@etus/bhono-app 0.1.5 → 0.1.7

package/templates/base/{src/server/routes/users/__tests__ → tests/unit/server/routes/users}/handlers.test.ts

@@ -1,15 +1,15 @@
 // src/server/routes/users/__tests__/handlers.test.ts
 import { describe, it, expect, vi, beforeEach } from 'vitest'
 import { Hono } from 'hono'
-import type { HonoEnv } from '../../../types'
-import { users } from '../index'
-import { createMockEnv } from '../../../__tests__/setup'
+import type { HonoEnv } from '@server/types'
+import { users } from '@server/routes/index'
+import { createMockEnv } from '@tests/helpers/server'
 import {
   createUserFixture,
   createAccountFixture,
-  createDeletedUserFixture,
-} from '../../../__tests__/fixtures'
-import { NotFoundError } from '../../../lib/errors'
+} from '@tests/fixtures/server'
+import { NotFoundError } from '@server/lib/errors'
+import type { Role } from '@server/auth/roles'
 
 // Test UUIDs
 const TEST_USER_ID = '550e8400-e29b-41d4-a716-446655440001'
@@ -18,7 +18,7 @@ const TEST_ACCOUNT_ID = '550e8400-e29b-41d4-a716-446655440101'
 const NON_EXISTENT_ID = '550e8400-e29b-41d4-a716-446655440999'
 
 // Mock the users service
-vi.mock('../../../services', () => ({
+vi.mock('@server/services', () => ({
   usersService: {
     findAll: vi.fn(),
     findById: vi.fn(),
@@ -30,10 +30,9 @@ vi.mock('../../../services', () => ({
   },
 }))
 
-import { usersService } from '../../../services'
+import { usersService } from '@server/services'
 
 describe('Users Routes', () => {
-  let app: Hono<HonoEnv>
   let mockEnv: ReturnType<typeof createMockEnv>
   let mockDb: any
   let testUser: ReturnType<typeof createUserFixture>
@@ -60,12 +59,10 @@ describe('Users Routes', () => {
       delete: vi.fn().mockReturnThis(),
       execute: vi.fn().mockResolvedValue({ rows: [] }),
     }
-
-    app = new Hono<HonoEnv>()
   })
 
   // Helper to setup authenticated app with specific role
-  function setupAuthenticatedApp(userRole = 'VIEWER', isSuperAdmin = false) {
+  function setupAuthenticatedApp(userRole: Role = 'VIEWER', isSuperAdmin = false) {
     const authenticatedApp = new Hono<HonoEnv>()
 
     authenticatedApp.use('*', async (c, next) => {
@@ -162,7 +159,7 @@ describe('Users Routes', () => {
 
       expect(res.status).toBe(200)
       expect(usersService.findAll).toHaveBeenCalledWith(
-        mockDb,
+        mockEnv.DB,
         expect.objectContaining({
           accountId: testAccount.id,
         }),
@@ -212,7 +209,7 @@ describe('Users Routes', () => {
 
       expect(res.status).toBe(200)
       expect(usersService.findAll).toHaveBeenCalledWith(
-        mockDb,
+        mockEnv.DB,
         expect.anything(),
         expect.objectContaining({
           query: 'search',
@@ -270,7 +267,7 @@ describe('Users Routes', () => {
       })
 
       expect(usersService.findById).toHaveBeenCalledWith(
-        mockDb,
+        mockEnv.DB,
         expect.objectContaining({
           accountId: testAccount.id,
           user: expect.objectContaining({ id: testUser.id }),
@@ -328,7 +325,7 @@ describe('Users Routes', () => {
 
       expect(res.status).toBe(200)
       expect(usersService.update).toHaveBeenCalledWith(
-        mockDb,
+        mockEnv.DB,
         expect.anything(),
         TEST_USER_ID,
         expect.objectContaining({ status: 'inactive' })
@@ -373,7 +370,7 @@ describe('Users Routes', () => {
 
       expect(res.status).toBe(204)
       expect(usersService.delete).toHaveBeenCalledWith(
-        mockDb,
+        mockEnv.DB,
         expect.anything(),
         TEST_USER_ID
       )
@@ -523,4 +520,71 @@ describe('Users Routes', () => {
   // with body may not work correctly in the Hono test environment.
   // This endpoint is tested via E2E tests instead.
   // Role-based access control is tested via the requireRole middleware.
+
+  describe('Missing context error handling', () => {
+    it('GET /users/:id throws when context is missing', async () => {
+      const unauthApp = setupUnauthenticatedApp()
+
+      const res = await unauthApp.request(`/users/${TEST_USER_ID}`, {
+        method: 'GET',
+      })
+
+      expect(res.status).toBe(500)
+      expect(usersService.findById).not.toHaveBeenCalled()
+    })
+
+    it('PATCH /users/:id returns 401 when not authenticated', async () => {
+      const unauthApp = setupUnauthenticatedApp()
+
+      const res = await unauthApp.request(`/users/${TEST_USER_ID}`, {
+        method: 'PATCH',
+        headers: {
+          'Content-Type': 'application/json',
+        },
+        body: JSON.stringify({ name: 'Updated' }),
+      })
+
+      expect(res.status).toBe(401)
+      expect(usersService.update).not.toHaveBeenCalled()
+    })
+
+    it('DELETE /users/:id returns 401 when not authenticated', async () => {
+      const unauthApp = setupUnauthenticatedApp()
+
+      const res = await unauthApp.request(`/users/${TEST_USER_ID}`, {
+        method: 'DELETE',
+      })
+
+      expect(res.status).toBe(401)
+      expect(usersService.delete).not.toHaveBeenCalled()
+    })
+
+    it('POST /users/:id/restore returns 401 when not authenticated', async () => {
+      const unauthApp = setupUnauthenticatedApp()
+
+      const res = await unauthApp.request(`/users/${TEST_USER_ID}/restore`, {
+        method: 'POST',
+      })
+
+      expect(res.status).toBe(401)
+      expect(usersService.restore).not.toHaveBeenCalled()
+    })
+
+    it('POST /users/accounts returns 401 when not authenticated', async () => {
+      const unauthApp = setupUnauthenticatedApp()
+
+      const res = await unauthApp.request('/users/accounts', {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+        },
+        body: JSON.stringify([
+          { userId: TEST_USER_ID, accountId: TEST_ACCOUNT_ID, role: 'VIEWER' },
+        ]),
+      })
+
+      expect(res.status).toBe(401)
+      expect(usersService.createUserAccounts).not.toHaveBeenCalled()
+    })
+  })
 })

package/templates/base/tests/unit/server/services/accounts.test.ts

@@ -0,0 +1,406 @@
+// src/server/services/__tests__/accounts.test.ts
+import { describe, it, expect, vi, beforeEach, type Mock } from 'vitest'
+import { accountsService } from '@server/services/accounts'
+import { NotFoundError, ForbiddenError, ConflictError } from '@server/lib/errors'
+import type { ServiceContext, PaginationQuery } from '@server/types'
+import {
+  createUserFixture,
+  createSuperAdminFixture,
+  createAccountFixture,
+  createDeletedAccountFixture,
+} from '@tests/fixtures/server'
+
+vi.mock('@server/lib/audited-db', () => ({
+  auditedInsert: vi.fn(),
+  auditedUpdate: vi.fn(),
+  auditedDelete: vi.fn(),
+}))
+
+vi.mock('@server/db/sql', () => ({
+  queryOne: vi.fn(),
+  queryAll: vi.fn(),
+  execute: vi.fn(),
+  toStringValue: (value: unknown) => {
+    if (typeof value === 'string') return value
+    if (typeof value === 'number' || typeof value === 'bigint') return String(value)
+    return ''
+  },
+  toNullableString: (value: unknown) => {
+    if (value === null || value === undefined) return null
+    if (typeof value === 'string') return value
+    if (typeof value === 'number' || typeof value === 'bigint') return String(value)
+    return null
+  },
+}))
+
+import { auditedInsert, auditedUpdate, auditedDelete } from '@server/lib/audited-db'
+import { queryOne, queryAll } from '@server/db/sql'
+
+const db = {} as D1Database
+
+function createMockContext(overrides: Partial<ServiceContext> = {}): ServiceContext {
+  const user = createUserFixture({
+    id: 'ctx-user-123',
+    email: 'context@example.com',
+    name: 'Context User',
+  })
+
+  return {
+    accountId: 'account-123',
+    user,
+    userRole: 'ADMIN',
+    transactionId: 'tx-123',
+    ip: '127.0.0.1',
+    userAgent: 'TestAgent/1.0',
+    ...overrides,
+  }
+}
+
+function createSuperAdminContext(overrides: Partial<ServiceContext> = {}): ServiceContext {
+  const user = createSuperAdminFixture({
+    id: 'super-admin-123',
+    email: 'superadmin@example.com',
+    name: 'Super Admin',
+  })
+
+  return {
+    accountId: 'account-123',
+    user,
+    userRole: 'ADMIN',
+    transactionId: 'tx-123',
+    ip: '127.0.0.1',
+    userAgent: 'TestAgent/1.0',
+    ...overrides,
+  }
+}
+
+describe('accountsService', () => {
+  let ctx: ServiceContext
+  let superAdminCtx: ServiceContext
+
+  beforeEach(() => {
+    vi.clearAllMocks()
+    ctx = createMockContext()
+    superAdminCtx = createSuperAdminContext()
+  })
+
+  describe('findAll', () => {
+    const defaultPagination: PaginationQuery = { page: 1, limit: 10 }
+
+    it('should return paginated accounts for super admin', async () => {
+      const account1 = createAccountFixture({ id: 'account-1', name: 'Account One' })
+      const account2 = createAccountFixture({ id: 'account-2', name: 'Account Two' })
+
+      ;(queryOne as Mock).mockResolvedValueOnce({ count: 2 })
+      ;(queryAll as Mock).mockResolvedValueOnce([
+        { ...account1, created_at: account1.createdAt, updated_at: account1.updatedAt, deleted_at: account1.deletedAt },
+        { ...account2, created_at: account2.createdAt, updated_at: account2.updatedAt, deleted_at: account2.deletedAt },
+      ])
+
+      const result = await accountsService.findAll(db, superAdminCtx, defaultPagination)
+
+      expect(result.data).toHaveLength(2)
+      expect(result.meta.totalItems).toBe(2)
+    })
+
+    it('should include user filter for non-super-admin', async () => {
+      const account = createAccountFixture({ id: 'account-1', name: 'User Account' })
+
+      ;(queryOne as Mock).mockResolvedValueOnce({ count: 1 })
+      ;(queryAll as Mock).mockResolvedValueOnce([
+        { ...account, created_at: account.createdAt, updated_at: account.updatedAt, deleted_at: account.deletedAt },
+      ])
+
+      await accountsService.findAll(db, ctx, defaultPagination)
+
+      expect((queryOne as Mock).mock.calls[0][2]).toContain(ctx.user.id)
+    })
+
+    it('should filter by query when provided', async () => {
+      ;(queryOne as Mock).mockResolvedValueOnce({ count: 1 })
+      ;(queryAll as Mock).mockResolvedValueOnce([])
+
+      await accountsService.findAll(db, superAdminCtx, { ...defaultPagination, query: 'test' })
+
+      // Query should include LIKE clauses for name and domain
+      expect((queryOne as Mock).mock.calls[0][2]).toContain('%test%')
+    })
+
+    it('should handle null count result', async () => {
+      ;(queryOne as Mock).mockResolvedValueOnce(null)
+      ;(queryAll as Mock).mockResolvedValueOnce([])
+
+      const result = await accountsService.findAll(db, superAdminCtx, defaultPagination)
+
+      expect(result.data).toHaveLength(0)
+      expect(result.meta.totalItems).toBe(0)
+    })
+  })
+
+  describe('findById', () => {
+    it('should return account for super admin', async () => {
+      const account = createAccountFixture({ id: 'account-1' })
+      ;(queryOne as Mock).mockResolvedValueOnce({
+        ...account,
+        created_at: account.createdAt,
+        updated_at: account.updatedAt,
+        deleted_at: account.deletedAt,
+      })
+
+      const result = await accountsService.findById(db, superAdminCtx, account.id)
+
+      expect(result.id).toBe(account.id)
+    })
+
+    it('should throw NotFound when account missing', async () => {
+      ;(queryOne as Mock).mockResolvedValueOnce(null)
+
+      await expect(accountsService.findById(db, superAdminCtx, 'missing')).rejects.toThrow(NotFoundError)
+    })
+
+    it('should enforce membership for non-super-admin', async () => {
+      const account = createAccountFixture({ id: 'account-1' })
+      ;(queryOne as Mock)
+        .mockResolvedValueOnce({
+          ...account,
+          created_at: account.createdAt,
+          updated_at: account.updatedAt,
+          deleted_at: account.deletedAt,
+        })
+        .mockResolvedValueOnce(null)
+
+      await expect(accountsService.findById(db, ctx, account.id)).rejects.toThrow(NotFoundError)
+    })
+
+    it('should allow non-super-admin with valid membership', async () => {
+      const account = createAccountFixture({ id: 'account-1' })
+      ;(queryOne as Mock)
+        .mockResolvedValueOnce({
+          ...account,
+          created_at: account.createdAt,
+          updated_at: account.updatedAt,
+          deleted_at: account.deletedAt,
+        })
+        .mockResolvedValueOnce({ ok: 1 })
+
+      const result = await accountsService.findById(db, ctx, account.id)
+
+      expect(result.id).toBe(account.id)
+    })
+  })
+
+  describe('create', () => {
+    it('should reject non-super-admin users', async () => {
+      await expect(accountsService.create(db, ctx, { name: 'New' })).rejects.toThrow(ForbiddenError)
+    })
+
+    it('should reject duplicate domain', async () => {
+      ;(queryOne as Mock).mockResolvedValueOnce({ ok: 1 })
+
+      await expect(
+        accountsService.create(db, superAdminCtx, { name: 'Dup', domain: 'acme.com' })
+      ).rejects.toThrow(ConflictError)
+    })
+
+    it('should create account and return record', async () => {
+      const account = createAccountFixture({ id: 'account-1', name: 'New Account' })
+      ;(auditedInsert as Mock).mockResolvedValueOnce([
+        { ...account, created_at: account.createdAt, updated_at: account.updatedAt, deleted_at: account.deletedAt },
+      ])
+
+      const result = await accountsService.create(db, superAdminCtx, { name: 'New Account' })
+
+      expect(result.name).toBe('New Account')
+      expect(auditedInsert).toHaveBeenCalled()
+    })
+
+    it('should create account with domain when no conflict', async () => {
+      ;(queryOne as Mock).mockResolvedValueOnce(null)
+
+      const account = createAccountFixture({ id: 'account-1', name: 'New Account', domain: 'unique.com' })
+      ;(auditedInsert as Mock).mockResolvedValueOnce([
+        { ...account, created_at: account.createdAt, updated_at: account.updatedAt, deleted_at: account.deletedAt },
+      ])
+
+      const result = await accountsService.create(db, superAdminCtx, { name: 'New Account', domain: 'unique.com' })
+
+      expect(result.domain).toBe('unique.com')
+    })
+
+    it('should throw when auditedInsert returns empty array', async () => {
+      ;(auditedInsert as Mock).mockResolvedValueOnce([])
+
+      await expect(
+        accountsService.create(db, superAdminCtx, { name: 'New Account' })
+      ).rejects.toThrow('Failed to create account')
+    })
+  })
+
+  describe('update', () => {
+    it('should reject non-super-admin users', async () => {
+      await expect(accountsService.update(db, ctx, 'account-1', { name: 'Updated' })).rejects.toThrow(ForbiddenError)
+    })
+
+    it('should reject duplicate domain', async () => {
+      const account = createAccountFixture({ id: 'account-1' })
+      ;(queryOne as Mock)
+        .mockResolvedValueOnce({
+          ...account,
+          created_at: account.createdAt,
+          updated_at: account.updatedAt,
+          deleted_at: account.deletedAt,
+        })
+        .mockResolvedValueOnce({ ok: 1 })
+
+      await expect(
+        accountsService.update(db, superAdminCtx, account.id, { domain: 'dup.com' })
+      ).rejects.toThrow(ConflictError)
+    })
+
+    it('should update account and return record', async () => {
+      const account = createAccountFixture({ id: 'account-1', name: 'Original' })
+      ;(queryOne as Mock)
+        .mockResolvedValueOnce({
+          ...account,
+          created_at: account.createdAt,
+          updated_at: account.updatedAt,
+          deleted_at: account.deletedAt,
+        })
+
+      const updated = { ...account, name: 'Updated' }
+      ;(auditedUpdate as Mock).mockResolvedValueOnce([
+        { ...updated, created_at: updated.createdAt, updated_at: updated.updatedAt, deleted_at: updated.deletedAt },
+      ])
+
+      const result = await accountsService.update(db, superAdminCtx, account.id, { name: 'Updated' })
+
+      expect(result.name).toBe('Updated')
+      expect(auditedUpdate).toHaveBeenCalled()
+    })
+
+    it('should update with domain when no conflict', async () => {
+      const account = createAccountFixture({ id: 'account-1' })
+      ;(queryOne as Mock)
+        .mockResolvedValueOnce({
+          ...account,
+          created_at: account.createdAt,
+          updated_at: account.updatedAt,
+          deleted_at: account.deletedAt,
+        })
+        .mockResolvedValueOnce(null)
+
+      const updated = { ...account, domain: 'new.com' }
+      ;(auditedUpdate as Mock).mockResolvedValueOnce([
+        { ...updated, created_at: updated.createdAt, updated_at: updated.updatedAt, deleted_at: updated.deletedAt },
+      ])
+
+      const result = await accountsService.update(db, superAdminCtx, account.id, { domain: 'new.com' })
+
+      expect(result.domain).toBe('new.com')
+    })
+
+    it('should update description and domain', async () => {
+      const account = createAccountFixture({ id: 'account-1' })
+      ;(queryOne as Mock)
+        .mockResolvedValueOnce({
+          ...account,
+          created_at: account.createdAt,
+          updated_at: account.updatedAt,
+          deleted_at: account.deletedAt,
+        })
+        .mockResolvedValueOnce(null)
+
+      const updated = { ...account, description: 'New desc', domain: 'new.com' }
+      ;(auditedUpdate as Mock).mockResolvedValueOnce([
+        { ...updated, created_at: updated.createdAt, updated_at: updated.updatedAt, deleted_at: updated.deletedAt },
+      ])
+
+      const result = await accountsService.update(db, superAdminCtx, account.id, {
+        description: 'New desc',
+        domain: 'new.com',
+      })
+
+      expect(result.description).toBe('New desc')
+      expect(result.domain).toBe('new.com')
+    })
+
+    it('should throw when auditedUpdate returns empty array', async () => {
+      const account = createAccountFixture({ id: 'account-1' })
+      ;(queryOne as Mock).mockResolvedValueOnce({
+        ...account,
+        created_at: account.createdAt,
+        updated_at: account.updatedAt,
+        deleted_at: account.deletedAt,
+      })
+      ;(auditedUpdate as Mock).mockResolvedValueOnce([])
+
+      await expect(
+        accountsService.update(db, superAdminCtx, account.id, { name: 'Updated' })
+      ).rejects.toThrow('Failed to update account')
+    })
+  })
+
+  describe('delete', () => {
+    it('should reject non-super-admin users', async () => {
+      await expect(accountsService.delete(db, ctx, 'account-1')).rejects.toThrow(ForbiddenError)
+    })
+
+    it('should delete account for super admin', async () => {
+      const account = createAccountFixture({ id: 'account-1' })
+      ;(queryOne as Mock).mockResolvedValueOnce({
+        ...account,
+        created_at: account.createdAt,
+        updated_at: account.updatedAt,
+        deleted_at: account.deletedAt,
+      })
+
+      await accountsService.delete(db, superAdminCtx, account.id)
+
+      expect(auditedDelete).toHaveBeenCalled()
+    })
+  })
+
+  describe('restore', () => {
+    it('should reject non-super-admin users', async () => {
+      await expect(accountsService.restore(db, ctx, 'account-1')).rejects.toThrow(ForbiddenError)
+    })
+
+    it('should restore soft-deleted account', async () => {
+      const deleted = createDeletedAccountFixture({ id: 'account-1' })
+      ;(queryOne as Mock).mockResolvedValueOnce({
+        ...deleted,
+        created_at: deleted.createdAt,
+        updated_at: deleted.updatedAt,
+        deleted_at: deleted.deletedAt,
+      })
+
+      const restored = createAccountFixture({ id: 'account-1' })
+      ;(auditedUpdate as Mock).mockResolvedValueOnce([
+        { ...restored, created_at: restored.createdAt, updated_at: restored.updatedAt, deleted_at: restored.deletedAt },
+      ])
+
+      const result = await accountsService.restore(db, superAdminCtx, deleted.id)
+
+      expect(result.deletedAt).toBeNull()
+    })
+
+    it('should throw NotFoundError when account not found or not deleted', async () => {
+      ;(queryOne as Mock).mockResolvedValueOnce(null)
+
+      await expect(accountsService.restore(db, superAdminCtx, 'not-deleted')).rejects.toThrow(NotFoundError)
+    })
+
+    it('should throw when auditedUpdate returns empty array', async () => {
+      const deleted = createDeletedAccountFixture({ id: 'account-1' })
+      ;(queryOne as Mock).mockResolvedValueOnce({
+        ...deleted,
+        created_at: deleted.createdAt,
+        updated_at: deleted.updatedAt,
+        deleted_at: deleted.deletedAt,
+      })
+      ;(auditedUpdate as Mock).mockResolvedValueOnce([])
+
+      await expect(accountsService.restore(db, superAdminCtx, deleted.id)).rejects.toThrow(NotFoundError)
+    })
+  })
+})