Add get user tests

dinks · Nov 5, 2019 · 39ac68a · 39ac68a
1 parent f476cb1
commit 39ac68a
Showing 1 changed file with 69 additions and 0 deletions.
diff --git a/tests/integration/user.test.js b/tests/integration/user.test.js
@@ -137,6 +137,75 @@ describe('User routes', () => {
     });
   });
 
+  describe('GET /v1/users/:userId', () => {
+    test('should return 200 and the user object if data is ok', async () => {
+      await insertUsers([userOne]);
+
+      const res = await request(app)
+        .get(`/v1/users/${userOne._id}`)
+        .set('Authorization', `Bearer ${userOneAccessToken}`)
+        .send()
+        .expect(httpStatus.OK);
+
+      expect(res.body).not.toHaveProperty('password');
+      expect(res.body).toEqual({
+        id: userOne._id.toHexString(),
+        email: userOne.email,
+        name: userOne.name,
+        role: userOne.role,
+      });
+    });
+
+    test('should return 401 error if access token is missing', async () => {
+      await insertUsers([userOne]);
+
+      await request(app)
+        .get(`/v1/users/${userOne._id}`)
+        .send()
+        .expect(httpStatus.UNAUTHORIZED);
+    });
+
+    test('should return 403 error if user is trying to get another user', async () => {
+      await insertUsers([userOne, userTwo]);
+
+      await request(app)
+        .get(`/v1/users/${userTwo._id}`)
+        .set('Authorization', `Bearer ${userOneAccessToken}`)
+        .send()
+        .expect(httpStatus.FORBIDDEN);
+    });
+
+    test('should return 200 and the user object if admin is trying to get another user', async () => {
+      await insertUsers([userOne, admin]);
+
+      await request(app)
+        .get(`/v1/users/${userOne._id}`)
+        .set('Authorization', `Bearer ${adminAccessToken}`)
+        .send()
+        .expect(httpStatus.OK);
+    });
+
+    test('should return 400 error if userId is not a valid mongo id', async () => {
+      await insertUsers([admin]);
+
+      await request(app)
+        .get('/v1/users/invalidId')
+        .set('Authorization', `Bearer ${adminAccessToken}`)
+        .send()
+        .expect(httpStatus.BAD_REQUEST);
+    });
+
+    test('should return 404 error if user is not found', async () => {
+      await insertUsers([admin]);
+
+      await request(app)
+        .get(`/v1/users/${userOne._id}`)
+        .set('Authorization', `Bearer ${adminAccessToken}`)
+        .send()
+        .expect(httpStatus.NOT_FOUND);
+    });
+  });
+
   describe('PATCH /v1/users/:userId', () => {
     test('should return 200 and successfully update user if data is ok', async () => {
       await insertUsers([userOne]);