strapi/tests/api/core/content-releases/settings.test.api.ts

import type { Core } from '@strapi/types';

// Helpers
import { createTestBuilder } from 'api-tests/builder';
import { createStrapiInstance } from 'api-tests/strapi';
import { createAuthRequest } from 'api-tests/request';
import { createUtils, describeOnCondition } from 'api-tests/utils';

import type { Settings } from '../../../../packages/core/content-releases/shared/contracts/settings';

const builder = createTestBuilder();
let strapi: Core.Strapi;
let rq: any;
let rqUnauth: any;
let rqReader: any;
let rqEditor: any;

const edition = process.env.STRAPI_DISABLE_EE === 'true' ? 'CE' : 'EE';

const getSettings = async (request = rq) => {
  return request({
    url: '/content-releases/settings',
    method: 'GET',
  }).then((res: any) => ({
    settings: res.body?.data,
    status: res.statusCode,
  }));
};

const updateSettings = async (settings: Settings, request = rq) => {
  return request({
    url: '/content-releases/settings',
    method: 'PUT',
    body: settings,
  }).then((res: any) => ({
    settings: res.body?.data,
    status: res.statusCode,
    error: res.error,
  }));
};

/**
 * Creates a request utility with a user having the specified role and permissions
 */
const createUserRequest = async (params: { user; role; permissions }, utils) => {
  // Create user role
  const role = await utils.createRole(params.role);

  // Assign permissions
  const permissions = await utils.assignPermissionsToRole(role.id, params.permissions);
  Object.assign(role, permissions);

  // Create user
  const createdUser = await utils.createUser({
    ...params.user,
    roles: [role.id],
    password: '1234',
  });

  // Return request
  return createAuthRequest({ strapi, userInfo: createdUser });
};

describeOnCondition(edition === 'EE')('Content releases settings', () => {
  beforeAll(async () => {
    await builder.build();
    strapi = await createStrapiInstance();
    rq = await createAuthRequest({ strapi });
    const utils = createUtils(strapi);

    /**
     * Unauthorized role
     */
    rqUnauth = await createUserRequest(
      {
        user: { firstname: 'Pepe', lastname: 'Frog', email: 'pepe.frog@test.com' },
        role: { name: 'noAuth' },
        permissions: [],
      },
      utils
    );

    /**
     * Reader role
     */
    rqReader = await createUserRequest(
      {
        user: { firstname: 'Alice', lastname: 'Foo', email: 'alice.foo@test.com' },
        role: { name: 'reader' },
        permissions: [
          {
            action: 'plugin::content-releases.settings.read',
            subject: null,
            conditions: [],
            properties: {},
          },
        ],
      },
      utils
    );

    /**
     * Full access role
     */
    rqEditor = await createUserRequest(
      {
        user: { firstname: 'Bob', lastname: 'Bar', email: 'bob.bar@test.com' },
        role: { name: 'editor' },
        permissions: [
          { action: 'plugin::content-releases.settings.read' },
          { action: 'plugin::content-releases.settings.update' },
        ],
      },
      utils
    );
  });

  beforeEach(async () => {
    // Reset settings
    const store = await strapi.store({ type: 'core', name: 'content-releases' });
    await store.set({ key: 'settings', value: null });
  });

  afterAll(async () => {
    await strapi.destroy();
    await builder.cleanup();
  });

  describe('Find settings', () => {
    test('Find settings when there is none set', async () => {
      const { status, settings } = await getSettings();

      // Settings should be the default ones
      expect(status).toBe(200);
      expect(settings).toEqual({ defaultTimezone: null });
    });

    test('Find settings', async () => {
      // Set settings
      await updateSettings({ defaultTimezone: 'Europe/Paris' });

      const { status, settings } = await getSettings();

      // Settings should be the default ones
      expect(status).toBe(200);
      expect(settings).toEqual({ defaultTimezone: 'Europe/Paris' });
    });
  });

  describe('Update settings', () => {
    test('Can update settings', async () => {
      // Set settings
      const { status, settings } = await updateSettings({ defaultTimezone: 'Europe/Paris' });

      // Returned settings should be the updated ones
      expect(status).toBe(200);
      expect(settings).toEqual({ defaultTimezone: 'Europe/Paris' });
    });

    test('Can update timezone to null', async () => {
      // Set settings
      await updateSettings({ defaultTimezone: 'Europe/Paris' });
      const { status, settings } = await updateSettings({ defaultTimezone: null });

      // Returned settings should be the updated ones
      expect(status).toBe(200);
      expect(settings).toEqual({ defaultTimezone: null });
    });

    test('Update settings with invalid data should throw', async () => {
      const { status } = await updateSettings({
        // @ts-expect-error - Invalid data
        other: 'value',
      });

      // Should throw a validation error
      expect(status).toBe(400);
    });
  });

  describe('Permissions', () => {
    test('Unauthorized user cannot read settings', async () => {
      const { status } = await getSettings(rqUnauth);

      expect(status).toBe(403);
    });

    test('Unauthorized user cannot update settings', async () => {
      const { status } = await updateSettings({ defaultTimezone: 'Europe/Paris' }, rqUnauth);

      expect(status).toBe(403);
    });

    test('Reader can read settings', async () => {
      const { status } = await getSettings(rqReader);

      expect(status).toBe(200);
    });

    test('Reader cannot update settings', async () => {
      const { status } = await updateSettings({ defaultTimezone: 'Europe/Paris' }, rqReader);

      expect(status).toBe(403);
    });

    test('Editor can read settings', async () => {
      const { status } = await getSettings(rqEditor);

      expect(status).toBe(200);
    });

    test('Editor can update settings', async () => {
      const { status } = await updateSettings({ defaultTimezone: 'Europe/Paris' }, rqEditor);

      expect(status).toBe(200);
    });
  });
});
chore(content-releases): releases migration to v5 (#20259) * chore: migrate bulk publish & unpublish to v5 * chore: change findLocales type to accept arrays * chore: fix lint error * chore: migrate bulkDelete to v5 (#20161) * chore: migrate bulkDelete to v5 * chore: change findLocales type to accept strings array * fix: docs prettier styles * chore: remove console.log * enhancement: migrate countManyDraftRelations to v5 * chore(content-releases): v5 migration * chore(content-releases): remove CMReleasesContainer * fix(content-releases): singleType works with v5 changes and e2e tests enabled * fix(content-releases): apply josh & marc comments * apply comments * fix(content-releases): tests * fix(content-releases): create custom populate object for each content type to handle relations * fix(content-releases): build problem * fix(content-releases): editing lifecycles * fix(content-releases): details view table columns * feat: releases settings (#20354) * feat: releases settings * feat: test nulling default timezone * chore: refactor tests * fix: remove async from describe * chore: OneOf type for response * chore: move OneOf utility to types package --------- Co-authored-by: Fernando Chavez <fernando.chavez@strapi.io> * feat: content releases settings permissions (#20357) * feat: releases settings * feat: test nulling default timezone * chore: refactor tests * fix: remove async from describe * feat: content releases settings permissions * chore: test for unauthorized role --------- Co-authored-by: Fernando Chavez <fernando.chavez@strapi.io> * fix(content-releases): run settings api tests only on ee edition * fix(content-releases): apply mark comments * fix(content-releases): remove releases box when there are no releases related to the entry * fix(content-releases): relation between actions and documents (#20424) * fix(content-releases): refactor relation with entries * fix(content-releases): refactor relation with entries * fix(content-releases): lint & unit tests errors * fix(content-releases): add migration for releases actions coming from v4 * fix(content-releases): apply multiple suggestions * fix(content-releases): new test data for e2e tests * fix(content-releases): fix test data * fix(content-releases): handle edge cases * fix(content-releases): apply marc suggestions * fix(content-releases): add modified status on validation column * fix(content-releases): fix releases menu button * fix(content-releases): use documents middleware instead of db lifecycles * fix(content-releases): invalidate releases tags on some content manager queries * fix(content-releases): using contentType utils and make afterDeleteMany lifecycle async * fix(content-releases): ui fixs * fix(content-releases): removing not needed axios from releases plugin * fix(content-releases): invalidate tags on release service * fix(content-releases): fix dependencies * feat(release-settings): remove navbar link release purchase page in CE (#20498) --------- Co-authored-by: Marc Roig <marc.roig.campos@strapi.io> Co-authored-by: Simone <startae14@gmail.com> 2024-06-13 11:12:38 +02:00			`import type { Core } from '@strapi/types';`

			`// Helpers`
			`import { createTestBuilder } from 'api-tests/builder';`
			`import { createStrapiInstance } from 'api-tests/strapi';`
			`import { createAuthRequest } from 'api-tests/request';`
			`import { createUtils, describeOnCondition } from 'api-tests/utils';`

			`import type { Settings } from '../../../../packages/core/content-releases/shared/contracts/settings';`

			`const builder = createTestBuilder();`
			`let strapi: Core.Strapi;`
			`let rq: any;`
			`let rqUnauth: any;`
			`let rqReader: any;`
			`let rqEditor: any;`

			`const edition = process.env.STRAPI_DISABLE_EE === 'true' ? 'CE' : 'EE';`

			`const getSettings = async (request = rq) => {`
			`return request({`
			`url: '/content-releases/settings',`
			`method: 'GET',`
			`}).then((res: any) => ({`
			`settings: res.body?.data,`
			`status: res.statusCode,`
			`}));`
			`};`

			`const updateSettings = async (settings: Settings, request = rq) => {`
			`return request({`
			`url: '/content-releases/settings',`
			`method: 'PUT',`
			`body: settings,`
			`}).then((res: any) => ({`
			`settings: res.body?.data,`
			`status: res.statusCode,`
			`error: res.error,`
			`}));`
			`};`

			`/**`
			`* Creates a request utility with a user having the specified role and permissions`
			`*/`
			`const createUserRequest = async (params: { user; role; permissions }, utils) => {`
			`// Create user role`
			`const role = await utils.createRole(params.role);`

			`// Assign permissions`
			`const permissions = await utils.assignPermissionsToRole(role.id, params.permissions);`
			`Object.assign(role, permissions);`

			`// Create user`
			`const createdUser = await utils.createUser({`
			`...params.user,`
			`roles: [role.id],`
			`password: '1234',`
			`});`

			`// Return request`
			`return createAuthRequest({ strapi, userInfo: createdUser });`
			`};`

			`describeOnCondition(edition === 'EE')('Content releases settings', () => {`
			`beforeAll(async () => {`
			`await builder.build();`
			`strapi = await createStrapiInstance();`
			`rq = await createAuthRequest({ strapi });`
			`const utils = createUtils(strapi);`

			`/**`
			`* Unauthorized role`
			`*/`
			`rqUnauth = await createUserRequest(`
			`{`
			`user: { firstname: 'Pepe', lastname: 'Frog', email: 'pepe.frog@test.com' },`
			`role: { name: 'noAuth' },`
			`permissions: [],`
			`},`
			`utils`
			`);`

			`/**`
			`* Reader role`
			`*/`
			`rqReader = await createUserRequest(`
			`{`
			`user: { firstname: 'Alice', lastname: 'Foo', email: 'alice.foo@test.com' },`
			`role: { name: 'reader' },`
			`permissions: [`
			`{`
			`action: 'plugin::content-releases.settings.read',`
			`subject: null,`
			`conditions: [],`
			`properties: {},`
			`},`
			`],`
			`},`
			`utils`
			`);`

			`/**`
			`* Full access role`
			`*/`
			`rqEditor = await createUserRequest(`
			`{`
			`user: { firstname: 'Bob', lastname: 'Bar', email: 'bob.bar@test.com' },`
			`role: { name: 'editor' },`
			`permissions: [`
			`{ action: 'plugin::content-releases.settings.read' },`
			`{ action: 'plugin::content-releases.settings.update' },`
			`],`
			`},`
			`utils`
			`);`
			`});`

			`beforeEach(async () => {`
			`// Reset settings`
			`const store = await strapi.store({ type: 'core', name: 'content-releases' });`
			`await store.set({ key: 'settings', value: null });`
			`});`

			`afterAll(async () => {`
			`await strapi.destroy();`
			`await builder.cleanup();`
			`});`

			`describe('Find settings', () => {`
			`test('Find settings when there is none set', async () => {`
			`const { status, settings } = await getSettings();`

			`// Settings should be the default ones`
			`expect(status).toBe(200);`
			`expect(settings).toEqual({ defaultTimezone: null });`
			`});`

			`test('Find settings', async () => {`
			`// Set settings`
			`await updateSettings({ defaultTimezone: 'Europe/Paris' });`

			`const { status, settings } = await getSettings();`

			`// Settings should be the default ones`
			`expect(status).toBe(200);`
			`expect(settings).toEqual({ defaultTimezone: 'Europe/Paris' });`
			`});`
			`});`

			`describe('Update settings', () => {`
			`test('Can update settings', async () => {`
			`// Set settings`
			`const { status, settings } = await updateSettings({ defaultTimezone: 'Europe/Paris' });`

			`// Returned settings should be the updated ones`
			`expect(status).toBe(200);`
			`expect(settings).toEqual({ defaultTimezone: 'Europe/Paris' });`
			`});`

			`test('Can update timezone to null', async () => {`
			`// Set settings`
			`await updateSettings({ defaultTimezone: 'Europe/Paris' });`
			`const { status, settings } = await updateSettings({ defaultTimezone: null });`

			`// Returned settings should be the updated ones`
			`expect(status).toBe(200);`
			`expect(settings).toEqual({ defaultTimezone: null });`
			`});`

			`test('Update settings with invalid data should throw', async () => {`
			`const { status } = await updateSettings({`
			`// @ts-expect-error - Invalid data`
			`other: 'value',`
			`});`

			`// Should throw a validation error`
			`expect(status).toBe(400);`
			`});`
			`});`

			`describe('Permissions', () => {`
			`test('Unauthorized user cannot read settings', async () => {`
			`const { status } = await getSettings(rqUnauth);`

			`expect(status).toBe(403);`
			`});`

			`test('Unauthorized user cannot update settings', async () => {`
			`const { status } = await updateSettings({ defaultTimezone: 'Europe/Paris' }, rqUnauth);`

			`expect(status).toBe(403);`
			`});`

			`test('Reader can read settings', async () => {`
			`const { status } = await getSettings(rqReader);`

			`expect(status).toBe(200);`
			`});`

			`test('Reader cannot update settings', async () => {`
			`const { status } = await updateSettings({ defaultTimezone: 'Europe/Paris' }, rqReader);`

			`expect(status).toBe(403);`
			`});`

			`test('Editor can read settings', async () => {`
			`const { status } = await getSettings(rqEditor);`

			`expect(status).toBe(200);`
			`});`

			`test('Editor can update settings', async () => {`
			`const { status } = await updateSettings({ defaultTimezone: 'Europe/Paris' }, rqEditor);`

			`expect(status).toBe(200);`
			`});`
			`});`
			`});`