camper/test/redsys.sql

246 lines
9.8 KiB
PL/PgSQL
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

-- Test redsys
set client_min_messages to warning;
create extension if not exists pgtap;
reset client_min_messages;
begin;
select plan(75);
set search_path to camper, public;
select has_table('redsys');
select has_pk('redsys');
select table_privs_are('redsys', 'guest', array []::text[]);
select table_privs_are('redsys', 'employee', array []::text[]);
select table_privs_are('redsys', 'admin', array ['DELETE']);
select table_privs_are('redsys', 'authenticator', array []::text[]);
select has_column('redsys', 'company_id');
select col_is_pk('redsys', 'company_id');
select col_is_fk('redsys', 'company_id');
select fk_ok('redsys', 'company_id', 'company', 'company_id');
select col_type_is('redsys', 'company_id', 'integer');
select col_not_null('redsys', 'company_id');
select col_hasnt_default('redsys', 'company_id');
select column_privs_are('redsys', 'company_id', 'guest', array ['SELECT']);
select column_privs_are('redsys', 'company_id', 'employee', array ['SELECT']);
select column_privs_are('redsys', 'company_id', 'admin', array ['SELECT', 'INSERT', 'UPDATE']);
select column_privs_are('redsys', 'company_id', 'authenticator', array []::text[]);
select has_column('redsys', 'merchant_code');
select col_type_is('redsys', 'merchant_code', 'text');
select col_not_null('redsys', 'merchant_code');
select col_hasnt_default('redsys', 'merchant_code');
select column_privs_are('redsys', 'merchant_code', 'guest', array ['SELECT']);
select column_privs_are('redsys', 'merchant_code', 'employee', array ['SELECT']);
select column_privs_are('redsys', 'merchant_code', 'admin', array ['SELECT', 'INSERT', 'UPDATE']);
select column_privs_are('redsys', 'merchant_code', 'authenticator', array []::text[]);
select has_column('redsys', 'terminal_number');
select col_type_is('redsys', 'terminal_number', 'integer');
select col_not_null('redsys', 'terminal_number');
select col_hasnt_default('redsys', 'terminal_number');
select column_privs_are('redsys', 'terminal_number', 'guest', array ['SELECT']);
select column_privs_are('redsys', 'terminal_number', 'employee', array ['SELECT']);
select column_privs_are('redsys', 'terminal_number', 'admin', array ['SELECT', 'INSERT', 'UPDATE']);
select column_privs_are('redsys', 'terminal_number', 'authenticator', array []::text[]);
select has_column('redsys', 'environment');
select col_type_is('redsys', 'environment', 'redsys_environment');
select col_not_null('redsys', 'environment');
select col_hasnt_default('redsys', 'environment');
select column_privs_are('redsys', 'environment', 'guest', array ['SELECT']);
select column_privs_are('redsys', 'environment', 'employee', array ['SELECT']);
select column_privs_are('redsys', 'environment', 'admin', array ['SELECT', 'INSERT', 'UPDATE']);
select column_privs_are('redsys', 'environment', 'authenticator', array []::text[]);
select has_column('redsys', 'integration');
select col_type_is('redsys', 'integration', 'redsys_integration');
select col_not_null('redsys', 'integration');
select col_hasnt_default('redsys', 'integration');
select column_privs_are('redsys', 'integration', 'guest', array ['SELECT']);
select column_privs_are('redsys', 'integration', 'employee', array ['SELECT']);
select column_privs_are('redsys', 'integration', 'admin', array ['SELECT', 'INSERT', 'UPDATE']);
select column_privs_are('redsys', 'integration', 'authenticator', array []::text[]);
select has_column('redsys', 'encrypt_key');
select col_type_is('redsys', 'encrypt_key', 'bytea');
select col_not_null('redsys', 'encrypt_key');
select col_hasnt_default('redsys', 'encrypt_key');
select column_privs_are('redsys', 'encrypt_key', 'guest', array []::text[]);
select column_privs_are('redsys', 'encrypt_key', 'employee', array []::text[]);
select column_privs_are('redsys', 'encrypt_key', 'admin', array ['INSERT', 'UPDATE']);
select column_privs_are('redsys', 'encrypt_key', 'authenticator', array []::text[]);
set client_min_messages to warning;
truncate redsys cascade;
truncate company_host cascade;
truncate company_user cascade;
truncate company cascade;
truncate auth."user" cascade;
reset client_min_messages;
insert into auth."user" (user_id, email, name, password, cookie, cookie_expires_at)
values (1, 'demo@tandem.blog', 'Demo', 'test', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month')
, (5, 'admin@tandem.blog', 'Demo', 'test', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month')
;
insert into company (company_id, business_name, vatin, trade_name, phone, email, web, address, city, province, postal_code, rtc_number, country_code, currency_code, default_lang_tag)
values ( 2, 'Company 2', 'XX123', '', '555-555-555', 'a@a', '', '', '', '', '', '', 'ES', 'EUR', 'ca')
, ( 4, 'Company 4', 'XX234', '', '666-666-666', 'b@b', '', '', '', '', '', '', 'FR', 'USD', 'ca')
, ( 6, 'Company 6', 'XX345', '', '777-777-777', 'c@c', '', '', '', '', '', '', 'GB', 'EUR', 'en')
, ( 8, 'Company 8', 'XX456', '', '888-888-888', 'd@d', '', '', '', '', '', '', 'DE', 'USD', 'es')
;
insert into company_user (company_id, user_id, role)
values (2, 1, 'admin')
, (4, 5, 'admin')
;
insert into company_host (company_id, host)
values (2, 'co2')
, (4, 'co4')
;
insert into redsys(company_id, merchant_code, terminal_number, environment, integration, encrypt_key)
values (4, '444444444', 4, 'live', 'insite', E'\\x44')
, (8, '888888888', 8, 'test', 'redirect', E'\\x88')
;
prepare redsys_data as
select company_id, merchant_code, terminal_number
from redsys
;
set role guest;
select bag_eq(
'redsys_data',
$$ values (4, '444444444', 4)
, (8, '888888888', 8)
$$,
'Everyone should be able to list Redsys settings from all companies'
);
reset role;
select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog', 'co2');
select lives_ok(
$$ insert into redsys(company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (2, '222222222', 2, 'live', 'insite', E'\\x22' ) $$,
'Admin from company 2 should be able to set up their Redsys settings.'
);
select bag_eq(
'redsys_data',
$$ values (2, '222222222', 2)
, (4, '444444444', 4)
, (8, '888888888', 8)
$$,
'The new row should have been added'
);
select lives_ok(
$$ update redsys set merchant_code = '121212121', terminal_number = 1, encrypt_key = E'\\x12' where company_id = 2 $$,
'Admin from company 2 should be able to update their Redsys settings.'
);
select bag_eq(
'redsys_data',
$$ values (2, '121212121', 1)
, (4, '444444444', 4)
, (8, '888888888', 8)
$$,
'The row should have been updated.'
);
select lives_ok(
$$ delete from redsys where company_id = 2 $$,
'Admin from company 2 should be able to delete their Redsys settings.'
);
select bag_eq(
'redsys_data',
$$ values (4, '444444444', 4)
, (8, '888888888', 8)
$$,
'The row should have been deleted.'
);
select throws_ok(
$$ insert into redsys (company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (6, '666666666', 6, 'live', 'insite', E'\x66' ) $$,
'42501', 'new row violates row-level security policy for table "redsys"',
'Admin from company 2 should NOT be able to setup Redsys for another company.'
);
select lives_ok(
$$ update redsys set merchant_code = '123456789', terminal_number = 10 where company_id = 4 $$,
'Admin from company 2 should NOT be able to update the Redsys settings of company 4, but no error'
);
select bag_eq(
'redsys_data',
$$ values (4, '444444444', 4)
, (8, '888888888', 8)
$$,
'No row should have been updated.'
);
select lives_ok(
$$ update redsys set company_id = 2 where company_id = 4 $$,
'Admin from company 2 should NOT be able to usurp the Redsys settings of company 4, but no error because company_id is primary key'
);
select lives_ok(
$$ delete from redsys where company_id = 4 $$,
'Admin from company 2 should NOT be able to delete the Redsys of company 4, but not error is thrown'
);
select bag_eq(
'redsys_data',
$$ values (4, '444444444', 4)
, (8, '888888888', 8)
$$,
'No row should have been deleted'
);
select throws_ok(
$$ insert into redsys (company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (2, '22222222', 1, 'live', 'insite', E'\\x22') $$,
'23514', 'new row for relation "redsys" violates check constraint "merchant_code_valid"',
'Should not be able to insert a merchant code less than 9 digits long.'
);
select throws_ok(
$$ insert into redsys (company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (2, '2222222222', 1, 'live', 'insite', E'\\x22') $$,
'23514', 'new row for relation "redsys" violates check constraint "merchant_code_valid"',
'Should not be able to insert a merchant code more than 9 digits long.'
);
select throws_ok(
$$ insert into redsys (company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (2, '2222a2222', 1, 'live', 'insite', E'\\x22') $$,
'23514', 'new row for relation "redsys" violates check constraint "merchant_code_valid"',
'Should not be able to insert a merchant code that contains a non-digit character.'
);
select throws_ok(
$$ insert into redsys (company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (2, '222222222', 0, 'live', 'insite', E'\\x22') $$,
'23514', 'new row for relation "redsys" violates check constraint "terminal_number_in_range"',
'Should not be able to insert a terminal code smaller than 1.'
);
select throws_ok(
$$ insert into redsys (company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (2, '222222222', 1000, 'live', 'insite', E'\\x22') $$,
'23514', 'new row for relation "redsys" violates check constraint "terminal_number_in_range"',
'Should not be able to insert a terminal code greater than 999.'
);
reset role;
select *
from finish();
rollback;