chore: add with authorization reporting tests

bcgov · Jul 2, 2024 · 601e587 · 601e587
1 parent 738efec
commit 601e587
Show file tree

Hide file tree

Showing 3 changed files with 61 additions and 2 deletions.
diff --git a/bciers/apps/registration/middlewares/withAuthorizationRegistration.ts b/bciers/apps/registration/middlewares/withAuthorizationRegistration.ts
@@ -90,7 +90,7 @@ export const withAuthorizationRegistration: MiddlewareFactory = (
       return NextResponse.rewrite(request.nextUrl);
     } else {
       // Handle unauthenticated requests
-      return NextResponse.redirect(new URL(`/`, request.url));
+      return NextResponse.redirect(new URL(`/onboarding`, request.url));
     }
   };
 };
diff --git a/bciers/apps/reporting/src/middlewares/withAuthorizationReporting.test.ts b/bciers/apps/reporting/src/middlewares/withAuthorizationReporting.test.ts
@@ -0,0 +1,59 @@
+import { NextURL } from "next/dist/server/web/next-url";
+import { NextFetchEvent, NextRequest, NextResponse } from "next/server";
+import { instance, mock, reset, when } from "ts-mockito";
+import middleware from "../middleware";
+import { getToken } from "@bciers/testConfig/mocks";
+import { mockCasUserToken } from "@bciers/testConfig/data/tokens";
+
+const domain = "https://localhost:3000";
+const mockedRequest: NextRequest = mock(NextRequest);
+
+vi.spyOn(NextResponse, "redirect");
+vi.spyOn(NextResponse, "rewrite");
+
+const mockNextFetchEvent: NextFetchEvent = mock(NextFetchEvent);
+
+describe("withAuthorizationReporting middleware", () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+  });
+  afterEach(() => {
+    reset(mockedRequest);
+  });
+
+  it("redirects to the onboarding page if the user is not authenticated", async () => {
+    const nextUrl = new NextURL(`${domain}/reporting/report`);
+
+    when(mockedRequest.nextUrl).thenReturn(nextUrl);
+    when(mockedRequest.url).thenReturn(domain);
+
+    const result = await middleware(
+      instance(mockedRequest),
+      mockNextFetchEvent,
+    );
+    expect(NextResponse.redirect).toHaveBeenCalledOnce();
+    expect(NextResponse.redirect).toHaveBeenCalledWith(
+      new URL("/onboarding", domain),
+    );
+    expect(result?.status).toBe(307);
+  });
+
+  it("builds the correct URL for authenticated users", async () => {
+    getToken.mockResolvedValue(mockCasUserToken);
+    const nextUrl = new NextURL(`${domain}/reporting/report`);
+
+    when(mockedRequest.nextUrl).thenReturn(nextUrl);
+    when(mockedRequest.url).thenReturn(domain);
+
+    const result = await middleware(
+      instance(mockedRequest),
+      mockNextFetchEvent,
+    );
+    const responseUrl = new NextURL(
+      `${domain}/${mockCasUserToken.identity_provider}/${mockCasUserToken.app_role}/report`,
+    );
+    expect(NextResponse.rewrite).toHaveBeenCalledOnce();
+    expect(NextResponse.rewrite).toHaveBeenCalledWith(responseUrl);
+    expect(result?.status).toBe(200);
+  });
+});
diff --git a/bciers/apps/reporting/src/middlewares/withAuthorizationReporting.ts b/bciers/apps/reporting/src/middlewares/withAuthorizationReporting.ts
@@ -35,7 +35,7 @@ export const withAuthorizationReporting: MiddlewareFactory = (
       return NextResponse.rewrite(request.nextUrl);
     } else {
       // Handle unauthenticated requests
-      return NextResponse.redirect(new URL(`/dashboard`, request.url));
+      return NextResponse.redirect(new URL(`/onboarding`, request.url));
     }
   };
 };