80 lines
2.1 KiB
TypeScript
80 lines
2.1 KiB
TypeScript
import { api, API_CLIENT } from '../../../utils/api.ts';
|
|
import * as asserts from 'jsr:@std/assert';
|
|
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from '../../helpers.ts';
|
|
import { generateTotp } from '@stdext/crypto/totp';
|
|
|
|
Deno.test({
|
|
name: 'API - ROOMS - Create',
|
|
permissions: {
|
|
env: true,
|
|
read: true,
|
|
write: true,
|
|
net: true
|
|
},
|
|
fn: async () => {
|
|
let test_server_info: EPHEMERAL_SERVER | null = null;
|
|
try {
|
|
test_server_info = await get_ephemeral_listen_server();
|
|
const client: API_CLIENT = api({
|
|
prefix: '/api',
|
|
hostname: test_server_info.hostname,
|
|
port: test_server_info.port
|
|
});
|
|
|
|
const user_info = await get_new_user(client);
|
|
|
|
try {
|
|
const _permission_denied_room = await client.fetch('/rooms', {
|
|
method: 'POST',
|
|
headers: {
|
|
'x-session_id': user_info.session.id,
|
|
'x-totp': await generateTotp(user_info.session.secret)
|
|
},
|
|
json: {
|
|
name: 'this should not be allowed'
|
|
}
|
|
});
|
|
|
|
asserts.fail('allowed creation of a room without room creation permissions');
|
|
} catch (error) {
|
|
asserts.assertEquals((error as Error).cause, 'permission_denied');
|
|
}
|
|
|
|
await set_user_permissions(client, user_info.user, user_info.session, [...user_info.user.permissions, 'rooms.create']);
|
|
|
|
try {
|
|
const _too_long_name_room = await client.fetch('/rooms', {
|
|
method: 'POST',
|
|
headers: {
|
|
'x-session_id': user_info.session.id,
|
|
'x-totp': await generateTotp(user_info.session.secret)
|
|
},
|
|
json: {
|
|
name: 'X'.repeat(1024)
|
|
}
|
|
});
|
|
|
|
asserts.fail('allowed creation of a room with an excessively long name');
|
|
} catch (error) {
|
|
asserts.assertEquals((error as Error).cause, 'invalid_room_name');
|
|
}
|
|
|
|
const new_room = await client.fetch('/rooms', {
|
|
method: 'POST',
|
|
headers: {
|
|
'x-session_id': user_info.session.id,
|
|
'x-totp': await generateTotp(user_info.session.secret)
|
|
},
|
|
json: {
|
|
name: 'test room'
|
|
}
|
|
});
|
|
|
|
asserts.assert(new_room);
|
|
} finally {
|
|
if (test_server_info) {
|
|
await test_server_info?.server?.stop();
|
|
}
|
|
}
|
|
}
|
|
});
|