camper/test/amenity_carousel.sql

231 lines
7.7 KiB
PL/PgSQL

-- Test amenity_carousel
set client_min_messages to warning;
create extension if not exists pgtap;
reset client_min_messages;
begin;
select plan(45);
set search_path to camper, public;
select has_table('amenity_carousel');
select has_pk('amenity_carousel');
select col_is_pk('amenity_carousel', array['amenity_id', 'media_id']);
select table_privs_are('amenity_carousel', 'guest', array['SELECT']);
select table_privs_are('amenity_carousel', 'employee', array['SELECT']);
select table_privs_are('amenity_carousel', 'admin', array['SELECT', 'INSERT', 'UPDATE', 'DELETE']);
select table_privs_are('amenity_carousel', 'authenticator', array[]::text[]);
select has_column('amenity_carousel', 'amenity_id');
select col_is_fk('amenity_carousel', 'amenity_id');
select fk_ok('amenity_carousel', 'amenity_id', 'amenity', 'amenity_id');
select col_type_is('amenity_carousel', 'amenity_id', 'integer');
select col_not_null('amenity_carousel', 'amenity_id');
select col_hasnt_default('amenity_carousel', 'amenity_id');
select has_column('amenity_carousel', 'media_id');
select col_is_fk('amenity_carousel', 'media_id');
select fk_ok('amenity_carousel', 'media_id', 'media', 'media_id');
select col_type_is('amenity_carousel', 'media_id', 'integer');
select col_not_null('amenity_carousel', 'media_id');
select col_hasnt_default('amenity_carousel', 'media_id');
select has_column('amenity_carousel', 'caption');
select col_type_is('amenity_carousel', 'caption', 'text');
select col_not_null('amenity_carousel', 'caption');
select col_hasnt_default('amenity_carousel', 'caption');
select has_column('amenity_carousel', 'position');
select col_type_is('amenity_carousel', 'position', 'integer');
select col_not_null('amenity_carousel', 'position');
select col_has_default('amenity_carousel', 'position');
select col_default_is('amenity_carousel', 'position', '2147483647');
set client_min_messages to warning;
truncate amenity_carousel cascade;
truncate amenity cascade;
truncate media cascade;
truncate media_content cascade;
truncate company_host cascade;
truncate company_user cascade;
truncate company cascade;
truncate auth."user" cascade;
reset client_min_messages;
insert into auth."user" (user_id, email, name, password, cookie, cookie_expires_at)
values (1, 'demo@tandem.blog', 'Demo', 'test', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month')
, (5, 'admin@tandem.blog', 'Demo', 'test', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month')
;
insert into company (company_id, business_name, vatin, trade_name, phone, email, web, address, city, province, postal_code, rtc_number, tourist_tax, tourist_tax_max_days, country_code, currency_code, default_lang_tag)
values (2, 'Company 2', 'XX123', '', '555-555-555', 'a@a', '', '', '', '', '', '', 60, 7, 'ES', 'EUR', 'ca')
, (4, 'Company 4', 'XX234', '', '666-666-666', 'b@b', '', '', '', '', '', '', 60, 7, 'FR', 'USD', 'ca')
;
insert into company_user (company_id, user_id, role)
values (2, 1, 'admin')
, (4, 5, 'admin')
;
insert into company_host (company_id, host)
values (2, 'co2')
, (4, 'co4')
;
insert into media_content (media_type, bytes)
values ('image/x-xpixmap', 'static char *s[]={"1 1 1 1","a c #ffffff","a"};')
, ('text/plain', 'content2')
, ('text/plain', 'content3')
, ('text/plain', 'content4')
, ('text/plain', 'content5')
;
insert into media (media_id, company_id, original_filename, content_hash)
values ( 6, 2, 'cover2.xpm', sha256('static char *s[]={"1 1 1 1","a c #ffffff","a"};'))
, ( 7, 2, 'text2.txt', sha256('content2'))
, ( 8, 2, 'text3.txt', sha256('content3'))
, ( 9, 4, 'cover4.xpm', sha256('static char *s[]={"1 1 1 1","a c #ffffff","a"};'))
, (10, 4, 'text4.txt', sha256('content4'))
, (11, 4, 'text5.txt', sha256('content5'))
;
insert into amenity (amenity_id, company_id, label, name)
values (23, 2, 'W1', 'Amenity W1')
, (24, 4, 'B1', 'Amenity B1')
;
insert into amenity_carousel (amenity_id, media_id, caption)
values (23, 7, 'Caption 7')
, (24, 10, 'Caption 10')
;
prepare carousel_data as
select amenity_id, media_id, caption
from amenity_carousel
;
set role guest;
select bag_eq(
'carousel_data',
$$ values (23, 7, 'Caption 7')
, (24, 10, 'Caption 10')
$$,
'Everyone should be able to list all amenity slides across all companies'
);
reset role;
select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog', 'co2');
select lives_ok(
$$ insert into amenity_carousel(amenity_id, media_id, caption) values (23, 8, 'Caption 8') $$,
'Admin from company 2 should be able to insert a new slide to amenitys of that company.'
);
select bag_eq(
'carousel_data',
$$ values (23, 7, 'Caption 7')
, (23, 8, 'Caption 8')
, (24, 10, 'Caption 10')
$$,
'The new row should have been added'
);
select lives_ok(
$$ update amenity_carousel set caption = 'Caption 8.8' where media_id = 8 $$,
'Admin from company 2 should be able to update amenity slides of that company.'
);
select bag_eq(
'carousel_data',
$$ values (23, 7, 'Caption 7')
, (23, 8, 'Caption 8.8')
, (24, 10, 'Caption 10')
$$,
'The row should have been updated.'
);
select lives_ok(
$$ delete from amenity_carousel where media_id = 8 $$,
'Admin from company 2 should be able to delete amenity slides from that company.'
);
select bag_eq(
'carousel_data',
$$ values (23, 7, 'Caption 7')
, (24, 10, 'Caption 10')
$$,
'The row should have been deleted.'
);
select throws_ok(
$$ insert into amenity_carousel (amenity_id, media_id, caption) values (23, 10, 'Nope') $$,
'42501', 'new row violates row-level security policy for table "amenity_carousel"',
'Admin from company 2 should NOT be able to insert a new amenitys slide from a media of company 4.'
);
select throws_ok(
$$ insert into amenity_carousel (amenity_id, media_id, caption) values (24, 8, 'Nope') $$,
'42501', 'new row violates row-level security policy for table "amenity_carousel"',
'Admin from company 2 should NOT be able to insert a slide to a amenity of company 4.'
);
select lives_ok(
$$ update amenity_carousel set caption = 'Nope' where amenity_id = 24 $$,
'Admin from company 2 should not be able to update slides of amenitys from company 4, but no error if amenity_id or media_id is not changed.'
);
select lives_ok(
$$ update amenity_carousel set caption = 'Nope' where media_id = 10 $$,
'Admin from company 2 should not be able to update slides of amenitys from company 4, but no error if amenity_id or media_id is not changed.'
);
select bag_eq(
'carousel_data',
$$ values (23, 7, 'Caption 7')
, (24, 10, 'Caption 10')
$$,
'No row should have been changed.'
);
select throws_ok(
$$ update amenity_carousel set amenity_id = 24 where amenity_id = 23 $$,
'42501', 'new row violates row-level security policy for table "amenity_carousel"',
'Admin from company 2 should NOT be able to move slides to amenitys of company 4'
);
select throws_ok(
$$ update amenity_carousel set media_id = 11 where media_id = 7 $$,
'42501', 'new row violates row-level security policy for table "amenity_carousel"',
'Admin from company 2 should NOT be able to use media from company 4'
);
select lives_ok(
$$ delete from amenity_carousel where amenity_id = 24 $$,
'Admin from company 2 should NOT be able to delete slides of amenitys from company 4, but not error is thrown'
);
select lives_ok(
$$ delete from amenity_carousel where media_id = 10 $$,
'Admin from company 2 should NOT be able to delete slides with media from company 4, but not error is thrown'
);
select bag_eq(
'carousel_data',
$$ values (23, 7, 'Caption 7')
, (24, 10, 'Caption 10')
$$,
'No row should have been changed'
);
reset role;
select *
from finish();
rollback;