/packages/backend/core/projection/users_test.go at a63ad39ad0b79f475eee3d4c22514d3532e0e15c

// SPDX-FileCopyrightText: 2025 Shota FUJI <pockawoooh@gmail.com>
// SPDX-License-Identifier: AGPL-3.0-only

package projection_test

import (
	"database/sql"
	"io"
	"log/slog"
	"testing"

	eventV1 "pocka.jp/x/yamori/proto/go/backend/events/v1"
	"pocka.jp/x/yamori/proto/go/backend/workspace/v1/types"

	"pocka.jp/x/yamori/backend/core"
	"pocka.jp/x/yamori/backend/core/event"
	"pocka.jp/x/yamori/backend/core/projection"
	workspaceEvent "pocka.jp/x/yamori/backend/events/workspace"

	_ "modernc.org/sqlite"
)

// Permission メッセージのフィールド番号の最も大きい数字
const PERMISSION_MAX_NUMBER = 12

func TestUserPermissions(t *testing.T) {
	logger := slog.New(slog.NewTextHandler(io.Discard, nil))
	db, err := sql.Open("sqlite", ":memory:")
	if err != nil {
		t.Fatal(err)
	}

	core, err := core.New(db, logger)
	if err != nil {
		t.Fatal(err)
	}

	tx, err := core.DB.Begin()
	if err != nil {
		t.Fatal(err)
	}

	err = event.AppendEvents(tx, []*eventV1.Event{
		workspaceEvent.CreateUser("foo", "foo", "Foo", []byte{}),
		workspaceEvent.GrantPermission("foo", []types.Permission{
			types.Permission_PERMISSION_DELETE_REGULAR_USER,
			types.Permission_PERMISSION_ADD_REGULAR_USER,
		}),
		workspaceEvent.RevokePermission("foo", []types.Permission{
			types.Permission_PERMISSION_DELETE_REGULAR_USER,
			types.Permission_PERMISSION_EDIT_WORKSPACE_PROFILE,
		}),
	})
	if err != nil {
		t.Fatal(err)
	}

	p, err := projection.GetUsers(tx)
	if err != nil {
		t.Fatal(err)
	}

	if err := event.UpdateProjections(tx, p); err != nil {
		t.Fatal(err)
	}

	for _, u := range p.Projection.Users {
		if u.GetId() == "foo" {
			if len(u.Permissions) != 1 {
				t.Errorf("Expected a slice of length of 1, got length of %d", len(u.Permissions))
			}

			if u.Permissions[0] != types.Permission_PERMISSION_ADD_REGULAR_USER {
				t.Errorf("Expected ADD_REGULAR_USER, got %v", u.Permissions[0])
			}

			return
		}
	}

	t.Errorf("User foo not created")
}

func TestAdminHaveFullPermissions(t *testing.T) {
	logger := slog.New(slog.NewTextHandler(io.Discard, nil))
	db, err := sql.Open("sqlite", ":memory:")
	if err != nil {
		t.Fatal(err)
	}

	core, err := core.New(db, logger)
	if err != nil {
		t.Fatal(err)
	}

	tx, err := core.DB.Begin()
	if err != nil {
		t.Fatal(err)
	}

	err = event.AppendEvents(tx, []*eventV1.Event{
		workspaceEvent.CreateUser("foo", "foo", "Foo", []byte{}),
		workspaceEvent.GrantAdminAccess("foo"),
		workspaceEvent.GrantPermission("foo", []types.Permission{
			types.Permission_PERMISSION_ADD_REGULAR_USER,
		}),
		workspaceEvent.RevokePermission("foo", []types.Permission{
			types.Permission_PERMISSION_EDIT_WORKSPACE_PROFILE,
		}),
	})
	if err != nil {
		t.Fatal(err)
	}

	p, err := projection.GetUsers(tx)
	if err != nil {
		t.Fatal(err)
	}

	if err := event.UpdateProjections(tx, p); err != nil {
		t.Fatal(err)
	}

	for _, u := range p.Projection.Users {
		if u.GetId() == "foo" {
			if len(u.Permissions) != PERMISSION_MAX_NUMBER {
				t.Errorf(
					"Expected a slice of length of %d, got length of %d",
					PERMISSION_MAX_NUMBER,
					len(u.Permissions),
				)
			}

			return
		}
	}

	t.Errorf("User foo not created")
}