Files
stock-manager/tests/integration/use-cases/user.use-cases.test.ts
T

294 lines
8.7 KiB
TypeScript

import { afterAll, beforeAll, beforeEach, describe, expect, it } from "vitest"
import type { PrismaClient } from "@/generated/prisma/client"
import { normalizeEmail } from "@/lib/email"
import { createTestUser } from "../helpers/factories"
import {
resetIntegrationTestDatabase,
startIntegrationTestDatabase,
stopIntegrationTestDatabase,
} from "../helpers/test-db"
let prisma: PrismaClient
let createUserUseCase: typeof import("@/use-cases/user.use-cases").createUserUseCase
let updateUserUseCase: typeof import("@/use-cases/user.use-cases").updateUserUseCase
let setUserActiveUseCase: typeof import("@/use-cases/user.use-cases").setUserActiveUseCase
let resetUserPasswordUseCase: typeof import("@/use-cases/user.use-cases").resetUserPasswordUseCase
let verifyPassword: typeof import("@/lib/security").verifyPassword
let getUserById: typeof import("@/services/user.service").getUserById
let getUsers: typeof import("@/services/user.service").getUsers
let countActiveAdmins: typeof import("@/services/user.service").countActiveAdmins
beforeAll(async () => {
await startIntegrationTestDatabase()
const prismaModule = await import("@/lib/prisma")
const userUseCases = await import("@/use-cases/user.use-cases")
const security = await import("@/lib/security")
const userService = await import("@/services/user.service")
prisma = prismaModule.prisma
createUserUseCase = userUseCases.createUserUseCase
updateUserUseCase = userUseCases.updateUserUseCase
setUserActiveUseCase = userUseCases.setUserActiveUseCase
resetUserPasswordUseCase = userUseCases.resetUserPasswordUseCase
verifyPassword = security.verifyPassword
getUserById = userService.getUserById
getUsers = userService.getUsers
countActiveAdmins = userService.countActiveAdmins
})
beforeEach(async () => {
await resetIntegrationTestDatabase(prisma)
})
afterAll(async () => {
await prisma?.$disconnect()
await stopIntegrationTestDatabase()
})
describe("user use-cases", () => {
it("creates a user with a hashed password", async () => {
const result = await createUserUseCase({
name: "New User",
email: "new-user@example.test",
password: "secure-password",
role: "STAFF",
isActive: true,
})
expect(result).toEqual({ success: true })
const user = await prisma.user.findUniqueOrThrow({
where: { emailNormalized: normalizeEmail("new-user@example.test") },
})
expect(user).toMatchObject({
name: "New User",
email: "new-user@example.test",
role: "STAFF",
status: "ACTIVE",
})
expect(user.activatedAt).toBeInstanceOf(Date)
expect(user.passwordChangedAt).toBeInstanceOf(Date)
expect(user.passwordHash).not.toBe("secure-password")
if (!user.passwordHash) throw new Error("Expected password hash")
await expect(
verifyPassword("secure-password", user.passwordHash),
).resolves.toBe(true)
})
it("rejects duplicate emails", async () => {
await createTestUser(prisma, {
email: "existing@example.test",
})
await expect(
createUserUseCase({
name: "Duplicate Email",
email: "existing@example.test",
password: "secure-password",
role: "STAFF",
isActive: true,
}),
).resolves.toEqual({
success: false,
errors: { email: ["Email already exists"] },
})
expect(await prisma.user.count()).toBe(1)
expect(
await prisma.user.findUniqueOrThrow({
where: { emailNormalized: normalizeEmail("existing@example.test") },
}),
).toMatchObject({ email: "existing@example.test" })
})
it("excludes soft-deleted users from active queries", async () => {
const activeUser = await createTestUser(prisma, {
email: "active-user@example.test",
role: "ADMIN",
})
const softDeletedUser = await createTestUser(prisma, {
email: "deleted-user@example.test",
role: "ADMIN",
})
await prisma.user.update({
where: { id: softDeletedUser.id },
data: { deletedAt: new Date() },
})
const users = await getUsers({ page: 1, pageSize: 10 })
expect(users.data).toHaveLength(1)
expect(users.data[0].id).toBe(activeUser.id)
expect(await getUserById(softDeletedUser.id)).toBeNull()
expect(await countActiveAdmins()).toBe(1)
})
it("updates a user while preserving uniqueness constraints", async () => {
const actor = await createTestUser(prisma, { role: "ADMIN" })
const user = await createTestUser(prisma, {
email: "editable@example.test",
role: "STAFF",
})
const other = await createTestUser(prisma, {
email: "other@example.test",
role: "STAFF",
})
await expect(
updateUserUseCase({
actorId: actor.id,
id: user.id,
name: "Edited User",
email: "edited@example.test",
role: "MANAGER",
isActive: true,
}),
).resolves.toEqual({ success: true })
expect(await prisma.user.findUniqueOrThrow({ where: { id: user.id } })).toMatchObject({
name: "Edited User",
email: "edited@example.test",
role: "MANAGER",
status: "ACTIVE",
})
await expect(
updateUserUseCase({
actorId: actor.id,
id: user.id,
name: "Edited User",
email: other.email,
role: "MANAGER",
isActive: true,
}),
).resolves.toEqual({
success: false,
errors: { email: ["Email already exists"] },
})
expect(await prisma.user.findUniqueOrThrow({ where: { id: user.id } })).toMatchObject({
email: "edited@example.test",
})
})
it("prevents an administrator from removing their own administrator access", async () => {
const admin = await createTestUser(prisma, { role: "ADMIN" })
await expect(
updateUserUseCase({
actorId: admin.id,
id: admin.id,
name: admin.name,
email: admin.email,
role: "STAFF",
isActive: true,
}),
).resolves.toEqual({
success: false,
errors: { id: ["You cannot remove your own administrator access"] },
})
expect(await prisma.user.findUniqueOrThrow({ where: { id: admin.id } })).toMatchObject({
role: "ADMIN",
status: "ACTIVE",
})
})
it("protects the last active administrator but allows deactivation when another active admin exists", async () => {
const firstAdmin = await createTestUser(prisma, {
email: "first-admin@example.test",
role: "ADMIN",
})
const staffActor = await createTestUser(prisma, {
email: "staff-actor@example.test",
role: "STAFF",
})
await expect(
setUserActiveUseCase({
actorId: staffActor.id,
id: firstAdmin.id,
isActive: false,
}),
).resolves.toEqual({
success: false,
errors: {
id: ["Cannot remove access from the last active administrator"],
},
})
const secondAdmin = await createTestUser(prisma, {
email: "second-admin@example.test",
role: "ADMIN",
})
await expect(
setUserActiveUseCase({
actorId: secondAdmin.id,
id: firstAdmin.id,
isActive: false,
}),
).resolves.toEqual({ success: true })
expect(await prisma.user.findUniqueOrThrow({ where: { id: firstAdmin.id } })).toMatchObject({
status: "DISABLED",
})
})
it("prevents self-deactivation", async () => {
const admin = await createTestUser(prisma, { role: "ADMIN" })
await createTestUser(prisma, { role: "ADMIN" })
await expect(
setUserActiveUseCase({
actorId: admin.id,
id: admin.id,
isActive: false,
}),
).resolves.toEqual({
success: false,
errors: { id: ["You cannot deactivate your own user"] },
})
expect(await prisma.user.findUniqueOrThrow({ where: { id: admin.id } })).toMatchObject({
status: "ACTIVE",
})
})
it("resets a user password and rejects missing users", async () => {
const user = await createTestUser(prisma, {
email: "password-user@example.test",
role: "STAFF",
})
await expect(
resetUserPasswordUseCase({
id: user.id,
password: "new-secure-password",
}),
).resolves.toEqual({ success: true })
const updatedUser = await prisma.user.findUniqueOrThrow({
where: { id: user.id },
})
expect(updatedUser.passwordHash).not.toBe(user.passwordHash)
if (!updatedUser.passwordHash) throw new Error("Expected password hash")
await expect(
verifyPassword("new-secure-password", updatedUser.passwordHash),
).resolves.toBe(true)
await expect(
resetUserPasswordUseCase({
id: "00000000-0000-0000-0000-000000000000",
password: "new-secure-password",
}),
).resolves.toEqual({
success: false,
errors: { id: ["User not found"] },
})
})
})