camper/test/page.sql

-- Test page
set client_min_messages to warning;
create extension if not exists pgtap;
reset client_min_messages;

begin;

select plan(51);

set search_path to camper, public;

select has_table('page');
select has_pk('page');
select table_privs_are('page', 'guest', array['SELECT']);
select table_privs_are('page', 'employee', array['SELECT']);
select table_privs_are('page', 'admin', array['SELECT', 'INSERT', 'UPDATE', 'DELETE']);
select table_privs_are('page', 'authenticator', array[]::text[]);

select has_sequence('page_page_id_seq');
select sequence_privs_are('page_page_id_seq', 'guest', array[]::text[]);
select sequence_privs_are('page_page_id_seq', 'employee', array[]::text[]);
select sequence_privs_are('page_page_id_seq', 'admin', array['USAGE']);
select sequence_privs_are('page_page_id_seq', 'authenticator', array[]::text[]);

select has_column('page', 'page_id');
select col_is_pk('page', 'page_id');
select col_type_is('page', 'page_id', 'integer');
select col_not_null('page', 'page_id');
select col_has_default('page', 'page_id');
select col_default_is('page', 'page_id', 'nextval(''page_page_id_seq''::regclass)');

select has_column('page', 'company_id');
select col_is_fk('page', 'company_id');
select fk_ok('page', 'company_id', 'company', 'company_id');
select col_type_is('page', 'company_id', 'integer');
select col_not_null('page', 'company_id');
select col_hasnt_default('page', 'company_id');

select has_column('page', 'slug');
select col_is_unique('page', 'slug');
select col_type_is('page', 'slug', 'uuid');
select col_not_null('page', 'slug');
select col_has_default('page', 'slug');
select col_default_is('page', 'slug', 'gen_random_uuid()');

select has_column('page', 'title');
select col_type_is('page', 'title', 'text');
select col_not_null('page', 'title');
select col_hasnt_default('page', 'title');

select has_column('page', 'content');
select col_type_is('page', 'content', 'xml');
select col_not_null('page', 'content');
select col_has_default('page', 'content');
--select col_default_is('page', 'description', '');


set client_min_messages to warning;
truncate page cascade;
truncate company_host cascade;
truncate company_user cascade;
truncate company cascade;
truncate auth."user" cascade;
reset client_min_messages;

insert into auth."user" (user_id, email, name, password, cookie, cookie_expires_at)
values (1, 'demo@tandem.blog', 'Demo', 'test', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month')
     , (5, 'admin@tandem.blog', 'Demo', 'test', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month')
;

insert into company (company_id, business_name, vatin, trade_name, phone, email, web, address, city, province, postal_code, country_code, currency_code, default_lang_tag)
values (2, 'Company 2', 'XX123', '', '555-555-555', 'a@a', '', '', '', '', '', 'ES', 'EUR', 'ca')
     , (4, 'Company 4', 'XX234', '', '666-666-666', 'b@b', '', '', '', '', '', 'FR', 'USD', 'ca')
;

insert into company_user (company_id, user_id, role)
values (2, 1, 'admin')
     , (4, 5, 'admin')
;

insert into company_host (company_id, host)
values (2, 'co2')
     , (4, 'co4')
;

insert into page (company_id, title)
values (2, 'Front')
     , (4, 'Back')
;

prepare page_data as
select company_id, title
from page
order by company_id, title;

set role guest;
select bag_eq(
	'page_data',
	$$ values (2, 'Front')
	        , (4, 'Back')
	$$,
	'Everyone should be able to list all pages across all companies'
);
reset role;

select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog', 'co2');

select lives_ok(
	$$ insert into page(company_id, title) values (2, 'Another page' ) $$,
	'Admin from company 2 should be able to insert a new page to that company.'
);

select bag_eq(
	'page_data',
	$$ values (2, 'Front')
	        , (2, 'Another page')
	        , (4, 'Back')
	$$,
	'The new row should have been added'
);

select lives_ok(
	$$ update page set title = 'Another' where company_id = 2 and title = 'Another page' $$,
	'Admin from company 2 should be able to update pages of that company.'
);

select bag_eq(
	'page_data',
	$$ values (2, 'Front')
	        , (2, 'Another')
	        , (4, 'Back')
	$$,
	'The row should have been updated.'
);

select lives_ok(
	$$ delete from page where company_id = 2 and title = 'Another' $$,
	'Admin from company 2 should be able to delete pages from that company.'
);

select bag_eq(
	'page_data',
	$$ values (2, 'Front')
	        , (4, 'Back')
	$$,
	'The row should have been deleted.'
);

select throws_ok(
	$$ insert into page (company_id, title) values (4, 'Another page' ) $$,
	'42501', 'new row violates row-level security policy for table "page"',
	'Admin from company 2 should NOT be able to insert new pages to company 4.'
);

select lives_ok(
	$$ update page set title = 'Nope' where company_id = 4 $$,
	'Admin from company 2 should not be able to update new pages of company 4, but no error if company_id is not changed.'
);

select bag_eq(
	'page_data',
	$$ values (2, 'Front')
	        , (4, 'Back')
	$$,
	'No row should have been changed.'
);

select throws_ok(
	$$ update page set company_id = 4 where company_id = 2 $$,
	'42501', 'new row violates row-level security policy for table "page"',
	'Admin from company 2 should NOT be able to move pages to company 4'
);

select lives_ok(
	$$ delete from page where company_id = 4 $$,
	'Admin from company 2 should NOT be able to delete pages from company 4, but not error is thrown'
);

select bag_eq(
	'page_data',
	$$ values (2, 'Front')
	        , (4, 'Back')
	$$,
	'No row should have been changed'
);

select throws_ok(
	$$ insert into page (company_id, title) values (2, '  ' ) $$,
	'23514', 'new row for relation "page" violates check constraint "title_not_empty"',
	'Should not be able to insert pages with a blank title.'
);


reset role;
select *
from finish();

rollback;