import { createUser, renderApp, screen } from '@/testing/test-utils'; import { Authorization, ROLES } from '../authorization'; test('should view protected resource if user role is matching', async () => { const user = await createUser({ role: ROLES.ADMIN, }); const protectedResource = 'This is very confidential data'; await renderApp( {protectedResource} , { user, }, ); expect(screen.getByText(protectedResource)).toBeInTheDocument(); }); test('should not view protected resource if user role does not match and show fallback message instead', async () => { const user = await createUser({ role: ROLES.USER, }); const protectedResource = 'This is very confidential data'; const forbiddenMessage = 'You are unauthorized to view this resource'; await renderApp( {forbiddenMessage}} allowedRoles={[ROLES.ADMIN]} > {protectedResource} , { user }, ); expect(screen.queryByText(protectedResource)).not.toBeInTheDocument(); expect(screen.getByText(forbiddenMessage)).toBeInTheDocument(); }); test('should view protected resource if policy check passes', async () => { const user = await createUser({ role: ROLES.ADMIN, }); const protectedResource = 'This is very confidential data'; await renderApp( {protectedResource}, { user }, ); expect(screen.getByText(protectedResource)).toBeInTheDocument(); }); test('should not view protected resource if policy check fails and show fallback message instead', async () => { const user = await createUser({ role: ROLES.USER, }); const protectedResource = 'This is very confidential data'; const forbiddenMessage = 'You are unauthorized to view this resource'; await renderApp( {forbiddenMessage}} policyCheck={false} > {protectedResource} , { user }, ); expect(screen.queryByText(protectedResource)).not.toBeInTheDocument(); expect(screen.getByText(forbiddenMessage)).toBeInTheDocument(); });