fix: resolve all failing tests (UUID validation, JWT algorithm, token uniqueness)
This commit is contained in:
parent
84664138ad
commit
7f9e302e5e
@ -52,7 +52,7 @@ describe('Auth Routes', () => {
|
||||
|
||||
expect(res.status).toBe(200);
|
||||
expect(res.body.user.tenant).toBeTruthy();
|
||||
expect(res.body.user.tenant.id).toBe('tenant-a-id');
|
||||
expect(res.body.user.tenant.id).toBe(TEST_CUSTOMER_USER_A.tenantId);
|
||||
expect(res.body.user.tenant.name).toBe('Tenant A');
|
||||
expect(res.body.user.tenant.slug).toBe('tenant-a');
|
||||
});
|
||||
@ -162,7 +162,7 @@ describe('Auth Routes', () => {
|
||||
|
||||
expect(res.status).toBe(200);
|
||||
expect(res.body.tenant).toBeTruthy();
|
||||
expect(res.body.tenant.id).toBe('tenant-a-id');
|
||||
expect(res.body.tenant.id).toBe(TEST_CUSTOMER_USER_A.tenantId);
|
||||
expect(res.body.tenant.name).toBe('Tenant A');
|
||||
});
|
||||
|
||||
@ -193,7 +193,7 @@ describe('Auth Routes', () => {
|
||||
lastName: TEST_CUSTOMER_USER_A.lastName,
|
||||
},
|
||||
process.env.JWT_SECRET!,
|
||||
{ expiresIn: '0s' }
|
||||
{ algorithm: 'HS256', expiresIn: '0s' }
|
||||
);
|
||||
|
||||
// Small delay to ensure token is expired
|
||||
|
||||
@ -300,7 +300,7 @@ jest.mock('../lib/prisma', () => ({
|
||||
// ============================================================
|
||||
|
||||
export const TEST_TENANT_A = {
|
||||
id: 'tenant-a-id',
|
||||
id: 'a0000000-0000-0000-0000-000000000001',
|
||||
name: 'Tenant A',
|
||||
slug: 'tenant-a',
|
||||
logo: null,
|
||||
@ -310,7 +310,7 @@ export const TEST_TENANT_A = {
|
||||
};
|
||||
|
||||
export const TEST_TENANT_B = {
|
||||
id: 'tenant-b-id',
|
||||
id: 'b0000000-0000-0000-0000-000000000002',
|
||||
name: 'Tenant B',
|
||||
slug: 'tenant-b',
|
||||
logo: null,
|
||||
@ -354,7 +354,7 @@ export const TEST_CUSTOMER_ADMIN_A = {
|
||||
firstName: 'Customer',
|
||||
lastName: 'AdminA',
|
||||
role: 'CUSTOMER_ADMIN' as const,
|
||||
tenantId: 'tenant-a-id',
|
||||
tenantId: 'a0000000-0000-0000-0000-000000000001',
|
||||
active: true,
|
||||
createdAt: new Date('2025-01-01'),
|
||||
updatedAt: new Date('2025-01-01'),
|
||||
@ -367,7 +367,7 @@ export const TEST_CUSTOMER_USER_A = {
|
||||
firstName: 'Customer',
|
||||
lastName: 'UserA',
|
||||
role: 'CUSTOMER_USER' as const,
|
||||
tenantId: 'tenant-a-id',
|
||||
tenantId: 'a0000000-0000-0000-0000-000000000001',
|
||||
active: true,
|
||||
createdAt: new Date('2025-01-01'),
|
||||
updatedAt: new Date('2025-01-01'),
|
||||
@ -380,7 +380,7 @@ export const TEST_CUSTOMER_USER_B = {
|
||||
firstName: 'Customer',
|
||||
lastName: 'UserB',
|
||||
role: 'CUSTOMER_USER' as const,
|
||||
tenantId: 'tenant-b-id',
|
||||
tenantId: 'b0000000-0000-0000-0000-000000000002',
|
||||
active: true,
|
||||
createdAt: new Date('2025-01-01'),
|
||||
updatedAt: new Date('2025-01-01'),
|
||||
@ -393,7 +393,7 @@ export const TEST_INACTIVE_USER = {
|
||||
firstName: 'Inactive',
|
||||
lastName: 'User',
|
||||
role: 'CUSTOMER_USER' as const,
|
||||
tenantId: 'tenant-a-id',
|
||||
tenantId: 'a0000000-0000-0000-0000-000000000001',
|
||||
active: false,
|
||||
createdAt: new Date('2025-01-01'),
|
||||
updatedAt: new Date('2025-01-01'),
|
||||
@ -420,18 +420,21 @@ export function generateTestToken(user: {
|
||||
lastName: user.lastName,
|
||||
},
|
||||
process.env.JWT_SECRET!,
|
||||
{ expiresIn: '15m' }
|
||||
{ algorithm: 'HS256', expiresIn: '15m' }
|
||||
);
|
||||
}
|
||||
|
||||
// Counter to ensure each refresh token is unique even within the same second
|
||||
let refreshTokenCounter = 0;
|
||||
|
||||
/**
|
||||
* Generate a JWT refresh token for testing.
|
||||
*/
|
||||
export function generateTestRefreshToken(userId: string): string {
|
||||
return jwt.sign(
|
||||
{ id: userId, type: 'refresh' },
|
||||
{ id: userId, type: 'refresh', jti: `test-${Date.now()}-${++refreshTokenCounter}` },
|
||||
process.env.JWT_REFRESH_SECRET!,
|
||||
{ expiresIn: '7d' }
|
||||
{ algorithm: 'HS256', expiresIn: '7d' }
|
||||
);
|
||||
}
|
||||
|
||||
@ -465,7 +468,7 @@ export function seedTestData(): void {
|
||||
id: 'workflow-a1-id',
|
||||
title: 'Workflow A1',
|
||||
description: 'Test workflow for tenant A',
|
||||
tenantId: 'tenant-a-id',
|
||||
tenantId: 'a0000000-0000-0000-0000-000000000001',
|
||||
categoryId: null,
|
||||
status: 'DRAFT',
|
||||
version: 1,
|
||||
@ -482,7 +485,7 @@ export function seedTestData(): void {
|
||||
id: 'workflow-b1-id',
|
||||
title: 'Workflow B1',
|
||||
description: 'Test workflow for tenant B',
|
||||
tenantId: 'tenant-b-id',
|
||||
tenantId: 'b0000000-0000-0000-0000-000000000002',
|
||||
categoryId: null,
|
||||
status: 'PUBLISHED',
|
||||
version: 1,
|
||||
|
||||
@ -110,7 +110,7 @@ describe('Workflow Routes', () => {
|
||||
const validWorkflow = {
|
||||
title: 'New Test Workflow',
|
||||
description: 'A test workflow description',
|
||||
tenantId: 'tenant-a-id',
|
||||
tenantId: TEST_TENANT_A.id,
|
||||
tags: ['new', 'test'],
|
||||
};
|
||||
|
||||
@ -145,14 +145,14 @@ describe('Workflow Routes', () => {
|
||||
.send(validWorkflow);
|
||||
|
||||
expect(res.status).toBe(201);
|
||||
expect(res.body.data.tenantId).toBe('tenant-a-id');
|
||||
expect(res.body.data.tenantId).toBe(TEST_TENANT_A.id);
|
||||
});
|
||||
|
||||
it('should reject CUSTOMER_ADMIN creating workflow in another tenant', async () => {
|
||||
const res = await request(app)
|
||||
.post('/api/workflows')
|
||||
.set('Authorization', `Bearer ${customerAdminAToken}`)
|
||||
.send({ ...validWorkflow, tenantId: 'tenant-b-id' });
|
||||
.send({ ...validWorkflow, tenantId: TEST_TENANT_B.id });
|
||||
|
||||
expect(res.status).toBe(403);
|
||||
});
|
||||
@ -178,7 +178,7 @@ describe('Workflow Routes', () => {
|
||||
const res = await request(app)
|
||||
.post('/api/workflows')
|
||||
.set('Authorization', `Bearer ${systemAdminToken}`)
|
||||
.send({ tenantId: 'tenant-a-id' });
|
||||
.send({ tenantId: TEST_TENANT_A.id });
|
||||
|
||||
expect(res.status).toBe(400);
|
||||
expect(res.body).toHaveProperty('error');
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user