Merge pull request #133 from bcgov/BVPS-409

BVPS-409: PropertiesController.ts test coverage
bcgov · Nov 20, 2023 · 889cb40 · 889cb40
2 parents 0af3b34 + 0854ee9
commit 889cb40
Showing 2 changed files with 43 additions and 0 deletions.
diff --git a/src/tests/commonResponses.ts b/src/tests/commonResponses.ts
@@ -1084,6 +1084,17 @@ export const LastNameOnlyTokenPayload = {
     ],
 };
 
+export const NoPropertySearchTokenPayload = {
+    identity_provider: 'idir',
+    sid: 'f2291e4e-ea0b-4eb4-bc35-06a9bb7d1eb4',
+    idir_user_guid: '12FC98EA15007D2F704B95DEFC3D2DDF',
+    preferred_username: '12fc98ea15007d2f704b95defc3d2ddf@idir',
+    email: 'example@test.com',
+    role: 'SuperAdmin',
+    family_name: 'abcd',
+    permissions: ['USER_ACCESS', 'VIEW_PIN', 'ACCESS_REQUEST'],
+};
+
 export const SampleBCEIDBUsinessAdminTokenPayload = {
     identity_provider: 'bceidbusiness',
     sid: 'f2291e4e-ea0b-4eb4-bc35-06a9bb7d1eb4',

diff --git a/src/tests/routes/properties.spec.ts b/src/tests/routes/properties.spec.ts
@@ -7,10 +7,12 @@ import {
     geocodeParcelAPIResponse_2,
     ActivePINResponse,
     SampleSuperAdminTokenPayload,
+    NoPropertySearchTokenPayload,
 } from '../commonResponses';
 import { AxiosError } from 'axios';
 import { ActivePin } from '../../entity/ActivePin';
 import * as ActivePIN from '../../db/ActivePIN.db';
+import * as auth from '../../helpers/auth';
 import jwt from 'jsonwebtoken';
 
 let token: string;
@@ -166,6 +168,24 @@ describe('Properties endpoints', () => {
         expect(res.statusCode).toBe(403);
     });
 
+    test('/details should throw 403 error on not having the correct permissions', async () => {
+        const JWT_SECRET = 'abcd';
+        token = jwt.sign(NoPropertySearchTokenPayload, JWT_SECRET, {
+            expiresIn: 30 * 60 * 1000,
+        });
+        const res = await request(app)
+            .get('/properties/details?siteID=123&role=Admin')
+            .set('Cookie', `token=${token}`)
+            .send();
+        expect(res.statusCode).toBe(403);
+        expect(res.body.message).toBe(
+            `Permission 'PROPERTY_SEARCH' is not available for this user`,
+        );
+        token = jwt.sign(SampleSuperAdminTokenPayload, JWT_SECRET, {
+            expiresIn: 30 * 60 * 1000,
+        });
+    });
+
     test('/details Throw 404 not found error', async () => {
         jest.spyOn(axios, 'get').mockRejectedValueOnce({
             response: {
@@ -179,6 +199,18 @@ describe('Properties endpoints', () => {
         expect(res.statusCode).toBe(404);
     });
 
+    test('/details should throw 404 error on unknown jwt error', async () => {
+        jest.spyOn(auth, 'decodingJWT').mockImplementationOnce(() => {
+            throw new Error('Oops!');
+        });
+        const res = await request(app)
+            .get('/properties/details?siteID=123&role=Admin')
+            .set('Cookie', `token=${token}`)
+            .send();
+        expect(res.statusCode).toBe(404);
+        expect(res.body.message).toBe('Oops!');
+    });
+
     test('/details Throw 500 error', async () => {
         jest.spyOn(axios, 'get').mockRejectedValueOnce(new Error());
         const res = await request(app)