Skip to content

Commit 1badc4b

Browse files
pyramationpyramation
committed
wip
1 parent fee8df0 commit 1badc4b

File tree

8 files changed

+66
-2562
lines changed

8 files changed

+66
-2562
lines changed

packages/rls-demo/__tests__/hello-world.test.ts

Lines changed: 66 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,11 +7,13 @@ let teardown: () => Promise<void>;
77

88
let user1: any;
99
let user2: any;
10+
let user3: any;
1011

1112
beforeAll(async () => {
1213
({ pg, db, teardown } = await getConnections());
1314
user1 = await insertUser(pg, '[email protected]');
1415
user2 = await insertUser(pg, '[email protected]');
16+
user3 = await insertUser(pg, '[email protected]');
1517
});
1618

1719
afterAll(async () => {
@@ -79,5 +81,69 @@ describe('tutorial: basic rls crud operations', () => {
7981
)
8082
).rejects.toThrow();
8183
});
84+
85+
it('should allow users to see only their own data in list queries', async () => {
86+
// db.setContext({role: 'service_role'});
87+
88+
// set context to user1
89+
db.setContext({
90+
role: 'authenticated',
91+
'request.jwt.claim.sub': user1.id
92+
});
93+
94+
95+
// create multiple users as admin
96+
await db.one(
97+
`INSERT INTO rls_test.pets (name, breed, user_id)
98+
VALUES ($1, $2, $3)
99+
RETURNING id`,
100+
['Fido', 'Labrador', user1.id]
101+
);
102+
103+
// set context to user1
104+
db.setContext({
105+
role: 'authenticated',
106+
'request.jwt.claim.sub': user2.id
107+
});
108+
109+
110+
await db.one(
111+
`INSERT INTO rls_test.pets (name, breed, user_id)
112+
VALUES ($1, $2, $3)
113+
RETURNING id`,
114+
['Buddy', 'Golden Retriever', user2.id]
115+
);
116+
117+
// set context to user1
118+
db.setContext({
119+
role: 'authenticated',
120+
'request.jwt.claim.sub': user3.id
121+
});
122+
123+
124+
await db.one(
125+
`INSERT INTO rls_test.pets (name, breed, user_id)
126+
VALUES ($1, $2, $3)
127+
RETURNING id`,
128+
['Rex', 'German Shepherd', user3.id]
129+
);
130+
131+
// set context to user1
132+
db.setContext({
133+
role: 'authenticated',
134+
'request.jwt.claim.sub': user1.id
135+
});
136+
137+
// user1 should only see their own record in a list query
138+
const allUsers = await db.many(
139+
`SELECT id, name, breed, user_id FROM rls_test.pets ORDER BY name`
140+
);
141+
142+
expect(allUsers.length).toBe(1);
143+
expect(allUsers[0].user_id).toBe(user1.id);
144+
expect(allUsers[0].name).toBe('Fido');
145+
expect(allUsers[0].breed).toBe('Labrador');
146+
});
147+
82148
});
83149

0 commit comments

Comments
 (0)