2023-12-21 20:17:04 +00:00
|
|
|
-- Test location
|
|
|
|
set client_min_messages to warning;
|
|
|
|
create extension if not exists pgtap;
|
|
|
|
reset client_min_messages;
|
|
|
|
|
|
|
|
begin;
|
|
|
|
|
|
|
|
select plan(38);
|
|
|
|
|
|
|
|
set search_path to camper, public;
|
|
|
|
|
|
|
|
select has_table('location');
|
|
|
|
select has_pk('location');
|
|
|
|
select table_privs_are('location', 'guest', array ['SELECT']);
|
|
|
|
select table_privs_are('location', 'employee', array ['SELECT']);
|
|
|
|
select table_privs_are('location', 'admin', array ['SELECT', 'INSERT', 'UPDATE', 'DELETE']);
|
|
|
|
select table_privs_are('location', 'authenticator', array []::text[]);
|
|
|
|
|
|
|
|
select has_column('location', 'company_id');
|
|
|
|
select col_is_pk('location', 'company_id');
|
|
|
|
select col_is_fk('location', 'company_id');
|
|
|
|
select fk_ok('location', 'company_id', 'company', 'company_id');
|
|
|
|
select col_type_is('location', 'company_id', 'integer');
|
|
|
|
select col_not_null('location', 'company_id');
|
|
|
|
select col_hasnt_default('location', 'company_id');
|
|
|
|
|
|
|
|
select has_column('location', 'directions');
|
|
|
|
select col_type_is('location', 'directions', 'xml');
|
|
|
|
select col_not_null('location', 'directions');
|
|
|
|
select col_hasnt_default('location', 'directions');
|
|
|
|
|
|
|
|
select has_column('location', 'map_embed');
|
|
|
|
select col_type_is('location', 'map_embed', 'xml');
|
|
|
|
select col_not_null('location', 'map_embed');
|
|
|
|
select col_hasnt_default('location', 'map_embed');
|
|
|
|
|
|
|
|
select has_column('location', 'opening_dates');
|
|
|
|
select col_type_is('location', 'opening_dates', 'xml');
|
|
|
|
select col_not_null('location', 'opening_dates');
|
|
|
|
select col_hasnt_default('location', 'opening_dates');
|
|
|
|
|
|
|
|
|
|
|
|
set client_min_messages to warning;
|
|
|
|
truncate location cascade;
|
|
|
|
truncate company_host cascade;
|
|
|
|
truncate company_user cascade;
|
|
|
|
truncate company cascade;
|
|
|
|
truncate auth."user" cascade;
|
|
|
|
reset client_min_messages;
|
|
|
|
|
|
|
|
insert into auth."user" (user_id, email, name, password, cookie, cookie_expires_at)
|
|
|
|
values (1, 'demo@tandem.blog', 'Demo', 'test', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month')
|
|
|
|
, (5, 'admin@tandem.blog', 'Demo', 'test', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month')
|
|
|
|
;
|
|
|
|
|
2024-01-14 01:09:17 +00:00
|
|
|
insert into company (company_id, business_name, vatin, trade_name, phone, email, web, address, city, province, postal_code, rtc_number, tourist_tax, country_code, currency_code, default_lang_tag)
|
|
|
|
values (2, 'Company 2', 'XX123', '', '555-555-555', 'a@a', '', '', '', '', '', '', 60, 'ES', 'EUR', 'ca')
|
|
|
|
, (4, 'Company 4', 'XX234', '', '666-666-666', 'b@b', '', '', '', '', '', '', 60, 'FR', 'USD', 'ca')
|
|
|
|
, (8, 'Company 8', 'XX345', '', '777-777-777', 'c@c', '', '', '', '', '', '', 60, 'DE', 'USD', 'en')
|
2023-12-21 20:17:04 +00:00
|
|
|
;
|
|
|
|
|
|
|
|
insert into company_user (company_id, user_id, role)
|
|
|
|
values (2, 1, 'admin')
|
|
|
|
, (4, 5, 'admin')
|
|
|
|
;
|
|
|
|
|
|
|
|
insert into company_host (company_id, host)
|
|
|
|
values (2, 'co2')
|
|
|
|
, (4, 'co4')
|
|
|
|
;
|
|
|
|
|
|
|
|
insert into location (company_id, directions, map_embed, opening_dates)
|
|
|
|
values (2, '<p>up</p>', '<map/>', '<p>today</p>')
|
|
|
|
, (4, '<p>down</p>', '<mapp/>', '<p>yesterday</p>')
|
|
|
|
;
|
|
|
|
|
|
|
|
prepare location_data as
|
|
|
|
select company_id, directions::text, map_embed::text, opening_dates::text
|
|
|
|
from location
|
|
|
|
;
|
|
|
|
|
|
|
|
set role guest;
|
|
|
|
select bag_eq(
|
|
|
|
'location_data',
|
|
|
|
$$ values (2, '<p>up</p>', '<map/>', '<p>today</p>')
|
|
|
|
, (4, '<p>down</p>', '<mapp/>', '<p>yesterday</p>')
|
|
|
|
$$,
|
|
|
|
'Everyone should be able to list all location across all companies'
|
|
|
|
);
|
|
|
|
reset role;
|
|
|
|
|
|
|
|
select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog', 'co2');
|
|
|
|
|
|
|
|
select lives_ok(
|
|
|
|
$$ delete from location where company_id = 2 $$,
|
|
|
|
'Admin from company 2 should be able to delete location from that company.'
|
|
|
|
);
|
|
|
|
|
|
|
|
select bag_eq(
|
|
|
|
'location_data',
|
|
|
|
$$ values (4, '<p>down</p>', '<mapp/>', '<p>yesterday</p>')
|
|
|
|
$$,
|
|
|
|
'The row should have been deleted.'
|
|
|
|
);
|
|
|
|
|
|
|
|
select lives_ok(
|
|
|
|
$$ insert into location(company_id, directions, map_embed, opening_dates) values (2, '<p>left</p>', '<leafletf/>', '<p>tomorrow</p>') $$,
|
|
|
|
'Admin from company 2 should be able to insert a new location to that company.'
|
|
|
|
);
|
|
|
|
|
|
|
|
select bag_eq(
|
|
|
|
'location_data',
|
|
|
|
$$ values (2, '<p>left</p>', '<leafletf/>', '<p>tomorrow</p>')
|
|
|
|
, (4, '<p>down</p>', '<mapp/>', '<p>yesterday</p>')
|
|
|
|
$$,
|
|
|
|
'The new row should have been added'
|
|
|
|
);
|
|
|
|
|
|
|
|
select lives_ok(
|
|
|
|
$$ update location set directions = '<p>up</p>', map_embed = '<map/>', opening_dates = '<p>today</p>' where company_id = 2 $$,
|
|
|
|
'Admin from company 2 should be able to update location of that company.'
|
|
|
|
);
|
|
|
|
|
|
|
|
select bag_eq(
|
|
|
|
'location_data',
|
|
|
|
$$ values (2, '<p>up</p>', '<map/>', '<p>today</p>')
|
|
|
|
, (4, '<p>down</p>', '<mapp/>', '<p>yesterday</p>')
|
|
|
|
$$,
|
|
|
|
'The row should have been updated.'
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
|
|
select throws_ok(
|
|
|
|
$$ insert into location (company_id, directions, map_embed, opening_dates) values (8, '<p/>', '<div/>', '<p/>') $$,
|
|
|
|
'42501', 'new row violates row-level security policy for table "location"',
|
|
|
|
'Admin from company 2 should NOT be able to insert new location to another company.'
|
|
|
|
);
|
|
|
|
|
|
|
|
select lives_ok(
|
|
|
|
$$ update location set opening_dates = '<p>never</p>' where company_id = 4 $$,
|
|
|
|
'Admin from company 2 should not be able to update location of company 4, but no error if company_id is not changed.'
|
|
|
|
);
|
|
|
|
|
|
|
|
select bag_eq(
|
|
|
|
'location_data',
|
|
|
|
$$ values (2, '<p>up</p>', '<map/>', '<p>today</p>')
|
|
|
|
, (4, '<p>down</p>', '<mapp/>', '<p>yesterday</p>')
|
|
|
|
$$,
|
|
|
|
'No row should have been changed.'
|
|
|
|
);
|
|
|
|
|
|
|
|
select throws_ok(
|
|
|
|
$$ update location set company_id = 4 where company_id = 2 $$,
|
|
|
|
'42501', 'new row violates row-level security policy for table "location"',
|
|
|
|
'Admin from company 2 should NOT be able to move location to company 4'
|
|
|
|
);
|
|
|
|
|
|
|
|
select lives_ok(
|
|
|
|
$$ delete from location where company_id = 4 $$,
|
|
|
|
'Admin from company 2 should NOT be able to delete location from company 4, but not error is thrown'
|
|
|
|
);
|
|
|
|
|
|
|
|
select bag_eq(
|
|
|
|
'location_data',
|
|
|
|
$$ values (2, '<p>up</p>', '<map/>', '<p>today</p>')
|
|
|
|
, (4, '<p>down</p>', '<mapp/>', '<p>yesterday</p>')
|
|
|
|
$$,
|
|
|
|
'No row should have been changed'
|
|
|
|
);
|
|
|
|
|
|
|
|
reset role;
|
|
|
|
|
|
|
|
|
|
|
|
select *
|
|
|
|
from finish();
|
|
|
|
|
|
|
|
rollback;
|
|
|
|
|