marcel/familienarchiv
1
0
Fork 0
Code Issues 109 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
d1c6ae67c1787570f5acead7d7e76ac87e56698b
familienarchiv/frontend/src/routes/admin/layout.server.spec.ts
Marcel 07415a5b2b
All checks were successful
CI / Unit & Component Tests (pull_request) Successful in 3m25s
Details
CI / OCR Service Tests (pull_request) Successful in 21s
Details
CI / Backend Unit Tests (pull_request) Successful in 3m23s
Details
CI / fail2ban Regex (pull_request) Successful in 41s
Details
CI / Semgrep Security Scan (pull_request) Successful in 20s
Details
CI / Compose Bucket Idempotency (pull_request) Successful in 1m2s
Details
fix(tests): add missing Sentry mock event fields across 14 spec files; fix test:coverage semicolon 
`@sentry/sveltekit` wraps load functions and reads `event.request.method` and
`event.url.pathname`. Mock events that omitted `request` or `url` threw
`TypeError: Cannot read properties of undefined` on every invocation, silently
masking 86 test failures on main.

Two root causes fixed:
- Added `request: new Request(...)` (and `url: new URL(...)` where absent) to
  all mock event objects in 14 `*.server.spec.ts` files
- Changed `;` to `&&` in the `test:coverage` npm script so a failing server
  run propagates its exit code instead of being swallowed by the client run

All 576 server-project tests now pass.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-19 10:27:11 +02:00

101 lines
3.0 KiB
TypeScript
Raw Blame History

import { describe, expect, it, vi, beforeEach } from 'vitest';
import { load } from './+layout.server';
vi.mock('$lib/shared/api.server', () => ({ createApiClient: vi.fn() }));
import { createApiClient } from '$lib/shared/api.server';
function mockApi(users: unknown[], groups: unknown[], tags: unknown[]) {
vi.mocked(createApiClient).mockReturnValue({
GET: vi
.fn()
.mockResolvedValueOnce({ response: { ok: true }, data: users })
.mockResolvedValueOnce({ response: { ok: true }, data: groups })
.mockResolvedValueOnce({ response: { ok: true }, data: tags })
} as ReturnType<typeof createApiClient>);
}
const adminUser = {
groups: [{ permissions: ['ADMIN', 'ADMIN_USER', 'ADMIN_TAG', 'ADMIN_PERMISSION'] }]
};
const tagAdminUser = { groups: [{ permissions: ['ADMIN_TAG'] }] };
const noPermUser = { groups: [{ permissions: ['READ_ALL'] }] };
beforeEach(() => vi.clearAllMocks());
describe('admin layout load — permission check', () => {
it('throws 403 when user has no admin permission', async () => {
await expect(
load({
fetch: vi.fn() as unknown as typeof fetch,
request: new Request('http://localhost/admin'),
url: new URL('http://localhost/admin'),
locals: { user: noPermUser }
})
).rejects.toMatchObject({ status: 403 });
});
it('throws 403 when user is undefined', async () => {
await expect(
load({
fetch: vi.fn() as unknown as typeof fetch,
request: new Request('http://localhost/admin'),
url: new URL('http://localhost/admin'),
locals: { user: undefined }
})
).rejects.toMatchObject({ status: 403 });
});
it('throws 403 when user has no groups', async () => {
await expect(
load({
fetch: vi.fn() as unknown as typeof fetch,
request: new Request('http://localhost/admin'),
url: new URL('http://localhost/admin'),
locals: { user: { groups: [] } }
})
).rejects.toMatchObject({ status: 403 });
});
it('allows access for a user with ADMIN_TAG only', async () => {
mockApi([], [], []);
await expect(
load({
fetch: vi.fn() as unknown as typeof fetch,
request: new Request('http://localhost/admin'),
url: new URL('http://localhost/admin'),
locals: { user: tagAdminUser }
})
).resolves.toBeDefined();
});
it('returns entity counts and permission flags for a full admin', async () => {
mockApi(
[{ id: 'u1' }, { id: 'u2' }],
[{ id: 'g1' }],
[{ id: 't1' }, { id: 't2' }, { id: 't3' }]
);
const mockFetch = vi.fn().mockResolvedValue({
ok: true,
json: async () => [{ id: 'i1' }, { id: 'i2' }]
});
const result = await load({
fetch: mockFetch as unknown as typeof fetch,
request: new Request('http://localhost/admin'),
url: new URL('http://localhost/admin'),
locals: { user: adminUser }
});
expect(result.userCount).toBe(2);
expect(result.groupCount).toBe(1);
expect(result.tagCount).toBe(3);
expect(result.inviteCount).toBe(2);
expect(result.canManageUsers).toBe(true);
expect(result.canManageTags).toBe(true);
expect(result.canManagePermissions).toBe(true);
expect(result.canRunMaintenance).toBe(true);
});
});
Reference in New Issue View Git Blame Copy Permalink