test(bulk-edit): plug Sara's identified coverage gaps

- DocumentServiceTest.applyBulkEditToDocument_propagatesDomainException_whenSenderIdUnresolvable (Sara C1) - DocumentServiceTest.findIdsForFilter_passesTagOperatorOR_throughBuildSearchSpec (Sara C3) - bulkSelection.svelte.spec.ts: setAll([]) no-op + previous-IDs-absent + ids getter (Sara C4 + S4) - /documents/bulk-edit/+page.server.ts now defensively handles a UserGroup with NULL `permissions` (treats it as not-WRITE_ALL instead of throwing on .includes()) + matching test (Sara C7) 233 backend tests + frontend bulk-edit specs all green. Refs #225, PR #331 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-25 16:58:48 +02:00
parent 46001bbf9d
commit 1803db86b5
4 changed files with 82 additions and 2 deletions
--- a/frontend/src/routes/documents/bulk-edit/page.server.spec.ts
+++ b/frontend/src/routes/documents/bulk-edit/page.server.spec.ts
@@ -43,4 +43,19 @@ describe('/documents/bulk-edit +page.server.ts', () => {
 		const result = await load({ locals });
 		expect(result).toEqual({ canWrite: true });
 	});
+
+	it('redirects when a group has no permissions array (defensive)', async () => {
+		// Sara C7 — a UserGroup row with NULL permissions used to throw on
+		// .includes(); the guard now treats that case as "not WRITE_ALL".
+		const locals = {
+			user: { groups: [{ permissions: undefined as unknown as string[] }] }
+		};
+		try {
+			// @ts-expect-error — partial event shape sufficient for this guard
+			await load({ locals });
+			throw new Error('expected redirect');
+		} catch (e) {
+			expect((e as { status?: number }).status).toBe(303);
+		}
+	});
 });