Linkry test suite updated

Author: EthM370

src/api/routes/linkry.ts

@@ -488,7 +488,9 @@ const linkryRoutes: FastifyPluginAsync = async (fastify, _options) => {
               setUserGroups,
             );
             if (mutualGroups.size == 0) {
-              throw new NotFoundError({ endpointName: request.url });
+              throw new UnauthorizedError({
+                message: "You have not been delegated access.",
+              });
             }
           }
           return reply.status(200).send(item);

tests/unit/auth.test.ts

@@ -19,7 +19,7 @@ const ddbMock = mockClient(SecretsManagerClient);
 
 const app = await init();
 const jwt_secret = secretObject["jwt_key"];
-export function createJwt(date?: Date, group?: string, email?: string) {
+export function createJwt(date?: Date, groups?: string[], email?: string) {
   let modifiedPayload = {
     ...jwtPayload,
     email: email || jwtPayload.email,
@@ -36,8 +36,8 @@ export function createJwt(date?: Date, group?: string, email?: string) {
     };
   }
 
-  if (group) {
-    modifiedPayload.groups = [group];
+  if (groups) {
+    modifiedPayload.groups = groups;
   }
   return jwt.sign(modifiedPayload, jwt_secret, { algorithm: "HS256" });
 }

tests/unit/eventPost.test.ts

@@ -48,7 +48,7 @@ test("Sad path: Not authenticated", async () => {
 
 test("Sad path: Authenticated but not authorized", async () => {
   await app.ready();
-  const testJwt = createJwt(undefined, "1");
+  const testJwt = createJwt(undefined, ["1"]);
   const response = await supertest(app.server)
     .post("/api/v1/events")
     .set("Authorization", `Bearer ${testJwt}`)
@@ -66,7 +66,7 @@ test("Sad path: Authenticated but not authorized", async () => {
 });
 test("Sad path: Prevent empty body request", async () => {
   await app.ready();
-  const testJwt = createJwt(undefined, "0");
+  const testJwt = createJwt(undefined, ["0"]);
   const response = await supertest(app.server)
     .post("/api/v1/events")
     .set("Authorization", `Bearer ${testJwt}`)
@@ -226,7 +226,7 @@ describe("ETag Lifecycle Tests", () => {
       Items: [],
     });
 
-    const testJwt = createJwt(undefined, "0");
+    const testJwt = createJwt(undefined, ["0"]);
 
     // 1. Check initial etag for all events is 0
     const initialAllResponse = await app.inject({
@@ -312,7 +312,7 @@ describe("ETag Lifecycle Tests", () => {
       Items: [],
     });
 
-    const testJwt = createJwt(undefined, "0");
+    const testJwt = createJwt(undefined, ["0"]);
 
     // 1. Create an event
     const eventResponse = await supertest(app.server)
@@ -412,7 +412,7 @@ describe("ETag Lifecycle Tests", () => {
       Items: [],
     });
 
-    const testJwt = createJwt(undefined, "0");
+    const testJwt = createJwt(undefined, ["0"]);
 
     // 1. Check initial etag for all events is 0
     const initialAllResponse = await app.inject({

tests/unit/events.test.ts

@@ -50,7 +50,7 @@ test("ETag should increment after event creation", async () => {
     Items: [],
   });
 
-  const testJwt = createJwt(undefined, "0");
+  const testJwt = createJwt(undefined, ["0"]);
 
   // 1. Check initial etag for all events is 0
   const initialAllResponse = await app.inject({
@@ -138,7 +138,7 @@ test("Should return 304 Not Modified when If-None-Match header matches ETag", as
     Items: [],
   });
 
-  const testJwt = createJwt(undefined, "0");
+  const testJwt = createJwt(undefined, ["0"]);
 
   // 1. First GET request to establish ETag
   const initialResponse = await app.inject({
@@ -188,7 +188,7 @@ test("Should return 304 Not Modified when If-None-Match header matches quoted ET
     Items: [],
   });
 
-  const testJwt = createJwt(undefined, "0");
+  const testJwt = createJwt(undefined, ["0"]);
 
   // 1. First GET request to establish ETag
   const initialResponse = await app.inject({
@@ -238,7 +238,7 @@ test("Should NOT return 304 when ETag has changed", async () => {
     Items: [],
   });
 
-  const testJwt = createJwt(undefined, "0");
+  const testJwt = createJwt(undefined, ["0"]);
 
   // 1. Initial GET to establish ETag
   const initialResponse = await app.inject({
@@ -313,7 +313,7 @@ test("Should handle 304 responses for individual event endpoints", async () => {
   ddbMock.on(PutItemCommand).resolves({});
 
   // Create an event
-  const testJwt = createJwt(undefined, "0");
+  const testJwt = createJwt(undefined, ["0"]);
   const eventResponse = await supertest(app.server)
     .post("/api/v1/events")
     .set("Authorization", `Bearer ${testJwt}`)