makiolaj/GearBox
1
0
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases 10 Wiki Activity

feat(16-04): update all service tests to pass userId and add isolation tests

Browse Source 
- Destructure { db, userId } from createTestDb() in all 8 service test files
- Pass userId to every service function call
- Add cross-user isolation tests for items, categories, threads, setups
- Add composite unique constraint test for categories
- Update verifyApiKey assertions to check { userId } return
- Update verifyAccessToken assertions to check { userId } return
- Pass userId to exchangeCode and refreshAccessToken calls
This commit is contained in:
Jean-Luc Makiola
2026-04-05 11:01:51 +02:00
parent 884bec0b35
commit 5b702a0e98
8 changed files with 659 additions and 288 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
tests/services/auth.service.test.ts
View File

@@ -8,15 +8,16 @@ import {
import { createTestDb } from "../helpers/db.ts";
describe("Auth Service", () => {
let db: Awaited<ReturnType<typeof createTestDb>>;
let db: any;
let userId: number;
beforeEach(async () => {
db = await createTestDb();
({ db, userId } = await createTestDb());
});
describe("API Key Management", () => {
it("creates key and returns raw key once (length > 16, prefix matches first 8 chars)", async () => {
const result = await createApiKey(db, "test-key");
const result = await createApiKey(db, userId, "test-key");
expect(result).toBeDefined();
expect(result.rawKey).toBeDefined();
@@ -25,33 +26,34 @@ describe("Auth Service", () => {
expect(result.name).toBe("test-key");
});
it("verifies valid key returns true", async () => {
const result = await createApiKey(db, "test-key");
const isValid = await verifyApiKey(db, result.rawKey);
it("verifies valid key returns { userId }", async () => {
const result = await createApiKey(db, userId, "test-key");
const verified = await verifyApiKey(db, result.rawKey);
expect(isValid).toBe(true);
expect(verified).not.toBeNull();
expect(verified?.userId).toBe(userId);
});
it("rejects invalid key returns false", async () => {
await createApiKey(db, "test-key");
const isValid = await verifyApiKey(db, "invalidkey12345678");
it("rejects invalid key returns null", async () => {
await createApiKey(db, userId, "test-key");
const verified = await verifyApiKey(db, "invalidkey12345678");
expect(isValid).toBe(false);
expect(verified).toBeNull();
});
it("deletes key so it is no longer valid", async () => {
const result = await createApiKey(db, "test-key");
await deleteApiKey(db, result.id);
const result = await createApiKey(db, userId, "test-key");
await deleteApiKey(db, userId, result.id);
const isValid = await verifyApiKey(db, result.rawKey);
expect(isValid).toBe(false);
const verified = await verifyApiKey(db, result.rawKey);
expect(verified).toBeNull();
});
it("listApiKeys returns keys without hashes", async () => {
await createApiKey(db, "key-one");
await createApiKey(db, "key-two");
await createApiKey(db, userId, "key-one");
await createApiKey(db, userId, "key-two");
const keys = await listApiKeys(db);
const keys = await listApiKeys(db, userId);
expect(keys).toHaveLength(2);
expect(keys[0].name).toBe("key-one");
expect(keys[1].name).toBe("key-two");