numerus/test/tag.sql

-- Test tag
set client_min_messages to warning;
create extension if not exists pgtap;
reset client_min_messages;

begin;

select plan(33);

set search_path to numerus, auth, public;

select has_table('tag');
select has_pk('tag' );
select table_privs_are('tag', 'guest', array []::text[]);
select table_privs_are('tag', 'invoicer', array ['SELECT', 'INSERT', 'UPDATE', 'DELETE']);
select table_privs_are('tag', 'admin', array ['SELECT', 'INSERT', 'UPDATE', 'DELETE']);
select table_privs_are('tag', 'authenticator', array []::text[]);

select has_sequence('tag_tag_id_seq');
select sequence_privs_are('tag_tag_id_seq', 'guest', array[]::text[]);
select sequence_privs_are('tag_tag_id_seq', 'invoicer', array['USAGE']);
select sequence_privs_are('tag_tag_id_seq', 'admin', array['USAGE']);
select sequence_privs_are('tag_tag_id_seq', 'authenticator', array[]::text[]);

select has_column('tag', 'tag_id');
select col_is_pk('tag', 'tag_id');
select col_type_is('tag', 'tag_id', 'integer');
select col_not_null('tag', 'tag_id');
select col_has_default('tag', 'tag_id');
select col_default_is('tag', 'tag_id', 'nextval(''tag_tag_id_seq''::regclass)');

select has_column('tag', 'company_id');
select col_is_fk('tag', 'company_id');
select fk_ok('tag', 'company_id', 'company', 'company_id');
select col_type_is('tag', 'company_id', 'integer');
select col_not_null('tag', 'company_id');
select col_hasnt_default('tag', 'company_id');

select has_column('tag', 'name');
select col_type_is('tag', 'name', 'tag_name');
select col_not_null('tag', 'name');
select col_hasnt_default('tag', 'name');
select col_is_unique('tag', array['company_id', 'name']);


set client_min_messages to warning;
truncate tag cascade;
truncate company_user cascade;
truncate company cascade;
truncate payment_method cascade;
truncate auth."user" cascade;
reset client_min_messages;

insert into auth."user" (user_id, email, name, password, role, cookie, cookie_expires_at)
values (1, 'demo@tandem.blog', 'Demo', 'test', 'invoicer', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month')
     , (5, 'admin@tandem.blog', 'Demo', 'test', 'admin', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month')
;

set constraints "company_default_payment_method_id_fkey" deferred;

insert into company (company_id, business_name, vatin, trade_name, phone, email, web, address, city, province, postal_code, country_code, currency_code, default_payment_method_id)
values (2, 'Company 2', 'XX123', '', '555-555-555', 'a@a', '', '', '', '', '', 'ES', 'EUR', 222)
     , (4, 'Company 4', 'XX234', '', '666-666-666', 'b@b', '', '', '', '', '', 'FR', 'USD', 444)
;

insert into payment_method (payment_method_id, company_id, name, instructions)
values (444, 4, 'cash', 'cash')
     , (222, 2, 'cash', 'cash')
;

set constraints "company_default_payment_method_id_fkey" immediate;

insert into company_user (company_id, user_id)
values (2, 1)
     , (4, 5)
;

insert into tag (company_id, name)
values (2, 'web')
     , (2, 'design')
     , (4, 'product')
     , (4, 'development')
     , (4, 'something-else')
     , (4, 'design')
;

prepare tag_data as
select company_id, name
from tag
;

set role invoicer;
select is_empty('tag_data', 'Should show no data when cookie is not set yet');
reset role;

select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog');
select bag_eq(
	'tag_data',
	$$ values ( 2, 'web' )
	        , ( 2, 'design' )
	$$,
	'Should only list tags of the companies where demo@tandem.blog is user of'
);
reset role;

select set_cookie('12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524/admin@tandem.blog');
select bag_eq(
	'tag_data',
	$$ values (4, 'product' )
	        , (4, 'development' )
		, (4, 'something-else' )
	        , (4, 'design' )
	$$,
	'Should only list tags of the companies where admin@tandem.blog is user of'
);
reset role;

select set_cookie('not-a-cookie');
select throws_ok(
	'tag_data',
	'42501', 'permission denied for table tag',
	'Should not allow select to guest users'
);
reset role;

select throws_ok( $$
	insert into tag (company_id, name)
	values (2, 'web')
	$$,
	'23505', 'duplicate key value violates unique constraint "tag_company_id_name_key"',
	'Should not allow repeated tag names within the same company'
);


select *
from finish();

rollback;
Add invoice tags I followed the same restrictions as Gitea’s topics, arbitrarily, because if it is enough for repositories it should be for invoices too, apparently. 2023-03-10 13:02:55 +00:00			`-- Test tag`
			`set client_min_messages to warning;`
			`create extension if not exists pgtap;`
			`reset client_min_messages;`

			`begin;`

			`select plan(33);`

			`set search_path to numerus, auth, public;`

			`select has_table('tag');`
			`select has_pk('tag' );`
			`select table_privs_are('tag', 'guest', array []::text[]);`
			`select table_privs_are('tag', 'invoicer', array ['SELECT', 'INSERT', 'UPDATE', 'DELETE']);`
			`select table_privs_are('tag', 'admin', array ['SELECT', 'INSERT', 'UPDATE', 'DELETE']);`
			`select table_privs_are('tag', 'authenticator', array []::text[]);`

			`select has_sequence('tag_tag_id_seq');`
			`select sequence_privs_are('tag_tag_id_seq', 'guest', array[]::text[]);`
			`select sequence_privs_are('tag_tag_id_seq', 'invoicer', array['USAGE']);`
			`select sequence_privs_are('tag_tag_id_seq', 'admin', array['USAGE']);`
			`select sequence_privs_are('tag_tag_id_seq', 'authenticator', array[]::text[]);`

			`select has_column('tag', 'tag_id');`
			`select col_is_pk('tag', 'tag_id');`
			`select col_type_is('tag', 'tag_id', 'integer');`
			`select col_not_null('tag', 'tag_id');`
			`select col_has_default('tag', 'tag_id');`
			`select col_default_is('tag', 'tag_id', 'nextval(''tag_tag_id_seq''::regclass)');`

			`select has_column('tag', 'company_id');`
			`select col_is_fk('tag', 'company_id');`
			`select fk_ok('tag', 'company_id', 'company', 'company_id');`
			`select col_type_is('tag', 'company_id', 'integer');`
			`select col_not_null('tag', 'company_id');`
			`select col_hasnt_default('tag', 'company_id');`

			`select has_column('tag', 'name');`
			`select col_type_is('tag', 'name', 'tag_name');`
			`select col_not_null('tag', 'name');`
			`select col_hasnt_default('tag', 'name');`
			`select col_is_unique('tag', array['company_id', 'name']);`


			`set client_min_messages to warning;`
			`truncate tag cascade;`
			`truncate company_user cascade;`
			`truncate company cascade;`
			`truncate payment_method cascade;`
			`truncate auth."user" cascade;`
			`reset client_min_messages;`

			`insert into auth."user" (user_id, email, name, password, role, cookie, cookie_expires_at)`
			`values (1, 'demo@tandem.blog', 'Demo', 'test', 'invoicer', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month')`
			`, (5, 'admin@tandem.blog', 'Demo', 'test', 'admin', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month')`
			`;`

			`set constraints "company_default_payment_method_id_fkey" deferred;`

			`insert into company (company_id, business_name, vatin, trade_name, phone, email, web, address, city, province, postal_code, country_code, currency_code, default_payment_method_id)`
			`values (2, 'Company 2', 'XX123', '', '555-555-555', 'a@a', '', '', '', '', '', 'ES', 'EUR', 222)`
			`, (4, 'Company 4', 'XX234', '', '666-666-666', 'b@b', '', '', '', '', '', 'FR', 'USD', 444)`
			`;`

			`insert into payment_method (payment_method_id, company_id, name, instructions)`
			`values (444, 4, 'cash', 'cash')`
			`, (222, 2, 'cash', 'cash')`
			`;`

			`set constraints "company_default_payment_method_id_fkey" immediate;`

			`insert into company_user (company_id, user_id)`
			`values (2, 1)`
			`, (4, 5)`
			`;`

			`insert into tag (company_id, name)`
			`values (2, 'web')`
			`, (2, 'design')`
			`, (4, 'product')`
			`, (4, 'development')`
			`, (4, 'something-else')`
			`, (4, 'design')`
			`;`

			`prepare tag_data as`
			`select company_id, name`
			`from tag`
			`;`

			`set role invoicer;`
			`select is_empty('tag_data', 'Should show no data when cookie is not set yet');`
			`reset role;`

			`select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog');`
			`select bag_eq(`
			`'tag_data',`
			`$$ values ( 2, 'web' )`
			`, ( 2, 'design' )`
			`$$,`
			`'Should only list tags of the companies where demo@tandem.blog is user of'`
			`);`
			`reset role;`

			`select set_cookie('12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524/admin@tandem.blog');`
			`select bag_eq(`
			`'tag_data',`
			`$$ values (4, 'product' )`
			`, (4, 'development' )`
			`, (4, 'something-else' )`
			`, (4, 'design' )`
			`$$,`
			`'Should only list tags of the companies where admin@tandem.blog is user of'`
			`);`
			`reset role;`

			`select set_cookie('not-a-cookie');`
			`select throws_ok(`
			`'tag_data',`
			`'42501', 'permission denied for table tag',`
			`'Should not allow select to guest users'`
			`);`
			`reset role;`

			`select throws_ok( $$`
			`insert into tag (company_id, name)`
			`values (2, 'web')`
			`$$,`
			`'23505', 'duplicate key value violates unique constraint "tag_company_id_name_key"',`
			`'Should not allow repeated tag names within the same company'`
			`);`


			`select *`
			`from finish();`

			`rollback;`