109 lines
3 KiB
Go
109 lines
3 KiB
Go
package main
|
|
|
|
import (
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
)
|
|
|
|
func TestAttendeesListCreateDelete(t *testing.T) {
|
|
app := testApp(t)
|
|
admin := testAdminUser(t, app)
|
|
token := testToken(t, app, admin)
|
|
mux := testMux(app)
|
|
|
|
// Create
|
|
req := testAuthRequest("POST", "/api/attendees", map[string]string{"name": "Titania"}, token)
|
|
w := httptest.NewRecorder()
|
|
mux.ServeHTTP(w, req)
|
|
if w.Code != http.StatusCreated {
|
|
t.Fatalf("create: status = %d\nbody: %s", w.Code, w.Body.String())
|
|
}
|
|
created := parseJSON(t, w)
|
|
id := created["id"].(float64)
|
|
|
|
// List
|
|
req = testAuthRequest("GET", "/api/attendees", nil, token)
|
|
w = httptest.NewRecorder()
|
|
mux.ServeHTTP(w, req)
|
|
if w.Code != http.StatusOK {
|
|
t.Fatalf("list: status = %d", w.Code)
|
|
}
|
|
list := parseJSON(t, w)
|
|
attendees := list["attendees"].([]any)
|
|
if len(attendees) != 1 {
|
|
t.Errorf("list: got %d, want 1", len(attendees))
|
|
}
|
|
|
|
// Delete
|
|
req = testAuthRequest("DELETE", "/api/attendees/"+itoa(int(id)), nil, token)
|
|
w = httptest.NewRecorder()
|
|
mux.ServeHTTP(w, req)
|
|
if w.Code != http.StatusNoContent {
|
|
t.Errorf("delete: status = %d", w.Code)
|
|
}
|
|
|
|
// List again — should be empty
|
|
req = testAuthRequest("GET", "/api/attendees", nil, token)
|
|
w = httptest.NewRecorder()
|
|
mux.ServeHTTP(w, req)
|
|
list = parseJSON(t, w)
|
|
if a2, ok := list["attendees"].([]any); ok && len(a2) != 0 {
|
|
t.Errorf("after delete: got %d, want 0", len(a2))
|
|
}
|
|
}
|
|
|
|
func TestCheckInAttendeeHandler(t *testing.T) {
|
|
app := testApp(t)
|
|
admin := testAdminUser(t, app)
|
|
token := testToken(t, app, admin)
|
|
mux := testMux(app)
|
|
|
|
app.createAttendee(Attendee{Name: "Oberon"})
|
|
app.db.Exec(`UPDATE attendees SET party_size = 3 WHERE id = 1`)
|
|
|
|
// Check in 1
|
|
req := testAuthRequest("POST", "/api/attendees/1/checkin", map[string]int{"count": 1}, token)
|
|
w := httptest.NewRecorder()
|
|
mux.ServeHTTP(w, req)
|
|
if w.Code != http.StatusOK {
|
|
t.Fatalf("checkin: status = %d\nbody: %s", w.Code, w.Body.String())
|
|
}
|
|
result := parseJSON(t, w)
|
|
attendee := result["attendee"].(map[string]any)
|
|
if attendee["checked_in_count"] != float64(1) {
|
|
t.Errorf("checked_in_count = %v, want 1", attendee["checked_in_count"])
|
|
}
|
|
}
|
|
|
|
func TestGateRoleCanCheckIn(t *testing.T) {
|
|
app := testApp(t)
|
|
gate := testUserWithRole(t, app, "gateuser", "gatekeeper", []int{})
|
|
token := testToken(t, app, gate)
|
|
mux := testMux(app)
|
|
|
|
app.createAttendee(Attendee{Name: "Puck"})
|
|
|
|
req := testAuthRequest("POST", "/api/attendees/1/checkin", nil, token)
|
|
w := httptest.NewRecorder()
|
|
mux.ServeHTTP(w, req)
|
|
if w.Code != http.StatusOK {
|
|
t.Errorf("gate checkin: status = %d", w.Code)
|
|
}
|
|
}
|
|
|
|
func TestGateRoleCannotDelete(t *testing.T) {
|
|
app := testApp(t)
|
|
gate := testUserWithRole(t, app, "gateuser", "gatekeeper", []int{})
|
|
token := testToken(t, app, gate)
|
|
mux := testMux(app)
|
|
|
|
app.createAttendee(Attendee{Name: "Puck"})
|
|
|
|
req := testAuthRequest("DELETE", "/api/attendees/1", nil, token)
|
|
w := httptest.NewRecorder()
|
|
mux.ServeHTTP(w, req)
|
|
if w.Code != http.StatusForbidden {
|
|
t.Errorf("gate delete: status = %d, want 403", w.Code)
|
|
}
|
|
}
|