Skip to content

Comments

test(frontend): add roles and permissions utility tests#314

Merged
fpindej merged 1 commit intomasterfrom
test/roles-permissions-297
Feb 24, 2026
Merged

test(frontend): add roles and permissions utility tests#314
fpindej merged 1 commit intomasterfrom
test/roles-permissions-297

Conversation

@fpindej
Copy link
Owner

@fpindej fpindej commented Feb 24, 2026

Summary

  • Add comprehensive test suite for roles.ts covering getRoleRank, getHighestRank, canManageUser, and getAssignableRoles (36 tests)
  • Add comprehensive test suite for permissions.ts covering hasPermission, hasAnyPermission, isSuperAdmin, and Permissions constant (28 tests)
  • Cover security-critical edge cases: privilege escalation attempts, empty role arrays, unknown role names, equal ranks, null/undefined users, and SuperAdmin implicit permission bypass

Closes #297

Test plan

  • All 64 new tests pass (pnpm run test — 114 total)
  • pnpm run format clean
  • pnpm run lint clean
  • pnpm run check — 0 errors

🤖 Generated with Claude Code

@fpindej fpindej added security Security-related issues frontend Frontend (SvelteKit) labels Feb 24, 2026
@fpindej fpindej enabled auto-merge (squash) February 24, 2026 05:11
…lities

Cover security-critical role hierarchy (getRoleRank, getHighestRank,
canManageUser, getAssignableRoles) and permission checks (hasPermission,
hasAnyPermission, isSuperAdmin) including edge cases for empty arrays,
unknown roles, null/undefined users, equal ranks, and privilege
escalation attempts.

Closes #297

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@fpindej fpindej force-pushed the test/roles-permissions-297 branch from 8f31f86 to 858b9aa Compare February 24, 2026 05:15
@fpindej fpindej merged commit ecf402e into master Feb 24, 2026
4 checks passed
@fpindej fpindej deleted the test/roles-permissions-297 branch February 24, 2026 05:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

frontend Frontend (SvelteKit) security Security-related issues

Projects

None yet

Development

Successfully merging this pull request may close these issues.

test(frontend): add tests for roles.ts and permissions.ts

1 participant