test:

* added integration test for role deletion functionality

Author: anand-panigrahi

server/test/integration_test.go

@@ -122,6 +122,7 @@ func TestResolvers(t *testing.T) {
 			updateEmailTemplateTest(t, s)
 			emailTemplatesTest(t, s)
 			deleteEmailTemplateTest(t, s)
+			RoleDeletionTest(t, s)
 
 			// user resolvers tests
 			loginTests(t, s)

server/test/role_deletion_test.go

@@ -0,0 +1,98 @@
+package test
+
+import (
+	"fmt"
+	"github.com/authorizerdev/authorizer/server/crypto"
+	"strings"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/memorystore"
+	"github.com/authorizerdev/authorizer/server/refs"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+)
+
+func RoleDeletionTest(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should complete role deletion`, func(t *testing.T) {
+		// login as admin
+		req, ctx := createContext(s)
+
+		_, err := resolvers.AdminLoginResolver(ctx, model.AdminLoginInput{
+			AdminSecret: "admin_test",
+		})
+		assert.NotNil(t, err)
+
+		adminSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
+		assert.Nil(t, err)
+		_, err = resolvers.AdminLoginResolver(ctx, model.AdminLoginInput{
+			AdminSecret: adminSecret,
+		})
+		assert.Nil(t, err)
+
+		h, err := crypto.EncryptPassword(adminSecret)
+		assert.Nil(t, err)
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", constants.AdminCookieName, h))
+
+		// add new default role to get role, if not present in roles
+		originalDefaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
+		assert.Nil(t, err)
+		originalDefaultRolesSlice := strings.Split(originalDefaultRoles, ",")
+
+		data := model.UpdateEnvInput{
+			DefaultRoles: append(originalDefaultRolesSlice, "abc"),
+		}
+		_, err = resolvers.UpdateEnvResolver(ctx, data)
+		assert.Error(t, err)
+
+		// add new role
+		originalRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyRoles)
+		assert.Nil(t, err)
+		originalRolesSlice := strings.Split(originalRoles, ",")
+		roleToBeAdded := "abc"
+		newRoles := append(originalRolesSlice, roleToBeAdded)
+		data = model.UpdateEnvInput{
+			Roles: newRoles,
+		}
+		_, err = resolvers.UpdateEnvResolver(ctx, data)
+		assert.Nil(t, err)
+
+		// register a user with all roles
+		email := "update_user." + s.TestInfo.Email
+		_, err = resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           refs.NewStringRef(email),
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+			Roles:           newRoles,
+		})
+		assert.Nil(t, err)
+
+		regUserDetails, _ := resolvers.UserResolver(ctx, model.GetUserRequest{
+			Email: refs.NewStringRef(email),
+		})
+
+		// update env by removing role "abc"
+		var newRolesAfterDeletion []string
+		for _, value := range newRoles {
+			if value != roleToBeAdded {
+				newRolesAfterDeletion = append(newRolesAfterDeletion, value)
+			}
+		}
+		data = model.UpdateEnvInput{
+			Roles: newRolesAfterDeletion,
+		}
+		_, err = resolvers.UpdateEnvResolver(ctx, data)
+		assert.Nil(t, err)
+
+		// check user if role still exist
+		userDetails, err := resolvers.UserResolver(ctx, model.GetUserRequest{
+			Email: refs.NewStringRef(email),
+		})
+		assert.Nil(t, err)
+		assert.Equal(t, newRolesAfterDeletion, userDetails.Roles)
+		assert.NotEqual(t, newRolesAfterDeletion, regUserDetails.Roles)
+	})
+}