Change implementation & test

(#131)
kitcc-org · Nov 12, 2024 · f668e65 · f668e65
1 parent 73792a2
commit f668e65
Show file tree

Hide file tree

Showing 3 changed files with 80 additions and 18 deletions.
diff --git a/backend/src/api/user.ts b/backend/src/api/user.ts
@@ -199,6 +199,16 @@ app.get(
 		}
 	}),
 	async (ctx) => {
+		const authed = await isLoggedIn(ctx);
+		if (!authed) {
+			return ctx.json(
+				{
+					message: 'Unauthorized',
+				},
+				401,
+			);
+		}
+
 		const param = ctx.req.valid('param');
 		const id = parseInt(param['userId']);
 

diff --git a/backend/test/api/user.test.ts b/backend/test/api/user.test.ts
@@ -19,29 +19,78 @@ describe('GET /users/:userId', () => {
 		userFactory.resetSequenceNumber();
 	});
 
-	it('should return correct user', async () => {
-		const response = await app.request(`/users/1`, {}, env);
-		const result = await response.json();
+	loggedInTest(
+		'should return correct user',
+		async ({ currentUser, sessionToken }) => {
+			const response = await app.request(
+				`/users/${currentUser.id}`,
+				{
+					headers: {
+						Cookie: [
+							`__Secure-user_id=${currentUser.id}`,
+							`__Secure-session_token=${sessionToken}`,
+						].join('; '),
+					},
+				},
+				env,
+			);
+			const result = await response.json();
 
-		expect(response.status).toBe(200);
+			expect(response.status).toBe(200);
 
-		const { passwordDigest, ...rest } = user;
-		expect(result).toMatchObject(rest);
-	});
+			const { passwordDigest, ...rest } = currentUser;
+			expect(result).toMatchObject(rest);
+		},
+	);
+
+	loggedInTest(
+		'should return 400 when userId is not a number',
+		async ({ currentUser, sessionToken }) => {
+			const response = await app.request(
+				// userIdに数字以外を指定する
+				`/users/id`,
+				{
+					headers: {
+						Cookie: [
+							`__Secure-user_id=${currentUser.id}`,
+							`__Secure-session_token=${sessionToken}`,
+						].join('; '),
+					},
+				},
+				env,
+			);
 
-	it('should return 400 when userId is not a number', async () => {
-		// userIdに数字以外を指定する
-		const response = await app.request(`/users/id`, {}, env);
+			expect(response.status).toBe(400);
+		},
+	);
 
-		expect(response.status).toBe(400);
+	it('should return 401 when not logged in', async () => {
+		// Cookieを指定しない
+		const response = await app.request(`/users/1`, {});
+
+		expect(response.status).toBe(401);
 	});
 
-	it('should return 404 when user is not found', async () => {
-		// 存在しないuserIdを指定する
-		const response = await app.request(`/users/100`, {}, env);
+	loggedInTest(
+		'should return 404 when user is not found',
+		async ({ currentUser, sessionToken }) => {
+			const response = await app.request(
+				// 存在しないuserIdを指定する
+				`/users/100`,
+				{
+					headers: {
+						Cookie: [
+							`__Secure-user_id=${currentUser.id}`,
+							`__Secure-session_token=${sessionToken}`,
+						].join('; '),
+					},
+				},
+				env,
+			);
 
-		expect(response.status).toBe(404);
-	});
+			expect(response.status).toBe(404);
+		},
+	);
 });
 
 describe('PATCH /users/:userId', () => {

diff --git a/backend/test/api/users.test.ts b/backend/test/api/users.test.ts
@@ -8,7 +8,10 @@ import { userFactory } from '../factories/user';
 
 interface GetUsersResponse {
 	totalUser: number;
-	users: SelectUser[];
+	users: {
+		id: number;
+		name: string;
+	}[];
 }
 
 describe('GET /users', () => {
@@ -63,7 +66,7 @@ describe('GET /users', () => {
 
 		const body: GetUsersResponse = await response.json();
 		expect(body.totalUser).toBe(1);
-		expect(body.users).toContainEqual(firstUser);
+		expect(firstUser).toEqual(expect.objectContaining(body.users[0]));
 	});
 
 	it('should return 400 when page is not a number', async () => {