Skip to content

Commit 2e073ec

Browse files
Suvidh-kaushikAchintya-Chatterjeeiamitprakash
authored
test/ integration tests for createImpersonationRequests (#2441)
* added integration tests for create impersonation requests * nitpick: fixed small spacing issues and linting * fixed integration tests according to logic changes * fixed test descriptions * fixed error response in tests --------- Co-authored-by: Achintya Chatterjee <[email protected]> Co-authored-by: Amit Prakash <[email protected]>
1 parent d438059 commit 2e073ec

File tree

1 file changed

+267
-0
lines changed

1 file changed

+267
-0
lines changed

test/integration/impersonationRequests.test.ts

Lines changed: 267 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,267 @@
1+
import chai from "chai";
2+
import chaiHttp from "chai-http";
3+
import _ from "lodash";
4+
import config from "config";
5+
import app from "../../server";
6+
import cleanDb from "../utils/cleanDb";
7+
import authService from "../../services/authService";
8+
import userDataFixture from "../fixtures/user/user";
9+
import sinon from "sinon";
10+
import addUser from "../utils/addUser";
11+
import * as impersonationModel from "../../models/impersonationRequests";
12+
import * as validationService from "../../services/impersonationRequests";
13+
import { CreateImpersonationRequestBody, ImpersonationRequest } from "../../types/impersonationRequest";
14+
import { REQUEST_CREATED_SUCCESSFULLY, REQUEST_STATE } from "../../constants/requests";
15+
import { impersonationRequestsBodyData } from "../fixtures/impersonation-requests/impersonationRequests";
16+
17+
const { expect } = chai;
18+
const cookieName = config.get("userToken.cookieName");
19+
const userData = userDataFixture();
20+
chai.use(chaiHttp);
21+
22+
let testUserId: string;
23+
let testUserId2: string;
24+
let testUserId3: string;
25+
let testSuperUserId: string;
26+
let authToken: string;
27+
let superUserToken: string;
28+
let impersonationRequestBody: CreateImpersonationRequestBody;
29+
30+
describe("Impersonation Requests", () => {
31+
const requestsEndpoint: string = "/impersonation/requests?dev=true";
32+
33+
beforeEach(async () => {
34+
const userIdPromises = [
35+
addUser(userData[16]),
36+
addUser(userData[18]),
37+
addUser(userData[12]),
38+
addUser(userData[4])
39+
];
40+
const [userId1, userId2, userId3, superUserId] = await Promise.all(userIdPromises);
41+
testUserId = userId1;
42+
testUserId2 = userId2;
43+
testUserId3 = userId3;
44+
testSuperUserId = superUserId;
45+
46+
impersonationRequestBody = {
47+
impersonatedUserId: testUserId,
48+
reason: "User assistance required for account debugging."
49+
};
50+
51+
await impersonationModel.createImpersonationRequest({
52+
...impersonationRequestsBodyData[0],
53+
impersonatedUserId: testUserId2,
54+
userId: superUserId,
55+
});
56+
await impersonationModel.createImpersonationRequest({
57+
...impersonationRequestsBodyData[0],
58+
impersonatedUserId: testUserId3,
59+
userId: superUserId,
60+
status: REQUEST_STATE.APPROVED
61+
});
62+
63+
authToken = authService.generateAuthToken({ userId: testUserId });
64+
superUserToken = authService.generateAuthToken({ userId: testSuperUserId });
65+
});
66+
67+
afterEach(async () => {
68+
sinon.restore();
69+
await cleanDb();
70+
});
71+
72+
describe("POST /impersonation/requests", () => {
73+
it("should return 404 and 'Route not found' message when dev is false", function (done) {
74+
chai
75+
.request(app)
76+
.post("/impersonation/requests?dev=false")
77+
.set("cookie", `${cookieName}=${superUserToken}`)
78+
.send(impersonationRequestBody)
79+
.end(function (err, res) {
80+
if (err) return done(err);
81+
expect(res.statusCode).to.equal(404);
82+
expect(res.body.message).to.equal("Route not found");
83+
done();
84+
});
85+
});
86+
87+
it("should return 404 and 'Route not found' message when dev is missing", function (done) {
88+
chai
89+
.request(app)
90+
.post("/impersonation/requests")
91+
.set("cookie", `${cookieName}=${superUserToken}`)
92+
.send(impersonationRequestBody)
93+
.end(function (err, res) {
94+
if (err) return done(err);
95+
expect(res.statusCode).to.equal(404);
96+
expect(res.body.message).to.equal("Route not found");
97+
done();
98+
});
99+
});
100+
101+
it("should create a new request if dev is present", function (done) {
102+
chai
103+
.request(app)
104+
.post(requestsEndpoint)
105+
.set("cookie", `${cookieName}=${superUserToken}`)
106+
.send({ ...impersonationRequestBody })
107+
.end(function (err, res) {
108+
if (err) return done(err);
109+
expect(res).to.have.status(201);
110+
expect(res.body).to.have.property("message");
111+
expect(res.body.message).to.equal(REQUEST_CREATED_SUCCESSFULLY);
112+
expect(res.body).to.have.property("data");
113+
done();
114+
});
115+
});
116+
117+
it("should return 401 if user is not logged in", function (done) {
118+
chai
119+
.request(app)
120+
.post(requestsEndpoint)
121+
.send(impersonationRequestBody)
122+
.end(function (err, res) {
123+
if (err) return done(err);
124+
expect(res).to.have.status(401);
125+
expect(res.body.error).to.equal("Unauthorized");
126+
expect(res.body.message).to.equal("Unauthenticated User");
127+
done();
128+
});
129+
});
130+
131+
it("should return 401 if user is not a superuser", function (done) {
132+
chai
133+
.request(app)
134+
.post(requestsEndpoint)
135+
.set("cookie", `${cookieName}=${authToken}`)
136+
.send(impersonationRequestBody)
137+
.end(function (err, res) {
138+
if (err) return done(err);
139+
expect(res).to.have.status(401);
140+
expect(res.body.error).to.equal("Unauthorized");
141+
expect(res.body.message).to.equal("You are not authorized for this action.");
142+
done();
143+
});
144+
});
145+
146+
it("should return 401 if auth token is invalid", function (done) {
147+
chai
148+
.request(app)
149+
.post(requestsEndpoint)
150+
.set("cookie", `${cookieName}=invalidToken`)
151+
.send(impersonationRequestBody)
152+
.end(function (err, res) {
153+
if (err) return done(err);
154+
expect(res).to.have.status(401);
155+
expect(res.body.error).to.equal("Unauthorized");
156+
expect(res.body.message).to.equal("Unauthenticated User");
157+
done();
158+
});
159+
});
160+
161+
it("should return 400 if impersonatedUserId is not provided", function (done) {
162+
chai
163+
.request(app)
164+
.post(requestsEndpoint)
165+
.set("cookie", `${cookieName}=${superUserToken}`)
166+
.send(_.omit(impersonationRequestBody, "impersonatedUserId"))
167+
.end(function (err, res) {
168+
if (err) return done(err);
169+
expect(res).to.have.status(400);
170+
expect(res.body.error).to.equal("Bad Request");
171+
expect(res.body.message).to.equal("impersonatedUserId is required");
172+
done();
173+
});
174+
});
175+
176+
it("should return 400 if reason is not provided", function (done) {
177+
chai
178+
.request(app)
179+
.post(requestsEndpoint)
180+
.set("cookie", `${cookieName}=${superUserToken}`)
181+
.send(_.omit(impersonationRequestBody, "reason"))
182+
.end(function (err, res) {
183+
if (err) return done(err);
184+
expect(res).to.have.status(400);
185+
expect(res.body.error).to.equal("Bad Request");
186+
expect(res.body.message).to.equal("reason is required");
187+
done();
188+
});
189+
});
190+
191+
it("should return 404 if impersonated user does not exist", function (done) {
192+
chai
193+
.request(app)
194+
.post(requestsEndpoint)
195+
.set("cookie", `${cookieName}=${superUserToken}`)
196+
.send({ ...impersonationRequestBody, impersonatedUserId: "nonexistentUserId" })
197+
.end(function (err, res) {
198+
if (err) return done(err);
199+
expect(res).to.have.status(404);
200+
expect(res.body.error).to.equal("Not Found");
201+
expect(res.body.message).to.equal("User not found");
202+
done();
203+
});
204+
});
205+
206+
it("should return 403 Forbidden if an approved impersonation request already exists and isImpersonationFinished is false", function (done) {
207+
chai
208+
.request(app)
209+
.post(requestsEndpoint)
210+
.set("cookie", `${cookieName}=${superUserToken}`)
211+
.send({ ...impersonationRequestBody, impersonatedUserId: testUserId3 })
212+
.end(function (err, res) {
213+
if (err) return done(err);
214+
expect(res).to.have.status(403);
215+
expect(res.body.error).to.equal("Forbidden");
216+
expect(res.body.message).to.equal("You are not allowed for this Operation at the moment");
217+
done();
218+
});
219+
});
220+
221+
it("should return 403 Forbidden if a pending impersonation request already exists", function (done) {
222+
chai
223+
.request(app)
224+
.post(requestsEndpoint)
225+
.set("cookie", `${cookieName}=${superUserToken}`)
226+
.send({ ...impersonationRequestBody, impersonatedUserId: testUserId2 })
227+
.end(function (err, res) {
228+
if (err) return done(err);
229+
expect(res).to.have.status(403);
230+
expect(res.body.error).to.equal("Forbidden");
231+
expect(res.body.message).to.equal("You are not allowed for this Operation at the moment");
232+
done();
233+
});
234+
});
235+
236+
it("should return 500 response when creating Impersonation request fails", function (done) {
237+
sinon.stub(impersonationModel, "createImpersonationRequest").throws(new Error("Error while creating request"));
238+
239+
chai
240+
.request(app)
241+
.post(requestsEndpoint)
242+
.set("cookie", `${cookieName}=${superUserToken}`)
243+
.send(impersonationRequestBody)
244+
.end(function (err, res) {
245+
if (err) return done(err);
246+
expect(res.statusCode).to.equal(500);
247+
expect(res.body.message).to.equal("An internal server error occurred");
248+
done();
249+
});
250+
});
251+
252+
it("should return 500 if an unexpected error occurs", function (done) {
253+
sinon.stub(validationService, "createImpersonationRequestService").throws(new Error("Error while creating request"));
254+
chai
255+
.request(app)
256+
.post(requestsEndpoint)
257+
.set("cookie", `${cookieName}=${superUserToken}`)
258+
.send({ ...impersonationRequestBody, impersonatedUserId: testUserId3 })
259+
.end(function (err, res) {
260+
if (err) return done(err);
261+
expect(res).to.have.status(500);
262+
expect(res.body.message).to.equal("An internal server error occurred");
263+
done();
264+
});
265+
});
266+
});
267+
});

0 commit comments

Comments
 (0)