions(req, res, next); + + expect(service.getUserForms).toBeCalledTimes(1); + expect(rbacService.readUserRole).toBeCalledTimes(1); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); + }); + + test('non-owner can add approver to designer', async () => { + service.getUserForms.mockReturnValueOnce([ + { + formId: formId, + roles: [Roles.TEAM_MANAGER], + }, + ]); + rbacService.readUserRole.mockReturnValueOnce([{ role: Roles.FORM_DESIGNER }]); + const req = getMockReq({ + body: [ + { + role: Roles.FORM_DESIGNER, + }, + { + role: Roles.SUBMISSION_APPROVER, + }, + ], currentUser: { id: userId, }, @@ -2182,7 +2221,7 @@ describe('hasRoleModifyPermissions', () => { expect(next).toBeCalledWith(); }); - test('updating and owner can add owner', async () => { + test('owner can add owner', async () => { service.getUserForms.mockReturnValueOnce([ { formId: formId, diff --git a/app/tests/unit/forms/bcgeoaddress/controller.spec.js b/app/tests/unit/forms/bcgeoaddress/controller.spec.js index 3ec7add1c..e511041fd 100644 --- a/app/tests/unit/forms/bcgeoaddress/controller.spec.js +++ b/app/tests/unit/forms/bcgeoaddress/controller.spec.js @@ -18,7 +18,7 @@ describe('search BCGEO Address', () => { ], }); await controller.searchBCGeoAddress(req, res, next); - expect(service.searchBCGeoAddress).toHaveBeenCalledTimes(1); + expect(service.searchBCGeoAddress).toBeCalledTimes(1); }); }); describe('search BCGEO Address', () => { @@ -37,6 +37,6 @@ describe('search BCGEO Address', () => { ], }); await controller.searchBCGeoAddress(req, res, next); - expect(service.searchBCGeoAddress).toHaveBeenCalledTimes(1); + expect(service.searchBCGeoAddress).toBeCalledTimes(1); }); }); diff --git a/app/tests/unit/forms/bcgeoaddress/service.spec.js b/app/tests/unit/forms/bcgeoaddress/service.spec.js index 32e368b95..33566f396 100644 --- a/app/tests/unit/forms/bcgeoaddress/service.spec.js +++ b/app/tests/unit/forms/bcgeoaddress/service.spec.js @@ -18,7 +18,7 @@ describe('searchBCGeoAddress', () => { const query = { brief: true, autocomplete: true, matchAccuracy: 100, addressString: 25, url: 'test Url' }; await service.searchBCGeoAddress(query).then(() => { - expect(geoAddressService.addressQuerySearch).toHaveBeenCalledTimes(1); + expect(geoAddressService.addressQuerySearch).toBeCalledTimes(1); }); }); @@ -41,7 +41,7 @@ describe('searchBCGeoAddress', () => { const result = await service.advanceSearchBCGeoAddress(query); - expect(geoAddressService.addressQuerySearch).toHaveBeenCalledTimes(1); + expect(geoAddressService.addressQuerySearch).toBeCalledTimes(1); expect(result).toEqual(response); }); diff --git a/app/tests/unit/forms/common/middleware/rateLimiter.spec.js b/app/tests/unit/forms/common/middleware/rateLimiter.spec.js index 001daebfc..8268c5fd8 100644 --- a/app/tests/unit/forms/common/middleware/rateLimiter.spec.js +++ b/app/tests/unit/forms/common/middleware/rateLimiter.spec.js @@ -52,12 +52,12 @@ describe('apiKeyRateLimiter', () => { await apiKeyRateLimiter(req, res, next); - expect(res.setHeader).toHaveBeenCalledTimes(2); + expect(res.setHeader).toBeCalledTimes(2); // These also test that the rate limiter uses our custom config values. expect(res.setHeader).toHaveBeenNthCalledWith(1, rateLimitPolicyName, rateLimitPolicyValue); expect(res.setHeader).toHaveBeenNthCalledWith(2, rateLimitName, rateLimitValue); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); describe('skips rate limiting for', () => { @@ -70,9 +70,9 @@ describe('apiKeyRateLimiter', () => { await apiKeyRateLimiter(req, res, next); - expect(res.setHeader).toHaveBeenCalledTimes(0); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(); + expect(res.setHeader).toBeCalledTimes(0); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); test('no authorization header', async () => { @@ -85,9 +85,9 @@ describe('apiKeyRateLimiter', () => { await apiKeyRateLimiter(req, res, next); - expect(res.setHeader).toHaveBeenCalledTimes(0); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(); + expect(res.setHeader).toBeCalledTimes(0); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); test('empty authorization header', async () => { @@ -102,9 +102,9 @@ describe('apiKeyRateLimiter', () => { await apiKeyRateLimiter(req, res, next); - expect(res.setHeader).toHaveBeenCalledTimes(0); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(); + expect(res.setHeader).toBeCalledTimes(0); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); test('unexpected authorization type', async () => { @@ -119,9 +119,9 @@ describe('apiKeyRateLimiter', () => { await apiKeyRateLimiter(req, res, next); - expect(res.setHeader).toHaveBeenCalledTimes(0); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(); + expect(res.setHeader).toBeCalledTimes(0); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); test('bearer auth', async () => { @@ -136,9 +136,9 @@ describe('apiKeyRateLimiter', () => { await apiKeyRateLimiter(req, res, next); - expect(res.setHeader).toHaveBeenCalledTimes(0); - expect(next).toHaveBeenCalledTimes(1); - expect(next).toHaveBeenCalledWith(); + expect(res.setHeader).toBeCalledTimes(0); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); }); }); diff --git a/app/tests/unit/forms/email/emailService.spec.js b/app/tests/unit/forms/email/emailService.spec.js index 8ca79e218..26674adbc 100644 --- a/app/tests/unit/forms/email/emailService.spec.js +++ b/app/tests/unit/forms/email/emailService.spec.js @@ -48,7 +48,7 @@ describe('_sendEmailTemplate', () => { const result = emailService._sendEmailTemplate('sendStatusAssigned', configData, submission, referer); expect(result).toBeTruthy(); - expect(chesService.merge).toHaveBeenCalledTimes(1); + expect(chesService.merge).toBeCalledTimes(1); }); it('should call chesService to send an email with type sendSubmissionConfirmation', () => { @@ -58,7 +58,7 @@ describe('_sendEmailTemplate', () => { const result = emailService._sendEmailTemplate('sendSubmissionConfirmation', configData, submission, referer); expect(result).toBeTruthy(); - expect(chesService.merge).toHaveBeenCalledTimes(1); + expect(chesService.merge).toBeCalledTimes(1); }); it('should call chesService to send an email with type sendSubmissionReceived', () => { @@ -68,7 +68,7 @@ describe('_sendEmailTemplate', () => { const result = emailService._sendEmailTemplate('sendSubmissionReceived', configData, submission, referer); expect(result).toBeTruthy(); - expect(chesService.merge).toHaveBeenCalledTimes(1); + expect(chesService.merge).toBeCalledTimes(1); }); }); @@ -149,8 +149,8 @@ describe('public methods', () => { ]; expect(result).toEqual('ret'); - expect(emailService._sendEmailTemplate).toHaveBeenCalledTimes(1); - expect(emailService._sendEmailTemplate).toHaveBeenCalledWith(configData, contexts); + expect(emailService._sendEmailTemplate).toBeCalledTimes(1); + expect(emailService._sendEmailTemplate).toBeCalledWith(configData, contexts); }); it('statusRevising should send a status email', async () => { @@ -183,8 +183,8 @@ describe('public methods', () => { ]; expect(result).toEqual('ret'); - expect(emailService._sendEmailTemplate).toHaveBeenCalledTimes(1); - expect(emailService._sendEmailTemplate).toHaveBeenCalledWith(configData, contexts); + expect(emailService._sendEmailTemplate).toBeCalledTimes(1); + expect(emailService._sendEmailTemplate).toBeCalledWith(configData, contexts); }); it('statusCompleted should send a status email', async () => { @@ -217,8 +217,8 @@ describe('public methods', () => { ]; expect(result).toEqual('ret'); - expect(emailService._sendEmailTemplate).toHaveBeenCalledTimes(1); - expect(emailService._sendEmailTemplate).toHaveBeenCalledWith(configData, contexts); + expect(emailService._sendEmailTemplate).toBeCalledTimes(1); + expect(emailService._sendEmailTemplate).toBeCalledWith(configData, contexts); }); it('submissionConfirmation should send login email for idir', async () => { @@ -258,12 +258,12 @@ describe('public methods', () => { ]; expect(result).toEqual('ret'); - expect(formService.readForm).toHaveBeenCalledTimes(1); - expect(formService.readForm).toHaveBeenCalledWith(form_idir.id); - expect(formService.readSubmission).toHaveBeenCalledTimes(1); - expect(formService.readSubmission).toHaveBeenCalledWith(submission.id); - expect(emailService._sendEmailTemplate).toHaveBeenCalledTimes(1); - expect(emailService._sendEmailTemplate).toHaveBeenCalledWith(configData, contexts); + expect(formService.readForm).toBeCalledTimes(1); + expect(formService.readForm).toBeCalledWith(form_idir.id); + expect(formService.readSubmission).toBeCalledTimes(1); + expect(formService.readSubmission).toBeCalledWith(submission.id); + expect(emailService._sendEmailTemplate).toBeCalledTimes(1); + expect(emailService._sendEmailTemplate).toBeCalledWith(configData, contexts); }); it('submissionConfirmation should send a low priority email', async () => { @@ -303,12 +303,12 @@ describe('public methods', () => { ]; expect(result).toEqual('ret'); - expect(formService.readForm).toHaveBeenCalledTimes(1); - expect(formService.readForm).toHaveBeenCalledWith(form.id); - expect(formService.readSubmission).toHaveBeenCalledTimes(1); - expect(formService.readSubmission).toHaveBeenCalledWith(submission.id); - expect(emailService._sendEmailTemplate).toHaveBeenCalledTimes(1); - expect(emailService._sendEmailTemplate).toHaveBeenCalledWith(configData, contexts); + expect(formService.readForm).toBeCalledTimes(1); + expect(formService.readForm).toBeCalledWith(form.id); + expect(formService.readSubmission).toBeCalledTimes(1); + expect(formService.readSubmission).toBeCalledWith(submission.id); + expect(emailService._sendEmailTemplate).toBeCalledTimes(1); + expect(emailService._sendEmailTemplate).toBeCalledWith(configData, contexts); }); it('submissionConfirmation should send a normal priority email', async () => { @@ -348,12 +348,12 @@ describe('public methods', () => { ]; expect(result).toEqual('ret'); - expect(formService.readForm).toHaveBeenCalledTimes(1); - expect(formService.readForm).toHaveBeenCalledWith(form.id); - expect(formService.readSubmission).toHaveBeenCalledTimes(1); - expect(formService.readSubmission).toHaveBeenCalledWith(submission.id); - expect(emailService._sendEmailTemplate).toHaveBeenCalledTimes(1); - expect(emailService._sendEmailTemplate).toHaveBeenCalledWith(configData, contexts); + expect(formService.readForm).toBeCalledTimes(1); + expect(formService.readForm).toBeCalledWith(form.id); + expect(formService.readSubmission).toBeCalledTimes(1); + expect(formService.readSubmission).toBeCalledWith(submission.id); + expect(emailService._sendEmailTemplate).toBeCalledTimes(1); + expect(emailService._sendEmailTemplate).toBeCalledWith(configData, contexts); }); it('submissionConfirmation should send a high priority email', async () => { @@ -393,12 +393,12 @@ describe('public methods', () => { ]; expect(result).toEqual('ret'); - expect(formService.readForm).toHaveBeenCalledTimes(1); - expect(formService.readForm).toHaveBeenCalledWith(form.id); - expect(formService.readSubmission).toHaveBeenCalledTimes(1); - expect(formService.readSubmission).toHaveBeenCalledWith(submission.id); - expect(emailService._sendEmailTemplate).toHaveBeenCalledTimes(1); - expect(emailService._sendEmailTemplate).toHaveBeenCalledWith(configData, contexts); + expect(formService.readForm).toBeCalledTimes(1); + expect(formService.readForm).toBeCalledWith(form.id); + expect(formService.readSubmission).toBeCalledTimes(1); + expect(formService.readSubmission).toBeCalledWith(submission.id); + expect(emailService._sendEmailTemplate).toBeCalledTimes(1); + expect(emailService._sendEmailTemplate).toBeCalledWith(configData, contexts); }); it('submissionConfirmation should send an email without submission fields', async () => { @@ -438,12 +438,12 @@ describe('public methods', () => { ]; expect(result).toEqual('ret'); - expect(formService.readForm).toHaveBeenCalledTimes(1); - expect(formService.readForm).toHaveBeenCalledWith(form.id); - expect(formService.readSubmission).toHaveBeenCalledTimes(1); - expect(formService.readSubmission).toHaveBeenCalledWith(submission.id); - expect(emailService._sendEmailTemplate).toHaveBeenCalledTimes(1); - expect(emailService._sendEmailTemplate).toHaveBeenCalledWith(configData, contexts); + expect(formService.readForm).toBeCalledTimes(1); + expect(formService.readForm).toBeCalledWith(form.id); + expect(formService.readSubmission).toBeCalledTimes(1); + expect(formService.readSubmission).toBeCalledWith(submission.id); + expect(emailService._sendEmailTemplate).toBeCalledTimes(1); + expect(emailService._sendEmailTemplate).toBeCalledWith(configData, contexts); }); it('submissionConfirmation should produce errors on failure', async () => { @@ -488,13 +488,13 @@ describe('public methods', () => { ]; expect(result).toEqual('ret'); - expect(formService.readForm).toHaveBeenCalledTimes(1); - expect(formService.readForm).toHaveBeenCalledWith(form.id); - expect(formService.readSubmission).toHaveBeenCalledTimes(1); - expect(formService.readSubmission).toHaveBeenCalledWith(submission.id); - expect(emailService._sendEmailTemplate).toHaveBeenCalledTimes(1); + expect(formService.readForm).toBeCalledTimes(1); + expect(formService.readForm).toBeCalledWith(form.id); + expect(formService.readSubmission).toBeCalledTimes(1); + expect(formService.readSubmission).toBeCalledWith(submission.id); + expect(emailService._sendEmailTemplate).toBeCalledTimes(1); expect(form.submissionReceivedEmails).toBeInstanceOf(Array); - expect(emailService._sendEmailTemplate).toHaveBeenCalledWith(configData, contexts); + expect(emailService._sendEmailTemplate).toBeCalledWith(configData, contexts); }); it('submissionUnassigned should send a uninvited email', async () => { @@ -529,10 +529,10 @@ describe('public methods', () => { ]; expect(result).toEqual('ret'); - expect(formService.readForm).toHaveBeenCalledTimes(1); - expect(formService.readForm).toHaveBeenCalledWith(form.id); - expect(emailService._sendEmailTemplate).toHaveBeenCalledTimes(1); - expect(emailService._sendEmailTemplate).toHaveBeenCalledWith(configData, contexts); + expect(formService.readForm).toBeCalledTimes(1); + expect(formService.readForm).toBeCalledWith(form.id); + expect(emailService._sendEmailTemplate).toBeCalledTimes(1); + expect(emailService._sendEmailTemplate).toBeCalledWith(configData, contexts); }); it('submissionAssigned should send a uninvited email', async () => { @@ -567,11 +567,11 @@ describe('public methods', () => { ]; expect(result).toEqual('ret'); - expect(formService.readForm).toHaveBeenCalledTimes(1); - expect(formService.readForm).toHaveBeenCalledWith(form.id); - expect(formService.readSubmission).toHaveBeenCalledTimes(1); - expect(formService.readSubmission).toHaveBeenCalledWith(currentStatus.formSubmissionId); - expect(emailService._sendEmailTemplate).toHaveBeenCalledTimes(1); - expect(emailService._sendEmailTemplate).toHaveBeenCalledWith(configData, contexts); + expect(formService.readForm).toBeCalledTimes(1); + expect(formService.readForm).toBeCalledWith(form.id); + expect(formService.readSubmission).toBeCalledTimes(1); + expect(formService.readSubmission).toBeCalledWith(currentStatus.formSubmissionId); + expect(emailService._sendEmailTemplate).toBeCalledTimes(1); + expect(emailService._sendEmailTemplate).toBeCalledWith(configData, contexts); }); }); diff --git a/app/tests/unit/forms/file/middleware/filePermissions.spec.js b/app/tests/unit/forms/file/middleware/filePermissions.spec.js index e74000b5a..f8b003a4c 100644 --- a/app/tests/unit/forms/file/middleware/filePermissions.spec.js +++ b/app/tests/unit/forms/file/middleware/filePermissions.spec.js @@ -1,18 +1,20 @@ -const Problem = require('api-problem'); +const { getMockReq, getMockRes } = require('@jest-mock/express'); +const uuid = require('uuid'); const { currentFileRecord, hasFileCreate, hasFilePermissions } = require('../../../../../src/forms/file/middleware/filePermissions'); const service = require('../../../../../src/forms/file/service'); const userAccess = require('../../../../../src/forms/auth/middleware/userAccess'); -const testRes = { - writeHead: jest.fn(), - end: jest.fn(), -}; -const zeroUuid = '00000000-0000-0000-0000-000000000000'; -const oneUuid = '11111111-1111-1111-1111-111111111111'; +const fileId = uuid.v4(); +const formSubmissionId = uuid.v4(); +const idpUserId = uuid.v4(); const bearerToken = Math.random().toString(36).substring(2); +const currentUserIdp = { + idpUserId: idpUserId, +}; + describe('currentFileRecord', () => { const readFileSpy = jest.spyOn(service, 'read'); @@ -20,276 +22,315 @@ describe('currentFileRecord', () => { readFileSpy.mockReset(); }); - it('403s if there is no current user on the request scope', async () => { - const testReq = { - params: { - id: zeroUuid, - }, - }; - - const nxt = jest.fn(); - - await currentFileRecord(testReq, testRes, nxt); - expect(testReq.currentFileRecord).toEqual(undefined); - expect(nxt).toHaveBeenCalledTimes(1); - expect(nxt).toHaveBeenCalledWith(new Problem(403, { detail: 'File access to this ID is unauthorized.' })); - expect(readFileSpy).toHaveBeenCalledTimes(0); - }); - - it('403s if there is no file ID on the request scope', async () => { - const testReq = { - params: {}, - currentUser: { - idpUserId: zeroUuid, - username: 'jsmith@idir', - }, - }; - - const nxt = jest.fn(); - - await currentFileRecord(testReq, testRes, nxt); - expect(testReq.currentFileRecord).toEqual(undefined); - expect(nxt).toHaveBeenCalledTimes(1); - expect(nxt).toHaveBeenCalledWith(new Problem(403, { detail: 'File access to this ID is unauthorized.' })); - expect(readFileSpy).toHaveBeenCalledTimes(0); - }); - - it('403s if there is no file record to be found', async () => { - const testReq = { - params: { id: zeroUuid }, - currentUser: { - idpUserId: oneUuid, - username: 'jsmith@idir', - }, - }; - - const nxt = jest.fn(); - readFileSpy.mockImplementation(() => { - return undefined; + describe('403 response when', () => { + const expectedStatus = { status: 403 }; + + test('there is no current user on the request', async () => { + const req = getMockReq({ + params: { + id: fileId, + }, + }); + const { res, next } = getMockRes(); + + await currentFileRecord(req, res, next); + + expect(readFileSpy).toBeCalledTimes(0); + expect(req.currentFileRecord).toEqual(undefined); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining(expectedStatus)); + expect(next).toBeCalledWith( + expect.objectContaining({ + detail: 'File access to this ID is unauthorized.', + }) + ); }); - await currentFileRecord(testReq, testRes, nxt); - expect(testReq.currentFileRecord).toEqual(undefined); - expect(readFileSpy).toHaveBeenCalledTimes(1); - expect(readFileSpy).toHaveBeenCalledWith(zeroUuid); - expect(nxt).toHaveBeenCalledTimes(1); - expect(nxt).toHaveBeenCalledWith(new Problem(403, { detail: 'File access to this ID is unauthorized.' })); - }); - - it('403s if an exception occurs from the file lookup', async () => { - const testReq = { - params: { id: zeroUuid }, - currentUser: { - idpUserId: oneUuid, - username: 'jsmith@idir', - }, - }; - - const nxt = jest.fn(); - readFileSpy.mockImplementation(() => { - throw new Error(); + test('there is no file id on the request', async () => { + const req = getMockReq({ + currentUser: currentUserIdp, + params: {}, + }); + const { res, next } = getMockRes(); + + await currentFileRecord(req, res, next); + + expect(readFileSpy).toBeCalledTimes(0); + expect(req.currentFileRecord).toEqual(undefined); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining(expectedStatus)); + expect(next).toBeCalledWith( + expect.objectContaining({ + detail: 'File access to this ID is unauthorized.', + }) + ); }); - await currentFileRecord(testReq, testRes, nxt); - expect(testReq.currentFileRecord).toEqual(undefined); - expect(readFileSpy).toHaveBeenCalledTimes(1); - expect(readFileSpy).toHaveBeenCalledWith(zeroUuid); - expect(nxt).toHaveBeenCalledTimes(1); - expect(nxt).toHaveBeenCalledWith(new Problem(403, { detail: 'File access to this ID is unauthorized.' })); - }); - - it('403s if an exception occurs from the file lookup', async () => { - const testReq = { - params: { id: zeroUuid }, - currentUser: { - idpUserId: oneUuid, - username: 'jsmith@idir', - }, - }; - const testRecord = { - name: 'test', - }; - - const nxt = jest.fn(); - readFileSpy.mockImplementation(() => { - return testRecord; + test('there is no file record to be found', async () => { + readFileSpy.mockImplementation(() => { + return undefined; + }); + const req = getMockReq({ + currentUser: currentUserIdp, + params: { + id: fileId, + }, + }); + const { res, next } = getMockRes(); + + await currentFileRecord(req, res, next); + + expect(readFileSpy).toBeCalledTimes(1); + expect(readFileSpy).toBeCalledWith(fileId); + expect(req.currentFileRecord).toEqual(undefined); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining(expectedStatus)); + expect(next).toBeCalledWith( + expect.objectContaining({ + detail: 'File access to this ID is unauthorized.', + }) + ); }); - await currentFileRecord(testReq, testRes, nxt); - expect(readFileSpy).toHaveBeenCalledTimes(1); - expect(readFileSpy).toHaveBeenCalledWith(zeroUuid); - expect(nxt).toHaveBeenCalledTimes(1); - expect(nxt).toHaveBeenCalledWith(); - expect(testReq.currentFileRecord).toEqual(testRecord); + test('service.read throws an error', async () => { + readFileSpy.mockImplementation(() => { + throw new Error(); + }); + const req = getMockReq({ + currentUser: currentUserIdp, + params: { + id: fileId, + }, + }); + const { res, next } = getMockRes(); + + await currentFileRecord(req, res, next); + + expect(readFileSpy).toBeCalledTimes(1); + expect(readFileSpy).toBeCalledWith(fileId); + expect(req.currentFileRecord).toEqual(undefined); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining(expectedStatus)); + expect(next).toBeCalledWith( + expect.objectContaining({ + detail: 'File access to this ID is unauthorized.', + }) + ); + }); }); - it('retrieves file record successfully for an API user', async () => { - const testReq = { - params: { id: zeroUuid }, - apiUser: true, - }; - + describe('success when', () => { const testRecord = { name: 'test', }; - const nxt = jest.fn(); - readFileSpy.mockImplementation(() => { - return testRecord; + test('an idp user on the request', async () => { + readFileSpy.mockImplementation(() => { + return testRecord; + }); + const req = getMockReq({ + currentUser: currentUserIdp, + params: { id: fileId }, + }); + const { res, next } = getMockRes(); + + await currentFileRecord(req, res, next); + + expect(readFileSpy).toBeCalledTimes(1); + expect(readFileSpy).toBeCalledWith(fileId); + expect(req.currentFileRecord).toEqual(testRecord); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); }); - await currentFileRecord(testReq, testRes, nxt); - expect(readFileSpy).toHaveBeenCalledWith(zeroUuid); - expect(testReq.currentFileRecord).toEqual(testRecord); - expect(nxt).toHaveBeenCalledWith(); + test('an api key user on the request', async () => { + readFileSpy.mockImplementation(() => { + return testRecord; + }); + const req = getMockReq({ + apiUser: true, + params: { id: fileId }, + }); + const { res, next } = getMockRes(); + + await currentFileRecord(req, res, next); + + expect(readFileSpy).toBeCalledWith(fileId); + expect(req.currentFileRecord).toEqual(testRecord); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); + }); }); }); +// External dependencies used by the implementation are: none +// describe('hasFileCreate', () => { - it('403s if there is no current user on the request scope', async () => { - const testReq = { - headers: { - authorization: 'Bearer ' + bearerToken, - }, - }; - - const nxt = jest.fn(); - - await hasFileCreate(testReq, testRes, nxt); - expect(testReq.currentFileRecord).toEqual(undefined); - expect(testReq.currentUser).toEqual(undefined); - expect(nxt).toHaveBeenCalledTimes(1); - expect(nxt).toHaveBeenCalledWith(new Problem(403, { detail: 'Invalid authorization credentials.' })); - }); - - it('403s if the current user is not an actual user (IE, public)', async () => { - const testReq = { - currentUser: { - idpUserId: undefined, - username: 'public', - }, - }; - - const nxt = jest.fn(); + describe('403 response when', () => { + const expectedStatus = { status: 403 }; + + test('there is no current user on the request scope', () => { + const req = getMockReq({ + headers: { + authorization: 'Bearer ' + bearerToken, + }, + }); + const { res, next } = getMockRes(); + + hasFileCreate(req, res, next); + + expect(req.currentFileRecord).toEqual(undefined); + expect(req.currentUser).toEqual(undefined); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining(expectedStatus)); + expect(next).toBeCalledWith( + expect.objectContaining({ + detail: 'Invalid authorization credentials.', + }) + ); + }); - await hasFileCreate(testReq, testRes, nxt); - expect(testReq.currentFileRecord).toEqual(undefined); - expect(testReq.currentUser).toEqual(testReq.currentUser); - expect(nxt).toHaveBeenCalledTimes(1); - expect(nxt).toHaveBeenCalledWith(new Problem(403, { detail: 'Invalid authorization credentials.' })); + test('the current user is a public user', () => { + const req = getMockReq({ + currentUser: { + username: 'public', + }, + }); + const { res, next } = getMockRes(); + + hasFileCreate(req, res, next); + + expect(req.currentFileRecord).toEqual(undefined); + expect(req.currentUser).toEqual(req.currentUser); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining(expectedStatus)); + expect(next).toBeCalledWith( + expect.objectContaining({ + detail: 'Invalid authorization credentials.', + }) + ); + }); }); - it('passes if a authed user is on the request', async () => { - const testReq = { - currentUser: { - idpUserId: zeroUuid, - username: 'jsmith@idir', - }, - }; + describe('allows', () => { + test('an idp user on the request', async () => { + const req = getMockReq({ + currentUser: currentUserIdp, + }); + const { res, next } = getMockRes(); - const nxt = jest.fn(); + hasFileCreate(req, res, next); - await hasFileCreate(testReq, testRes, nxt); - expect(testReq.currentFileRecord).toEqual(undefined); - expect(testReq.currentUser).toEqual(testReq.currentUser); - expect(nxt).toHaveBeenCalledTimes(1); - expect(nxt).toHaveBeenCalledWith(); + expect(req.currentFileRecord).toEqual(undefined); + expect(req.currentUser).toEqual(currentUserIdp); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); + }); }); }); describe('hasFilePermissions', () => { - const perm = ['submission_read']; + const permissions = ['submission_read']; - const subPermSpy = jest.spyOn(userAccess, 'hasSubmissionPermissions'); + const submissionPermissionsSpy = jest.spyOn(userAccess, 'hasSubmissionPermissions'); beforeEach(() => { - subPermSpy.mockReset(); + submissionPermissionsSpy.mockReset(); }); it('returns a middleware function', async () => { - const mw = hasFilePermissions(perm); - expect(mw).toBeInstanceOf(Function); - }); + const middleware = hasFilePermissions(permissions); - it('403s if the request has no current user', async () => { - const mw = hasFilePermissions(perm); - const nxt = jest.fn(); - const req = { a: '1' }; - - mw(req, testRes, nxt); - expect(nxt).toHaveBeenCalledTimes(1); - expect(nxt).toHaveBeenCalledWith(new Problem(403, { detail: 'Unauthorized to read file' })); + expect(middleware).toBeInstanceOf(Function); }); - it('403s if the request is a unauthed user', async () => { - const mw = hasFilePermissions(perm); - const nxt = jest.fn(); - const req = { - currentUser: { - idpUserId: undefined, - username: 'public', - }, - }; + describe('403 response when', () => { + const expectedStatus = { status: 403 }; - mw(req, testRes, nxt); - expect(nxt).toHaveBeenCalledTimes(1); - expect(nxt).toHaveBeenCalledWith(new Problem(403, { detail: 'Unauthorized to read file' })); - }); + test('the request has no current user', async () => { + const req = getMockReq(); + const { res, next } = getMockRes(); - it('passes through if the user is authed and the file record has no submission', async () => { - const mw = hasFilePermissions(perm); - const nxt = jest.fn(); - const req = { - currentUser: { - idpUserId: zeroUuid, - username: 'jsmith@idir', - }, - currentFileRecord: { - name: 'unsubmitted file', - }, - }; + hasFilePermissions(permissions)(req, res, next); - mw(req, testRes, nxt); - expect(nxt).toHaveBeenCalledTimes(1); - expect(nxt).toHaveBeenCalledWith(); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining(expectedStatus)); + expect(next).toBeCalledWith( + expect.objectContaining({ + detail: 'Unauthorized to read file.', + }) + ); + }); + + test('the current user is a public user', async () => { + const req = getMockReq({ + currentUser: { + username: 'public', + }, + }); + const { res, next } = getMockRes(); + + hasFilePermissions(permissions)(req, res, next); + + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(expect.objectContaining(expectedStatus)); + expect(next).toBeCalledWith( + expect.objectContaining({ + detail: 'Unauthorized to read file.', + }) + ); + }); }); - it('returns the result of the submission checking middleware', async () => { - // Submission checking middleware is fully tested out in useraccess.spec.js - // treat as black box for this testing - subPermSpy.mockReturnValue(jest.fn()); - - const mw = hasFilePermissions(perm); - const nxt = jest.fn(); - const req = { - query: {}, - currentUser: { - idpUserId: zeroUuid, - username: 'jsmith@idir', - }, - currentFileRecord: { - formSubmissionId: oneUuid, - name: 'unsubmitted file', - }, - }; + describe('allows', () => { + test('an api key user on the request', async () => { + const req = getMockReq({ + apiUser: true, + currentFileRecord: { + formSubmissionId: formSubmissionId, + }, + }); + const { res, next } = getMockRes(); + + hasFilePermissions(permissions)(req, res, next); + + expect(submissionPermissionsSpy).toBeCalledTimes(0); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); + }); - mw(req, testRes, nxt); - expect(subPermSpy).toHaveBeenCalledTimes(1); - expect(subPermSpy).toHaveBeenCalledWith(perm); - expect(nxt).toHaveBeenCalledTimes(0); - }); + test('authed user when file record has submission', async () => { + submissionPermissionsSpy.mockReturnValue(jest.fn()); + const req = getMockReq({ + query: {}, + currentFileRecord: { + formSubmissionId: formSubmissionId, + name: 'unsubmitted file', + }, + currentUser: currentUserIdp, + }); + const { res, next } = getMockRes(); + + hasFilePermissions(permissions)(req, res, next); + + expect(submissionPermissionsSpy).toBeCalledTimes(1); + expect(submissionPermissionsSpy).toBeCalledWith(permissions); + expect(next).toBeCalledTimes(0); + }); - it('bypasses permission check for an API user', async () => { - const testReq = { - apiUser: true, - currentFileRecord: { formSubmissionId: oneUuid }, - }; + test('authed user when file record has no submission', async () => { + const req = getMockReq({ + currentFileRecord: { + name: 'unsubmitted file', + }, + currentUser: currentUserIdp, + }); + const { res, next } = getMockRes(); - const nxt = jest.fn(); - const mw = hasFilePermissions(perm); + hasFilePermissions(permissions)(req, res, next); - mw(testReq, testRes, nxt); - expect(nxt).toHaveBeenCalledTimes(1); - expect(nxt).toHaveBeenCalledWith(); - expect(subPermSpy).not.toHaveBeenCalled(); + expect(submissionPermissionsSpy).toBeCalledTimes(0); + expect(next).toBeCalledTimes(1); + expect(next).toBeCalledWith(); + }); }); }); diff --git a/app/tests/unit/forms/form/controller.spec.js b/app/tests/unit/forms/form/controller.spec.js index 606b80311..78e70f65c 100644 --- a/app/tests/unit/forms/form/controller.spec.js +++ b/app/tests/unit/forms/form/controller.spec.js @@ -255,7 +255,7 @@ describe('form controller', () => { exportService.fieldsForCSVExport = jest.fn().mockReturnValue(formFields); await controller.readFieldsForCSVExport(req, {}, jest.fn()); - expect(exportService.fieldsForCSVExport).toHaveBeenCalledTimes(1); + expect(exportService.fieldsForCSVExport).toBeCalledTimes(1); }); it('should not continue with export if there are no submissions', async () => { @@ -267,10 +267,10 @@ describe('form controller', () => { exportService._getSubmissions = jest.fn().mockReturnValue([]); await controller.export(req, {}, jest.fn()); - expect(exportServiceSpy).toHaveBeenCalledTimes(1); - expect(exportService._getForm).toHaveBeenCalledTimes(1); - expect(exportService._getSubmissions).toHaveBeenCalledTimes(1); - expect(formatDataSpy).toHaveBeenCalledTimes(1); + expect(exportServiceSpy).toBeCalledTimes(1); + expect(exportService._getForm).toBeCalledTimes(1); + expect(exportService._getSubmissions).toBeCalledTimes(1); + expect(formatDataSpy).toBeCalledTimes(1); }); }); @@ -294,9 +294,9 @@ describe('listFormSubmissions', () => { await controller.listFormSubmissions(req, res, next); // Assert - expect(service.listFormSubmissions).toHaveBeenCalled(); - expect(res.status).toHaveBeenCalledWith(200); - expect(res.json).toHaveBeenCalledWith(mockResponse); + expect(service.listFormSubmissions).toBeCalled(); + expect(res.status).toBeCalledWith(200); + expect(res.json).toBeCalledWith(mockResponse); }); it('should 400 if the formId is missing', async () => { @@ -308,9 +308,9 @@ describe('listFormSubmissions', () => { await controller.listFormSubmissions(req, res, next); // Assert - expect(service.listFormSubmissions).toHaveBeenCalledTimes(0); - expect(res.status).toHaveBeenCalledWith(400); - expect(res.json).toHaveBeenCalledWith({ detail: 'Bad formId "undefined".' }); + expect(service.listFormSubmissions).toBeCalledTimes(0); + expect(res.status).toBeCalledWith(400); + expect(res.json).toBeCalledWith({ detail: 'Bad formId "undefined".' }); }); test.each(testCases400)('should 400 if the formId is "%s"', async (formId) => { @@ -322,9 +322,9 @@ describe('listFormSubmissions', () => { await controller.listFormSubmissions(req, res, next); // Assert - expect(service.listFormSubmissions).toHaveBeenCalledTimes(0); - expect(res.status).toHaveBeenCalledWith(400); - expect(res.json).toHaveBeenCalledWith({ detail: `Bad formId "${formId}".` }); + expect(service.listFormSubmissions).toBeCalledTimes(0); + expect(res.status).toBeCalledWith(400); + expect(res.json).toBeCalledWith({ detail: `Bad formId "${formId}".` }); }); it('should forward service errors for handling elsewhere', async () => { @@ -340,8 +340,8 @@ describe('listFormSubmissions', () => { await controller.listFormSubmissions(req, res, next); // Assert - expect(service.listFormSubmissions).toHaveBeenCalled(); - expect(next).toHaveBeenCalledWith(error); + expect(service.listFormSubmissions).toBeCalled(); + expect(next).toBeCalledWith(error); }); }); @@ -363,9 +363,9 @@ describe('readFormOptions', () => { await controller.readFormOptions(req, res, next); // Assert - expect(service.readFormOptions).toHaveBeenCalled(); - expect(res.status).toHaveBeenCalledWith(200); - expect(res.json).toHaveBeenCalledWith(mockReadResponse); + expect(service.readFormOptions).toBeCalled(); + expect(res.status).toBeCalledWith(200); + expect(res.json).toBeCalledWith(mockReadResponse); }); it('should 400 if the formId is missing', async () => { @@ -377,9 +377,9 @@ describe('readFormOptions', () => { await controller.readFormOptions(req, res, next); // Assert - expect(service.readFormOptions).toHaveBeenCalledTimes(0); - expect(res.status).toHaveBeenCalledWith(400); - expect(res.json).toHaveBeenCalledWith({ detail: 'Bad formId "undefined".' }); + expect(service.readFormOptions).toBeCalledTimes(0); + expect(res.status).toBeCalledWith(400); + expect(res.json).toBeCalledWith({ detail: 'Bad formId "undefined".' }); }); test.each(testCases400)('should 400 if the formId is "%s"', async (formId) => { @@ -391,9 +391,9 @@ describe('readFormOptions', () => { await controller.readFormOptions(req, res, next); // Assert - expect(service.readFormOptions).toHaveBeenCalledTimes(0); - expect(res.status).toHaveBeenCalledWith(400); - expect(res.json).toHaveBeenCalledWith({ detail: `Bad formId "${formId}".` }); + expect(service.readFormOptions).toBeCalledTimes(0); + expect(res.status).toBeCalledWith(400); + expect(res.json).toBeCalledWith({ detail: `Bad formId "${formId}".` }); }); it('should forward service errors for handling elsewhere', async () => { @@ -409,7 +409,7 @@ describe('readFormOptions', () => { await controller.readFormOptions(req, res, next); // Assert - expect(service.readFormOptions).toHaveBeenCalled(); - expect(next).toHaveBeenCalledWith(error); + expect(service.readFormOptions).toBeCalled(); + expect(next).toBeCalledWith(error); }); }); diff --git a/app/tests/unit/forms/form/exportService.spec.js b/app/tests/unit/forms/form/exportService.spec.js index 84e99ddb0..5b9842993 100644 --- a/app/tests/unit/forms/form/exportService.spec.js +++ b/app/tests/unit/forms/form/exportService.spec.js @@ -428,8 +428,8 @@ describe('_buildCsvHeaders', () => { expect(result).toHaveLength(44); expect(result).toEqual(expect.arrayContaining(['form.confirmationId', 'textFieldNested1', 'textFieldNested2'])); - expect(exportService._readLatestFormSchema).toHaveBeenCalledTimes(1); - // expect(exportService._readLatestFormSchema).toHaveBeenCalledWith(123); + expect(exportService._readLatestFormSchema).toBeCalledTimes(1); + // expect(exportService._readLatestFormSchema).toBeCalledWith(123); // restore mocked function to it's original implementation exportService._readLatestFormSchema.mockRestore(); @@ -462,8 +462,8 @@ describe('_buildCsvHeaders', () => { expect(result).toEqual( expect.arrayContaining(['form.confirmationId', 'oneRowPerLake.0.closestTown', 'oneRowPerLake.0.dataGrid.0.fishType', 'oneRowPerLake.0.dataGrid.1.fishType']) ); - expect(exportService._readLatestFormSchema).toHaveBeenCalledTimes(1); - expect(exportService._readLatestFormSchema).toHaveBeenCalledWith(123, 1); + expect(exportService._readLatestFormSchema).toBeCalledTimes(1); + expect(exportService._readLatestFormSchema).toBeCalledWith(123, 1); // restore mocked function to it's original implementation exportService._readLatestFormSchema.mockRestore(); @@ -511,8 +511,8 @@ describe('_buildCsvHeaders', () => { 'lateEntry', ]) ); - expect(exportService._readLatestFormSchema).toHaveBeenCalledTimes(1); - expect(exportService._readLatestFormSchema).toHaveBeenCalledWith(123, 1); + expect(exportService._readLatestFormSchema).toBeCalledTimes(1); + expect(exportService._readLatestFormSchema).toBeCalledWith(123, 1); // restore mocked function to it's original implementation exportService._readLatestFormSchema.mockRestore(); @@ -549,8 +549,8 @@ describe('_buildCsvHeaders', () => { expect(result[13]).toEqual('oneRowPerLake.0.dataGrid.0.numberCaught'); expect(result[18]).toEqual('oneRowPerLake.0.closestTown'); expect(result[28]).toEqual('oneRowPerLake.1.numberOfDays'); - expect(exportService._readLatestFormSchema).toHaveBeenCalledTimes(1); - expect(exportService._readLatestFormSchema).toHaveBeenCalledWith(123, 1); + expect(exportService._readLatestFormSchema).toBeCalledTimes(1); + expect(exportService._readLatestFormSchema).toBeCalledWith(123, 1); // restore mocked function to it's original implementation exportService._readLatestFormSchema.mockRestore(); @@ -581,8 +581,8 @@ describe('_buildCsvHeaders', () => { expect(result).toHaveLength(41); expect(result).toEqual(expect.arrayContaining(['number1', 'selectBoxes1.a', 'number'])); - expect(exportService._readLatestFormSchema).toHaveBeenCalledTimes(1); - expect(exportService._readLatestFormSchema).toHaveBeenCalledWith(123, 1); + expect(exportService._readLatestFormSchema).toBeCalledTimes(1); + expect(exportService._readLatestFormSchema).toBeCalledWith(123, 1); // restore mocked function to it's original implementation exportService._readLatestFormSchema.mockRestore(); @@ -652,11 +652,11 @@ describe('', () => { // get fields const fields = await exportService.fieldsForCSVExport('bd4dcf26-65bd-429b-967f-125500bfd8a4', params); - expect(exportService._getForm).toHaveBeenCalledWith('bd4dcf26-65bd-429b-967f-125500bfd8a4'); - expect(exportService._getData).toHaveBeenCalledWith(params.type, params.version, form, params); - expect(exportService._getForm).toHaveBeenCalledTimes(1); - expect(exportService._getData).toHaveBeenCalledTimes(1); - expect(exportService._buildCsvHeaders).toHaveBeenCalledTimes(1); + expect(exportService._getForm).toBeCalledWith('bd4dcf26-65bd-429b-967f-125500bfd8a4'); + expect(exportService._getData).toBeCalledWith(params.type, params.version, form, params); + expect(exportService._getForm).toBeCalledTimes(1); + expect(exportService._getData).toBeCalledTimes(1); + expect(exportService._buildCsvHeaders).toBeCalledTimes(1); // test cases expect(fields.length).toEqual(19); }); @@ -797,9 +797,9 @@ describe('_getSubmissions', () => { preference = params.preference; } exportService._getSubmissions(form, params, params.version); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.modify).toHaveBeenCalledTimes(7); - expect(MockModel.modify).toHaveBeenCalledWith('filterUpdatedAt', preference && preference.updatedMinDate, preference && preference.updatedMaxDate); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.modify).toBeCalledTimes(7); + expect(MockModel.modify).toBeCalledWith('filterUpdatedAt', preference && preference.updatedMinDate, preference && preference.updatedMaxDate); }); it('Should pass this test without preference passed to _getSubmissions and without calling updatedAt modifier', async () => { @@ -813,8 +813,8 @@ describe('_getSubmissions', () => { MockModel.query.mockImplementation(() => MockModel); exportService._submissionsColumns = jest.fn().mockReturnThis(); exportService._getSubmissions(form, params, params.version); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.modify).toHaveBeenCalledTimes(7); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.modify).toBeCalledTimes(7); }); it('Should pass this test with preference passed to _getSubmissions', async () => { @@ -839,8 +839,8 @@ describe('_getSubmissions', () => { preference = params.preference; } exportService._getSubmissions(form, params, params.version); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.modify).toHaveBeenCalledTimes(7); - expect(MockModel.modify).toHaveBeenCalledWith('filterUpdatedAt', preference && preference.updatedMinDate, preference && preference.updatedMaxDate); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.modify).toBeCalledTimes(7); + expect(MockModel.modify).toBeCalledWith('filterUpdatedAt', preference && preference.updatedMinDate, preference && preference.updatedMaxDate); }); }); diff --git a/app/tests/unit/forms/form/routes.spec.js b/app/tests/unit/forms/form/routes.spec.js index 784a72e99..242958cd8 100644 --- a/app/tests/unit/forms/form/routes.spec.js +++ b/app/tests/unit/forms/form/routes.spec.js @@ -92,21 +92,21 @@ describe(`${basePath}/:formId/documentTemplates`, () => { it('should have correct middleware for GET', async () => { await appRequest.get(path); - expect(validateParameter.validateFormId).toHaveBeenCalledTimes(1); - expect(apiAccess).toHaveBeenCalledTimes(1); - expect(rateLimiter.apiKeyRateLimiter).toHaveBeenCalledTimes(1); - expect(hasFormPermissionsMock).toHaveBeenCalledTimes(1); - expect(controller.documentTemplateList).toHaveBeenCalledTimes(1); + expect(validateParameter.validateFormId).toBeCalledTimes(1); + expect(apiAccess).toBeCalledTimes(1); + expect(rateLimiter.apiKeyRateLimiter).toBeCalledTimes(1); + expect(hasFormPermissionsMock).toBeCalledTimes(1); + expect(controller.documentTemplateList).toBeCalledTimes(1); }); it('should have correct middleware for POST', async () => { await appRequest.post(path); - expect(validateParameter.validateFormId).toHaveBeenCalledTimes(1); - expect(apiAccess).toHaveBeenCalledTimes(1); - expect(rateLimiter.apiKeyRateLimiter).toHaveBeenCalledTimes(1); - expect(hasFormPermissionsMock).toHaveBeenCalledTimes(1); - expect(controller.documentTemplateCreate).toHaveBeenCalledTimes(1); + expect(validateParameter.validateFormId).toBeCalledTimes(1); + expect(apiAccess).toBeCalledTimes(1); + expect(rateLimiter.apiKeyRateLimiter).toBeCalledTimes(1); + expect(hasFormPermissionsMock).toBeCalledTimes(1); + expect(controller.documentTemplateCreate).toBeCalledTimes(1); }); }); @@ -116,22 +116,22 @@ describe(`${basePath}/:formId/documentTemplates/:documentTemplateId`, () => { it('should have correct middleware for DELETE', async () => { await appRequest.delete(path); - expect(validateParameter.validateDocumentTemplateId).toHaveBeenCalledTimes(1); - expect(validateParameter.validateFormId).toHaveBeenCalledTimes(1); - expect(apiAccess).toHaveBeenCalledTimes(1); - expect(rateLimiter.apiKeyRateLimiter).toHaveBeenCalledTimes(1); - expect(hasFormPermissionsMock).toHaveBeenCalledTimes(1); - expect(controller.documentTemplateDelete).toHaveBeenCalledTimes(1); + expect(validateParameter.validateDocumentTemplateId).toBeCalledTimes(1); + expect(validateParameter.validateFormId).toBeCalledTimes(1); + expect(apiAccess).toBeCalledTimes(1); + expect(rateLimiter.apiKeyRateLimiter).toBeCalledTimes(1); + expect(hasFormPermissionsMock).toBeCalledTimes(1); + expect(controller.documentTemplateDelete).toBeCalledTimes(1); }); it('should have correct middleware for GET', async () => { await appRequest.get(path); - expect(validateParameter.validateDocumentTemplateId).toHaveBeenCalledTimes(1); - expect(validateParameter.validateFormId).toHaveBeenCalledTimes(1); - expect(apiAccess).toHaveBeenCalledTimes(1); - expect(rateLimiter.apiKeyRateLimiter).toHaveBeenCalledTimes(1); - expect(hasFormPermissionsMock).toHaveBeenCalledTimes(1); - expect(controller.documentTemplateRead).toHaveBeenCalledTimes(1); + expect(validateParameter.validateDocumentTemplateId).toBeCalledTimes(1); + expect(validateParameter.validateFormId).toBeCalledTimes(1); + expect(apiAccess).toBeCalledTimes(1); + expect(rateLimiter.apiKeyRateLimiter).toBeCalledTimes(1); + expect(hasFormPermissionsMock).toBeCalledTimes(1); + expect(controller.documentTemplateRead).toBeCalledTimes(1); }); }); diff --git a/app/tests/unit/forms/form/service.spec.js b/app/tests/unit/forms/form/service.spec.js index 587fa2e7a..eccf00d24 100644 --- a/app/tests/unit/forms/form/service.spec.js +++ b/app/tests/unit/forms/form/service.spec.js @@ -695,10 +695,10 @@ describe('readEmailTemplate', () => { const template = await service.readEmailTemplate(emailTemplate.formId, emailTemplate.type); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.modify).toHaveBeenCalledTimes(2); - expect(MockModel.modify).toHaveBeenCalledWith('filterFormId', emailTemplate.formId); - expect(MockModel.modify).toHaveBeenCalledWith('filterType', emailTemplate.type); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.modify).toBeCalledTimes(2); + expect(MockModel.modify).toBeCalledWith('filterFormId', emailTemplate.formId); + expect(MockModel.modify).toBeCalledWith('filterType', emailTemplate.type); expect(template).toEqual(emailTemplate); }); @@ -708,10 +708,10 @@ describe('readEmailTemplate', () => { const template = await service.readEmailTemplate(emailTemplate.formId, emailTemplate.type); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.modify).toHaveBeenCalledTimes(2); - expect(MockModel.modify).toHaveBeenCalledWith('filterFormId', emailTemplate.formId); - expect(MockModel.modify).toHaveBeenCalledWith('filterType', emailTemplate.type); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.modify).toBeCalledTimes(2); + expect(MockModel.modify).toBeCalledWith('filterFormId', emailTemplate.formId); + expect(MockModel.modify).toBeCalledWith('filterType', emailTemplate.type); expect(template).toEqual(emailTemplateSubmissionConfirmation); }); }); @@ -723,9 +723,9 @@ describe('readEmailTemplates', () => { const template = await service.readEmailTemplates(emailTemplate.formId); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.modify).toHaveBeenCalledTimes(1); - expect(MockModel.modify).toHaveBeenCalledWith('filterFormId', emailTemplate.formId); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.modify).toBeCalledTimes(1); + expect(MockModel.modify).toBeCalledWith('filterFormId', emailTemplate.formId); expect(template).toEqual([emailTemplate]); }); @@ -735,9 +735,9 @@ describe('readEmailTemplates', () => { const template = await service.readEmailTemplates(emailTemplate.formId); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.modify).toHaveBeenCalledTimes(1); - expect(MockModel.modify).toHaveBeenCalledWith('filterFormId', emailTemplate.formId); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.modify).toBeCalledTimes(1); + expect(MockModel.modify).toBeCalledWith('filterFormId', emailTemplate.formId); expect(template).toEqual([emailTemplateSubmissionConfirmation]); }); }); @@ -751,13 +751,13 @@ describe('createOrUpdateEmailTemplates', () => { await service.createOrUpdateEmailTemplate(emailTemplate.formId, emailTemplate, user); - expect(MockModel.insert).toHaveBeenCalledTimes(1); - expect(MockModel.insert).toHaveBeenCalledWith({ + expect(MockModel.insert).toBeCalledTimes(1); + expect(MockModel.insert).toBeCalledWith({ createdBy: user.usernameIdp, id: expect.any(String), ...emailTemplate, }); - expect(MockTransaction.commit).toHaveBeenCalledTimes(1); + expect(MockTransaction.commit).toBeCalledTimes(1); }); it('should update template when it already exists', async () => { @@ -767,12 +767,12 @@ describe('createOrUpdateEmailTemplates', () => { await service.createOrUpdateEmailTemplate(emailTemplate.formId, emailTemplate, user); - expect(MockModel.update).toHaveBeenCalledTimes(1); - expect(MockModel.update).toHaveBeenCalledWith({ + expect(MockModel.update).toBeCalledTimes(1); + expect(MockModel.update).toBeCalledWith({ updatedBy: user.usernameIdp, ...emailTemplate, }); - expect(MockTransaction.commit).toHaveBeenCalledTimes(1); + expect(MockTransaction.commit).toBeCalledTimes(1); }); it('should not rollback when an error occurs outside transaction', async () => { @@ -780,7 +780,7 @@ describe('createOrUpdateEmailTemplates', () => { await expect(service.createOrUpdateEmailTemplate(emailTemplate.formId, emailTemplate, user)).rejects.toThrow(); - expect(MockTransaction.rollback).toHaveBeenCalledTimes(0); + expect(MockTransaction.rollback).toBeCalledTimes(0); }); it('should rollback when an insert error occurs inside transaction', async () => { @@ -790,7 +790,7 @@ describe('createOrUpdateEmailTemplates', () => { await expect(service.createOrUpdateEmailTemplate(emailTemplate.formId, emailTemplate, user)).rejects.toThrow(); - expect(MockTransaction.rollback).toHaveBeenCalledTimes(1); + expect(MockTransaction.rollback).toBeCalledTimes(1); }); it('should rollback when an update error occurs inside transaction', async () => { @@ -801,6 +801,6 @@ describe('createOrUpdateEmailTemplates', () => { await expect(service.createOrUpdateEmailTemplate(emailTemplate.formId, emailTemplate, user)).rejects.toThrow(); - expect(MockTransaction.rollback).toHaveBeenCalledTimes(1); + expect(MockTransaction.rollback).toBeCalledTimes(1); }); }); diff --git a/app/tests/unit/forms/rbac/controller.spec.js b/app/tests/unit/forms/rbac/controller.spec.js index 0a2e482b6..897dd9763 100644 --- a/app/tests/unit/forms/rbac/controller.spec.js +++ b/app/tests/unit/forms/rbac/controller.spec.js @@ -14,8 +14,8 @@ describe('getSubmissionUsers', () => { service.getSubmissionUsers = jest.fn().mockReturnValue({ form: { id: '123' } }); await controller.getSubmissionUsers(req, {}, jest.fn()); - expect(service.getSubmissionUsers).toHaveBeenCalledTimes(1); - expect(service.getSubmissionUsers).toHaveBeenCalledWith(req.query); + expect(service.getSubmissionUsers).toBeCalledTimes(1); + expect(service.getSubmissionUsers).toBeCalledWith(req.query); }); }); @@ -32,7 +32,7 @@ describe('setSubmissionUserPermissions', () => { emailService.submissionAssigned = jest.fn().mockReturnValue({}); await controller.setSubmissionUserPermissions(req, {}, jest.fn()); - expect(service.modifySubmissionUser).toHaveBeenCalledTimes(1); - expect(service.modifySubmissionUser).toHaveBeenCalledWith(req.query.formSubmissionId, req.query.userId, req.body, req.currentUser); + expect(service.modifySubmissionUser).toBeCalledTimes(1); + expect(service.modifySubmissionUser).toBeCalledWith(req.query.formSubmissionId, req.query.userId, req.body, req.currentUser); }); }); diff --git a/app/tests/unit/forms/submission/routes.spec.js b/app/tests/unit/forms/submission/routes.spec.js index a5a0d2555..d47f04df3 100644 --- a/app/tests/unit/forms/submission/routes.spec.js +++ b/app/tests/unit/forms/submission/routes.spec.js @@ -77,10 +77,10 @@ describe(`${basePath}/:formSubmissionId/template/:documentTemplateId/render`, () it('should have correct middleware for GET', async () => { await appRequest.get(path); - expect(validateParameter.validateDocumentTemplateId).toHaveBeenCalledTimes(1); - expect(apiAccess).toHaveBeenCalledTimes(1); - expect(rateLimiter.apiKeyRateLimiter).toHaveBeenCalledTimes(1); - expect(hasSubmissionPermissionsMock).toHaveBeenCalledTimes(1); - expect(controller.templateRender).toHaveBeenCalledTimes(1); + expect(validateParameter.validateDocumentTemplateId).toBeCalledTimes(1); + expect(apiAccess).toBeCalledTimes(1); + expect(rateLimiter.apiKeyRateLimiter).toBeCalledTimes(1); + expect(hasSubmissionPermissionsMock).toBeCalledTimes(1); + expect(controller.templateRender).toBeCalledTimes(1); }); }); diff --git a/app/tests/unit/forms/submission/service.spec.js b/app/tests/unit/forms/submission/service.spec.js index 3b1e020de..2070af1b1 100644 --- a/app/tests/unit/forms/submission/service.spec.js +++ b/app/tests/unit/forms/submission/service.spec.js @@ -21,8 +21,8 @@ describe('read', () => { const res = await service.read('abc'); expect(res).toEqual({ a: 'b' }); - expect(service._fetchSubmissionData).toHaveBeenCalledTimes(1); - expect(service._fetchSubmissionData).toHaveBeenCalledWith('abc'); + expect(service._fetchSubmissionData).toBeCalledTimes(1); + expect(service._fetchSubmissionData).toBeCalledWith('abc'); }); }); @@ -32,8 +32,8 @@ describe('addNote', () => { const res = await service.addNote('abc', { data: true }, { user: 'me' }); expect(res).toEqual({ a: 'b' }); - expect(service._createNote).toHaveBeenCalledTimes(1); - expect(service._createNote).toHaveBeenCalledWith('abc', { data: true }, { user: 'me' }); + expect(service._createNote).toBeCalledTimes(1); + expect(service._createNote).toBeCalledWith('abc', { data: true }, { user: 'me' }); }); }); @@ -44,11 +44,11 @@ describe('createStatus', () => { const res = await service.createStatus('abc', { data: true }, { user: 'me' }, trx); expect(res).toEqual({ a: 'b' }); - expect(MockModel.startTransaction).toHaveBeenCalledTimes(0); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(expect.anything()); - expect(MockModel.insert).toHaveBeenCalledTimes(1); - expect(MockModel.insert).toHaveBeenCalledWith(expect.anything()); + expect(MockModel.startTransaction).toBeCalledTimes(0); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(expect.anything()); + expect(MockModel.insert).toBeCalledTimes(1); + expect(MockModel.insert).toBeCalledWith(expect.anything()); }); }); @@ -71,14 +71,14 @@ describe('deleteMutipleSubmissions', () => { service.readSubmissionData = jest.fn().mockReturnValue(returnValue); const spy = jest.spyOn(service, 'readSubmissionData'); const res = await service.deleteMutipleSubmissions(submissionIds, currentUser); - expect(MockModel.startTransaction).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(expect.anything()); - expect(MockModel.patch).toHaveBeenCalledTimes(1); - expect(MockModel.patch).toHaveBeenCalledWith({ deleted: true, updatedBy: currentUser.usernameIdp }); - expect(MockModel.whereIn).toHaveBeenCalledTimes(1); - expect(MockModel.whereIn).toHaveBeenCalledWith('id', submissionIds); - expect(spy).toHaveBeenCalledWith(submissionIds); + expect(MockModel.startTransaction).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(expect.anything()); + expect(MockModel.patch).toBeCalledTimes(1); + expect(MockModel.patch).toBeCalledWith({ deleted: true, updatedBy: currentUser.usernameIdp }); + expect(MockModel.whereIn).toBeCalledTimes(1); + expect(MockModel.whereIn).toBeCalledWith('id', submissionIds); + expect(spy).toBeCalledWith(submissionIds); expect(res).toEqual(returnValue); }); }); @@ -102,14 +102,14 @@ describe('restoreMutipleSubmissions', () => { service.readSubmissionData = jest.fn().mockReturnValue(returnValue); const spy = jest.spyOn(service, 'readSubmissionData'); const res = await service.restoreMutipleSubmissions(submissionIds, currentUser); - expect(MockModel.startTransaction).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(expect.anything()); - expect(MockModel.patch).toHaveBeenCalledTimes(1); - expect(MockModel.patch).toHaveBeenCalledWith({ deleted: false, updatedBy: currentUser.usernameIdp }); - expect(MockModel.whereIn).toHaveBeenCalledTimes(1); - expect(MockModel.whereIn).toHaveBeenCalledWith('id', submissionIds); - expect(spy).toHaveBeenCalledWith(submissionIds); + expect(MockModel.startTransaction).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(expect.anything()); + expect(MockModel.patch).toBeCalledTimes(1); + expect(MockModel.patch).toBeCalledWith({ deleted: false, updatedBy: currentUser.usernameIdp }); + expect(MockModel.whereIn).toBeCalledTimes(1); + expect(MockModel.whereIn).toBeCalledWith('id', submissionIds); + expect(spy).toBeCalledWith(submissionIds); expect(res).toEqual(returnValue); }); }); diff --git a/app/tests/unit/forms/user/service.spec.js b/app/tests/unit/forms/user/service.spec.js index 6036ad793..ba77baf76 100644 --- a/app/tests/unit/forms/user/service.spec.js +++ b/app/tests/unit/forms/user/service.spec.js @@ -33,18 +33,18 @@ describe('list', () => { await service.list(params); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(); - expect(MockModel.modify).toHaveBeenCalledTimes(9); - expect(MockModel.modify).toHaveBeenCalledWith('filterIdpUserId', params.idpUserId); - expect(MockModel.modify).toHaveBeenCalledWith('filterIdpCode', params.idpCode); - expect(MockModel.modify).toHaveBeenCalledWith('filterUsername', params.username, false); - expect(MockModel.modify).toHaveBeenCalledWith('filterFullName', params.fullName); - expect(MockModel.modify).toHaveBeenCalledWith('filterFirstName', params.firstName); - expect(MockModel.modify).toHaveBeenCalledWith('filterLastName', params.lastName); - expect(MockModel.modify).toHaveBeenCalledWith('filterEmail', params.email, false); - expect(MockModel.modify).toHaveBeenCalledWith('filterSearch', params.search); - expect(MockModel.modify).toHaveBeenCalledWith('orderLastFirstAscending'); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(); + expect(MockModel.modify).toBeCalledTimes(9); + expect(MockModel.modify).toBeCalledWith('filterIdpUserId', params.idpUserId); + expect(MockModel.modify).toBeCalledWith('filterIdpCode', params.idpCode); + expect(MockModel.modify).toBeCalledWith('filterUsername', params.username, false); + expect(MockModel.modify).toBeCalledWith('filterFullName', params.fullName); + expect(MockModel.modify).toBeCalledWith('filterFirstName', params.firstName); + expect(MockModel.modify).toBeCalledWith('filterLastName', params.lastName); + expect(MockModel.modify).toBeCalledWith('filterEmail', params.email, false); + expect(MockModel.modify).toBeCalledWith('filterSearch', params.search); + expect(MockModel.modify).toBeCalledWith('orderLastFirstAscending'); }); }); @@ -52,12 +52,12 @@ describe('read', () => { it('should query user table by id', async () => { await service.read(userId); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(); - expect(MockModel.findById).toHaveBeenCalledTimes(1); - expect(MockModel.findById).toHaveBeenCalledWith(userId); - expect(MockModel.throwIfNotFound).toHaveBeenCalledTimes(1); - expect(MockModel.throwIfNotFound).toHaveBeenCalledWith(); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(); + expect(MockModel.findById).toBeCalledTimes(1); + expect(MockModel.findById).toBeCalledWith(userId); + expect(MockModel.throwIfNotFound).toBeCalledTimes(1); + expect(MockModel.throwIfNotFound).toBeCalledWith(); }); }); @@ -65,14 +65,14 @@ describe('deleteUserPreferences', () => { it('should delete user form preference table by user id', async () => { await service.deleteUserPreferences({ id: userId }); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(); - expect(MockModel.delete).toHaveBeenCalledTimes(1); - expect(MockModel.delete).toHaveBeenCalledWith(); - expect(MockModel.where).toHaveBeenCalledTimes(1); - expect(MockModel.where).toHaveBeenCalledWith('userId', userId); - expect(MockModel.throwIfNotFound).toHaveBeenCalledTimes(1); - expect(MockModel.throwIfNotFound).toHaveBeenCalledWith(); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(); + expect(MockModel.delete).toBeCalledTimes(1); + expect(MockModel.delete).toBeCalledWith(); + expect(MockModel.where).toBeCalledTimes(1); + expect(MockModel.where).toBeCalledWith('userId', userId); + expect(MockModel.throwIfNotFound).toBeCalledTimes(1); + expect(MockModel.throwIfNotFound).toBeCalledWith(); }); }); @@ -80,10 +80,10 @@ describe('readUserPreferences', () => { it('should query user form preference table by user id', async () => { await service.readUserPreferences({ id: userId }); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(); - expect(MockModel.where).toHaveBeenCalledTimes(1); - expect(MockModel.where).toHaveBeenCalledWith('userId', userId); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(); + expect(MockModel.where).toBeCalledTimes(1); + expect(MockModel.where).toBeCalledWith('userId', userId); }); }); @@ -91,12 +91,12 @@ describe('deleteUserFormPreferences', () => { it('should delete user form preference table by user id', async () => { await service.deleteUserFormPreferences({ id: userId }, formId); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(); - expect(MockModel.deleteById).toHaveBeenCalledTimes(1); - expect(MockModel.deleteById).toHaveBeenCalledWith([userId, formId]); - expect(MockModel.throwIfNotFound).toHaveBeenCalledTimes(1); - expect(MockModel.throwIfNotFound).toHaveBeenCalledWith(); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(); + expect(MockModel.deleteById).toBeCalledTimes(1); + expect(MockModel.deleteById).toBeCalledWith([userId, formId]); + expect(MockModel.throwIfNotFound).toBeCalledTimes(1); + expect(MockModel.throwIfNotFound).toBeCalledWith(); }); }); @@ -104,12 +104,12 @@ describe('readUserFormPreferences', () => { it('should query user form preference table by user id', async () => { await service.readUserFormPreferences({ id: userId }, formId); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(); - expect(MockModel.findById).toHaveBeenCalledTimes(1); - expect(MockModel.findById).toHaveBeenCalledWith([userId, formId]); - expect(MockModel.first).toHaveBeenCalledTimes(1); - expect(MockModel.first).toHaveBeenCalledWith(); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(); + expect(MockModel.findById).toBeCalledTimes(1); + expect(MockModel.findById).toBeCalledWith([userId, formId]); + expect(MockModel.first).toBeCalledTimes(1); + expect(MockModel.first).toBeCalledWith(); }); }); @@ -117,11 +117,11 @@ describe('readUserLabels', () => { it('should query user labels by user id', async () => { await service.readUserLabels({ id: userId }); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(); - expect(MockModel.where).toHaveBeenCalledTimes(1); - expect(MockModel.where).toHaveBeenCalledWith('userId', userId); - expect(MockModel.select).toHaveBeenCalledWith('labelText'); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(); + expect(MockModel.where).toBeCalledTimes(1); + expect(MockModel.where).toBeCalledWith('userId', userId); + expect(MockModel.select).toBeCalledWith('labelText'); }); }); @@ -133,16 +133,16 @@ describe('updateUserLabels', () => { await service.updateUserLabels({ id: userId }, body); - expect(MockModel.startTransaction).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledTimes(body.length * 2 + 1); - expect(MockModel.query).toHaveBeenCalledWith(expect.anything()); - expect(MockModel.insert).toHaveBeenCalledTimes(body.length); - expect(MockModel.insert).toHaveBeenCalledWith({ + expect(MockModel.startTransaction).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledTimes(body.length * 2 + 1); + expect(MockModel.query).toBeCalledWith(expect.anything()); + expect(MockModel.insert).toBeCalledTimes(body.length); + expect(MockModel.insert).toBeCalledWith({ id: expect.any(String), userId: userId, labelText: expect.any(String), }); - expect(MockTransaction.commit).toHaveBeenCalledTimes(1); + expect(MockTransaction.commit).toBeCalledTimes(1); }); it('should throw when invalid options are provided', () => { @@ -151,17 +151,17 @@ describe('updateUserLabels', () => { expect(fn({ id: userId }, undefined)).rejects.toThrow(); expect(fn({ id: userId }, {})).rejects.toThrow(); - expect(MockModel.startTransaction).toHaveBeenCalledTimes(0); - expect(MockModel.query).toHaveBeenCalledTimes(0); + expect(MockModel.startTransaction).toBeCalledTimes(0); + expect(MockModel.query).toBeCalledTimes(0); }); it('should handle empty label body', async () => { await service.updateUserLabels({ id: userId }, []); - expect(MockModel.startTransaction).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.insert).not.toHaveBeenCalled(); - expect(MockTransaction.commit).toHaveBeenCalledTimes(1); + expect(MockModel.startTransaction).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.insert).not.toBeCalled(); + expect(MockTransaction.commit).toBeCalledTimes(1); }); }); @@ -189,8 +189,8 @@ describe('updateUserPreferences', () => { expect(fn({ id: userId }, undefined)).rejects.toThrow(); expect(fn({ id: userId }, {})).rejects.toThrow(); expect(fn({ id: userId }, { forms: {} })).rejects.toThrow(); - expect(MockModel.startTransaction).toHaveBeenCalledTimes(0); - expect(MockModel.query).toHaveBeenCalledTimes(0); + expect(MockModel.startTransaction).toBeCalledTimes(0); + expect(MockModel.query).toBeCalledTimes(0); }); it('should insert preferences', async () => { @@ -200,17 +200,17 @@ describe('updateUserPreferences', () => { await service.updateUserPreferences({ id: userId }, body); - expect(MockModel.startTransaction).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(expect.anything()); - expect(MockModel.insert).toHaveBeenCalledTimes(1); - expect(MockModel.insert).toHaveBeenCalledWith({ + expect(MockModel.startTransaction).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(expect.anything()); + expect(MockModel.insert).toBeCalledTimes(1); + expect(MockModel.insert).toBeCalledWith({ userId: userId, formId: formId, preferences: preferences, createdBy: undefined, }); - expect(MockTransaction.commit).toHaveBeenCalledTimes(1); + expect(MockTransaction.commit).toBeCalledTimes(1); }); it('should update preferences', async () => { @@ -220,15 +220,15 @@ describe('updateUserPreferences', () => { await service.updateUserPreferences({ id: userId }, body); - expect(MockModel.startTransaction).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(expect.anything()); - expect(MockModel.patchAndFetchById).toHaveBeenCalledTimes(1); - expect(MockModel.patchAndFetchById).toHaveBeenCalledWith([userId, formId], { + expect(MockModel.startTransaction).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(expect.anything()); + expect(MockModel.patchAndFetchById).toBeCalledTimes(1); + expect(MockModel.patchAndFetchById).toBeCalledWith([userId, formId], { preferences: preferences, updatedBy: undefined, }); - expect(MockTransaction.commit).toHaveBeenCalledTimes(1); + expect(MockTransaction.commit).toBeCalledTimes(1); }); }); @@ -247,17 +247,17 @@ describe('updateUserFormPreferences', () => { readUserFormPreferencesSpy.mockResolvedValue(undefined); await service.updateUserFormPreferences({ id: userId }, formId, preferences); - expect(MockModel.startTransaction).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(expect.anything()); - expect(MockModel.insertAndFetch).toHaveBeenCalledTimes(1); - expect(MockModel.insertAndFetch).toHaveBeenCalledWith({ + expect(MockModel.startTransaction).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(expect.anything()); + expect(MockModel.insertAndFetch).toBeCalledTimes(1); + expect(MockModel.insertAndFetch).toBeCalledWith({ userId: userId, formId: formId, preferences: preferences, createdBy: undefined, }); - expect(MockTransaction.commit).toHaveBeenCalledTimes(1); + expect(MockTransaction.commit).toBeCalledTimes(1); }); it('should update preferences', async () => { @@ -266,15 +266,15 @@ describe('updateUserFormPreferences', () => { await service.updateUserFormPreferences({ id: userId }, formId, preferences); - expect(MockModel.startTransaction).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledTimes(1); - expect(MockModel.query).toHaveBeenCalledWith(expect.anything()); - expect(MockModel.patchAndFetchById).toHaveBeenCalledTimes(1); - expect(MockModel.patchAndFetchById).toHaveBeenCalledWith([userId, formId], { + expect(MockModel.startTransaction).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledTimes(1); + expect(MockModel.query).toBeCalledWith(expect.anything()); + expect(MockModel.patchAndFetchById).toBeCalledTimes(1); + expect(MockModel.patchAndFetchById).toBeCalledWith([userId, formId], { preferences: preferences, updatedBy: undefined, }); - expect(MockTransaction.commit).toHaveBeenCalledTimes(1); + expect(MockTransaction.commit).toBeCalledTimes(1); }); it('should handle errors gracefully', async () => { @@ -286,7 +286,7 @@ describe('updateUserFormPreferences', () => { const fn = () => service.updateUserFormPreferences({ id: userId }, formId, preferences); await expect(fn()).rejects.toThrow(); - expect(MockModel.startTransaction).toHaveBeenCalledTimes(0); - expect(MockModel.query).toHaveBeenCalledTimes(0); + expect(MockModel.startTransaction).toBeCalledTimes(0); + expect(MockModel.query).toBeCalledTimes(0); }); }); diff --git a/app/tests/unit/routes/v1/admin.spec.js b/app/tests/unit/routes/v1/admin.spec.js index 476562752..2160fe638 100644 --- a/app/tests/unit/routes/v1/admin.spec.js +++ b/app/tests/unit/routes/v1/admin.spec.js @@ -315,7 +315,7 @@ describe(`${basePath}/forms/:formId/addUser`, () => { const response = await appRequest.put(path).query({ userId: '123' }).send({ userId: '123' }); - expect(rbacService.setFormUsers).toHaveBeenCalledWith(':formId', '123', { userId: '123' }, undefined); + expect(rbacService.setFormUsers).toBeCalledWith(':formId', '123', { userId: '123' }, undefined); expect(response.statusCode).toBe(200); expect(response.body).toBeTruthy(); }); diff --git a/app/tests/unit/routes/v1/form.spec.js b/app/tests/unit/routes/v1/form.spec.js index 40415fa4a..ffdb78efc 100644 --- a/app/tests/unit/routes/v1/form.spec.js +++ b/app/tests/unit/routes/v1/form.spec.js @@ -1344,8 +1344,8 @@ describe(`${basePath}/:formId/versions/:formVersionId/submissions`, () => { const response = await appRequest.post(path).set('Authorization', bearerAuth); - expect(emailService.submissionReceived).toHaveBeenCalledTimes(1); - expect(fileService.moveSubmissionFiles).toHaveBeenCalledTimes(1); + expect(emailService.submissionReceived).toBeCalledTimes(1); + expect(fileService.moveSubmissionFiles).toBeCalledTimes(1); expect(response.statusCode).toBe(201); expect(response.body).toBeTruthy(); }); @@ -1358,8 +1358,8 @@ describe(`${basePath}/:formId/versions/:formVersionId/submissions`, () => { const response = await appRequest.post(path).send({ draft: true }).set('Authorization', bearerAuth); - expect(emailService.submissionReceived).toHaveBeenCalledTimes(0); - expect(fileService.moveSubmissionFiles).toHaveBeenCalledTimes(1); + expect(emailService.submissionReceived).toBeCalledTimes(0); + expect(fileService.moveSubmissionFiles).toBeCalledTimes(1); expect(response.statusCode).toBe(201); expect(response.body).toBeTruthy(); }); @@ -1372,8 +1372,8 @@ describe(`${basePath}/:formId/versions/:formVersionId/submissions`, () => { const response = await appRequest.post(path).send({ draft: false }).set('Authorization', bearerAuth); - expect(emailService.submissionReceived).toHaveBeenCalledTimes(1); - expect(fileService.moveSubmissionFiles).toHaveBeenCalledTimes(1); + expect(emailService.submissionReceived).toBeCalledTimes(1); + expect(fileService.moveSubmissionFiles).toBeCalledTimes(1); expect(response.statusCode).toBe(201); expect(response.body).toBeTruthy(); }); diff --git a/app/tests/unit/routes/v1/submission.spec.js b/app/tests/unit/routes/v1/submission.spec.js index 4df8e4b15..a2871efb7 100644 --- a/app/tests/unit/routes/v1/submission.spec.js +++ b/app/tests/unit/routes/v1/submission.spec.js @@ -545,7 +545,7 @@ describe(`${basePath}/:formSubmissionId/status`, () => { expect(response.statusCode).toBe(200); expect(response.body).toBeTruthy(); - expect(emailService.statusAssigned).toHaveBeenCalledTimes(0); + expect(emailService.statusAssigned).toBeCalledTimes(0); }); it('should handle 401', async () => {