From d916f9a518bf5afc5787203b2db9673dd5d456d5 Mon Sep 17 00:00:00 2001
From: TooSeriuz <frongs@rfcx.org>
Date: Tue, 19 Dec 2023 16:59:34 +0700
Subject: [PATCH] Remove user_stream_roles migration, Add test cases for filter
 params of project/:id/users endpoint

---
 ...00001-create-owner-in-user-stream-roles.js |  26 -----
 core/roles/project.int.test.js                | 108 ++++++++++++++++++
 2 files changed, 108 insertions(+), 26 deletions(-)
 delete mode 100644 core/_cli/migrations/20231218000001-create-owner-in-user-stream-roles.js

diff --git a/core/_cli/migrations/20231218000001-create-owner-in-user-stream-roles.js b/core/_cli/migrations/20231218000001-create-owner-in-user-stream-roles.js
deleted file mode 100644
index e888e09f2..000000000
--- a/core/_cli/migrations/20231218000001-create-owner-in-user-stream-roles.js
+++ /dev/null
@@ -1,26 +0,0 @@
-'use strict'
-const insertedUserAndStream = [] // [{ userId: 1, streamId: "aaaaaaaaaaa" }]
-module.exports = {
-    up: (queryInterface, Sequelize) => {
-        return queryInterface.sequelize.transaction(async transaction => {
-            const [streamsCreatedBy] = await queryInterface.sequelize.query(`select id, created_by_id from streams`, { transaction })
-            for (const streamAndOwner of streamsCreatedBy) {
-                const [[userStreamRoleData]] = await queryInterface.sequelize.query(`select (role_id) from user_stream_roles where user_id = ${streamAndOwner.created_by_id} and stream_id = '${streamAndOwner.id}' and role_id = 4`, { transaction })
-                if (!userStreamRoleData) {
-                    await queryInterface.sequelize.query(`insert into user_stream_roles (user_id, stream_id, role_id, created_at, updated_at) values (${streamAndOwner.created_by_id}, '${streamAndOwner.id}', 4, now(), now())`, { transaction })
-                    insertedUserAndStream.push({
-                        userId: streamAndOwner.created_by_id,
-                        streamId: streamAndOwner.id
-                    })
-                }
-            }
-        })
-    },
-    down: (queryInterface) => {
-        return queryInterface.sequelize.transaction(async transaction => {
-            for (const userAndStream of insertedUserAndStream) {
-                await queryInterface.sequelize.query(`delete from user_stream_roles where user_id = ${userAndStream.userId} and stream_id = '${userAndStream.streamId}' and role_id = 4`, { transaction })
-            }
-        })
-    }
-}
diff --git a/core/roles/project.int.test.js b/core/roles/project.int.test.js
index 61f3a2098..3729add2d 100644
--- a/core/roles/project.int.test.js
+++ b/core/roles/project.int.test.js
@@ -62,6 +62,114 @@ describe('GET /projects/:id/users', () => {
     expect(response.body[0].permissions.includes('R')).toBeTruthy()
     expect(response.body[0].permissions.includes('U')).toBeTruthy()
   })
+
+  test('filter Owner', async () => {
+    const project = { id: 'x456y', createdById: seedValues.primaryUserId, name: 'Project Test' }
+    await models.Project.create(project)
+    await models.UserProjectRole.create({ user_id: project.createdById, project_id: project.id, role_id: seedValues.roleOwner })
+    await models.UserProjectRole.create({ user_id: seedValues.otherUserId, project_id: project.id, role_id: seedValues.roleAdmin })
+    await models.UserProjectRole.create({ user_id: seedValues.anotherUserId, project_id: project.id, role_id: seedValues.roleMember })
+
+    const response = await request(app).get(`/${project.id}/users`).query({ include_roles: ['Owner'] })
+
+    expect(response.statusCode).toBe(200)
+    expect(response.body.length).toBe(1)
+    expect(response.body[0].role).toBe('Owner')
+  })
+
+  test('filter Owner and Admin', async () => {
+    const project = { id: 'x456y', createdById: seedValues.primaryUserId, name: 'Project Test' }
+    await models.Project.create(project)
+    await models.UserProjectRole.create({ user_id: project.createdById, project_id: project.id, role_id: seedValues.roleOwner })
+    await models.UserProjectRole.create({ user_id: seedValues.otherUserId, project_id: project.id, role_id: seedValues.roleAdmin })
+    await models.UserProjectRole.create({ user_id: seedValues.anotherUserId, project_id: project.id, role_id: seedValues.roleMember })
+
+    const response = await request(app).get(`/${project.id}/users`).query({ include_roles: ['Owner', 'Admin'] })
+
+    expect(response.statusCode).toBe(200)
+    expect(response.body.length).toBe(2)
+    expect(response.body[0].role).toBe('Owner')
+    expect(response.body[1].role).toBe('Admin')
+  })
+
+  test('filter Admin but empty result', async () => {
+    const project = { id: 'x456y', createdById: seedValues.primaryUserId, name: 'Project Test' }
+    await models.Project.create(project)
+    await models.UserProjectRole.create({ user_id: project.createdById, project_id: project.id, role_id: seedValues.roleOwner })
+    await models.UserProjectRole.create({ user_id: seedValues.anotherUserId, project_id: project.id, role_id: seedValues.roleMember })
+
+    const response = await request(app).get(`/${project.id}/users`).query({ include_roles: ['Admin'] })
+
+    expect(response.statusCode).toBe(200)
+    expect(response.body.length).toBe(0)
+  })
+
+  test('filter with permission C', async () => {
+    const project = { id: 'x456y', createdById: seedValues.primaryUserId, name: 'Project Test' }
+    await models.Project.create(project)
+    await models.UserProjectRole.create({ user_id: project.createdById, project_id: project.id, role_id: seedValues.roleOwner })
+    await models.UserProjectRole.create({ user_id: seedValues.otherUserId, project_id: project.id, role_id: seedValues.roleAdmin })
+    await models.UserProjectRole.create({ user_id: seedValues.anotherUserId, project_id: project.id, role_id: seedValues.roleMember })
+    await models.UserProjectRole.create({ user_id: seedValues.differentUserId, project_id: project.id, role_id: seedValues.roleGuest })
+
+    const response = await request(app).get(`/${project.id}/users`).query({ permissions: ['C'] })
+
+    expect(response.statusCode).toBe(200)
+    expect(response.body.length).toBe(3)
+    expect(response.body[0].role).toBe('Owner')
+    expect(response.body[1].role).toBe('Admin')
+    expect(response.body[2].role).toBe('Member')
+  })
+
+  test('filter with permission D', async () => {
+    const project = { id: 'x456y', createdById: seedValues.primaryUserId, name: 'Project Test' }
+    await models.Project.create(project)
+    await models.UserProjectRole.create({ user_id: project.createdById, project_id: project.id, role_id: seedValues.roleOwner })
+    await models.UserProjectRole.create({ user_id: seedValues.otherUserId, project_id: project.id, role_id: seedValues.roleAdmin })
+    await models.UserProjectRole.create({ user_id: seedValues.anotherUserId, project_id: project.id, role_id: seedValues.roleMember })
+    await models.UserProjectRole.create({ user_id: seedValues.differentUserId, project_id: project.id, role_id: seedValues.roleGuest })
+
+    const response = await request(app).get(`/${project.id}/users`).query({ permissions: ['D'] })
+
+    expect(response.statusCode).toBe(200)
+    expect(response.body.length).toBe(2)
+    expect(response.body[0].role).toBe('Owner')
+    expect(response.body[1].role).toBe('Admin')
+  })
+
+  test('filter with permission R', async () => {
+    const project = { id: 'x456y', createdById: seedValues.primaryUserId, name: 'Project Test' }
+    await models.Project.create(project)
+    await models.UserProjectRole.create({ user_id: project.createdById, project_id: project.id, role_id: seedValues.roleOwner })
+    await models.UserProjectRole.create({ user_id: seedValues.otherUserId, project_id: project.id, role_id: seedValues.roleAdmin })
+    await models.UserProjectRole.create({ user_id: seedValues.anotherUserId, project_id: project.id, role_id: seedValues.roleMember })
+    await models.UserProjectRole.create({ user_id: seedValues.differentUserId, project_id: project.id, role_id: seedValues.roleGuest })
+
+    const response = await request(app).get(`/${project.id}/users`).query({ permissions: ['R'] })
+
+    expect(response.statusCode).toBe(200)
+    expect(response.body.length).toBe(4)
+    expect(response.body[0].role).toBe('Owner')
+    expect(response.body[1].role).toBe('Admin')
+    expect(response.body[2].role).toBe('Member')
+    expect(response.body[3].role).toBe('Guest')
+  })
+
+  test('filter with permission C,D', async () => {
+    const project = { id: 'x456y', createdById: seedValues.primaryUserId, name: 'Project Test' }
+    await models.Project.create(project)
+    await models.UserProjectRole.create({ user_id: project.createdById, project_id: project.id, role_id: seedValues.roleOwner })
+    await models.UserProjectRole.create({ user_id: seedValues.otherUserId, project_id: project.id, role_id: seedValues.roleAdmin })
+    await models.UserProjectRole.create({ user_id: seedValues.anotherUserId, project_id: project.id, role_id: seedValues.roleMember })
+    await models.UserProjectRole.create({ user_id: seedValues.differentUserId, project_id: project.id, role_id: seedValues.roleGuest })
+
+    const response = await request(app).get(`/${project.id}/users`).query({ permissions: ['C', 'D'] })
+
+    expect(response.statusCode).toBe(200)
+    expect(response.body.length).toBe(2)
+    expect(response.body[0].role).toBe('Owner')
+    expect(response.body[1].role).toBe('Admin')
+  })
 })
 
 describe('PUT /projects/:id/users', () => {