mirror of
https://github.com/ManInDark/HabitTrove.git
synced 2026-03-09 20:09:50 +01:00
89 lines
2.2 KiB
TypeScript
89 lines
2.2 KiB
TypeScript
import { describe, expect, test } from 'bun:test'
|
|
import { sanitizeUserData } from '@/lib/user-sanitizer'
|
|
import { UserData } from '@/lib/types'
|
|
|
|
describe('sanitizeUserData', () => {
|
|
test('removes password field from every user', () => {
|
|
const input: UserData = {
|
|
users: [
|
|
{
|
|
id: 'u1',
|
|
username: 'admin',
|
|
password: 'abcd1234:ef567890',
|
|
isAdmin: true,
|
|
},
|
|
{
|
|
id: 'u2',
|
|
username: 'no-pass',
|
|
isAdmin: false,
|
|
},
|
|
],
|
|
}
|
|
|
|
const output = sanitizeUserData(input)
|
|
|
|
expect(output.users).toHaveLength(2)
|
|
expect(output.users[0]).not.toHaveProperty('password')
|
|
expect(output.users[1]).not.toHaveProperty('password')
|
|
})
|
|
|
|
test('adds hasPassword metadata based on stored password', () => {
|
|
const input: UserData = {
|
|
users: [
|
|
{
|
|
id: 'u1',
|
|
username: 'with-hash',
|
|
password: 'abcd1234:ef567890',
|
|
isAdmin: false,
|
|
},
|
|
{
|
|
id: 'u2',
|
|
username: 'empty-pass',
|
|
password: '',
|
|
isAdmin: false,
|
|
},
|
|
{
|
|
id: 'u3',
|
|
username: 'no-pass',
|
|
isAdmin: false,
|
|
},
|
|
],
|
|
}
|
|
|
|
const output = sanitizeUserData(input)
|
|
|
|
expect(output.users[0].hasPassword).toBe(true)
|
|
expect(output.users[1].hasPassword).toBe(false)
|
|
expect(output.users[2].hasPassword).toBe(false)
|
|
})
|
|
|
|
test('preserves other user properties', () => {
|
|
const input: UserData = {
|
|
users: [
|
|
{
|
|
id: 'u1',
|
|
username: 'user',
|
|
password: 'hash',
|
|
avatarPath: '/data/avatars/u1.png',
|
|
isAdmin: false,
|
|
permissions: [
|
|
{
|
|
habit: { write: true, interact: true },
|
|
wishlist: { write: true, interact: true },
|
|
coins: { write: true, interact: true },
|
|
},
|
|
],
|
|
},
|
|
],
|
|
}
|
|
|
|
const output = sanitizeUserData(input)
|
|
|
|
expect(output.users[0].id).toBe('u1')
|
|
expect(output.users[0].username).toBe('user')
|
|
expect(output.users[0].avatarPath).toBe('/data/avatars/u1.png')
|
|
expect(output.users[0].isAdmin).toBe(false)
|
|
expect(output.users[0].permissions?.[0].habit.write).toBe(true)
|
|
})
|
|
})
|