Added tests, shift 'delete'. Fixed overnight shifts, sync, error handling.

2026-03-03 12:50:24 -06:00 · 2026-03-03 12:50:24 -06:00 · 10037add99
commit 10037add99
parent 7fb5716a35
21 changed files with 2522 additions and 40 deletions
--- a/handle_attendees_test.go
+++ b/handle_attendees_test.go
@ -0,0 +1,109 @@
+package main
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+func TestAttendeesListCreateDelete(t *testing.T) {
+	app := testApp(t)
+	admin := testAdminUser(t, app)
+	token := testToken(t, app, admin)
+	mux := testMux(app)
+
+	// Create
+	req := testAuthRequest("POST", "/api/attendees", map[string]string{"name": "Alice"}, token)
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, req)
+	if w.Code != http.StatusCreated {
+		t.Fatalf("create: status = %d\nbody: %s", w.Code, w.Body.String())
+	}
+	created := parseJSON(t, w)
+	id := created["id"].(float64)
+
+	// List
+	req = testAuthRequest("GET", "/api/attendees", nil, token)
+	w = httptest.NewRecorder()
+	mux.ServeHTTP(w, req)
+	if w.Code != http.StatusOK {
+		t.Fatalf("list: status = %d", w.Code)
+	}
+	list := parseJSON(t, w)
+	attendees := list["attendees"].([]any)
+	if len(attendees) != 1 {
+		t.Errorf("list: got %d, want 1", len(attendees))
+	}
+
+	// Delete
+	req = testAuthRequest("DELETE", "/api/attendees/"+itoa(int(id)), nil, token)
+	w = httptest.NewRecorder()
+	mux.ServeHTTP(w, req)
+	if w.Code != http.StatusNoContent {
+		t.Errorf("delete: status = %d", w.Code)
+	}
+
+	// List again — should be empty
+	req = testAuthRequest("GET", "/api/attendees", nil, token)
+	w = httptest.NewRecorder()
+	mux.ServeHTTP(w, req)
+	list = parseJSON(t, w)
+	if a2, ok := list["attendees"].([]any); ok && len(a2) != 0 {
+		t.Errorf("after delete: got %d, want 0", len(a2))
+	}
+}
+
+func TestCheckInAttendeeHandler(t *testing.T) {
+	app := testApp(t)
+	admin := testAdminUser(t, app)
+	token := testToken(t, app, admin)
+	mux := testMux(app)
+
+	app.createAttendee(Attendee{Name: "Bob"})
+	app.db.Exec(`UPDATE attendees SET party_size = 3 WHERE id = 1`)
+
+	// Check in 1
+	req := testAuthRequest("POST", "/api/attendees/1/checkin", map[string]int{"count": 1}, token)
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, req)
+	if w.Code != http.StatusOK {
+		t.Fatalf("checkin: status = %d\nbody: %s", w.Code, w.Body.String())
+	}
+	result := parseJSON(t, w)
+	attendee := result["attendee"].(map[string]any)
+	if attendee["checked_in_count"] != float64(1) {
+		t.Errorf("checked_in_count = %v, want 1", attendee["checked_in_count"])
+	}
+}
+
+func TestGateRoleCanCheckIn(t *testing.T) {
+	app := testApp(t)
+	gate := testUserWithRole(t, app, "gateuser", "gate", []int{})
+	token := testToken(t, app, gate)
+	mux := testMux(app)
+
+	app.createAttendee(Attendee{Name: "Charlie"})
+
+	req := testAuthRequest("POST", "/api/attendees/1/checkin", nil, token)
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, req)
+	if w.Code != http.StatusOK {
+		t.Errorf("gate checkin: status = %d", w.Code)
+	}
+}
+
+func TestGateRoleCannotDelete(t *testing.T) {
+	app := testApp(t)
+	gate := testUserWithRole(t, app, "gateuser", "gate", []int{})
+	token := testToken(t, app, gate)
+	mux := testMux(app)
+
+	app.createAttendee(Attendee{Name: "Charlie"})
+
+	req := testAuthRequest("DELETE", "/api/attendees/1", nil, token)
+	w := httptest.NewRecorder()
+	mux.ServeHTTP(w, req)
+	if w.Code != http.StatusForbidden {
+		t.Errorf("gate delete: status = %d, want 403", w.Code)
+	}
+}