-- Test legal_text set client_min_messages to warning; create extension if not exists pgtap; reset client_min_messages; begin; select plan(41); set search_path to camper, public; select has_table('legal_text'); select has_pk('legal_text'); select col_is_pk('legal_text', array['company_id', 'slug']); select table_privs_are('legal_text', 'guest', array['SELECT']); select table_privs_are('legal_text', 'employee', array['SELECT']); select table_privs_are('legal_text', 'admin', array['SELECT', 'INSERT', 'UPDATE', 'DELETE']); select table_privs_are('legal_text', 'authenticator', array[]::text[]); select has_column('legal_text', 'slug'); select col_type_is('legal_text', 'slug', 'text'); select col_not_null('legal_text', 'slug'); select col_hasnt_default('legal_text', 'slug'); select has_column('legal_text', 'company_id'); select col_is_fk('legal_text', 'company_id'); select fk_ok('legal_text', 'company_id', 'company', 'company_id'); select col_type_is('legal_text', 'company_id', 'integer'); select col_not_null('legal_text', 'company_id'); select col_hasnt_default('legal_text', 'company_id'); select has_column('legal_text', 'name'); select col_type_is('legal_text', 'name', 'text'); select col_not_null('legal_text', 'name'); select col_hasnt_default('legal_text', 'name'); select has_column('legal_text', 'content'); select col_type_is('legal_text', 'content', 'xml'); select col_not_null('legal_text', 'content'); select col_hasnt_default('legal_text', 'content'); set client_min_messages to warning; truncate legal_text cascade; truncate company_host cascade; truncate company_user cascade; truncate company cascade; truncate auth."user" cascade; reset client_min_messages; insert into auth."user" (user_id, email, name, password, cookie, cookie_expires_at) values (1, 'demo@tandem.blog', 'Demo', 'test', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month') , (5, 'admin@tandem.blog', 'Demo', 'test', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month') ; insert into company (company_id, business_name, vatin, trade_name, phone, email, web, address, city, province, postal_code, rtc_number, tourist_tax, tourist_tax_max_days, country_code, currency_code, default_lang_tag) values (2, 'Company 2', 'XX123', '', '555-555-555', 'a@a', '', '', '', '', '', '', 60, 7, 'ES', 'EUR', 'ca') , (4, 'Company 4', 'XX234', '', '666-666-666', 'b@b', '', '', '', '', '', '', 60, 7, 'FR', 'USD', 'ca') ; insert into company_user (company_id, user_id, role) values (2, 1, 'admin') , (4, 5, 'admin') ; insert into company_host (company_id, host) values (2, 'co2') , (4, 'co4') ; insert into legal_text (company_id, slug, name, content) values (2, 'reservation', 'Reservation', '') , (4, 'cookies', 'Cookies', '') ; prepare legal_data as select company_id, slug from legal_text order by company_id, slug; set role guest; select bag_eq( 'legal_data', $$ values (2, 'reservation') , (4, 'cookies') $$, 'Everyone should be able to list all legal texts across all companies' ); reset role; select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog', 'co2'); select lives_ok( $$ insert into legal_text(company_id, slug, name, content) values (2, 'tos', 'Terms of Service', '') $$, 'Admin from company 2 should be able to insert a new legal text to that company.' ); select bag_eq( 'legal_data', $$ values (2, 'tos') , (2, 'reservation') , (4, 'cookies') $$, 'The new row should have been added' ); select lives_ok( $$ update legal_text set slug = 'terms' where company_id = 2 and slug = 'tos' $$, 'Admin from company 2 should be able to update legal text of that company.' ); select bag_eq( 'legal_data', $$ values (2, 'terms') , (2, 'reservation') , (4, 'cookies') $$, 'The row should have been updated.' ); select lives_ok( $$ delete from legal_text where company_id = 2 and slug = 'terms' $$, 'Admin from company 2 should be able to delete legal text from that company.' ); select bag_eq( 'legal_data', $$ values (2, 'reservation') , (4, 'cookies') $$, 'The row should have been deleted.' ); select throws_ok( $$ insert into legal_text (company_id, slug, name, content) values (4, 'terms', 'Terms', '') $$, '42501', 'new row violates row-level security policy for table "legal_text"', 'Admin from company 2 should NOT be able to insert new legal texts to company 4.' ); select lives_ok( $$ update legal_text set slug = 'nope' where company_id = 4 $$, 'Admin from company 2 should not be able to update new legal texts of company 4, but no error if company_id is not changed.' ); select bag_eq( 'legal_data', $$ values (2, 'reservation') , (4, 'cookies') $$, 'No row should have been changed.' ); select throws_ok( $$ update legal_text set company_id = 4 where company_id = 2 $$, '42501', 'new row violates row-level security policy for table "legal_text"', 'Admin from company 2 should NOT be able to move legal texts to company 4' ); select lives_ok( $$ delete from legal_text where company_id = 4 $$, 'Admin from company 2 should NOT be able to delete legal texts from company 4, but not error is thrown' ); select bag_eq( 'legal_data', $$ values (2, 'reservation') , (4, 'cookies') $$, 'No row should have been changed' ); select throws_ok( $$ insert into legal_text (company_id, slug, name, content) values (2, 'ToS', 'Term of Services', '') $$, '23514', 'new row for relation "legal_text" violates check constraint "valid_slug"', 'Should not be able to insert legal texts with a invalid slug.' ); select throws_ok( $$ insert into legal_text (company_id, slug, name, content) values (2, 'terms of service', 'Term of Services', '') $$, '23514', 'new row for relation "legal_text" violates check constraint "valid_slug"', 'Should not be able to insert legal texts with a spaces in the slug.' ); select throws_ok( $$ insert into legal_text (company_id, slug, name, content) values (2, 'tos', ' ', '') $$, '23514', 'new row for relation "legal_text" violates check constraint "name_not_empty"', 'Should not be able to insert legal texts with a blank name.' ); reset role; select * from finish(); rollback;