246 lines
9.8 KiB
PL/PgSQL
246 lines
9.8 KiB
PL/PgSQL
-- Test redsys
|
||
set client_min_messages to warning;
|
||
create extension if not exists pgtap;
|
||
reset client_min_messages;
|
||
|
||
begin;
|
||
|
||
select plan(75);
|
||
|
||
set search_path to camper, public;
|
||
|
||
select has_table('redsys');
|
||
select has_pk('redsys');
|
||
select table_privs_are('redsys', 'guest', array []::text[]);
|
||
select table_privs_are('redsys', 'employee', array []::text[]);
|
||
select table_privs_are('redsys', 'admin', array ['DELETE']);
|
||
select table_privs_are('redsys', 'authenticator', array []::text[]);
|
||
|
||
select has_column('redsys', 'company_id');
|
||
select col_is_pk('redsys', 'company_id');
|
||
select col_is_fk('redsys', 'company_id');
|
||
select fk_ok('redsys', 'company_id', 'company', 'company_id');
|
||
select col_type_is('redsys', 'company_id', 'integer');
|
||
select col_not_null('redsys', 'company_id');
|
||
select col_hasnt_default('redsys', 'company_id');
|
||
select column_privs_are('redsys', 'company_id', 'guest', array ['SELECT']);
|
||
select column_privs_are('redsys', 'company_id', 'employee', array ['SELECT']);
|
||
select column_privs_are('redsys', 'company_id', 'admin', array ['SELECT', 'INSERT', 'UPDATE']);
|
||
select column_privs_are('redsys', 'company_id', 'authenticator', array []::text[]);
|
||
|
||
select has_column('redsys', 'merchant_code');
|
||
select col_type_is('redsys', 'merchant_code', 'text');
|
||
select col_not_null('redsys', 'merchant_code');
|
||
select col_hasnt_default('redsys', 'merchant_code');
|
||
select column_privs_are('redsys', 'merchant_code', 'guest', array ['SELECT']);
|
||
select column_privs_are('redsys', 'merchant_code', 'employee', array ['SELECT']);
|
||
select column_privs_are('redsys', 'merchant_code', 'admin', array ['SELECT', 'INSERT', 'UPDATE']);
|
||
select column_privs_are('redsys', 'merchant_code', 'authenticator', array []::text[]);
|
||
|
||
select has_column('redsys', 'terminal_number');
|
||
select col_type_is('redsys', 'terminal_number', 'integer');
|
||
select col_not_null('redsys', 'terminal_number');
|
||
select col_hasnt_default('redsys', 'terminal_number');
|
||
select column_privs_are('redsys', 'terminal_number', 'guest', array ['SELECT']);
|
||
select column_privs_are('redsys', 'terminal_number', 'employee', array ['SELECT']);
|
||
select column_privs_are('redsys', 'terminal_number', 'admin', array ['SELECT', 'INSERT', 'UPDATE']);
|
||
select column_privs_are('redsys', 'terminal_number', 'authenticator', array []::text[]);
|
||
|
||
select has_column('redsys', 'environment');
|
||
select col_type_is('redsys', 'environment', 'redsys_environment');
|
||
select col_not_null('redsys', 'environment');
|
||
select col_hasnt_default('redsys', 'environment');
|
||
select column_privs_are('redsys', 'environment', 'guest', array ['SELECT']);
|
||
select column_privs_are('redsys', 'environment', 'employee', array ['SELECT']);
|
||
select column_privs_are('redsys', 'environment', 'admin', array ['SELECT', 'INSERT', 'UPDATE']);
|
||
select column_privs_are('redsys', 'environment', 'authenticator', array []::text[]);
|
||
|
||
select has_column('redsys', 'integration');
|
||
select col_type_is('redsys', 'integration', 'redsys_integration');
|
||
select col_not_null('redsys', 'integration');
|
||
select col_hasnt_default('redsys', 'integration');
|
||
select column_privs_are('redsys', 'integration', 'guest', array ['SELECT']);
|
||
select column_privs_are('redsys', 'integration', 'employee', array ['SELECT']);
|
||
select column_privs_are('redsys', 'integration', 'admin', array ['SELECT', 'INSERT', 'UPDATE']);
|
||
select column_privs_are('redsys', 'integration', 'authenticator', array []::text[]);
|
||
|
||
select has_column('redsys', 'encrypt_key');
|
||
select col_type_is('redsys', 'encrypt_key', 'bytea');
|
||
select col_not_null('redsys', 'encrypt_key');
|
||
select col_hasnt_default('redsys', 'encrypt_key');
|
||
select column_privs_are('redsys', 'encrypt_key', 'guest', array []::text[]);
|
||
select column_privs_are('redsys', 'encrypt_key', 'employee', array []::text[]);
|
||
select column_privs_are('redsys', 'encrypt_key', 'admin', array ['INSERT', 'UPDATE']);
|
||
select column_privs_are('redsys', 'encrypt_key', 'authenticator', array []::text[]);
|
||
|
||
|
||
set client_min_messages to warning;
|
||
truncate redsys cascade;
|
||
truncate company_host cascade;
|
||
truncate company_user cascade;
|
||
truncate company cascade;
|
||
truncate auth."user" cascade;
|
||
reset client_min_messages;
|
||
|
||
|
||
insert into auth."user" (user_id, email, name, password, cookie, cookie_expires_at)
|
||
values (1, 'demo@tandem.blog', 'Demo', 'test', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month')
|
||
, (5, 'admin@tandem.blog', 'Demo', 'test', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month')
|
||
;
|
||
|
||
insert into company (company_id, business_name, vatin, trade_name, phone, email, web, address, city, province, postal_code, rtc_number, tourist_tax, tourist_tax_max_days, country_code, currency_code, default_lang_tag)
|
||
values ( 2, 'Company 2', 'XX123', '', '555-555-555', 'a@a', '', '', '', '', '', '', 60, 7, 'ES', 'EUR', 'ca')
|
||
, ( 4, 'Company 4', 'XX234', '', '666-666-666', 'b@b', '', '', '', '', '', '', 60, 7, 'FR', 'USD', 'ca')
|
||
, ( 6, 'Company 6', 'XX345', '', '777-777-777', 'c@c', '', '', '', '', '', '', 60, 7, 'GB', 'EUR', 'en')
|
||
, ( 8, 'Company 8', 'XX456', '', '888-888-888', 'd@d', '', '', '', '', '', '', 60, 7, 'DE', 'USD', 'es')
|
||
;
|
||
|
||
insert into company_user (company_id, user_id, role)
|
||
values (2, 1, 'admin')
|
||
, (4, 5, 'admin')
|
||
;
|
||
|
||
insert into company_host (company_id, host)
|
||
values (2, 'co2')
|
||
, (4, 'co4')
|
||
;
|
||
|
||
insert into redsys(company_id, merchant_code, terminal_number, environment, integration, encrypt_key)
|
||
values (4, '444444444', 4, 'live', 'insite', E'\\x44')
|
||
, (8, '888888888', 8, 'test', 'redirect', E'\\x88')
|
||
;
|
||
|
||
prepare redsys_data as
|
||
select company_id, merchant_code, terminal_number
|
||
from redsys
|
||
;
|
||
|
||
set role guest;
|
||
select bag_eq(
|
||
'redsys_data',
|
||
$$ values (4, '444444444', 4)
|
||
, (8, '888888888', 8)
|
||
$$,
|
||
'Everyone should be able to list Redsys settings from all companies'
|
||
);
|
||
reset role;
|
||
|
||
select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog', 'co2');
|
||
|
||
select lives_ok(
|
||
$$ insert into redsys(company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (2, '222222222', 2, 'live', 'insite', E'\\x22' ) $$,
|
||
'Admin from company 2 should be able to set up their Redsys settings.'
|
||
);
|
||
|
||
select bag_eq(
|
||
'redsys_data',
|
||
$$ values (2, '222222222', 2)
|
||
, (4, '444444444', 4)
|
||
, (8, '888888888', 8)
|
||
$$,
|
||
'The new row should have been added'
|
||
);
|
||
|
||
select lives_ok(
|
||
$$ update redsys set merchant_code = '121212121', terminal_number = 1, encrypt_key = E'\\x12' where company_id = 2 $$,
|
||
'Admin from company 2 should be able to update their Redsys settings.'
|
||
);
|
||
|
||
select bag_eq(
|
||
'redsys_data',
|
||
$$ values (2, '121212121', 1)
|
||
, (4, '444444444', 4)
|
||
, (8, '888888888', 8)
|
||
$$,
|
||
'The row should have been updated.'
|
||
);
|
||
|
||
select lives_ok(
|
||
$$ delete from redsys where company_id = 2 $$,
|
||
'Admin from company 2 should be able to delete their Redsys settings.'
|
||
);
|
||
|
||
select bag_eq(
|
||
'redsys_data',
|
||
$$ values (4, '444444444', 4)
|
||
, (8, '888888888', 8)
|
||
$$,
|
||
'The row should have been deleted.'
|
||
);
|
||
|
||
select throws_ok(
|
||
$$ insert into redsys (company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (6, '666666666', 6, 'live', 'insite', E'\x66' ) $$,
|
||
'42501', 'new row violates row-level security policy for table "redsys"',
|
||
'Admin from company 2 should NOT be able to setup Redsys for another company.'
|
||
);
|
||
|
||
select lives_ok(
|
||
$$ update redsys set merchant_code = '123456789', terminal_number = 10 where company_id = 4 $$,
|
||
'Admin from company 2 should NOT be able to update the Redsys settings of company 4, but no error'
|
||
);
|
||
|
||
select bag_eq(
|
||
'redsys_data',
|
||
$$ values (4, '444444444', 4)
|
||
, (8, '888888888', 8)
|
||
$$,
|
||
'No row should have been updated.'
|
||
);
|
||
|
||
select lives_ok(
|
||
$$ update redsys set company_id = 2 where company_id = 4 $$,
|
||
'Admin from company 2 should NOT be able to usurp the Redsys settings of company 4, but no error because company_id is primary key'
|
||
);
|
||
|
||
select lives_ok(
|
||
$$ delete from redsys where company_id = 4 $$,
|
||
'Admin from company 2 should NOT be able to delete the Redsys of company 4, but not error is thrown'
|
||
);
|
||
|
||
select bag_eq(
|
||
'redsys_data',
|
||
$$ values (4, '444444444', 4)
|
||
, (8, '888888888', 8)
|
||
$$,
|
||
'No row should have been deleted'
|
||
);
|
||
|
||
select throws_ok(
|
||
$$ insert into redsys (company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (2, '22222222', 1, 'live', 'insite', E'\\x22') $$,
|
||
'23514', 'new row for relation "redsys" violates check constraint "merchant_code_valid"',
|
||
'Should not be able to insert a merchant code less than 9 digits long.'
|
||
);
|
||
|
||
select throws_ok(
|
||
$$ insert into redsys (company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (2, '2222222222', 1, 'live', 'insite', E'\\x22') $$,
|
||
'23514', 'new row for relation "redsys" violates check constraint "merchant_code_valid"',
|
||
'Should not be able to insert a merchant code more than 9 digits long.'
|
||
);
|
||
|
||
select throws_ok(
|
||
$$ insert into redsys (company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (2, '2222a2222', 1, 'live', 'insite', E'\\x22') $$,
|
||
'23514', 'new row for relation "redsys" violates check constraint "merchant_code_valid"',
|
||
'Should not be able to insert a merchant code that contains a non-digit character.'
|
||
);
|
||
|
||
select throws_ok(
|
||
$$ insert into redsys (company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (2, '222222222', 0, 'live', 'insite', E'\\x22') $$,
|
||
'23514', 'new row for relation "redsys" violates check constraint "terminal_number_in_range"',
|
||
'Should not be able to insert a terminal code smaller than 1.'
|
||
);
|
||
|
||
select throws_ok(
|
||
$$ insert into redsys (company_id, merchant_code, terminal_number, environment, integration, encrypt_key) values (2, '222222222', 1000, 'live', 'insite', E'\\x22') $$,
|
||
'23514', 'new row for relation "redsys" violates check constraint "terminal_number_in_range"',
|
||
'Should not be able to insert a terminal code greater than 999.'
|
||
);
|
||
|
||
reset role;
|
||
|
||
|
||
select *
|
||
from finish();
|
||
|
||
rollback;
|
||
|