B2B-88: add starter kit structure and elements
This commit is contained in:
devmc-ee
111
supabase copy/tests/database/invitations.test.sql
Normal file
111
supabase copy/tests/database/invitations.test.sql
Normal file
@@ -0,0 +1,111 @@
|
||||
begin;
|
||||
create extension "basejump-supabase_test_helpers" version '0.0.6';
|
||||
|
||||
select no_plan();
|
||||
|
||||
-- test
|
||||
|
||||
select makerkit.set_identifier('test', 'test@makerkit.dev');
|
||||
select makerkit.set_identifier('member', 'member@makerkit.dev');
|
||||
select makerkit.set_identifier('custom', 'custom@makerkit.dev');
|
||||
select makerkit.set_identifier('owner', 'owner@makerkit.dev');
|
||||
|
||||
select makerkit.authenticate_as('test');
|
||||
|
||||
select lives_ok(
|
||||
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite1@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'member', gen_random_uuid()); $$,
|
||||
'owner should be able to create invitations'
|
||||
);
|
||||
|
||||
-- check two invitations to the same email/account are not allowed
|
||||
select throws_ok(
|
||||
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite1@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'member', gen_random_uuid()) $$,
|
||||
'duplicate key value violates unique constraint "invitations_email_account_id_key"'
|
||||
);
|
||||
|
||||
select makerkit.authenticate_as('member');
|
||||
|
||||
-- check a member cannot invite members with higher roles
|
||||
select throws_ok(
|
||||
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite2@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'owner', gen_random_uuid()) $$,
|
||||
'new row violates row-level security policy for table "invitations"'
|
||||
);
|
||||
|
||||
-- check a member can invite members with the same or lower roles
|
||||
select lives_ok(
|
||||
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite2@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'member', gen_random_uuid()) $$,
|
||||
'member should be able to create invitations for members or lower roles'
|
||||
);
|
||||
|
||||
-- test invite exists
|
||||
select isnt_empty(
|
||||
$$ select * from public.invitations where account_id = makerkit.get_account_id_by_slug('makerkit') $$,
|
||||
'invitations should be listed'
|
||||
);
|
||||
|
||||
select makerkit.authenticate_as('owner');
|
||||
|
||||
-- check the owner can invite members with lower roles
|
||||
select lives_ok(
|
||||
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite3@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'member', gen_random_uuid()) $$,
|
||||
'owner should be able to create invitations'
|
||||
);
|
||||
|
||||
-- authenticate_as the custom role
|
||||
select makerkit.authenticate_as('custom');
|
||||
|
||||
-- it will fail because the custom role does not have the invites.manage permission
|
||||
select throws_ok(
|
||||
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite3@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'custom-role', gen_random_uuid()) $$,
|
||||
'new row violates row-level security policy for table "invitations"'
|
||||
);
|
||||
|
||||
set local role postgres;
|
||||
|
||||
-- add permissions to invite members to the custom role
|
||||
insert into public.role_permissions (role, permission) values ('custom-role', 'invites.manage');
|
||||
|
||||
-- authenticate_as the custom role
|
||||
select makerkit.authenticate_as('custom');
|
||||
|
||||
select lives_ok(
|
||||
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite4@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'custom-role', gen_random_uuid()) $$,
|
||||
'custom role should be able to create invitations'
|
||||
);
|
||||
|
||||
select lives_ok(
|
||||
$$ SELECT public.add_invitations_to_account('makerkit', ARRAY[ROW('example@makerkit.dev', 'custom-role')::public.invitation]); $$,
|
||||
'custom role should be able to create invitations using the function public.add_invitations_to_account'
|
||||
);
|
||||
|
||||
select throws_ok(
|
||||
$$ SELECT public.add_invitations_to_account('makerkit', ARRAY[ROW('example2@makerkit.dev', 'owner')::public.invitation]); $$,
|
||||
'new row violates row-level security policy for table "invitations"',
|
||||
'cannot invite members with higher roles'
|
||||
);
|
||||
|
||||
-- Foreigners should not be able to create invitations
|
||||
|
||||
select tests.create_supabase_user('user');
|
||||
|
||||
select makerkit.authenticate_as('user');
|
||||
|
||||
-- it will fail because the user is not a member of the account
|
||||
select throws_ok(
|
||||
$$ insert into public.invitations (email, invited_by, account_id, role, invite_token) values ('invite4@makerkit.dev', auth.uid(), makerkit.get_account_id_by_slug('makerkit'), 'member', gen_random_uuid()) $$,
|
||||
'new row violates row-level security policy for table "invitations"'
|
||||
);
|
||||
|
||||
select throws_ok(
|
||||
$$ SELECT public.add_invitations_to_account('makerkit', ARRAY[ROW('example@example.com', 'member')::public.invitation]); $$,
|
||||
'new row violates row-level security policy for table "invitations"'
|
||||
);
|
||||
|
||||
select is_empty($$
|
||||
select * from public.invitations where account_id = makerkit.get_account_id_by_slug('makerkit') $$,
|
||||
'no invitations should be listed'
|
||||
);
|
||||
|
||||
select * from finish();
|
||||
|
||||
rollback;
|
||||
Reference in New Issue
Block a user