72b4b26e2c
Closes https://github.com/twentyhq/core-team-issues/issues/526 (for reminder: 1. Make defaultRoleId non-nullable for an active workspace 2. Remove permissions V1 feature flag 3. Set member role as default role for new workspaces About 1.: An active workspace's defaultRoleId should never be null. We can't rely on a simple postgres NOT NULL constraint as defaultRoleId will always be initially null when the workspace is first created since the roles do not exist at that time. Let's add a more complex rule to ensure that About 3.: In the first phase of our deploy of permissions, we chose to assign admin role to all existing users, not to break any existing behavior with the introduction of the feature (= existing users have less rights than before). As we deploy permissions to all existing and future workspaces, let's set the member role as default role for future workspaces. )
33 lines
926 B
TypeScript
33 lines
926 B
TypeScript
import request from 'supertest';
|
|
|
|
import { ErrorCode } from 'src/engine/core-modules/graphql/utils/graphql-errors.util';
|
|
|
|
const client = request(`http://localhost:${APP_PORT}`);
|
|
|
|
describe('deleteUser', () => {
|
|
it('should not allow to delete user if they are the unique admin of a workspace', async () => {
|
|
const query = {
|
|
query: `
|
|
mutation DeleteUser {
|
|
deleteUser {
|
|
id
|
|
}
|
|
}
|
|
`,
|
|
};
|
|
|
|
await client
|
|
.post('/graphql')
|
|
.set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`)
|
|
.send(query)
|
|
.expect((res) => {
|
|
expect(res.body.data).toBeNull();
|
|
expect(res.body.errors).toBeDefined();
|
|
expect(res.body.errors[0].message).toBe(
|
|
'Cannot delete account: user is the unique admin of a workspace',
|
|
);
|
|
expect(res.body.errors[0].extensions.code).toBe(ErrorCode.FORBIDDEN);
|
|
});
|
|
});
|
|
});
|