autonomous.contact/tests/05_update_topic.test.ts

import { api, API_CLIENT } from '../utils/api.ts';
import * as asserts from '@std/assert';
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from './helpers.ts';
import { generateTotp } from '../utils/totp.ts';
import { clear_topic_events_cache } from '../models/event.ts';

Deno.test({
	name: 'API - TOPICS - Update',
	permissions: {
		env: true,
		read: true,
		write: true,
		net: true
	},
	fn: async () => {
		let test_server_info: EPHEMERAL_SERVER | null = null;
		try {
			test_server_info = await get_ephemeral_listen_server();
			const client: API_CLIENT = api({
				prefix: '/api',
				hostname: test_server_info.hostname,
				port: test_server_info.port
			});

			const info = await get_new_user(client);

			await set_user_permissions(client, info.user, info.session, [...info.user.permissions, 'topics.create']);

			const new_topic = await client.fetch('/topics', {
				method: 'POST',
				headers: {
					'x-session_id': info.session.id,
					'x-totp': await generateTotp(info.session.secret)
				},
				json: {
					name: 'test update topic'
				}
			});

			asserts.assert(new_topic);

			const other_user_info = await get_new_user(client, {}, info);

			try {
				const _permission_denied_topic = await client.fetch(`/topics/${new_topic.id}`, {
					method: 'PUT',
					headers: {
						'x-session_id': other_user_info.session.id,
						'x-totp': await generateTotp(other_user_info.session.secret)
					},
					json: {
						name: 'this should not be allowed'
					}
				});

				asserts.fail('allowed updating a topic owned by someone else');
			} catch (error) {
				asserts.assertEquals((error as Error).cause, 'permission_denied');
			}

			const updated_by_owner_topic = await client.fetch(`/topics/${new_topic.id}`, {
				method: 'PUT',
				headers: {
					'x-session_id': info.session.id,
					'x-totp': await generateTotp(info.session.secret)
				},
				json: {
					topic: 'this is a new topic',
					permissions: {
						...new_topic.permissions,
						write: [...new_topic.permissions.write, other_user_info.user.id]
					}
				}
			});

			asserts.assert(updated_by_owner_topic);
			asserts.assertEquals(updated_by_owner_topic.topic, 'this is a new topic');
			asserts.assertEquals(updated_by_owner_topic.permissions.write, [info.user.id, other_user_info.user.id]);

			const updated_by_other_user_topic = await client.fetch(`/topics/${new_topic.id}`, {
				method: 'PUT',
				headers: {
					'x-session_id': other_user_info.session.id,
					'x-totp': await generateTotp(other_user_info.session.secret)
				},
				json: {
					topic: 'this is a newer topic'
				}
			});

			asserts.assert(updated_by_other_user_topic);
			asserts.assertEquals(updated_by_other_user_topic.topic, 'this is a newer topic');
			asserts.assertEquals(updated_by_other_user_topic.permissions.write, [info.user.id, other_user_info.user.id]);

			await delete_user(client, other_user_info);
			await delete_user(client, info);
		} finally {
			clear_topic_events_cache();
			if (test_server_info) {
				await test_server_info?.server?.stop();
			}
		}
	}
});
feature: require invites 2025-10-08 14:42:01 -07:00			`import { api, API_CLIENT } from '../utils/api.ts';`
refactor: use sync bcrypt to avoid issues with worker perms refactor: fix up includes 2025-07-24 12:09:24 -07:00			`import * as asserts from '@std/assert';`
feature: require invites 2025-10-08 14:42:01 -07:00			`import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from './helpers.ts';`
			`import { generateTotp } from '../utils/totp.ts';`
			`import { clear_topic_events_cache } from '../models/event.ts';`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00
			`Deno.test({`
refactor: zones => topics 2025-09-10 12:51:27 -07:00			`name: 'API - TOPICS - Update',`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00			`permissions: {`
			`env: true,`
			`read: true,`
			`write: true,`
			`net: true`
			`},`
			`fn: async () => {`
			`let test_server_info: EPHEMERAL_SERVER \| null = null;`
			`try {`
			`test_server_info = await get_ephemeral_listen_server();`
			`const client: API_CLIENT = api({`
			`prefix: '/api',`
			`hostname: test_server_info.hostname,`
			`port: test_server_info.port`
			`});`

feature: require invites 2025-10-08 14:42:01 -07:00			`const info = await get_new_user(client);`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00
feature: require invites 2025-10-08 14:42:01 -07:00			`await set_user_permissions(client, info.user, info.session, [...info.user.permissions, 'topics.create']);`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00
refactor: zones => topics 2025-09-10 12:51:27 -07:00			`const new_topic = await client.fetch('/topics', {`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00			`method: 'POST',`
			`headers: {`
feature: require invites 2025-10-08 14:42:01 -07:00			`'x-session_id': info.session.id,`
			`'x-totp': await generateTotp(info.session.secret)`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00			`},`
			`json: {`
refactor: zones => topics 2025-09-10 12:51:27 -07:00			`name: 'test update topic'`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00			`}`
			`});`

refactor: zones => topics 2025-09-10 12:51:27 -07:00			`asserts.assert(new_topic);`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00
feature: require invites 2025-10-08 14:42:01 -07:00			`const other_user_info = await get_new_user(client, {}, info);`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00
			`try {`
refactor: zones => topics 2025-09-10 12:51:27 -07:00			const _permission_denied_topic = await client.fetch(`/topics/${new_topic.id}`, {
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00			`method: 'PUT',`
			`headers: {`
			`'x-session_id': other_user_info.session.id,`
			`'x-totp': await generateTotp(other_user_info.session.secret)`
			`},`
			`json: {`
			`name: 'this should not be allowed'`
			`}`
			`});`

refactor: zones => topics 2025-09-10 12:51:27 -07:00			`asserts.fail('allowed updating a topic owned by someone else');`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00			`} catch (error) {`
			`asserts.assertEquals((error as Error).cause, 'permission_denied');`
			`}`

refactor: zones => topics 2025-09-10 12:51:27 -07:00			const updated_by_owner_topic = await client.fetch(`/topics/${new_topic.id}`, {
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00			`method: 'PUT',`
			`headers: {`
feature: require invites 2025-10-08 14:42:01 -07:00			`'x-session_id': info.session.id,`
			`'x-totp': await generateTotp(info.session.secret)`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00			`},`
			`json: {`
			`topic: 'this is a new topic',`
			`permissions: {`
refactor: zones => topics 2025-09-10 12:51:27 -07:00			`...new_topic.permissions,`
			`write: [...new_topic.permissions.write, other_user_info.user.id]`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00			`}`
			`}`
			`});`

refactor: zones => topics 2025-09-10 12:51:27 -07:00			`asserts.assert(updated_by_owner_topic);`
			`asserts.assertEquals(updated_by_owner_topic.topic, 'this is a new topic');`
feature: require invites 2025-10-08 14:42:01 -07:00			`asserts.assertEquals(updated_by_owner_topic.permissions.write, [info.user.id, other_user_info.user.id]);`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00
refactor: zones => topics 2025-09-10 12:51:27 -07:00			const updated_by_other_user_topic = await client.fetch(`/topics/${new_topic.id}`, {
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00			`method: 'PUT',`
			`headers: {`
			`'x-session_id': other_user_info.session.id,`
			`'x-totp': await generateTotp(other_user_info.session.secret)`
			`},`
			`json: {`
			`topic: 'this is a newer topic'`
			`}`
			`});`

refactor: zones => topics 2025-09-10 12:51:27 -07:00			`asserts.assert(updated_by_other_user_topic);`
			`asserts.assertEquals(updated_by_other_user_topic.topic, 'this is a newer topic');`
feature: require invites 2025-10-08 14:42:01 -07:00			`asserts.assertEquals(updated_by_other_user_topic.permissions.write, [info.user.id, other_user_info.user.id]);`

			`await delete_user(client, other_user_info);`
			`await delete_user(client, info);`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00			`} finally {`
refactor: zones => topics 2025-09-10 12:51:27 -07:00			`clear_topic_events_cache();`
feature: rooms and events implemented on the backend 2025-06-27 17:54:04 -07:00			`if (test_server_info) {`
			`await test_server_info?.server?.stop();`
			`}`
			`}`
			`}`
			`});`