Merge branch 'main' of github.com:Vicg853/authorizer into fix/role-update

server/test/resolvers_test.go

@@ -11,10 +11,10 @@ import (
 
 func TestResolvers(t *testing.T) {
 	databases := map[string]string{
-		// constants.DbTypeSqlite: "../../data.db",
+		constants.DbTypeSqlite: "../../data.db",
 		// constants.DbTypeArangodb: "http://localhost:8529",
 		// constants.DbTypeMongodb:  "mongodb://localhost:27017",
-		constants.DbTypeCassandraDB: "127.0.0.1:9042",
+		// constants.DbTypeCassandraDB: "127.0.0.1:9042",
 	}
 
 	for dbType, dbURL := range databases {

server/test/update_user_test.go

@@ -24,12 +24,7 @@ func updateUserTest(t *testing.T, s TestSetup) {
 		})
 
 		user := *signupRes.User
-		//! - Found out by testing 
+
-		//! that the 'supplier' role was being accepted by the server
-		//! even though that it doesn't exist in the database.
-		//! (checked it by doing fmt.Println() on role envs)
-		//! But I'm not removing it as there is maybe a reason for it to be be here...
-		//! - Appart from that, by removing it test returns 'unauthorized' successfully
 		adminRole := "supplier"
 		userRole := "user"
 		newRoles := []*string{&adminRole, &userRole}
@@ -46,6 +41,15 @@ func updateUserTest(t *testing.T, s TestSetup) {
 			ID:    user.ID,
 			Roles: newRoles,
 		})
+		// supplier is not part of envs
+		assert.Error(t, err)
+		adminRole = "admin"
+		envstore.EnvStoreObj.UpdateEnvVariable(constants.SliceStoreIdentifier, constants.EnvKeyProtectedRoles, []string{adminRole})
+		newRoles = []*string{&adminRole, &userRole}
+		_, err = resolvers.UpdateUserResolver(ctx, model.UpdateUserInput{
+			ID:    user.ID,
+			Roles: newRoles,
+		})
 		assert.Nil(t, err)
 		cleanData(email)
 	})