packages/auth/test/callbacks.spec.ts

/* eslint-disable @typescript-eslint/no-non-null-assertion */
import type { AdapterUser } from "@auth/core/adapters";
import type { JWT } from "next-auth/jwt";
import { describe, expect, test, vi } from "vitest";

import { groupMembers, groupPermissions, groups, users } from "@homarr/db/schema";
import { createDb } from "@homarr/db/test";
import * as definitions from "@homarr/definitions";

import { createSessionCallback, getCurrentUserPermissionsAsync } from "../callbacks";

// This one is placed here because it's used in multiple tests and needs to be the same reference
const setCookies = vi.fn();
vi.mock("next/headers", () => ({
  cookies: () => ({
    set: setCookies,
  }),
}));

describe("getCurrentUserPermissions", () => {
  test("should return empty permissions when non existing user requested", async () => {
    // Arrange
    const db = createDb();

    await db.insert(groups).values({
      id: "2",
      name: "test",
    });
    await db.insert(groupPermissions).values({
      groupId: "2",
      permission: "admin",
    });
    await db.insert(users).values({
      id: "2",
    });

    const userId = "1";

    // Act
    const result = await getCurrentUserPermissionsAsync(db, userId);

    // Assert
    expect(result).toEqual([]);
  });

  test("should return empty permissions when user has no groups", async () => {
    // Arrange
    const db = createDb();
    const userId = "1";

    await db.insert(groups).values({
      id: "2",
      name: "test",
    });
    await db.insert(groupPermissions).values({
      groupId: "2",
      permission: "admin",
    });
    await db.insert(users).values({
      id: userId,
    });

    // Act
    const result = await getCurrentUserPermissionsAsync(db, userId);

    // Assert
    expect(result).toEqual([]);
  });

  test("should return permissions for user", async () => {
    // Arrange
    const db = createDb();
    const getPermissionsWithChildrenMock = vi
      .spyOn(definitions, "getPermissionsWithChildren")
      .mockReturnValue(["board-create"]);
    const mockId = "1";

    await db.insert(users).values({
      id: mockId,
    });
    await db.insert(groups).values({
      id: mockId,
      name: "test",
    });
    await db.insert(groupMembers).values({
      userId: mockId,
      groupId: mockId,
    });
    await db.insert(groupPermissions).values({
      groupId: mockId,
      permission: "admin",
    });

    // Act
    const result = await getCurrentUserPermissionsAsync(db, mockId);

    // Assert
    expect(result).toEqual(["board-create"]);
    expect(getPermissionsWithChildrenMock).toHaveBeenCalledWith(["admin"]);
  });
});

describe("session callback", () => {
  test("should add id and name to session user", async () => {
    // Arrange
    const user: AdapterUser = {
      id: "id",
      name: "name",
      email: "email",
      emailVerified: new Date("2023-01-13"),
    };
    const token: JWT = {};
    const db = createDb();
    const callback = createSessionCallback(db);

    // Act
    const result = await callback({
      session: {
        user: {
          id: "no-id",
          email: "no-email",
          emailVerified: new Date("2023-01-13"),
          permissions: [],
          colorScheme: "dark",
        },
        expires: "2023-01-13" as Date & string,
        sessionToken: "token",
        userId: "no-id",
      },
      user,
      token,
      trigger: "update",
      newSession: {},
    });

    // Assert
    expect(result.user).toBeDefined();
    expect(result.user!.id).toEqual(user.id);
    expect(result.user!.name).toEqual(user.name);
  });
});
chore(deps): update dependency eslint to v9 (#452) * chore(deps): update dependency eslint to v9 * chore: migrate eslint to v9 * fix: dependency issues * fix: unit tests not working * chore: disable lint check for Image component that does not work in ci * fix: lint issue --------- Co-authored-by: homarr-renovate[bot] <158783068+homarr-renovate[bot]@users.noreply.github.com> Co-authored-by: Meier Lukas <meierschlumpf@gmail.com> 2024-06-08 20:49:57 +02:00			`/* eslint-disable @typescript-eslint/no-non-null-assertion */`
refactor: replace signIn callback with signIn event, adjust getUserByEmail in adapter to check provider (#1223) * refactor: replace signIn callback with signIn event, adjust getUserByEmail in adapter to check provider * test: adjusting tests for adapter and events * docs: add comments for unknown auth provider * fix: missing dayjs import 2024-10-07 21:13:15 +02:00			`import type { AdapterUser } from "@auth/core/adapters";`
test: add initial unit tests (#56) * chore: add initial db migration * test: add unit tests for packages auth, common, widgets * fix: deep source issues * fix: format issues * wip: add unit tests for api routers * fix: deep source issues * test: add missing unit tests for integration router * wip: board tests * test: add unit tests for board router * fix: remove unnecessary null assertions * fix: deepsource issues * fix: formatting * fix: pnpm lock * fix: lint and typecheck issues * chore: address pull request feedback * fix: non-null assertions * fix: lockfile broken 2024-02-10 19:00:08 +01:00			`import type { JWT } from "next-auth/jwt";`
fix: issue with color scheme in layout (#1168) * fix: issue with color scheme in layout * test: add and adjust unit tests for sign-in-callback 2024-09-26 19:02:45 +02:00			`import { describe, expect, test, vi } from "vitest";`
test: add initial unit tests (#56) * chore: add initial db migration * test: add unit tests for packages auth, common, widgets * fix: deep source issues * fix: format issues * wip: add unit tests for api routers * fix: deep source issues * test: add missing unit tests for integration router * wip: board tests * test: add unit tests for board router * fix: remove unnecessary null assertions * fix: deepsource issues * fix: formatting * fix: pnpm lock * fix: lint and typecheck issues * chore: address pull request feedback * fix: non-null assertions * fix: lockfile broken 2024-02-10 19:00:08 +01:00
fix: mysql operations not working (#1728) 2024-12-19 16:10:22 +01:00			`import { groupMembers, groupPermissions, groups, users } from "@homarr/db/schema";`
feat: board access group permissions (#422) * fix: cache is not exportet from react * fix: format issue * wip: add usage of group permissions * feat: show inherited groups and add manage group * refactor: improve board access management * chore: address pull request feedback * fix: type issues * fix: migrations * test: add unit tests for board permissions, permissions and board router * test: add unit tests for board router and get current user permissions method * fix: format issues * fix: deepsource issue 2024-05-04 18:34:41 +02:00			`import { createDb } from "@homarr/db/test";`
			`import * as definitions from "@homarr/definitions";`

refactor: replace signIn callback with signIn event, adjust getUserByEmail in adapter to check provider (#1223) * refactor: replace signIn callback with signIn event, adjust getUserByEmail in adapter to check provider * test: adjusting tests for adapter and events * docs: add comments for unknown auth provider * fix: missing dayjs import 2024-10-07 21:13:15 +02:00			`import { createSessionCallback, getCurrentUserPermissionsAsync } from "../callbacks";`
feat: board access group permissions (#422) * fix: cache is not exportet from react * fix: format issue * wip: add usage of group permissions * feat: show inherited groups and add manage group * refactor: improve board access management * chore: address pull request feedback * fix: type issues * fix: migrations * test: add unit tests for board permissions, permissions and board router * test: add unit tests for board router and get current user permissions method * fix: format issues * fix: deepsource issue 2024-05-04 18:34:41 +02:00
fix: permissions not restricted for certain management pages / actions (#1219) * fix: restrict parts of manage navigation to admins * fix: restrict stats cards on manage home page * fix: restrict access to amount of certain stats for manage home * fix: restrict visibility of board create button * fix: restrict access to integration pages * fix: restrict access to tools pages for admins * fix: restrict access to user and group pages * test: adjust tests to match permission changes for routes * fix: remove certain pages from spotlight without admin * fix: app management not restricted 2024-10-05 17:03:32 +02:00			`// This one is placed here because it's used in multiple tests and needs to be the same reference`
			`const setCookies = vi.fn();`
			`vi.mock("next/headers", () => ({`
			`cookies: () => ({`
			`set: setCookies,`
			`}),`
			`}));`

feat: board access group permissions (#422) * fix: cache is not exportet from react * fix: format issue * wip: add usage of group permissions * feat: show inherited groups and add manage group * refactor: improve board access management * chore: address pull request feedback * fix: type issues * fix: migrations * test: add unit tests for board permissions, permissions and board router * test: add unit tests for board router and get current user permissions method * fix: format issues * fix: deepsource issue 2024-05-04 18:34:41 +02:00			`describe("getCurrentUserPermissions", () => {`
			`test("should return empty permissions when non existing user requested", async () => {`
fix: issue with color scheme in layout (#1168) * fix: issue with color scheme in layout * test: add and adjust unit tests for sign-in-callback 2024-09-26 19:02:45 +02:00			`// Arrange`
feat: board access group permissions (#422) * fix: cache is not exportet from react * fix: format issue * wip: add usage of group permissions * feat: show inherited groups and add manage group * refactor: improve board access management * chore: address pull request feedback * fix: type issues * fix: migrations * test: add unit tests for board permissions, permissions and board router * test: add unit tests for board router and get current user permissions method * fix: format issues * fix: deepsource issue 2024-05-04 18:34:41 +02:00			`const db = createDb();`

feat: add integration access check to middlewares (#756) * feat: add integration access check to middlewares * fix: format issues * fix: remove group and user permissions and items from context * refactor: move action check to seperate function 2024-07-08 17:39:36 +02:00			`await db.insert(groups).values({`
			`id: "2",`
			`name: "test",`
			`});`
			`await db.insert(groupPermissions).values({`
			`groupId: "2",`
			`permission: "admin",`
			`});`
feat: board access group permissions (#422) * fix: cache is not exportet from react * fix: format issue * wip: add usage of group permissions * feat: show inherited groups and add manage group * refactor: improve board access management * chore: address pull request feedback * fix: type issues * fix: migrations * test: add unit tests for board permissions, permissions and board router * test: add unit tests for board router and get current user permissions method * fix: format issues * fix: deepsource issue 2024-05-04 18:34:41 +02:00			`await db.insert(users).values({`
			`id: "2",`
			`});`

			`const userId = "1";`
fix: issue with color scheme in layout (#1168) * fix: issue with color scheme in layout * test: add and adjust unit tests for sign-in-callback 2024-09-26 19:02:45 +02:00
			`// Act`
feat: add async suffix eslint rule (#485) 2024-05-18 12:25:33 +02:00			`const result = await getCurrentUserPermissionsAsync(db, userId);`
fix: issue with color scheme in layout (#1168) * fix: issue with color scheme in layout * test: add and adjust unit tests for sign-in-callback 2024-09-26 19:02:45 +02:00
			`// Assert`
feat: board access group permissions (#422) * fix: cache is not exportet from react * fix: format issue * wip: add usage of group permissions * feat: show inherited groups and add manage group * refactor: improve board access management * chore: address pull request feedback * fix: type issues * fix: migrations * test: add unit tests for board permissions, permissions and board router * test: add unit tests for board router and get current user permissions method * fix: format issues * fix: deepsource issue 2024-05-04 18:34:41 +02:00			`expect(result).toEqual([]);`
			`});`
feat: add integration access check to middlewares (#756) * feat: add integration access check to middlewares * fix: format issues * fix: remove group and user permissions and items from context * refactor: move action check to seperate function 2024-07-08 17:39:36 +02:00
			`test("should return empty permissions when user has no groups", async () => {`
fix: issue with color scheme in layout (#1168) * fix: issue with color scheme in layout * test: add and adjust unit tests for sign-in-callback 2024-09-26 19:02:45 +02:00			`// Arrange`
feat: add integration access check to middlewares (#756) * feat: add integration access check to middlewares * fix: format issues * fix: remove group and user permissions and items from context * refactor: move action check to seperate function 2024-07-08 17:39:36 +02:00			`const db = createDb();`
			`const userId = "1";`

			`await db.insert(groups).values({`
			`id: "2",`
			`name: "test",`
			`});`
			`await db.insert(groupPermissions).values({`
			`groupId: "2",`
			`permission: "admin",`
			`});`
			`await db.insert(users).values({`
			`id: userId,`
			`});`

fix: issue with color scheme in layout (#1168) * fix: issue with color scheme in layout * test: add and adjust unit tests for sign-in-callback 2024-09-26 19:02:45 +02:00			`// Act`
feat: add integration access check to middlewares (#756) * feat: add integration access check to middlewares * fix: format issues * fix: remove group and user permissions and items from context * refactor: move action check to seperate function 2024-07-08 17:39:36 +02:00			`const result = await getCurrentUserPermissionsAsync(db, userId);`
fix: issue with color scheme in layout (#1168) * fix: issue with color scheme in layout * test: add and adjust unit tests for sign-in-callback 2024-09-26 19:02:45 +02:00
			`// Assert`
feat: add integration access check to middlewares (#756) * feat: add integration access check to middlewares * fix: format issues * fix: remove group and user permissions and items from context * refactor: move action check to seperate function 2024-07-08 17:39:36 +02:00			`expect(result).toEqual([]);`
			`});`

feat: board access group permissions (#422) * fix: cache is not exportet from react * fix: format issue * wip: add usage of group permissions * feat: show inherited groups and add manage group * refactor: improve board access management * chore: address pull request feedback * fix: type issues * fix: migrations * test: add unit tests for board permissions, permissions and board router * test: add unit tests for board router and get current user permissions method * fix: format issues * fix: deepsource issue 2024-05-04 18:34:41 +02:00			`test("should return permissions for user", async () => {`
fix: issue with color scheme in layout (#1168) * fix: issue with color scheme in layout * test: add and adjust unit tests for sign-in-callback 2024-09-26 19:02:45 +02:00			`// Arrange`
feat: board access group permissions (#422) * fix: cache is not exportet from react * fix: format issue * wip: add usage of group permissions * feat: show inherited groups and add manage group * refactor: improve board access management * chore: address pull request feedback * fix: type issues * fix: migrations * test: add unit tests for board permissions, permissions and board router * test: add unit tests for board router and get current user permissions method * fix: format issues * fix: deepsource issue 2024-05-04 18:34:41 +02:00			`const db = createDb();`
			`const getPermissionsWithChildrenMock = vi`
			`.spyOn(definitions, "getPermissionsWithChildren")`
			`.mockReturnValue(["board-create"]);`
			`const mockId = "1";`

			`await db.insert(users).values({`
			`id: mockId,`
			`});`
			`await db.insert(groups).values({`
			`id: mockId,`
			`name: "test",`
			`});`
			`await db.insert(groupMembers).values({`
			`userId: mockId,`
			`groupId: mockId,`
			`});`
			`await db.insert(groupPermissions).values({`
			`groupId: mockId,`
			`permission: "admin",`
			`});`

fix: issue with color scheme in layout (#1168) * fix: issue with color scheme in layout * test: add and adjust unit tests for sign-in-callback 2024-09-26 19:02:45 +02:00			`// Act`
feat: add async suffix eslint rule (#485) 2024-05-18 12:25:33 +02:00			`const result = await getCurrentUserPermissionsAsync(db, mockId);`
fix: issue with color scheme in layout (#1168) * fix: issue with color scheme in layout * test: add and adjust unit tests for sign-in-callback 2024-09-26 19:02:45 +02:00
			`// Assert`
feat: board access group permissions (#422) * fix: cache is not exportet from react * fix: format issue * wip: add usage of group permissions * feat: show inherited groups and add manage group * refactor: improve board access management * chore: address pull request feedback * fix: type issues * fix: migrations * test: add unit tests for board permissions, permissions and board router * test: add unit tests for board router and get current user permissions method * fix: format issues * fix: deepsource issue 2024-05-04 18:34:41 +02:00			`expect(result).toEqual(["board-create"]);`
			`expect(getPermissionsWithChildrenMock).toHaveBeenCalledWith(["admin"]);`
			`});`
			`});`
test: add initial unit tests (#56) * chore: add initial db migration * test: add unit tests for packages auth, common, widgets * fix: deep source issues * fix: format issues * wip: add unit tests for api routers * fix: deep source issues * test: add missing unit tests for integration router * wip: board tests * test: add unit tests for board router * fix: remove unnecessary null assertions * fix: deepsource issues * fix: formatting * fix: pnpm lock * fix: lint and typecheck issues * chore: address pull request feedback * fix: non-null assertions * fix: lockfile broken 2024-02-10 19:00:08 +01:00
			`describe("session callback", () => {`
fix: issue with color scheme in layout (#1168) * fix: issue with color scheme in layout * test: add and adjust unit tests for sign-in-callback 2024-09-26 19:02:45 +02:00			`test("should add id and name to session user", async () => {`
			`// Arrange`
test: add initial unit tests (#56) * chore: add initial db migration * test: add unit tests for packages auth, common, widgets * fix: deep source issues * fix: format issues * wip: add unit tests for api routers * fix: deep source issues * test: add missing unit tests for integration router * wip: board tests * test: add unit tests for board router * fix: remove unnecessary null assertions * fix: deepsource issues * fix: formatting * fix: pnpm lock * fix: lint and typecheck issues * chore: address pull request feedback * fix: non-null assertions * fix: lockfile broken 2024-02-10 19:00:08 +01:00			`const user: AdapterUser = {`
			`id: "id",`
			`name: "name",`
			`email: "email",`
			`emailVerified: new Date("2023-01-13"),`
			`};`
			`const token: JWT = {};`
feat: board access group permissions (#422) * fix: cache is not exportet from react * fix: format issue * wip: add usage of group permissions * feat: show inherited groups and add manage group * refactor: improve board access management * chore: address pull request feedback * fix: type issues * fix: migrations * test: add unit tests for board permissions, permissions and board router * test: add unit tests for board router and get current user permissions method * fix: format issues * fix: deepsource issue 2024-05-04 18:34:41 +02:00			`const db = createDb();`
			`const callback = createSessionCallback(db);`
fix: issue with color scheme in layout (#1168) * fix: issue with color scheme in layout * test: add and adjust unit tests for sign-in-callback 2024-09-26 19:02:45 +02:00
			`// Act`
feat: board access group permissions (#422) * fix: cache is not exportet from react * fix: format issue * wip: add usage of group permissions * feat: show inherited groups and add manage group * refactor: improve board access management * chore: address pull request feedback * fix: type issues * fix: migrations * test: add unit tests for board permissions, permissions and board router * test: add unit tests for board router and get current user permissions method * fix: format issues * fix: deepsource issue 2024-05-04 18:34:41 +02:00			`const result = await callback({`
test: add initial unit tests (#56) * chore: add initial db migration * test: add unit tests for packages auth, common, widgets * fix: deep source issues * fix: format issues * wip: add unit tests for api routers * fix: deep source issues * test: add missing unit tests for integration router * wip: board tests * test: add unit tests for board router * fix: remove unnecessary null assertions * fix: deepsource issues * fix: formatting * fix: pnpm lock * fix: lint and typecheck issues * chore: address pull request feedback * fix: non-null assertions * fix: lockfile broken 2024-02-10 19:00:08 +01:00			`session: {`
			`user: {`
			`id: "no-id",`
			`email: "no-email",`
			`emailVerified: new Date("2023-01-13"),`
feat: board access group permissions (#422) * fix: cache is not exportet from react * fix: format issue * wip: add usage of group permissions * feat: show inherited groups and add manage group * refactor: improve board access management * chore: address pull request feedback * fix: type issues * fix: migrations * test: add unit tests for board permissions, permissions and board router * test: add unit tests for board router and get current user permissions method * fix: format issues * fix: deepsource issue 2024-05-04 18:34:41 +02:00			`permissions: [],`
feat: add colorscheme to user in db (#987) 2024-09-01 20:37:52 +02:00			`colorScheme: "dark",`
test: add initial unit tests (#56) * chore: add initial db migration * test: add unit tests for packages auth, common, widgets * fix: deep source issues * fix: format issues * wip: add unit tests for api routers * fix: deep source issues * test: add missing unit tests for integration router * wip: board tests * test: add unit tests for board router * fix: remove unnecessary null assertions * fix: deepsource issues * fix: formatting * fix: pnpm lock * fix: lint and typecheck issues * chore: address pull request feedback * fix: non-null assertions * fix: lockfile broken 2024-02-10 19:00:08 +01:00			`},`
			`expires: "2023-01-13" as Date & string,`
			`sessionToken: "token",`
			`userId: "no-id",`
			`},`
			`user,`
			`token,`
			`trigger: "update",`
			`newSession: {},`
			`});`
fix: issue with color scheme in layout (#1168) * fix: issue with color scheme in layout * test: add and adjust unit tests for sign-in-callback 2024-09-26 19:02:45 +02:00
			`// Assert`
test: add initial unit tests (#56) * chore: add initial db migration * test: add unit tests for packages auth, common, widgets * fix: deep source issues * fix: format issues * wip: add unit tests for api routers * fix: deep source issues * test: add missing unit tests for integration router * wip: board tests * test: add unit tests for board router * fix: remove unnecessary null assertions * fix: deepsource issues * fix: formatting * fix: pnpm lock * fix: lint and typecheck issues * chore: address pull request feedback * fix: non-null assertions * fix: lockfile broken 2024-02-10 19:00:08 +01:00			`expect(result.user).toBeDefined();`
			`expect(result.user!.id).toEqual(user.id);`
			`expect(result.user!.name).toEqual(user.name);`
			`});`
			`});`