93 lines
2.7 KiB
TypeScript
93 lines
2.7 KiB
TypeScript
import { render, screen, waitFor } from '@testing-library/react';
|
|
import userEvent from '@testing-library/user-event';
|
|
import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
|
|
import { AuthProvider, useAuth } from './AuthContext';
|
|
import { fetchMe } from '../api/me';
|
|
import { signIn as apiSignIn } from '../lib/api';
|
|
import { clearToken, getToken, setToken } from '../lib/auth-storage';
|
|
|
|
// Mock the network layer so no real requests are made.
|
|
vi.mock('../lib/api', () => ({
|
|
signIn: vi.fn(),
|
|
}));
|
|
vi.mock('../api/me', () => ({
|
|
fetchMe: vi.fn(),
|
|
}));
|
|
|
|
const mockedSignIn = vi.mocked(apiSignIn);
|
|
const mockedFetchMe = vi.mocked(fetchMe);
|
|
|
|
// A tiny harness that exposes the auth context's state + signIn.
|
|
function Harness() {
|
|
const { isAuthed, signIn } = useAuth();
|
|
return (
|
|
<div>
|
|
<span data-testid="authed">{String(isAuthed)}</span>
|
|
<button
|
|
type="button"
|
|
onClick={() => {
|
|
signIn('user@solelog.local', 'pw').catch((err) => {
|
|
const el = document.getElementById('err');
|
|
if (el) el.textContent = err instanceof Error ? err.message : String(err);
|
|
});
|
|
}}
|
|
>
|
|
go
|
|
</button>
|
|
<span id="err" />
|
|
</div>
|
|
);
|
|
}
|
|
|
|
function renderHarness() {
|
|
return render(
|
|
<AuthProvider>
|
|
<Harness />
|
|
</AuthProvider>
|
|
);
|
|
}
|
|
|
|
describe('AuthContext admin gate', () => {
|
|
beforeEach(() => {
|
|
mockedSignIn.mockReset();
|
|
mockedFetchMe.mockReset();
|
|
// signIn stores a token (mirror the real lib/api behaviour).
|
|
mockedSignIn.mockImplementation(async () => {
|
|
setToken('tok');
|
|
});
|
|
});
|
|
|
|
afterEach(() => {
|
|
clearToken();
|
|
vi.clearAllMocks();
|
|
});
|
|
|
|
it('signs in an admin: isAuthed becomes true, token kept', async () => {
|
|
mockedFetchMe.mockResolvedValue({
|
|
user: { id: 'a1', email: 'admin@solelog.local', name: 'Admin', role: 'admin' },
|
|
});
|
|
const user = userEvent.setup();
|
|
renderHarness();
|
|
expect(screen.getByTestId('authed')).toHaveTextContent('false');
|
|
|
|
await user.click(screen.getByRole('button', { name: 'go' }));
|
|
|
|
await waitFor(() => expect(screen.getByTestId('authed')).toHaveTextContent('true'));
|
|
expect(getToken()).toBe('tok');
|
|
});
|
|
|
|
it('rejects a worker: throws not-admin, clears the token, stays unauthed', async () => {
|
|
mockedFetchMe.mockResolvedValue({
|
|
user: { id: 'w1', email: 'worker@solelog.local', name: 'Werker', role: 'worker' },
|
|
});
|
|
const user = userEvent.setup();
|
|
renderHarness();
|
|
|
|
await user.click(screen.getByRole('button', { name: 'go' }));
|
|
|
|
await waitFor(() => expect(document.getElementById('err')).toHaveTextContent('not-admin'));
|
|
expect(getToken()).toBeNull();
|
|
expect(screen.getByTestId('authed')).toHaveTextContent('false');
|
|
});
|
|
});
|