170 lines
6.2 KiB
PL/PgSQL
170 lines
6.2 KiB
PL/PgSQL
-- Test user_profile
|
||
set client_min_messages to warning;
|
||
create extension if not exists pgtap;
|
||
reset client_min_messages;
|
||
|
||
begin;
|
||
|
||
select plan(53);
|
||
|
||
set search_path to numerus, auth, public;
|
||
|
||
select has_view('user_profile');
|
||
select table_privs_are('user_profile', 'guest', array ['SELECT']);
|
||
select table_privs_are('user_profile', 'invoicer', array['SELECT']);
|
||
select table_privs_are('user_profile', 'admin', array['SELECT']);
|
||
select table_privs_are('user_profile', 'authenticator', array[]::text[]);
|
||
|
||
select has_column('user_profile', 'user_id');
|
||
select col_type_is('user_profile', 'user_id', 'integer');
|
||
select column_privs_are('user_profile', 'user_id', 'guest', array ['SELECT']);
|
||
select column_privs_are('user_profile', 'user_id', 'invoicer', array['SELECT']);
|
||
select column_privs_are('user_profile', 'user_id', 'admin', array['SELECT']);
|
||
select column_privs_are('user_profile', 'user_id', 'authenticator', array[]::text[]);
|
||
|
||
select has_column('user_profile', 'email');
|
||
select col_type_is('user_profile', 'email', 'email');
|
||
select column_privs_are('user_profile', 'email', 'guest', array ['SELECT']);
|
||
select column_privs_are('user_profile', 'email', 'invoicer', array['SELECT', 'UPDATE']);
|
||
select column_privs_are('user_profile', 'email', 'admin', array['SELECT', 'UPDATE']);
|
||
select column_privs_are('user_profile', 'email', 'authenticator', array[]::text[]);
|
||
|
||
select has_column('user_profile', 'name');
|
||
select col_type_is('user_profile', 'name', 'text');
|
||
select column_privs_are('user_profile', 'name', 'guest', array ['SELECT']);
|
||
select column_privs_are('user_profile', 'name', 'invoicer', array['SELECT', 'UPDATE']);
|
||
select column_privs_are('user_profile', 'name', 'admin', array['SELECT', 'UPDATE']);
|
||
select column_privs_are('user_profile', 'name', 'authenticator', array[]::text[]);
|
||
|
||
select has_column('user_profile', 'role');
|
||
select col_type_is('user_profile', 'role', 'name');
|
||
select column_privs_are('user_profile', 'role', 'guest', array ['SELECT']);
|
||
select column_privs_are('user_profile', 'role', 'invoicer', array['SELECT']);
|
||
select column_privs_are('user_profile', 'role', 'admin', array['SELECT']);
|
||
select column_privs_are('user_profile', 'role', 'authenticator', array[]::text[]);
|
||
|
||
select has_column('user_profile', 'lang_tag');
|
||
select col_type_is('user_profile', 'lang_tag', 'text');
|
||
select column_privs_are('user_profile', 'lang_tag', 'guest', array ['SELECT']);
|
||
select column_privs_are('user_profile', 'lang_tag', 'invoicer', array['SELECT', 'UPDATE']);
|
||
select column_privs_are('user_profile', 'lang_tag', 'admin', array['SELECT', 'UPDATE']);
|
||
select column_privs_are('user_profile', 'lang_tag', 'authenticator', array[]::text[]);
|
||
|
||
select has_column('user_profile', 'csrf_token');
|
||
select col_type_is('user_profile', 'csrf_token', 'text');
|
||
select column_privs_are('user_profile', 'csrf_token', 'guest', array ['SELECT']);
|
||
select column_privs_are('user_profile', 'csrf_token', 'invoicer', array['SELECT']);
|
||
select column_privs_are('user_profile', 'csrf_token', 'admin', array['SELECT']);
|
||
select column_privs_are('user_profile', 'csrf_token', 'authenticator', array[]::text[]);
|
||
|
||
|
||
set client_min_messages to warning;
|
||
truncate auth."user" cascade;
|
||
reset client_min_messages;
|
||
|
||
insert into auth."user" (user_id, email, name, password, role, cookie, cookie_expires_at, lang_tag)
|
||
values (1, 'demo@tandem.blog', 'Demo', 'test', 'invoicer', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month', 'ca')
|
||
, (5, 'admin@tandem.blog', 'Admin', 'test', 'admin', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month', 'es')
|
||
, (7, 'another@tandem.blog', 'Another Admin', 'test', 'admin', default, default, default)
|
||
;
|
||
|
||
prepare profile as
|
||
select user_id, email, name, role, lang_tag, csrf_token
|
||
from user_profile;
|
||
|
||
select set_config('request.user.cookie', '', false);
|
||
|
||
select results_eq(
|
||
'profile',
|
||
$$ values (0, null::email, '', 'guest'::name, 'und', '') $$,
|
||
'Should be set up with the guest user when no user logged in yet.'
|
||
);
|
||
|
||
select set_cookie( '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog' );
|
||
|
||
select results_eq(
|
||
'profile',
|
||
$$ values (1, 'demo@tandem.blog'::email, 'Demo', 'invoicer'::name, 'ca', '44facbb30d') $$,
|
||
'Should only see the profile of the first user'
|
||
);
|
||
|
||
select lives_ok( $$
|
||
update user_profile
|
||
set email = 'demo+update@tandem.blog'
|
||
, name = 'Demo Update'
|
||
, lang_tag = 'es';
|
||
$$,
|
||
'Should be able to update the first profile'
|
||
);
|
||
|
||
select throws_ok(
|
||
$$ update user_profile set user_id = 123 $$,
|
||
'42501', 'permission denied for view user_profile',
|
||
'Should not be able to change the ID'
|
||
);
|
||
|
||
select throws_ok(
|
||
$$ update user_profile set role = 'admin' $$,
|
||
'42501', 'permission denied for view user_profile',
|
||
'Should not be able to change the ID'
|
||
);
|
||
|
||
select results_eq(
|
||
'profile',
|
||
$$ values (1, 'demo+update@tandem.blog'::email, 'Demo Update', 'invoicer'::name, 'es', '44facbb30d') $$,
|
||
'Should see the changed profile of the first user'
|
||
);
|
||
|
||
reset role;
|
||
|
||
select set_cookie( '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524/admin@tandem.blog' );
|
||
|
||
select results_eq(
|
||
'profile',
|
||
$$ values (5, 'admin@tandem.blog'::email, 'Admin', 'admin'::name, 'es', '12af4c88b5') $$,
|
||
'Should only see the profile of the second user'
|
||
);
|
||
|
||
select lives_ok( $$
|
||
update user_profile
|
||
set email = 'admin+update@tandem.blog'
|
||
, name = 'Admin Update'
|
||
, lang_tag = 'ca';
|
||
$$,
|
||
'Should be able to update the second profile'
|
||
);
|
||
|
||
select throws_ok(
|
||
$$ update user_profile set user_id = 123 $$,
|
||
'42501', 'permission denied for view user_profile',
|
||
'Should not be able to change the ID'
|
||
);
|
||
|
||
select throws_ok(
|
||
$$ update user_profile set role = 'invoicer' $$,
|
||
'42501', 'permission denied for view user_profile',
|
||
'Should not be able to change the ID'
|
||
);
|
||
|
||
select results_eq(
|
||
'profile',
|
||
$$ values (5, 'admin+update@tandem.blog'::email, 'Admin Update', 'admin'::name, 'ca', '12af4c88b5') $$,
|
||
'Should see the changed profile of the first user'
|
||
);
|
||
|
||
reset role;
|
||
|
||
select results_eq(
|
||
$$ select user_id, email, name, lang_tag from auth."user" order by user_id $$,
|
||
$$ values (1, 'demo+update@tandem.blog'::email, 'Demo Update', 'es')
|
||
, (5, 'admin+update@tandem.blog'::email, 'Admin Update', 'ca')
|
||
, (7, 'another@tandem.blog'::email, 'Another Admin', 'und')
|
||
$$,
|
||
'Should have updated the base table’s data'
|
||
);
|
||
|
||
select *
|
||
from finish();
|
||
|
||
rollback;
|