add better tests

Author: devksingh4

package.json

@@ -13,8 +13,8 @@
     "lockfile-manage": "synp --source-file yarn.lock && cp package-lock.json dist/src/ && rm package-lock.json",
     "typecheck": "tsc --noEmit",
     "lint": "eslint . --ext .ts --cache",
-    "prettier": "prettier --check src/*.ts src/**/*.ts",
-    "prettier:write": "prettier --write src/*.ts src/**/*.ts",
+    "prettier": "prettier --check src/*.ts src/**/*.ts tests/**/*.ts",
+    "prettier:write": "prettier --write src/*.ts src/**/*.ts tests/**/*.ts",
     "prepare": "node .husky/install.mjs || true",
     "lint-staged": "lint-staged",
     "test:unit": "cross-env APPLICATION_KEY=infra-events-api vitest tests/unit",

src/config.ts

@@ -35,6 +35,7 @@ const environmentConfig: EnvironmentConfigType = {
       "940e4f9e-6891-4e28-9e29-148798495cdb": [AppRoles.MANAGER], // ACM Infra Team
       "f8dfc4cf-456b-4da3-9053-f7fdeda5d5d6": [AppRoles.MANAGER], // Infra Leads
       "0": [AppRoles.MANAGER], // Dummy Group for development only
+      "1": [AppRoles.PUBLIC], // Dummy Group for development only
     },
     AzureRoleMapping: { AutonomousWriters: [AppRoles.MANAGER] },
     ValidCorsOrigins: [

src/roles.ts

@@ -3,4 +3,5 @@ export const runEnvironments = ["dev", "prod"] as const;
 export type RunEnvironment = (typeof runEnvironments)[number];
 export enum AppRoles {
   MANAGER = "manage:events",
+  PUBLIC = "public",
 }

src/routes/events.ts

@@ -89,7 +89,7 @@ const eventsPlugin: FastifyPluginAsync = async (fastify, _options) => {
         );
         reply.send({
           id: entryUUID,
-          resource: `/api/v1/entry/${entryUUID}`,
+          resource: `/api/v1/event/${entryUUID}`,
         });
       } catch (e: unknown) {
         if (e instanceof Error) {

tests/unit/auth.test.ts

@@ -1,4 +1,4 @@
-import { expect, test } from "vitest";
+import { expect, test, vi } from "vitest";
 import {
   GetSecretValueCommand,
   SecretsManagerClient,
@@ -11,11 +11,26 @@ import jwt from "jsonwebtoken";
 const ddbMock = mockClient(SecretsManagerClient);
 
 const app = await init();
-
-function createJwt() {
-  const jwt_secret = secretObject["jwt_key"];
-  return jwt.sign(jwtPayload, jwt_secret, { algorithm: "HS256" });
+const jwt_secret = secretObject["jwt_key"];
+export function createJwt(date?: Date, group?: string) {
+  let modifiedPayload = jwtPayload;
+  if (date) {
+    const nowMs = Math.floor(date.valueOf() / 1000);
+    const laterMs = nowMs + 3600 * 24;
+    modifiedPayload = {
+      ...jwtPayload,
+      iat: nowMs,
+      nbf: nowMs,
+      exp: laterMs,
+    };
+  }
+  if (group) {
+    modifiedPayload["groups"][0] = group;
+  }
+  return jwt.sign(modifiedPayload, jwt_secret, { algorithm: "HS256" });
 }
+vi.stubEnv("JwtSigningKey", jwt_secret);
+
 const testJwt = createJwt();
 
 test("Test happy path", async () => {

tests/unit/eventPost.test.ts

@@ -0,0 +1,202 @@
+import { afterAll, expect, test, beforeEach, vi } from "vitest";
+import { DynamoDBClient, PutItemCommand } from "@aws-sdk/client-dynamodb";
+import { mockClient } from "aws-sdk-client-mock";
+import init from "../../src/index.js";
+import { createJwt } from "./auth.test.js";
+import {
+  GetSecretValueCommand,
+  SecretsManagerClient,
+} from "@aws-sdk/client-secrets-manager";
+import { secretJson, secretObject } from "./secret.testdata.js";
+import supertest from "supertest";
+
+const ddbMock = mockClient(DynamoDBClient);
+const smMock = mockClient(SecretsManagerClient);
+const jwt_secret = secretObject["jwt_key"];
+vi.stubEnv("JwtSigningKey", jwt_secret);
+
+const app = await init();
+
+test("Sad path: Not authenticated", async () => {
+  await app.ready();
+  const response = await supertest(app.server).post("/api/v1/events").send({
+    description: "Test paid event.",
+    end: "2024-09-25T19:00:00",
+    featured: true,
+    host: "Social Committee",
+    location: "Illini Union",
+    start: "2024-09-25T18:00:00",
+    title: "Fall Semiformal",
+    paidEventId: "sp24_semiformal",
+  });
+
+  expect(response.statusCode).toBe(403);
+});
+
+test("Sad path: Authenticated but not authorized", async () => {
+  await app.ready();
+  const testJwt = createJwt(undefined, "1");
+  const response = await supertest(app.server)
+    .post("/api/v1/events")
+    .set("Authorization", `Bearer ${testJwt}`)
+    .send({
+      description: "Test paid event.",
+      end: "2024-09-25T19:00:00",
+      featured: true,
+      host: "Social Committee",
+      location: "Illini Union",
+      start: "2024-09-25T18:00:00",
+      title: "Fall Semiformal",
+      paidEventId: "sp24_semiformal",
+    });
+  expect(response.statusCode).toBe(401);
+});
+test("Sad path: Prevent empty body request", async () => {
+  await app.ready();
+  const testJwt = createJwt(undefined, "0");
+  const response = await supertest(app.server)
+    .post("/api/v1/events")
+    .set("Authorization", `Bearer ${testJwt}`)
+    .send();
+  expect(response.statusCode).toBe(400);
+  expect(response.body).toStrictEqual({
+    error: true,
+    name: "ValidationError",
+    id: 104,
+    message: "Required",
+  });
+});
+test("Sad path: Prevent specifying repeatEnds on non-repeating events", async () => {
+  ddbMock.on(PutItemCommand).resolves({});
+  smMock.on(GetSecretValueCommand).resolves({
+    SecretString: secretJson,
+  });
+  const testJwt = createJwt();
+  await app.ready();
+  const response = await supertest(app.server)
+    .post("/api/v1/events")
+    .set("authorization", `Bearer ${testJwt}`)
+    .send({
+      description: "Test paid event.",
+      end: "2024-09-25T19:00:00",
+      featured: false,
+      host: "Social Committee",
+      location: "Illini Union",
+      start: "2024-09-25T18:00:00",
+      title: "Fall Semiformal",
+      repeatEnds: "2024-09-25T18:00:00",
+      paidEventId: "sp24_semiformal",
+    });
+
+  expect(response.statusCode).toBe(400);
+  expect(response.body).toStrictEqual({
+    error: true,
+    name: "ValidationError",
+    id: 104,
+    message: "repeats is required when repeatEnds is defined",
+  });
+});
+
+test("Sad path: Prevent specifying unknown repeat frequencies", async () => {
+  ddbMock.on(PutItemCommand).resolves({});
+  smMock.on(GetSecretValueCommand).resolves({
+    SecretString: secretJson,
+  });
+  const testJwt = createJwt();
+  await app.ready();
+  const response = await supertest(app.server)
+    .post("/api/v1/events")
+    .set("authorization", `Bearer ${testJwt}`)
+    .send({
+      description: "Test paid event.",
+      end: "2024-09-25T19:00:00",
+      featured: false,
+      host: "Social Committee",
+      location: "Illini Union",
+      start: "2024-09-25T18:00:00",
+      title: "Fall Semiformal",
+      repeats: "forever_and_ever",
+      paidEventId: "sp24_semiformal",
+    });
+
+  expect(response.statusCode).toBe(400);
+  expect(response.body).toStrictEqual({
+    error: true,
+    name: "ValidationError",
+    id: 104,
+    message: `Invalid enum value. Expected 'weekly' | 'biweekly', received 'forever_and_ever' at "repeats"`,
+  });
+});
+
+test("Happy path: Adding a non-repeating, featured, paid event", async () => {
+  ddbMock.on(PutItemCommand).resolves({});
+  smMock.on(GetSecretValueCommand).resolves({
+    SecretString: secretJson,
+  });
+  const testJwt = createJwt();
+  await app.ready();
+  const response = await supertest(app.server)
+    .post("/api/v1/events")
+    .set("authorization", `Bearer ${testJwt}`)
+    .send({
+      description: "Test paid event.",
+      end: "2024-09-25T19:00:00",
+      featured: true,
+      host: "Social Committee",
+      location: "Illini Union",
+      start: "2024-09-25T18:00:00",
+      title: "Fall Semiformal",
+      paidEventId: "sp24_semiformal",
+    });
+
+  expect(response.statusCode).toBe(200);
+  const responseDataJson = response.body as { id: string; resource: string };
+  expect(responseDataJson).toHaveProperty("id");
+  const uuid = responseDataJson["id"];
+  expect(responseDataJson).toEqual({
+    id: uuid,
+    resource: `/api/v1/event/${uuid}`,
+  });
+});
+
+test("Happy path: Adding a weekly repeating, non-featured, paid event", async () => {
+  ddbMock.on(PutItemCommand).resolves({});
+  smMock.on(GetSecretValueCommand).resolves({
+    SecretString: secretJson,
+  });
+  const testJwt = createJwt();
+  await app.ready();
+  const response = await supertest(app.server)
+    .post("/api/v1/events")
+    .set("authorization", `Bearer ${testJwt}`)
+    .send({
+      description: "Test paid event.",
+      end: "2024-09-25T19:00:00",
+      featured: false,
+      host: "Social Committee",
+      location: "Illini Union",
+      start: "2024-09-25T18:00:00",
+      title: "Fall Semiformal",
+      repeats: "weekly",
+      paidEventId: "sp24_semiformal",
+    });
+
+  expect(response.statusCode).toBe(200);
+  const responseDataJson = response.body as { id: string; resource: string };
+  expect(responseDataJson).toHaveProperty("id");
+  const uuid = responseDataJson["id"];
+  expect(responseDataJson).toEqual({
+    id: uuid,
+    resource: `/api/v1/event/${uuid}`,
+  });
+});
+
+afterAll(async () => {
+  await app.close();
+  vi.useRealTimers();
+});
+beforeEach(() => {
+  ddbMock.reset();
+  smMock.reset();
+  vi.useFakeTimers();
+});

tests/unit/events.test.ts

@@ -1,5 +1,9 @@
 import { afterAll, expect, test, beforeEach, vi } from "vitest";
-import { ScanCommand, DynamoDBClient } from "@aws-sdk/client-dynamodb";
+import {
+  ScanCommand,
+  DynamoDBClient,
+  PutItemCommand,
+} from "@aws-sdk/client-dynamodb";
 import { mockClient } from "aws-sdk-client-mock";
 import init from "../../src/index.js";
 import { EventGetResponse } from "../../src/routes/events.js";
@@ -8,8 +12,18 @@ import {
   dynamoTableDataUnmarshalled,
   dynamoTableDataUnmarshalledUpcomingOnly,
 } from "./mockEventData.testdata.js";
+import { createJwt } from "./auth.test.js";
+import {
+  GetSecretValueCommand,
+  SecretsManagerClient,
+} from "@aws-sdk/client-secrets-manager";
+import { secretJson, secretObject } from "./secret.testdata.js";
+import supertest from "supertest";
 
 const ddbMock = mockClient(DynamoDBClient);
+const smMock = mockClient(SecretsManagerClient);
+const jwt_secret = secretObject["jwt_key"];
+vi.stubEnv("JwtSigningKey", jwt_secret);
 
 const app = await init();
 test("Test getting events", async () => {