try a basic test

Author: devksingh4

src/api/plugins/auth.ts

@@ -237,6 +237,7 @@ const authPlugin: FastifyPluginAsync = async (fastify, _options) => {
         });
       }
       request.log.info(`authenticated request from ${request.username} `);
+      request.userRoles = userRoles;
       return userRoles;
     },
   );

src/api/routes/stripe.ts

@@ -1,5 +1,9 @@
-import { PutItemCommand } from "@aws-sdk/client-dynamodb";
-import { marshall } from "@aws-sdk/util-dynamodb";
+import {
+  PutItemCommand,
+  QueryCommand,
+  ScanCommand,
+} from "@aws-sdk/client-dynamodb";
+import { marshall, unmarshall } from "@aws-sdk/util-dynamodb";
 import {
   createStripeLink,
   StripeLinkCreateParams,
@@ -9,19 +13,63 @@ import { genericConfig } from "common/config.js";
 import {
   InternalServerError,
   UnauthenticatedError,
+  UnauthorizedError,
 } from "common/errors/index.js";
 import { AppRoles } from "common/roles.js";
 import {
   invoiceLinkPostResponseSchema,
   invoiceLinkPostRequestSchema,
+  invoiceLinkGetResponseSchema,
 } from "common/types/stripe.js";
 import { FastifyPluginAsync } from "fastify";
-import { z } from "zod";
+import { object, z } from "zod";
 import { zodToJsonSchema } from "zod-to-json-schema";
 
 const stripeRoutes: FastifyPluginAsync = async (fastify, _options) => {
+  fastify.get(
+    "/paymentLinks",
+    {
+      schema: {
+        response: { 200: zodToJsonSchema(invoiceLinkGetResponseSchema) },
+      },
+      onRequest: async (request, reply) => {
+        await fastify.authorize(request, reply, [AppRoles.STRIPE_LINK_CREATOR]);
+      },
+    },
+    async (request, reply) => {
+      let dynamoCommand;
+      if (request.userRoles?.has(AppRoles.BYPASS_OBJECT_LEVEL_AUTH)) {
+        dynamoCommand = new ScanCommand({
+          TableName: genericConfig.StripeLinksDynamoTableName,
+        });
+      } else {
+        dynamoCommand = new QueryCommand({
+          TableName: genericConfig.StripeLinksDynamoTableName,
+          KeyConditionExpression: "userId = :userId",
+          ExpressionAttributeValues: {
+            ":userId": { S: request.username! },
+          },
+        });
+      }
+      const result = await fastify.dynamoClient.send(dynamoCommand);
+      if (result.Count === 0 || !result.Items) {
+        return [];
+      }
+      const parsed = result.Items.map((item) => unmarshall(item)).map(
+        (item) => ({
+          id: item.linkId,
+          userId: item.userId,
+          link: item.url,
+          active: item.active,
+          invoiceId: item.invoiceId,
+          invoiceAmountUsd: item.amount,
+        }),
+      );
+      reply.status(200).send(parsed);
+    },
+  );
   fastify.post<{ Body: z.infer<typeof invoiceLinkPostRequestSchema> }>(
-    "/paymentLink",
+    "/paymentLinks",
     {
       schema: {
         response: { 201: zodToJsonSchema(invoiceLinkPostResponseSchema) },
@@ -66,7 +114,10 @@ const stripeRoutes: FastifyPluginAsync = async (fastify, _options) => {
           linkId,
           priceId,
           productId,
+          invoiceId,
           url,
+          amount: request.body.invoiceAmountUsd,
+          active: true,
         }),
       });
       await fastify.dynamoClient.send(dynamoCommand);

src/api/types.d.ts

@@ -33,6 +33,7 @@ declare module "fastify" {
   interface FastifyRequest {
     startTime: number;
     username?: string;
+    userRoles?: Set<AppRoles>;
     tokenPayload?: AadToken;
   }
 }

src/common/types/stripe.ts

@@ -1,7 +1,7 @@
 import { z } from 'zod';
 
 export const invoiceLinkPostResponseSchema = z.object({
-  invoiceId: z.string().min(1),
+  id: z.string().min(1),
   link: z.string().url(),
 })
 
@@ -11,3 +11,12 @@ export const invoiceLinkPostRequestSchema = z.object({
   contactName: z.string().min(1),
   contactEmail: z.string().email()
 })
+
+export const invoiceLinkGetResponseSchema = z.array(z.object({
+  id: z.string().min(1),
+  userId: z.string().email(),
+  link: z.string().url(),
+  active: z.boolean(),
+  invoiceId: z.string().min(1),
+  invoiceAmountUsd: z.number().min(50)
+}))

tests/unit/stripe.test.ts

@@ -0,0 +1,118 @@
+import { afterAll, expect, test, beforeEach, vi, describe } from "vitest";
+import init from "../../src/api/index.js";
+import {
+  GetSecretValueCommand,
+  SecretsManagerClient,
+} from "@aws-sdk/client-secrets-manager";
+import { mockClient } from "aws-sdk-client-mock";
+import { secretJson } from "./secret.testdata.js";
+import { DynamoDBClient, PutItemCommand } from "@aws-sdk/client-dynamodb";
+import supertest from "supertest";
+import { createJwt } from "./auth.test.js";
+
+const smMock = mockClient(SecretsManagerClient);
+const ddbMock = mockClient(DynamoDBClient);
+
+vi.mock("stripe", () => {
+  const productMock = { id: "prod_123" };
+  const priceMock = { id: "price_123" };
+  const paymentLinkMock = {
+    id: "plink_123",
+    url: "https://stripe.com/payment-link",
+  };
+
+  return {
+    default: vi.fn(() => ({
+      products: {
+        create: vi.fn().mockResolvedValue(productMock),
+      },
+      prices: {
+        create: vi.fn().mockResolvedValue(priceMock),
+      },
+      paymentLinks: {
+        create: vi.fn().mockResolvedValue(paymentLinkMock),
+      },
+    })),
+  };
+});
+
+const app = await init();
+describe("Test Stripe link creation", async () => {
+  test("Test body validation 1", async () => {
+    smMock.on(GetSecretValueCommand).resolves({
+      SecretString: secretJson,
+    });
+    ddbMock.on(PutItemCommand).rejects();
+    const testJwt = createJwt();
+    await app.ready();
+
+    const response = await supertest(app.server)
+      .post("/api/v1/stripe/paymentLinks")
+      .set("authorization", `Bearer ${testJwt}`)
+      .send({
+        invoiceId: "",
+        invoiceAmountUsd: 49,
+        contactName: "",
+      });
+    expect(response.statusCode).toBe(400);
+    expect(response.body).toStrictEqual({
+      error: true,
+      name: "ValidationError",
+      id: 104,
+      message:
+        'String must contain at least 1 character(s) at "invoiceId"; Number must be greater than or equal to 50 at "invoiceAmountUsd"; String must contain at least 1 character(s) at "contactName"; Required at "contactEmail"',
+    });
+  });
+  test("Test body validation 2", async () => {
+    smMock.on(GetSecretValueCommand).resolves({
+      SecretString: secretJson,
+    });
+    ddbMock.on(PutItemCommand).rejects();
+    const testJwt = createJwt();
+    await app.ready();
+
+    const response = await supertest(app.server)
+      .post("/api/v1/stripe/paymentLinks")
+      .set("authorization", `Bearer ${testJwt}`)
+      .send({
+        invoiceId: "ACM102",
+        invoiceAmountUsd: 51,
+        contactName: "Dev",
+        contactEmail: "invalidEmail",
+      });
+    expect(response.statusCode).toBe(400);
+    expect(response.body).toStrictEqual({
+      error: true,
+      name: "ValidationError",
+      id: 104,
+      message: 'Invalid email at "contactEmail"',
+    });
+  });
+  test("Happy Path", async () => {
+    ddbMock.on(PutItemCommand).resolves({});
+    const testJwt = createJwt();
+    await app.ready();
+
+    const response = await supertest(app.server)
+      .post("/api/v1/stripe/paymentLinks")
+      .set("authorization", `Bearer ${testJwt}`)
+      .send({
+        invoiceId: "ACM102",
+        invoiceAmountUsd: 51,
+        contactName: "Infra User",
+        contactEmail: "[email protected]",
+      });
+    expect(response.statusCode).toBe(201);
+    console.log(response.body);
+  });
+  afterAll(async () => {
+    await app.close();
+  });
+  beforeEach(() => {
+    (app as any).nodeCache.flushAll();
+    vi.clearAllMocks();
+    smMock.on(GetSecretValueCommand).resolves({
+      SecretString: secretJson,
+    });
+  });
+});