import { beforeAll, beforeEach, describe, expect, it } from 'vitest'; import { PgAuthenticatedEndUser, PgAuthenticatedManagementSubject, } from './authentication-subject'; import { buildAuthPgSettings, buildEndUserAuthPgSettings, buildPgSettings, } from './helpers'; describe('helpers', () => { let namedSubject: PgAuthenticatedManagementSubject; let completeSubject: PgAuthenticatedManagementSubject; beforeEach(async () => { namedSubject = { name: 'username', tenantId: '', environmentId: '', permissions: {}, }; completeSubject = { name: 'username', tenantId: 'tenant-id', environmentId: 'environment-id', permissions: { 'test-service-id': ['T1', 'T2'], 'test-service-id2': ['T3', 'T4'], }, tags: ['Tag1', 'Tag2'], sub: 'some-sub', }; }); describe('buildPgSettings', () => { it(`subject is undefined -> returns expected object`, () => { // Act const result = buildPgSettings(undefined, 'gql-role', 'test-service-id'); // Assert expect(result).toEqual({ role: 'gql-role', 'mosaic.auth.subject_name': 'Anonymous', 'mosaic.auth.permissions': '', 'mosaic.auth.tags': '', 'mosaic.environment_id': '', 'pgmemento.session_info': '{}', 'mosaic.tenant_id': '', 'axinom.auth.user': 'Anonymous', 'axinom.auth.tenantId': '', 'axinom.auth.applicationId': '', 'axinom.auth.permissions': '', 'axinom.auth.tags': '', }); }); it(`subject with only name -> returns expected object`, () => { // Act const result = buildPgSettings( namedSubject, 'gql-role', 'test-service-id', ); // Assert expect(result).toEqual({ role: 'gql-role', 'mosaic.auth.subject_name': 'username', 'mosaic.auth.permissions': '', 'mosaic.auth.tags': '', 'mosaic.environment_id': '', 'pgmemento.session_info': '{"environmentId":"","tenantId":""}', 'mosaic.tenant_id': '', 'axinom.auth.user': 'username', 'axinom.auth.tenantId': '', 'axinom.auth.applicationId': '', 'axinom.auth.permissions': '', 'axinom.auth.tags': '', }); }); it(`subject with all relevant properties -> returns expected object`, () => { // Act const result = buildPgSettings( completeSubject, 'gql-role', 'test-service-id', ); // Assert expect(result).toEqual({ role: 'gql-role', 'mosaic.auth.permissions': 'T1,T2', 'mosaic.auth.subject_name': 'username', 'mosaic.auth.tags': 'Tag1,Tag2', 'mosaic.environment_id': 'environment-id', 'pgmemento.session_info': '{"environmentId":"environment-id","tenantId":"tenant-id","sub":"some-sub"}', 'mosaic.tenant_id': 'tenant-id', 'axinom.auth.user': 'username', 'axinom.auth.tenantId': 'tenant-id', 'axinom.auth.applicationId': 'environment-id', 'axinom.auth.permissions': 'T1,T2', 'axinom.auth.tags': 'Tag1,Tag2', }); }); it(`subject with all relevant properties with call without serviceId -> returns expected object without permissions and tags`, () => { // Act const result = buildPgSettings(completeSubject, 'gql-role'); // Assert expect(result).toEqual({ role: 'gql-role', 'mosaic.auth.subject_name': 'username', 'mosaic.environment_id': 'environment-id', 'pgmemento.session_info': '{"environmentId":"environment-id","tenantId":"tenant-id","sub":"some-sub"}', 'mosaic.tenant_id': 'tenant-id', 'axinom.auth.user': 'username', 'axinom.auth.tenantId': 'tenant-id', 'axinom.auth.applicationId': 'environment-id', }); }); }); describe('buildAuthPgSettings', () => { it(`subject with only name -> returns expected object`, () => { // Act const result = buildAuthPgSettings(namedSubject, 'test-service-id'); // Assert expect(result).toEqual({ 'mosaic.auth.subject_name': 'username', 'mosaic.auth.permissions': '', 'mosaic.auth.tags': '', 'mosaic.environment_id': '', 'pgmemento.session_info': '{"environmentId":"","tenantId":""}', 'mosaic.tenant_id': '', 'axinom.auth.user': 'username', 'axinom.auth.tenantId': '', 'axinom.auth.applicationId': '', 'axinom.auth.permissions': '', 'axinom.auth.tags': '', }); }); it(`subject with all relevant properties -> returns expected object`, () => { // Act const result = buildAuthPgSettings(completeSubject, 'test-service-id'); // Assert expect(result).toEqual({ 'mosaic.auth.permissions': 'T1,T2', 'mosaic.auth.subject_name': 'username', 'mosaic.auth.tags': 'Tag1,Tag2', 'mosaic.environment_id': 'environment-id', 'pgmemento.session_info': '{"environmentId":"environment-id","tenantId":"tenant-id","sub":"some-sub"}', 'mosaic.tenant_id': 'tenant-id', 'axinom.auth.user': 'username', 'axinom.auth.tenantId': 'tenant-id', 'axinom.auth.applicationId': 'environment-id', 'axinom.auth.permissions': 'T1,T2', 'axinom.auth.tags': 'Tag1,Tag2', }); }); it(`subject with all relevant properties with call without serviceId -> returns expected object without permissions and tags`, () => { // Act const result = buildAuthPgSettings(completeSubject); // Assert expect(result).toEqual({ 'mosaic.auth.subject_name': 'username', 'mosaic.environment_id': 'environment-id', 'pgmemento.session_info': '{"environmentId":"environment-id","tenantId":"tenant-id","sub":"some-sub"}', 'mosaic.tenant_id': 'tenant-id', 'axinom.auth.user': 'username', 'axinom.auth.tenantId': 'tenant-id', 'axinom.auth.applicationId': 'environment-id', }); }); }); describe('buildEndUserPgSettings', () => { let endUser: PgAuthenticatedEndUser; beforeAll(() => { endUser = { name: 'username', tenantId: '', environmentId: '', sub: '', profileId: '', }; }); it(`AuthenticatedEndUser with only name -> returns only name`, () => { // Act const result = buildEndUserAuthPgSettings(endUser, 'gql-role'); // Assert expect(result).toEqual({ role: 'gql-role', 'mosaic.auth.subject_name': 'username', 'mosaic.auth.user_id': '', 'mosaic.environment_id': '', 'mosaic.tenant_id': '', 'mosaic.auth.profile_id': '', }); }); it(`AuthenticatedEndUser with all properties -> returns expected object`, () => { // Arrange endUser.environmentId = 'environment-id'; endUser.tenantId = 'tenant-id'; endUser.sub = 'subject-id'; endUser.profileId = 'profile-id'; // Act const result = buildEndUserAuthPgSettings(endUser, 'gql-role'); // Assert expect(result).toEqual({ role: 'gql-role', 'mosaic.auth.subject_name': 'username', 'mosaic.auth.user_id': 'subject-id', 'mosaic.environment_id': 'environment-id', 'mosaic.tenant_id': 'tenant-id', 'mosaic.auth.profile_id': 'profile-id', }); }); }); });