218 lines
8.5 KiB
PL/PgSQL
218 lines
8.5 KiB
PL/PgSQL
begin;
|
|
select plan(38); -- Total number of tests
|
|
|
|
-- ============================================================================
|
|
-- RLS Enabled Tests
|
|
-- ============================================================================
|
|
|
|
SELECT is(
|
|
rls_enabled('public', 'notes'),
|
|
true,
|
|
'RLS should be enabled on notes table'
|
|
);
|
|
|
|
SELECT is(
|
|
rls_enabled('public', 'shared_notes'),
|
|
true,
|
|
'RLS should be enabled on shared_notes table'
|
|
);
|
|
|
|
SELECT is(
|
|
rls_enabled('public', 'note_access'),
|
|
true,
|
|
'RLS should be enabled on note_access table'
|
|
);
|
|
|
|
-- ============================================================================
|
|
-- Notes Table RLS Policies
|
|
-- ============================================================================
|
|
|
|
SELECT has_policy('public', 'notes', 'Users can view their own notes and public notes',
|
|
'Policy for viewing own and public notes should exist');
|
|
|
|
SELECT has_policy('public', 'notes', 'Users can insert their own notes',
|
|
'Policy for inserting own notes should exist');
|
|
|
|
SELECT has_policy('public', 'notes', 'Users can update their own notes',
|
|
'Policy for updating own notes should exist');
|
|
|
|
SELECT has_policy('public', 'notes', 'Users can delete their own notes',
|
|
'Policy for deleting own notes should exist');
|
|
|
|
SELECT has_policy('public', 'notes', 'Users can delete their own notes (soft)',
|
|
'Policy for soft deleting own notes should exist');
|
|
|
|
-- Test policy commands
|
|
SELECT policy_cmd_is('public', 'notes', 'Users can view their own notes and public notes', 'SELECT',
|
|
'View notes policy should be for SELECT');
|
|
|
|
SELECT policy_cmd_is('public', 'notes', 'Users can insert their own notes', 'INSERT',
|
|
'Insert notes policy should be for INSERT');
|
|
|
|
SELECT policy_cmd_is('public', 'notes', 'Users can update their own notes', 'UPDATE',
|
|
'Update notes policy should be for UPDATE');
|
|
|
|
SELECT policy_cmd_is('public', 'notes', 'Users can delete their own notes', 'DELETE',
|
|
'Delete notes policy should be for DELETE');
|
|
|
|
-- Test policy roles include both authenticated and anon for viewing
|
|
SELECT ok(
|
|
'authenticated' = ANY(policy_roles('public', 'notes', 'Users can view their own notes and public notes')),
|
|
'View notes policy should include authenticated role'
|
|
);
|
|
|
|
SELECT ok(
|
|
'anon' = ANY(policy_roles('public', 'notes', 'Users can view their own notes and public notes')),
|
|
'View notes policy should include anon role for public notes'
|
|
);
|
|
|
|
-- ============================================================================
|
|
-- Shared Notes Table RLS Policies
|
|
-- ============================================================================
|
|
|
|
SELECT has_policy('public', 'shared_notes', 'Users can view their own shared notes',
|
|
'Policy for viewing own shared notes should exist');
|
|
|
|
SELECT has_policy('public', 'shared_notes', 'Anyone can view public notes',
|
|
'Policy for viewing public notes should exist');
|
|
|
|
SELECT has_policy('public', 'shared_notes', 'Users can insert their own shared notes',
|
|
'Policy for inserting shared notes should exist');
|
|
|
|
SELECT has_policy('public', 'shared_notes', 'Users can update their own shared notes',
|
|
'Policy for updating shared notes should exist');
|
|
|
|
SELECT has_policy('public', 'shared_notes', 'Users can delete their own shared notes',
|
|
'Policy for deleting shared notes should exist');
|
|
|
|
-- Test policy commands
|
|
SELECT policy_cmd_is('public', 'shared_notes', 'Users can view their own shared notes', 'SELECT',
|
|
'View own shared notes policy should be for SELECT');
|
|
|
|
SELECT policy_cmd_is('public', 'shared_notes', 'Anyone can view public notes', 'SELECT',
|
|
'View public notes policy should be for SELECT');
|
|
|
|
-- Test that public notes policy applies to both authenticated and anon
|
|
SELECT ok(
|
|
'authenticated' = ANY(policy_roles('public', 'shared_notes', 'Anyone can view public notes')),
|
|
'Public notes policy should include authenticated role'
|
|
);
|
|
|
|
SELECT ok(
|
|
'anon' = ANY(policy_roles('public', 'shared_notes', 'Anyone can view public notes')),
|
|
'Public notes policy should include anon role'
|
|
);
|
|
|
|
-- ============================================================================
|
|
-- Note Access Table RLS Policies
|
|
-- ============================================================================
|
|
|
|
SELECT has_policy('public', 'note_access', 'Users can view their own note access',
|
|
'Policy for viewing own note access should exist');
|
|
|
|
SELECT has_policy('public', 'note_access', 'Users can view notes shared with their tablos',
|
|
'Policy for viewing shared notes should exist');
|
|
|
|
SELECT has_policy('public', 'note_access', 'Users can insert their own note access',
|
|
'Policy for inserting note access should exist');
|
|
|
|
SELECT has_policy('public', 'note_access', 'Users can update their own note access',
|
|
'Policy for updating note access should exist');
|
|
|
|
SELECT has_policy('public', 'note_access', 'Users can delete their own note access',
|
|
'Policy for deleting note access should exist');
|
|
|
|
-- Test policy commands
|
|
SELECT policy_cmd_is('public', 'note_access', 'Users can view their own note access', 'SELECT',
|
|
'View own note access policy should be for SELECT');
|
|
|
|
SELECT policy_cmd_is('public', 'note_access', 'Users can insert their own note access', 'INSERT',
|
|
'Insert note access policy should be for INSERT');
|
|
|
|
-- ============================================================================
|
|
-- Notes Behavior Tests with Mock Data
|
|
-- ============================================================================
|
|
|
|
-- Create test users and notes
|
|
DO $$
|
|
DECLARE
|
|
user1_id uuid := gen_random_uuid();
|
|
user2_id uuid := gen_random_uuid();
|
|
note1_id text := 'test_note_' || gen_random_uuid()::text;
|
|
note2_id text := 'test_note_' || gen_random_uuid()::text;
|
|
public_note_id text := 'public_note_' || gen_random_uuid()::text;
|
|
BEGIN
|
|
-- Insert test users
|
|
INSERT INTO auth.users (id, instance_id, aud, role, email, encrypted_password, email_confirmed_at, created_at, updated_at)
|
|
VALUES
|
|
(user1_id, '00000000-0000-0000-0000-000000000000', 'authenticated', 'authenticated', 'noteuser1@test.com', 'encrypted', now(), now(), now()),
|
|
(user2_id, '00000000-0000-0000-0000-000000000000', 'authenticated', 'authenticated', 'noteuser2@test.com', 'encrypted', now(), now(), now());
|
|
|
|
-- Insert test profiles
|
|
INSERT INTO public.profiles (id, email, first_name, last_name)
|
|
VALUES
|
|
(user1_id, 'noteuser1@test.com', 'Note User', 'One'),
|
|
(user2_id, 'noteuser2@test.com', 'Note User', 'Two');
|
|
|
|
-- Insert test notes
|
|
INSERT INTO public.notes (id, title, content, user_id)
|
|
VALUES
|
|
(note1_id, 'User 1 Private Note', 'This is a private note', user1_id),
|
|
(note2_id, 'User 2 Private Note', 'This is another private note', user2_id),
|
|
(public_note_id, 'Public Note', 'This is a public note', user1_id);
|
|
|
|
-- Make one note public
|
|
INSERT INTO public.shared_notes (note_id, user_id, is_public)
|
|
VALUES (public_note_id, user1_id, true);
|
|
|
|
-- Store test IDs
|
|
PERFORM set_config('test.note_user1_id', user1_id::text, true);
|
|
PERFORM set_config('test.note_user2_id', user2_id::text, true);
|
|
PERFORM set_config('test.note1_id', note1_id, true);
|
|
PERFORM set_config('test.public_note_id', public_note_id, true);
|
|
END $$;
|
|
|
|
-- Test: Verify notes were created
|
|
SELECT is(
|
|
(SELECT count(*)::integer FROM public.notes WHERE id = current_setting('test.note1_id')),
|
|
1,
|
|
'User 1 private note should be created'
|
|
);
|
|
|
|
SELECT is(
|
|
(SELECT count(*)::integer FROM public.notes WHERE id = current_setting('test.public_note_id')),
|
|
1,
|
|
'Public note should be created'
|
|
);
|
|
|
|
-- Test: Verify shared_notes entry for public note
|
|
SELECT is(
|
|
(SELECT is_public FROM public.shared_notes WHERE note_id = current_setting('test.public_note_id') LIMIT 1),
|
|
true,
|
|
'Public note should be marked as public in shared_notes'
|
|
);
|
|
|
|
-- ============================================================================
|
|
-- Foreign Key Constraints Tests
|
|
-- ============================================================================
|
|
|
|
SELECT has_fk('public', 'shared_notes', 'shared_notes should have foreign key constraints');
|
|
SELECT has_fk('public', 'note_access', 'note_access should have foreign key constraints');
|
|
|
|
-- Test that shared_notes.note_id references notes.id
|
|
SELECT fk_ok(
|
|
'public', 'shared_notes', 'note_id',
|
|
'public', 'notes', 'id',
|
|
'shared_notes.note_id should reference notes.id'
|
|
);
|
|
|
|
-- Test that note_access.note_id references notes.id
|
|
SELECT fk_ok(
|
|
'public', 'note_access', 'note_id',
|
|
'public', 'notes', 'id',
|
|
'note_access.note_id should reference notes.id'
|
|
);
|
|
|
|
select * from finish();
|
|
rollback;
|
|
|