Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
sagemathinc
GitHub Repository: sagemathinc/cocalc
 Path: blob/master/src/packages/database/postgres/manage-users-owner-only.test.ts
5704 views
1
/*

2
 *  This file is part of CoCalc: Copyright © 2025 Sagemath, Inc.

3
 *  License: MS-RSL – see LICENSE.md for details

4
 */

5


6
import getPool, { initEphemeralDatabase } from "@cocalc/database/pool";

7
import { db } from "@cocalc/database";

8
import { uuid } from "@cocalc/util/misc";

9


10
let pool: ReturnType<typeof getPool> | undefined;

11


12
beforeAll(async () => {

13
  await initEphemeralDatabase();

14
  pool = getPool();

15
}, 15000);

16


17
afterAll(async () => {

18
  if (pool) {

19
    await pool.end();

20
  }

21
});

22


23
async function insertProject(opts: {

24
  projectId: string;

25
  ownerId: string;

26
  collaboratorId: string;

27
}) {

28
  const { projectId, ownerId, collaboratorId } = opts;

29
  if (!pool) {

30
    throw Error("Pool not initialized");

31
  }

32
  await pool.query("INSERT INTO projects(project_id, users) VALUES ($1, $2)", [

33
    projectId,

34
    {

35
      [ownerId]: { group: "owner" },

36
      [collaboratorId]: { group: "collaborator" },

37
    },

38
  ]);

39
}

40


41
describe("manage_users_owner_only set hook", () => {

42
  const projectId = uuid();

43
  const ownerId = uuid();

44
  const collaboratorId = uuid();

45


46
  beforeAll(async () => {

47
    await insertProject({ projectId, ownerId, collaboratorId });

48
  });

49


50
  test("owner can set manage_users_owner_only", async () => {

51
    const value = await db()._user_set_query_project_manage_users_owner_only(

52
      { project_id: projectId, manage_users_owner_only: true },

53
      ownerId,

54
    );

55
    expect(value).toBe(true);

56
  });

57


58
  test("collaborator call returns sanitized value (permission enforced elsewhere)", async () => {

59
    const value = await db()._user_set_query_project_manage_users_owner_only(

60
      { project_id: projectId, manage_users_owner_only: true },

61
      collaboratorId,

62
    );

63
    expect(value).toBe(true);

64
  });

65


66
  test("invalid type is rejected", async () => {

67
    expect(() =>

68
      db()._user_set_query_project_manage_users_owner_only(

69
        { project_id: projectId, manage_users_owner_only: "yes" as any },

70
        ownerId,

71
      ),

72
    ).toThrow("manage_users_owner_only must be a boolean");

73
  });

74
});

75


76