B2B-88: add starter kit structure and elements

2025-06-08 16:18:30 +03:00
parent 657a36a298
commit e7b25600cb
1280 changed files with 77893 additions and 5688 deletions
--- a/copy/tests/database/account-permissions.test.sql
+++ b/copy/tests/database/account-permissions.test.sql
@@ -0,0 +1,104 @@
+BEGIN;
+create extension "basejump-supabase_test_helpers" version '0.0.6';
+
+select no_plan();
+
+--- we insert a user into auth.users and return the id into user_id to use
+
+select tests.create_supabase_user('test1', 'test1@test.com');
+
+select tests.create_supabase_user('test2');
+
+-- Create an team account
+
+select makerkit.authenticate_as('test1');
+
+select public.create_team_account('Test');
+
+-- the owner account has permissions to manage members
+select row_eq(
+  $$ select public.has_permission(
+  auth.uid(), makerkit.get_account_id_by_slug('test'), 'members.manage'::app_permissions) $$,
+    row(true::boolean),
+    'The owner of the team account should have the members.manage permission'
+);
+
+-- the owner account has permissions to manage billing
+select row_eq(
+  $$ select public.has_permission(
+  auth.uid(), makerkit.get_account_id_by_slug('test'), 'billing.manage'::app_permissions) $$,
+    row(true::boolean),
+    'The owner of the team account should have the billing.manage permission'
+);
+
+-- Foreigner should not have permissions to manage members
+
+select makerkit.authenticate_as('test2');
+
+select row_eq(
+  $$ select public.has_permission(
+  auth.uid(), makerkit.get_account_id_by_slug('test'), 'members.manage'::app_permissions) $$,
+    row(false::boolean),
+    'Foreigners should not have the members.manage permission'
+);
+
+-- Custom roles
+-- New roles created for the app
+
+set local role postgres;
+
+-- the name should be unique
+
+select throws_ok(
+  $$ insert into public.roles (name, hierarchy_level) values ('owner', 4) $$,
+  'duplicate key value violates unique constraint "roles_pkey"'
+);
+
+-- the hierarchy level should be unique
+select throws_ok(
+  $$ insert into public.roles (name, hierarchy_level) values ('custom-role-2', 1) $$,
+  'duplicate key value violates unique constraint "roles_hierarchy_level_key"'
+);
+
+-- Custom Account Role
+
+set local role postgres;
+
+-- the names should be unique
+select throws_ok(
+  $$ insert into public.roles (name, hierarchy_level) values ('owner', 1) $$,
+  'duplicate key value violates unique constraint "roles_pkey"'
+);
+
+-- update user role to custom role
+update public.accounts_memberships
+    set account_role = 'custom-role'
+    where account_id = makerkit.get_account_id_by_slug('test')
+        and user_id = tests.get_supabase_uid('test1');
+
+set local role postgres;
+
+-- insert permissions for the custom role
+insert into public.role_permissions (role, permission) values ('custom-role', 'members.manage');
+
+select makerkit.authenticate_as('test1');
+
+-- the custom role does not have permissions to manage billing
+select row_eq(
+  $$ select public.has_permission(
+  auth.uid(), makerkit.get_account_id_by_slug('test'), 'billing.manage'::app_permissions) $$,
+    row(false::boolean),
+    'The custom role should not have the billing.manage permission'
+);
+
+-- the custom role can manage members
+select row_eq(
+  $$ select public.has_permission(
+  auth.uid(), makerkit.get_account_id_by_slug('test'), 'members.manage'::app_permissions) $$,
+    row(true::boolean),
+    'The custom role should have the members.manage permission'
+);
+
+select * from finish();
+
+rollback;