@etus/bhono-app 0.1.1

package/templates/base/tests/e2e/api/accounts.spec.ts

@@ -0,0 +1,148 @@
+import { test, expect, isAuthenticated, apiRequest, getAccountId } from '../fixtures'
+
+/**
+ * Accounts API E2E Tests
+ *
+ * Tests for the accounts API endpoints.
+ * Uses apiRequest helper to make API calls with session cookie and account-id header.
+ *
+ * @tags @api @accounts
+ */
+
+test.describe('Accounts API @api @accounts', () => {
+  test.beforeEach(async ({ page }) => {
+    const authenticated = await isAuthenticated(page)
+    test.skip(!authenticated, 'No authenticated session available')
+
+    const accountId = getAccountId()
+    test.skip(!accountId, 'No account ID available')
+  })
+
+  test.describe('Get Current Account', () => {
+    test('GET /api/accounts/:id should return current account info', async ({ page }) => {
+      const accountId = getAccountId()
+
+      const response = await apiRequest(page, 'get', `/api/accounts/${accountId}`)
+
+      expect(response.status()).toBe(200)
+
+      const body = await response.json()
+      expect(body).toHaveProperty('data')
+      expect(body.data).toHaveProperty('id', accountId)
+      expect(body.data).toHaveProperty('name')
+      expect(typeof body.data.name).toBe('string')
+      expect(body.data).toHaveProperty('createdAt')
+      expect(body.data).toHaveProperty('updatedAt')
+    })
+  })
+
+  test.describe('List User Accounts', () => {
+    test('GET /api/accounts should return list of accounts user belongs to', async ({ page }) => {
+      const response = await apiRequest(page, 'get', '/api/accounts')
+
+      expect(response.status()).toBe(200)
+
+      const body = await response.json()
+      expect(body).toHaveProperty('data')
+      expect(body).toHaveProperty('meta')
+      expect(Array.isArray(body.data)).toBe(true)
+      expect(body.data.length).toBeGreaterThan(0)
+
+      // Validate pagination meta
+      expect(body.meta).toHaveProperty('totalItems')
+      expect(body.meta).toHaveProperty('currentPage')
+      expect(body.meta).toHaveProperty('limit')
+      expect(body.meta).toHaveProperty('totalPages')
+
+      // Validate account structure
+      const account = body.data[0]
+      expect(account).toHaveProperty('id')
+      expect(account).toHaveProperty('name')
+      expect(account).toHaveProperty('createdAt')
+      expect(account).toHaveProperty('updatedAt')
+    })
+  })
+
+  test.describe('Update Account', () => {
+    test('PATCH /api/accounts/:id should update account name and restore original', async ({
+      page,
+    }) => {
+      const accountId = getAccountId()
+
+      // Get original account data
+      const getResponse = await apiRequest(page, 'get', `/api/accounts/${accountId}`)
+      expect(getResponse.status()).toBe(200)
+      const originalData = await getResponse.json()
+      const originalName = originalData.data.name
+
+      // Update the account name
+      const newName = `Test Account ${Date.now()}`
+      const updateResponse = await apiRequest(page, 'patch', `/api/accounts/${accountId}`, {
+        data: { name: newName },
+      })
+
+      expect(updateResponse.status()).toBe(200)
+      const updatedBody = await updateResponse.json()
+      expect(updatedBody.data.name).toBe(newName)
+
+      // Restore the original name
+      const restoreResponse = await apiRequest(page, 'patch', `/api/accounts/${accountId}`, {
+        data: { name: originalName },
+      })
+
+      expect(restoreResponse.status()).toBe(200)
+      const restoredBody = await restoreResponse.json()
+      expect(restoredBody.data.name).toBe(originalName)
+    })
+  })
+
+  test.describe('Account Members', () => {
+    test('GET /api/users should list account members', async ({ page }) => {
+      // Users endpoint lists users in the current account context
+      const response = await apiRequest(page, 'get', '/api/users')
+
+      expect(response.status()).toBe(200)
+
+      const body = await response.json()
+      expect(body).toHaveProperty('data')
+      expect(body).toHaveProperty('meta')
+      expect(Array.isArray(body.data)).toBe(true)
+      expect(body.data.length).toBeGreaterThan(0)
+
+      // Validate user structure
+      const user = body.data[0]
+      expect(user).toHaveProperty('id')
+      expect(user).toHaveProperty('email')
+      expect(user).toHaveProperty('name')
+      expect(user).toHaveProperty('createdAt')
+    })
+  })
+
+  test.describe('Account Validation', () => {
+    test('GET /api/accounts/:id should return 404 for non-existent account', async ({ page }) => {
+      const nonExistentId = '00000000-0000-0000-0000-000000000000'
+
+      const response = await apiRequest(page, 'get', `/api/accounts/${nonExistentId}`)
+
+      expect(response.status()).toBe(404)
+
+      const body = await response.json()
+      expect(body).toHaveProperty('error')
+      expect(body.error).toHaveProperty('message')
+    })
+
+    test('GET /api/accounts/:id should return 400/422 for invalid account ID format', async ({
+      page,
+    }) => {
+      const invalidId = 'not-a-valid-uuid'
+
+      const response = await apiRequest(page, 'get', `/api/accounts/${invalidId}`)
+
+      // Either 400 (Bad Request) or 422 (Unprocessable Entity) for validation error
+      expect([400, 422]).toContain(response.status())
+
+      const body = await response.json()
+      expect(body).toHaveProperty('error')
+    })
+  })
+})

package/templates/base/tests/e2e/api/audit-logs.spec.ts

@@ -0,0 +1,130 @@
+import { test, expect, isAuthenticated, apiRequest, getAccountId } from '../fixtures'
+
+/**
+ * Audit Logs API E2E Tests
+ *
+ * Tests for the audit logs API endpoints.
+ * Uses apiRequest helper to make API calls with session cookie and account-id header.
+ *
+ * @tags @api @audit
+ */
+
+test.describe('Audit Logs API @api @audit', () => {
+  test.beforeEach(async ({ page }) => {
+    const authenticated = await isAuthenticated(page)
+    test.skip(!authenticated, 'No authenticated session available')
+
+    const accountId = getAccountId()
+    test.skip(!accountId, 'No account ID available')
+  })
+
+  test.describe('List Audit Logs', () => {
+    test('GET /api/audits should return audit logs list', async ({ page }) => {
+      const response = await apiRequest(page, 'get', '/api/audits')
+
+      expect(response.ok()).toBeTruthy()
+      expect(response.status()).toBe(200)
+
+      const body = await response.json()
+
+      // Should have data array
+      expect(body).toHaveProperty('data')
+      expect(Array.isArray(body.data)).toBeTruthy()
+
+      // Should have pagination meta
+      expect(body).toHaveProperty('meta')
+      expect(body.meta).toHaveProperty('currentPage')
+      expect(body.meta).toHaveProperty('limit')
+      expect(body.meta).toHaveProperty('totalItems')
+      expect(body.meta).toHaveProperty('totalPages')
+      expect(body.meta).toHaveProperty('hasPreviousPage')
+      expect(body.meta).toHaveProperty('hasNextPage')
+
+      // Validate pagination meta types
+      expect(typeof body.meta.currentPage).toBe('number')
+      expect(typeof body.meta.limit).toBe('number')
+      expect(typeof body.meta.totalItems).toBe('number')
+      expect(typeof body.meta.totalPages).toBe('number')
+      expect(typeof body.meta.hasPreviousPage).toBe('boolean')
+      expect(typeof body.meta.hasNextPage).toBe('boolean')
+    })
+
+    test('GET /api/audits with pagination params should return paginated results', async ({ page }) => {
+      const response = await apiRequest(page, 'get', '/api/audits?page=1&limit=10')
+
+      expect(response.ok()).toBeTruthy()
+      expect(response.status()).toBe(200)
+
+      const body = await response.json()
+
+      // Should have data and meta
+      expect(body).toHaveProperty('data')
+      expect(body).toHaveProperty('meta')
+
+      // Limit should be respected
+      expect(body.meta.limit).toBe(10)
+      expect(body.meta.currentPage).toBe(1)
+
+      // Data length should not exceed limit
+      expect(body.data.length).toBeLessThanOrEqual(10)
+    })
+
+    test('GET /api/audits with action filter should filter by action type', async ({ page }) => {
+      // Test filtering by LOGIN action
+      const response = await apiRequest(page, 'get', '/api/audits?action=LOGIN')
+
+      expect(response.ok()).toBeTruthy()
+      expect(response.status()).toBe(200)
+
+      const body = await response.json()
+
+      // Should have data array
+      expect(body).toHaveProperty('data')
+      expect(Array.isArray(body.data)).toBeTruthy()
+
+      // If there are results, all should have the filtered action type
+      if (body.data.length > 0) {
+        for (const entry of body.data) {
+          expect(entry.action).toBe('LOGIN')
+        }
+      }
+    })
+  })
+
+  test.describe('Audit Log Entry Structure', () => {
+    test('Audit log entries should have required fields', async ({ page }) => {
+      const response = await apiRequest(page, 'get', '/api/audits?limit=1')
+
+      expect(response.ok()).toBeTruthy()
+
+      const body = await response.json()
+
+      // Skip validation if no audit logs exist
+      if (body.data.length === 0) {
+        test.skip(true, 'No audit logs available to validate structure')
+        return
+      }
+
+      const entry = body.data[0]
+
+      // Required fields from AuditLogSchema
+      expect(entry).toHaveProperty('id')
+      expect(entry).toHaveProperty('action')
+      expect(entry).toHaveProperty('timestamp')
+
+      // Validate types
+      expect(typeof entry.id).toBe('string')
+      expect(typeof entry.action).toBe('string')
+      expect(typeof entry.timestamp).toBe('string')
+
+      // Additional expected fields
+      expect(entry).toHaveProperty('transactionId')
+      expect(entry).toHaveProperty('entity')
+      expect(entry).toHaveProperty('entityId')
+
+      // Action should be one of the valid enum values
+      const validActions = ['INSERT', 'UPDATE', 'DELETE', 'LOGIN', 'LOGOUT', 'SIGNUP', 'TOKEN_REFRESH', 'LOGIN_FAILED']
+      expect(validActions).toContain(entry.action)
+    })
+  })
+})

package/templates/base/tests/e2e/api/authenticated-api.spec.ts

@@ -0,0 +1,311 @@
+import { test, expect, isAuthenticated, apiRequest, getAccountId } from '../fixtures'
+
+/**
+ * Authenticated API Integration Tests
+ *
+ * These tests verify API endpoints from an authenticated browser context.
+ * Uses apiRequest helper to make API calls with session cookie and account-id header.
+ *
+ * @tags @api
+ */
+
+test.describe('Authenticated API @api', () => {
+  test.beforeEach(async ({ page }) => {
+    const authenticated = await isAuthenticated(page)
+    test.skip(!authenticated, 'No authenticated session available')
+
+    const accountId = getAccountId()
+    test.skip(!accountId, 'No account ID available')
+  })
+
+  test.describe('Auth Endpoints', () => {
+    test('GET /auth/me should return current user', async ({ page }) => {
+      const response = await page.request.get('/auth/me')
+
+      expect(response.ok()).toBeTruthy()
+      expect(response.status()).toBe(200)
+
+      const body = await response.json()
+
+      // Should have user object with required fields
+      expect(body).toHaveProperty('user')
+      expect(body.user).toHaveProperty('id')
+      expect(body.user).toHaveProperty('email')
+      expect(body.user).toHaveProperty('name')
+
+      // Validate field types
+      expect(typeof body.user.id).toBe('string')
+      expect(typeof body.user.email).toBe('string')
+      expect(typeof body.user.name).toBe('string')
+    })
+  })
+
+  test.describe('Users Endpoints', () => {
+    test('GET /api/users should return paginated list', async ({ page }) => {
+      const response = await apiRequest(page, 'get', '/api/users')
+
+      expect(response.ok()).toBeTruthy()
+      expect(response.status()).toBe(200)
+
+      const body = await response.json()
+
+      // Should have data array
+      expect(body).toHaveProperty('data')
+      expect(Array.isArray(body.data)).toBeTruthy()
+
+      // Should have pagination meta
+      expect(body).toHaveProperty('meta')
+      expect(body.meta).toHaveProperty('currentPage')
+      expect(body.meta).toHaveProperty('limit')
+      expect(body.meta).toHaveProperty('totalItems')
+      expect(body.meta).toHaveProperty('totalPages')
+      expect(body.meta).toHaveProperty('hasPreviousPage')
+      expect(body.meta).toHaveProperty('hasNextPage')
+
+      // Validate pagination meta types
+      expect(typeof body.meta.currentPage).toBe('number')
+      expect(typeof body.meta.limit).toBe('number')
+      expect(typeof body.meta.totalItems).toBe('number')
+      expect(typeof body.meta.totalPages).toBe('number')
+      expect(typeof body.meta.hasPreviousPage).toBe('boolean')
+      expect(typeof body.meta.hasNextPage).toBe('boolean')
+
+      // If there are users, validate structure
+      if (body.data.length > 0) {
+        const user = body.data[0]
+        expect(user).toHaveProperty('id')
+        expect(user).toHaveProperty('email')
+        expect(user).toHaveProperty('name')
+        expect(user).toHaveProperty('status')
+        expect(user).toHaveProperty('createdAt')
+        expect(user).toHaveProperty('updatedAt')
+      }
+    })
+
+    test('GET /api/users with pagination params should respect parameters', async ({ page }) => {
+      const response = await apiRequest(page, 'get', '/api/users?page=1&limit=10')
+
+      expect(response.ok()).toBeTruthy()
+      expect(response.status()).toBe(200)
+
+      const body = await response.json()
+
+      // Should have data and meta
+      expect(body).toHaveProperty('data')
+      expect(body).toHaveProperty('meta')
+
+      // Limit should be respected
+      expect(body.meta.limit).toBe(10)
+      expect(body.meta.currentPage).toBe(1)
+
+      // Data length should not exceed limit
+      expect(body.data.length).toBeLessThanOrEqual(10)
+    })
+
+    test('GET /api/users with page 2 should return second page', async ({ page }) => {
+      // First get total count
+      const firstResponse = await apiRequest(page, 'get', '/api/users?page=1&limit=5')
+      const firstBody = await firstResponse.json()
+
+      // Only test page 2 if there are enough items
+      if (firstBody.meta.totalItems > 5) {
+        const response = await apiRequest(page, 'get', '/api/users?page=2&limit=5')
+
+        expect(response.ok()).toBeTruthy()
+
+        const body = await response.json()
+        expect(body.meta.currentPage).toBe(2)
+        expect(body.meta.hasPreviousPage).toBe(true)
+      }
+    })
+
+    test('GET /api/users with sortOrder should respect sort', async ({ page }) => {
+      const ascResponse = await apiRequest(page, 'get', '/api/users?sortOrder=ASC')
+      const descResponse = await apiRequest(page, 'get', '/api/users?sortOrder=DESC')
+
+      expect(ascResponse.ok()).toBeTruthy()
+      expect(descResponse.ok()).toBeTruthy()
+
+      const ascBody = await ascResponse.json()
+      const descBody = await descResponse.json()
+
+      // Both should return valid responses
+      expect(ascBody).toHaveProperty('data')
+      expect(descBody).toHaveProperty('data')
+
+      // If there are multiple users, order should differ
+      if (ascBody.data.length > 1 && descBody.data.length > 1) {
+        // The first items should potentially be different (unless all same createdAt)
+        // We just verify both requests succeed with valid structure
+        expect(Array.isArray(ascBody.data)).toBeTruthy()
+        expect(Array.isArray(descBody.data)).toBeTruthy()
+      }
+    })
+  })
+
+  test.describe('Accounts Endpoints', () => {
+    test('GET /api/accounts should return account list', async ({ page }) => {
+      const response = await apiRequest(page, 'get', '/api/accounts')
+
+      expect(response.ok()).toBeTruthy()
+      expect(response.status()).toBe(200)
+
+      const body = await response.json()
+
+      // Should have data array
+      expect(body).toHaveProperty('data')
+      expect(Array.isArray(body.data)).toBeTruthy()
+
+      // Should have pagination meta
+      expect(body).toHaveProperty('meta')
+      expect(body.meta).toHaveProperty('currentPage')
+      expect(body.meta).toHaveProperty('limit')
+      expect(body.meta).toHaveProperty('totalItems')
+      expect(body.meta).toHaveProperty('totalPages')
+
+      // If there are accounts, validate structure
+      if (body.data.length > 0) {
+        const account = body.data[0]
+        expect(account).toHaveProperty('id')
+        expect(account).toHaveProperty('name')
+        expect(account).toHaveProperty('createdAt')
+        expect(account).toHaveProperty('updatedAt')
+      }
+    })
+
+    test('GET /api/accounts with pagination should respect parameters', async ({ page }) => {
+      const response = await apiRequest(page, 'get', '/api/accounts?page=1&limit=5')
+
+      expect(response.ok()).toBeTruthy()
+
+      const body = await response.json()
+
+      expect(body.meta.limit).toBe(5)
+      expect(body.meta.currentPage).toBe(1)
+      expect(body.data.length).toBeLessThanOrEqual(5)
+    })
+  })
+
+  test.describe('Invitations Endpoints', () => {
+    test('GET /api/invitations should return invitation list', async ({ page }) => {
+      const response = await apiRequest(page, 'get', '/api/invitations')
+
+      expect(response.ok()).toBeTruthy()
+      expect(response.status()).toBe(200)
+
+      const body = await response.json()
+
+      // Should have data array (may be empty if no pending invitations)
+      expect(body).toHaveProperty('data')
+      expect(Array.isArray(body.data)).toBeTruthy()
+
+      // If there are invitations, validate structure
+      if (body.data.length > 0) {
+        const invitation = body.data[0]
+        expect(invitation).toHaveProperty('id')
+        expect(invitation).toHaveProperty('email')
+        expect(invitation).toHaveProperty('role')
+        expect(invitation).toHaveProperty('expiresAt')
+      }
+    })
+  })
+
+  test.describe('Error Handling', () => {
+    test('GET /api/users/:id should return 404 for non-existent user', async ({ page }) => {
+      // Use a valid UUID format that doesn't exist
+      const nonExistentId = '00000000-0000-0000-0000-000000000000'
+
+      const accountId = getAccountId()
+      const response = await page.request.get(`/api/users/${nonExistentId}`, {
+        failOnStatusCode: false,
+        headers: accountId ? { 'account-id': accountId } : {},
+      })
+
+      expect(response.status()).toBe(404)
+
+      const body = await response.json()
+
+      // Should have error response structure
+      // API returns { error: { code, message, status, timestamp } }
+      expect(body).toHaveProperty('error')
+      expect(body.error).toHaveProperty('status', 404)
+      expect(body.error).toHaveProperty('code', 'NOT_FOUND')
+    })
+
+    test('GET /api/accounts/:id should return 404 for non-existent account', async ({ page }) => {
+      // Use a valid UUID format that doesn't exist
+      const nonExistentId = '00000000-0000-0000-0000-000000000000'
+
+      const accountId = getAccountId()
+      const response = await page.request.get(`/api/accounts/${nonExistentId}`, {
+        failOnStatusCode: false,
+        headers: accountId ? { 'account-id': accountId } : {},
+      })
+
+      expect(response.status()).toBe(404)
+
+      const body = await response.json()
+
+      // Should have error response structure
+      // API returns { error: { code, message, status, timestamp } }
+      expect(body).toHaveProperty('error')
+      expect(body.error).toHaveProperty('status', 404)
+      expect(body.error).toHaveProperty('code', 'NOT_FOUND')
+    })
+
+    test('GET /api/users/:id with invalid UUID should return 400', async ({ page }) => {
+      const invalidId = 'not-a-valid-uuid'
+
+      const accountId = getAccountId()
+      const response = await page.request.get(`/api/users/${invalidId}`, {
+        failOnStatusCode: false,
+        headers: accountId ? { 'account-id': accountId } : {},
+      })
+
+      // Should return 400 for invalid UUID format
+      expect([400, 422]).toContain(response.status())
+
+      const body = await response.json()
+      expect(body).toHaveProperty('error')
+    })
+
+    test('GET /api/accounts/:id with invalid UUID should return 400', async ({ page }) => {
+      const invalidId = 'not-a-valid-uuid'
+
+      const accountId = getAccountId()
+      const response = await page.request.get(`/api/accounts/${invalidId}`, {
+        failOnStatusCode: false,
+        headers: accountId ? { 'account-id': accountId } : {},
+      })
+
+      // Should return 400 for invalid UUID format
+      expect([400, 422]).toContain(response.status())
+
+      const body = await response.json()
+      expect(body).toHaveProperty('error')
+    })
+  })
+
+  test.describe('Response Headers', () => {
+    test('API responses should have correct content-type', async ({ page }) => {
+      const response = await apiRequest(page, 'get', '/api/users')
+
+      expect(response.ok()).toBeTruthy()
+
+      const contentType = response.headers()['content-type']
+      expect(contentType).toMatch(/application\/json/)
+    })
+  })
+
+  test.describe('API Authentication', () => {
+    test('API requests should use session authentication', async ({ page }) => {
+      // Make an authenticated request
+      const response = await apiRequest(page, 'get', '/api/users')
+      expect(response.ok()).toBeTruthy()
+
+      // Verify we're actually authenticated by checking we get data, not a redirect
+      const body = await response.json()
+      expect(body).toHaveProperty('data')
+    })
+  })
+})

package/templates/base/tests/e2e/api/storage.spec.ts

@@ -0,0 +1,109 @@
+import { test, expect, isAuthenticated, apiRequest, getAccountId } from '../fixtures'
+
+/**
+ * Storage API E2E Tests
+ *
+ * Tests for the storage API endpoints (R2-based file storage).
+ * Uses apiRequest helper to make API calls with session cookie and account-id header.
+ *
+ * Note: Some tests may return validation errors if R2 storage is not configured
+ * in the test environment. This is expected behavior.
+ *
+ * @tags @api @storage
+ */
+
+test.describe('Storage API @api @storage', () => {
+  test.beforeEach(async ({ page }) => {
+    const authenticated = await isAuthenticated(page)
+    test.skip(!authenticated, 'No authenticated session available')
+
+    const accountId = getAccountId()
+    test.skip(!accountId, 'No account ID available')
+  })
+
+  test.describe('Generate Upload URL', () => {
+    test('POST /api/storage/upload-url should generate upload URL or return validation error', async ({
+      page,
+    }) => {
+      const response = await apiRequest(page, 'post', '/api/storage/upload-url', {
+        data: {
+          filename: 'test-image.jpg',
+          contentType: 'image/jpeg',
+        },
+      })
+
+      // Either 200 (R2 configured) or 400 (R2 not configured - validation error)
+      expect([200, 400]).toContain(response.status())
+
+      const body = await response.json()
+
+      if (response.status() === 200) {
+        // Success response should have upload URL structure
+        expect(body).toHaveProperty('url')
+        expect(body).toHaveProperty('name')
+        expect(body).toHaveProperty('publicUrl')
+
+        // Validate types
+        expect(typeof body.url).toBe('string')
+        expect(typeof body.name).toBe('string')
+        expect(typeof body.publicUrl).toBe('string')
+
+        // URL should be the upload endpoint path
+        expect(body.url).toContain('/api/storage/upload/')
+      } else {
+        // Validation error (R2 not configured)
+        expect(body).toHaveProperty('error')
+        expect(body.error).toHaveProperty('message')
+      }
+    })
+
+    test('POST /api/storage/upload-url with invalid data should return 400', async ({ page }) => {
+      // Missing required fields
+      const response = await apiRequest(page, 'post', '/api/storage/upload-url', {
+        data: {},
+      })
+
+      expect(response.status()).toBe(400)
+
+      const body = await response.json()
+      expect(body).toHaveProperty('error')
+    })
+  })
+
+  test.describe('File Operations', () => {
+    test('DELETE /api/storage/:key should return 404 for non-existent file', async ({ page }) => {
+      const nonExistentKey = encodeURIComponent('non-existent/file-12345.jpg')
+
+      const response = await apiRequest(page, 'delete', `/api/storage/${nonExistentKey}`)
+
+      // Either 404 (file not found) or 400 (R2 not configured)
+      expect([404, 400]).toContain(response.status())
+
+      const body = await response.json()
+      expect(body).toHaveProperty('error')
+      expect(body.error).toHaveProperty('message')
+
+      if (response.status() === 404) {
+        // File not found error
+        expect(body.error.message).toContain('not found')
+      }
+    })
+
+    test('PUT /api/storage/upload/:key should return error for empty body', async ({ page }) => {
+      const testKey = encodeURIComponent('test/empty-file.txt')
+
+      const response = await apiRequest(page, 'put', `/api/storage/upload/${testKey}`, {
+        headers: {
+          'content-type': 'text/plain',
+        },
+      })
+
+      // Either 400 (empty body or R2 not configured)
+      expect(response.status()).toBe(400)
+
+      const body = await response.json()
+      expect(body).toHaveProperty('error')
+      expect(body.error).toHaveProperty('message')
+    })
+  })
+})