npm - @things-factory/auth-base - Versions diffs - 10.0.0-beta.5 → 10.0.0-beta.57 - Mend

@things-factory/auth-base 10.0.0-beta.5 → 10.0.0-beta.57

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (33) hide show

package/spec/unit/domain-owner-mutation.spec.ts ADDED Viewed

@@ -0,0 +1,337 @@
+/**
+ * DomainOwner Mutation 로직 테스트
+ *
+ * addDomainOwner / removeDomainOwner mutation 의 핵심 비즈니스 로직
+ * (멤버 확인, 중복 방지, 마지막 오너 보호, legacy cache 동기화)을
+ * 테스트 엔티티 스키마로 재현해 검증한다.
+ */
+import { EntityManager } from 'typeorm'
+import { TestDatabase } from '../../../../test/test-database'
+import {
+  domainFactory,
+  userFactory,
+  domainOwnerFactory
+} from '../../../../test/factories'
+import { Domain, DomainOwner, User } from '../../../../test/entities/schemas'
+// ============================================================
+// 테스트용 헬퍼: source 로직을 테스트 스키마로 재현
+// ============================================================
+/**
+ * addDomainOwner 의 핵심 로직
+ * - 대상 유저가 domain 멤버인지 확인
+ * - 이미 owner인지 확인
+ * - 엔트리 생성
+ * - Domain.owner 캐시가 비어있으면 세팅
+ */
+async function addDomainOwnerLogic(
+  manager: EntityManager,
+  domain: Domain,
+  targetUser: User,
+  actor: User,
+  options: { isMember: boolean; reason?: string }
+): Promise<DomainOwner> {
+  if (!options.isMember) {
+    throw new Error(`User '${targetUser.name}' is not a member of this domain.`)
+  }
+  const ownerRepo = manager.getRepository<DomainOwner>('DomainOwner')
+  const existing = await ownerRepo.findOne({
+    where: { domain: { id: domain.id }, user: { id: targetUser.id } }
+  })
+  if (existing) {
+    throw new Error(`User '${targetUser.name}' is already an owner of this domain.`)
+  }
+  const entry = ownerRepo.create({
+    domain: { id: domain.id } as Domain,
+    user: { id: targetUser.id } as User,
+    grantedBy: actor,
+    reason: options.reason
+  } as Partial<DomainOwner>)
+  const saved = await ownerRepo.save(entry)
+  if (!domain.owner) {
+    await manager.update('Domain', domain.id, { owner: targetUser.id })
+  }
+  return saved
+}
+/**
+ * removeDomainOwner 의 핵심 로직
+ * - 대상 유저의 엔트리 혹은 legacy owner 여부 확인
+ * - 남을 owner가 1명 이상 보장
+ * - legacy cache가 제거 대상이면 남은 오너 중 하나로 재설정
+ */
+async function removeDomainOwnerLogic(
+  manager: EntityManager,
+  domain: Domain,
+  targetUser: User
+): Promise<boolean> {
+  const ownerRepo = manager.getRepository<DomainOwner>('DomainOwner')
+  const entry = await ownerRepo.findOne({
+    where: { domain: { id: domain.id }, user: { id: targetUser.id } }
+  })
+  const hasLegacyOwner = domain.owner === targetUser.id
+  if (!entry && !hasLegacyOwner) {
+    throw new Error(`User '${targetUser.name}' is not an owner of this domain.`)
+  }
+  const ownerCount = await ownerRepo.count({
+    where: { domain: { id: domain.id } }
+  })
+  let remaining = ownerCount
+  if (entry) remaining -= 1
+  if (domain.owner && domain.owner !== targetUser.id) {
+    const legacyInTable = await ownerRepo.findOne({
+      where: { domain: { id: domain.id }, user: { id: domain.owner } }
+    })
+    if (!legacyInTable) remaining += 1
+  }
+  if (remaining < 1) {
+    throw new Error('Cannot remove the last owner of a domain. Add another owner first.')
+  }
+  if (entry) {
+    await ownerRepo.delete(entry.id)
+  }
+  if (hasLegacyOwner) {
+    const next = await ownerRepo.findOne({
+      where: { domain: { id: domain.id } },
+      order: { grantedAt: 'ASC' }
+    })
+    const nextOwnerId = next
+      ? (await manager.findOne<DomainOwner>('DomainOwner', {
+          where: { id: next.id },
+          relations: ['user']
+        }))?.user.id ?? null
+      : null
+    await manager.update('Domain', domain.id, { owner: nextOwnerId })
+  }
+  return true
+}
+// ============================================================
+// 테스트
+// ============================================================
+describe('addDomainOwner 로직', () => {
+  let testDb: TestDatabase
+  beforeAll(() => {
+    testDb = TestDatabase.getInstance()
+  })
+  it('도메인 멤버를 owner로 추가할 수 있다', async () => {
+    const ds = testDb.getDataSource()
+    const domain = await domainFactory.create({})
+    const actor = await userFactory.create({ name: 'actor' })
+    const target = await userFactory.create({ name: 'target' })
+    const entry = await addDomainOwnerLogic(ds.manager, domain, target, actor, {
+      isMember: true
+    })
+    expect(entry.id).toBeDefined()
+    const reloaded = await ds.manager.findOne<DomainOwner>('DomainOwner', {
+      where: { id: entry.id },
+      relations: ['user', 'grantedBy']
+    })
+    expect(reloaded?.user.id).toBe(target.id)
+    expect(reloaded?.grantedBy?.id).toBe(actor.id)
+  })
+  it('Domain.owner 캐시가 비어있으면 추가된 user로 세팅한다', async () => {
+    const ds = testDb.getDataSource()
+    const domain = await domainFactory.create({ owner: null as any })
+    const actor = await userFactory.create({ name: 'actor' })
+    const target = await userFactory.create({ name: 'target' })
+    await addDomainOwnerLogic(ds.manager, domain, target, actor, {
+      isMember: true
+    })
+    const reloadedDomain = await ds.manager.findOne<Domain>('Domain', {
+      where: { id: domain.id }
+    })
+    expect(reloadedDomain?.owner).toBe(target.id)
+  })
+  it('Domain.owner 캐시가 이미 있으면 덮어쓰지 않는다', async () => {
+    const ds = testDb.getDataSource()
+    const existingOwner = await userFactory.create({ name: 'existing' })
+    const domain = await domainFactory.create({ owner: existingOwner.id })
+    const actor = await userFactory.create({ name: 'actor' })
+    const target = await userFactory.create({ name: 'target' })
+    await addDomainOwnerLogic(ds.manager, domain, target, actor, {
+      isMember: true
+    })
+    const reloadedDomain = await ds.manager.findOne<Domain>('Domain', {
+      where: { id: domain.id }
+    })
+    expect(reloadedDomain?.owner).toBe(existingOwner.id)
+  })
+  it('도메인 비멤버는 owner로 추가할 수 없다', async () => {
+    const ds = testDb.getDataSource()
+    const domain = await domainFactory.create({})
+    const actor = await userFactory.create({ name: 'actor' })
+    const outsider = await userFactory.create({ name: 'outsider' })
+    await expect(
+      addDomainOwnerLogic(ds.manager, domain, outsider, actor, { isMember: false })
+    ).rejects.toThrow(/not a member/)
+  })
+  it('이미 owner인 user를 중복 추가할 수 없다', async () => {
+    const ds = testDb.getDataSource()
+    const domain = await domainFactory.create({})
+    const actor = await userFactory.create({ name: 'actor' })
+    const target = await userFactory.create({ name: 'target' })
+    await addDomainOwnerLogic(ds.manager, domain, target, actor, { isMember: true })
+    await expect(
+      addDomainOwnerLogic(ds.manager, domain, target, actor, { isMember: true })
+    ).rejects.toThrow(/already an owner/)
+  })
+})
+describe('removeDomainOwner 로직', () => {
+  let testDb: TestDatabase
+  beforeAll(() => {
+    testDb = TestDatabase.getInstance()
+  })
+  it('여러 owner 중 한 명을 제거할 수 있다', async () => {
+    const ds = testDb.getDataSource()
+    const domain = await domainFactory.create({})
+    const u1 = await userFactory.create({ name: 'U1' })
+    const u2 = await userFactory.create({ name: 'U2' })
+    await domainOwnerFactory.grant(domain, u1)
+    await domainOwnerFactory.grant(domain, u2)
+    const result = await removeDomainOwnerLogic(ds.manager, domain, u2)
+    expect(result).toBe(true)
+    const remaining = await ds.manager.count('DomainOwner', {
+      where: { domain: { id: domain.id } }
+    })
+    expect(remaining).toBe(1)
+  })
+  it('마지막 남은 owner는 제거할 수 없다 (최소 1명 유지)', async () => {
+    const ds = testDb.getDataSource()
+    const domain = await domainFactory.create({})
+    const soleOwner = await userFactory.create({ name: 'sole' })
+    await domainOwnerFactory.grant(domain, soleOwner)
+    await expect(
+      removeDomainOwnerLogic(ds.manager, domain, soleOwner)
+    ).rejects.toThrow(/last owner/)
+  })
+  it('legacy cache 만 있고 join 테이블에 없어도 "owner"로 인정되어 제거 거부 (마지막 1인)', async () => {
+    const ds = testDb.getDataSource()
+    const legacyOwner = await userFactory.create({ name: 'legacy' })
+    const domain = await domainFactory.create({ owner: legacyOwner.id })
+    // join table 에 엔트리 없음
+    await expect(
+      removeDomainOwnerLogic(ds.manager, domain, legacyOwner)
+    ).rejects.toThrow(/last owner/)
+  })
+  it('legacy cache + 다른 오너가 join 테이블에 있으면 legacy 제거 가능', async () => {
+    const ds = testDb.getDataSource()
+    const legacyOwner = await userFactory.create({ name: 'legacy' })
+    const newOwner = await userFactory.create({ name: 'new' })
+    const domain = await domainFactory.create({ owner: legacyOwner.id })
+    await domainOwnerFactory.grant(domain, newOwner)
+    await removeDomainOwnerLogic(ds.manager, domain, legacyOwner)
+    const reloadedDomain = await ds.manager.findOne<Domain>('Domain', {
+      where: { id: domain.id }
+    })
+    // legacy cache 는 남은 오너(newOwner)로 재설정되어야 함
+    expect(reloadedDomain?.owner).toBe(newOwner.id)
+  })
+  it('legacy cache 대상 제거 시 남은 DomainOwner 중 한 명으로 cache 재설정', async () => {
+    const ds = testDb.getDataSource()
+    const u1 = await userFactory.create({ name: 'U1' })
+    const u2 = await userFactory.create({ name: 'U2' })
+    const u3 = await userFactory.create({ name: 'U3' })
+    const domain = await domainFactory.create({ owner: u1.id })
+    await domainOwnerFactory.grant(domain, u1)
+    await domainOwnerFactory.grant(domain, u2)
+    await domainOwnerFactory.grant(domain, u3)
+    await removeDomainOwnerLogic(ds.manager, domain, u1)
+    const reloadedDomain = await ds.manager.findOne<Domain>('Domain', {
+      where: { id: domain.id }
+    })
+    // SQLite datetime 은 초 단위 해상도라 grantedAt 이 동일할 수 있음 → 순서 비결정적.
+    // 핵심 불변조건: cache 는 u1 이 아니고, 남은 오너 (u2 또는 u3) 중 하나로 갱신됨.
+    expect(reloadedDomain?.owner).not.toBe(u1.id)
+    expect([u2.id, u3.id]).toContain(reloadedDomain?.owner)
+  })
+  it('owner가 아닌 user는 제거할 수 없다', async () => {
+    const ds = testDb.getDataSource()
+    const domain = await domainFactory.create({})
+    const owner = await userFactory.create({ name: 'owner' })
+    const other = await userFactory.create({ name: 'other' })
+    await domainOwnerFactory.grant(domain, owner)
+    await expect(
+      removeDomainOwnerLogic(ds.manager, domain, other)
+    ).rejects.toThrow(/not an owner/)
+  })
+  it('legacy cache 만 있는 마지막 오너 + 새 오너 추가 후에는 legacy 제거 가능', async () => {
+    const ds = testDb.getDataSource()
+    const legacy = await userFactory.create({ name: 'legacy' })
+    const domain = await domainFactory.create({ owner: legacy.id })
+    // 이 시점에서 legacy는 cache로만 유일한 owner → 제거 불가
+    await expect(
+      removeDomainOwnerLogic(ds.manager, domain, legacy)
+    ).rejects.toThrow(/last owner/)
+    // 새 오너를 추가하면
+    const newOwner = await userFactory.create({ name: 'new' })
+    const actor = await userFactory.create({ name: 'actor' })
+    await addDomainOwnerLogic(ds.manager, domain, newOwner, actor, { isMember: true })
+    // legacy를 제거할 수 있음 (remaining = legacy 1 + new 1 - 1 = 1)
+    // NOTE: addDomainOwnerLogic은 domain.owner가 이미 legacy.id 이므로 덮어쓰지 않음
+    // 따라서 domain 은 여전히 legacy.id 가 cache
+    const reloadedDomain = await ds.manager.findOne<Domain>('Domain', {
+      where: { id: domain.id }
+    })
+    expect(reloadedDomain!.owner).toBe(legacy.id)
+    await removeDomainOwnerLogic(ds.manager, reloadedDomain!, legacy)
+    const finalDomain = await ds.manager.findOne<Domain>('Domain', {
+      where: { id: domain.id }
+    })
+    expect(finalDomain?.owner).toBe(newOwner.id)
+  })
+})