@trailmix-cms/cms 0.4.3 → 0.7.1

package/test/unit/services/organization.service.spec.ts

@@ -0,0 +1,385 @@
+import { Test, TestingModule } from '@nestjs/testing';
+import { NotFoundException, Logger } from '@nestjs/common';
+import { ObjectId, ClientSession } from 'mongodb';
+
+import * as trailmixModels from '@trailmix-cms/models';
+
+import * as TestUtils from '../../utils';
+
+import { OrganizationService } from '@/services';
+import { OrganizationCollection, RoleCollection } from '@/collections';
+import { OrganizationRoleService } from '@/services/organization-role.service';
+import { DatabaseService } from '@trailmix-cms/db';
+import { OrganizationDeleteHook } from '@/types/hooks/organization-delete-hook';
+import { PROVIDER_SYMBOLS } from '@/constants';
+import { createAuditContextForPrincipal } from '@/decorators/audit-context.decorator';
+import { RequestPrincipal } from '@/types';
+
+describe('OrganizationService', () => {
+    let service: OrganizationService;
+    let organizationCollection: jest.Mocked<OrganizationCollection>;
+    let roleCollection: jest.Mocked<RoleCollection>;
+    let organizationRoleService: jest.Mocked<OrganizationRoleService>;
+    let databaseService: jest.Mocked<DatabaseService>;
+    let organizationDeleteHook: jest.Mocked<OrganizationDeleteHook> | undefined;
+
+    beforeEach(async () => {
+        // Mock Logger methods to prevent console output during tests
+        jest.spyOn(Logger.prototype, 'log').mockImplementation();
+        jest.spyOn(Logger.prototype, 'error').mockImplementation();
+        jest.spyOn(Logger.prototype, 'warn').mockImplementation();
+        jest.spyOn(Logger.prototype, 'debug').mockImplementation();
+        jest.spyOn(Logger.prototype, 'verbose').mockImplementation();
+
+        const mockOrganizationCollection = {
+            get: jest.fn(),
+            deleteOne: jest.fn(),
+        };
+
+        const mockRoleCollection = {
+            deleteOne: jest.fn(),
+        };
+
+        const mockOrganizationRoleService = {
+            find: jest.fn(),
+        };
+
+        const mockDatabaseService = {
+            withTransaction: jest.fn(),
+        };
+
+        const module: TestingModule = await Test.createTestingModule({
+            providers: [
+                OrganizationService,
+                {
+                    provide: OrganizationCollection,
+                    useValue: mockOrganizationCollection,
+                },
+                {
+                    provide: RoleCollection,
+                    useValue: mockRoleCollection,
+                },
+                {
+                    provide: OrganizationRoleService,
+                    useValue: mockOrganizationRoleService,
+                },
+                {
+                    provide: DatabaseService,
+                    useValue: mockDatabaseService,
+                },
+            ],
+        }).compile();
+
+        service = module.get<OrganizationService>(OrganizationService);
+        organizationCollection = module.get(OrganizationCollection);
+        roleCollection = module.get(RoleCollection);
+        organizationRoleService = module.get(OrganizationRoleService);
+        databaseService = module.get(DatabaseService);
+    });
+
+    afterEach(() => {
+        jest.clearAllMocks();
+    });
+
+    afterAll(() => {
+        // Restore Logger methods after all tests
+        jest.restoreAllMocks();
+    });
+
+    describe('deleteOrganization', () => {
+        const organizationId = new ObjectId();
+        const accountEntity = TestUtils.Entities.createAccount();
+        const accountPrincipal: RequestPrincipal = {
+            principal_type: trailmixModels.Principal.Account,
+            entity: accountEntity,
+        };
+        const auditContext = createAuditContextForPrincipal(accountPrincipal);
+
+        it('throws NotFoundException when organization does not exist (ensuring failure on non-existent organizations is handled correctly)', async () => {
+            organizationCollection.get.mockResolvedValue(null);
+
+            await expect(
+                service.deleteOrganization(organizationId, auditContext)
+            ).rejects.toThrow(NotFoundException);
+
+            expect(organizationCollection.get).toHaveBeenCalledWith(organizationId);
+            expect(organizationCollection.get).toHaveBeenCalledTimes(1);
+            expect(databaseService.withTransaction).not.toHaveBeenCalled();
+        });
+
+        it('successfully deletes organization with no roles (ensuring organizations without roles can be deleted)', async () => {
+            const organization = TestUtils.Entities.createOrganization({ _id: organizationId });
+            const mockSession = {} as ClientSession;
+
+            organizationCollection.get.mockResolvedValue(organization);
+            organizationRoleService.find.mockResolvedValue([]);
+            databaseService.withTransaction.mockImplementation(async ({ }, fn) => {
+                return await fn(mockSession);
+            });
+            organizationCollection.deleteOne.mockResolvedValue(undefined as any);
+
+            const result = await service.deleteOrganization(organizationId, auditContext);
+
+            expect(organizationCollection.get).toHaveBeenCalledWith(organizationId);
+            expect(organizationRoleService.find).toHaveBeenCalledWith(organizationId);
+            expect(databaseService.withTransaction).toHaveBeenCalledWith({}, expect.any(Function));
+            expect(organizationCollection.deleteOne).toHaveBeenCalledWith(organizationId, auditContext, mockSession);
+            expect(roleCollection.deleteOne).not.toHaveBeenCalled();
+            expect(result).toEqual({
+                organizationDeleted: true,
+                rolesDeletedCount: 0,
+            });
+        });
+
+        it('successfully deletes organization with multiple roles (ensuring cascade delete of roles works correctly)', async () => {
+            const organization = TestUtils.Entities.createOrganization({ _id: organizationId });
+            const role1 = TestUtils.Models.createOrganizationRoleModel({ organization_id: organizationId });
+            const role2 = TestUtils.Models.createOrganizationRoleModel({ organization_id: organizationId });
+            const role3 = TestUtils.Models.createOrganizationRoleModel({ organization_id: organizationId });
+            const organizationRoles = [role1, role2, role3];
+            const mockSession = {} as ClientSession;
+
+            organizationCollection.get.mockResolvedValue(organization);
+            organizationRoleService.find.mockResolvedValue(organizationRoles);
+            databaseService.withTransaction.mockImplementation(async ({ }, fn) => {
+                return await fn(mockSession);
+            });
+            roleCollection.deleteOne.mockResolvedValue(undefined as any);
+            organizationCollection.deleteOne.mockResolvedValue(undefined as any);
+
+            const result = await service.deleteOrganization(organizationId, auditContext);
+
+            expect(organizationCollection.get).toHaveBeenCalledWith(organizationId);
+            expect(organizationRoleService.find).toHaveBeenCalledWith(organizationId);
+            expect(databaseService.withTransaction).toHaveBeenCalledWith({}, expect.any(Function));
+            expect(roleCollection.deleteOne).toHaveBeenCalledTimes(3);
+            expect(roleCollection.deleteOne).toHaveBeenCalledWith(role1._id, auditContext, mockSession);
+            expect(roleCollection.deleteOne).toHaveBeenCalledWith(role2._id, auditContext, mockSession);
+            expect(roleCollection.deleteOne).toHaveBeenCalledWith(role3._id, auditContext, mockSession);
+            expect(organizationCollection.deleteOne).toHaveBeenCalledWith(organizationId, auditContext, mockSession);
+            expect(result).toEqual({
+                organizationDeleted: true,
+                rolesDeletedCount: 3,
+            });
+        });
+
+        it('successfully deletes organization with single role (ensuring single role deletion works)', async () => {
+            const organization = TestUtils.Entities.createOrganization({ _id: organizationId });
+            const role = TestUtils.Models.createOrganizationRoleModel({ organization_id: organizationId });
+            const organizationRoles = [role];
+            const mockSession = {} as ClientSession;
+
+            organizationCollection.get.mockResolvedValue(organization);
+            organizationRoleService.find.mockResolvedValue(organizationRoles);
+            databaseService.withTransaction.mockImplementation(async ({ }, fn) => {
+                return await fn(mockSession);
+            });
+            roleCollection.deleteOne.mockResolvedValue(undefined as any);
+            organizationCollection.deleteOne.mockResolvedValue(undefined as any);
+
+            const result = await service.deleteOrganization(organizationId, auditContext);
+
+            expect(organizationCollection.get).toHaveBeenCalledWith(organizationId);
+            expect(organizationRoleService.find).toHaveBeenCalledWith(organizationId);
+            expect(databaseService.withTransaction).toHaveBeenCalledWith({}, expect.any(Function));
+            expect(roleCollection.deleteOne).toHaveBeenCalledTimes(1);
+            expect(roleCollection.deleteOne).toHaveBeenCalledWith(role._id, auditContext, mockSession);
+            expect(organizationCollection.deleteOne).toHaveBeenCalledWith(organizationId, auditContext, mockSession);
+            expect(result).toEqual({
+                organizationDeleted: true,
+                rolesDeletedCount: 1,
+            });
+        });
+
+        it('calls organization delete hook when provided (ensuring hook is executed within transaction)', async () => {
+            const organization = TestUtils.Entities.createOrganization({ _id: organizationId });
+            const role = TestUtils.Models.createOrganizationRoleModel({ organization_id: organizationId });
+            const organizationRoles = [role];
+            const mockSession = {} as ClientSession;
+            const mockHook: jest.Mocked<OrganizationDeleteHook> = {
+                onHook: jest.fn().mockResolvedValue(undefined),
+            };
+
+            // Create a new module with the hook provider
+            const moduleWithHook: TestingModule = await Test.createTestingModule({
+                providers: [
+                    OrganizationService,
+                    {
+                        provide: OrganizationCollection,
+                        useValue: organizationCollection,
+                    },
+                    {
+                        provide: RoleCollection,
+                        useValue: roleCollection,
+                    },
+                    {
+                        provide: OrganizationRoleService,
+                        useValue: organizationRoleService,
+                    },
+                    {
+                        provide: DatabaseService,
+                        useValue: databaseService,
+                    },
+                    {
+                        provide: PROVIDER_SYMBOLS.ORGANIZATION_DELETE_HOOK,
+                        useValue: mockHook,
+                    },
+                ],
+            }).compile();
+
+            const serviceWithHook = moduleWithHook.get<OrganizationService>(OrganizationService);
+
+            organizationCollection.get.mockResolvedValue(organization);
+            organizationRoleService.find.mockResolvedValue(organizationRoles);
+            databaseService.withTransaction.mockImplementation(async ({ }, fn) => {
+                return await fn(mockSession);
+            });
+            roleCollection.deleteOne.mockResolvedValue(undefined as any);
+            organizationCollection.deleteOne.mockResolvedValue(undefined as any);
+
+            const result = await serviceWithHook.deleteOrganization(organizationId, auditContext);
+
+            expect(organizationCollection.get).toHaveBeenCalledWith(organizationId);
+            expect(organizationRoleService.find).toHaveBeenCalledWith(organizationId);
+            expect(databaseService.withTransaction).toHaveBeenCalledWith({}, expect.any(Function));
+            expect(roleCollection.deleteOne).toHaveBeenCalledWith(role._id, auditContext, mockSession);
+            expect(mockHook.onHook).toHaveBeenCalledWith(organizationId, organization, auditContext, mockSession);
+            expect(organizationCollection.deleteOne).toHaveBeenCalledWith(organizationId, auditContext, mockSession);
+            expect(result).toEqual({
+                organizationDeleted: true,
+                rolesDeletedCount: 1,
+            });
+        });
+
+        it('does not call organization delete hook when not provided (ensuring hook is optional)', async () => {
+            const organization = TestUtils.Entities.createOrganization({ _id: organizationId });
+            const role = TestUtils.Models.createOrganizationRoleModel({ organization_id: organizationId });
+            const organizationRoles = [role];
+            const mockSession = {} as ClientSession;
+
+            organizationCollection.get.mockResolvedValue(organization);
+            organizationRoleService.find.mockResolvedValue(organizationRoles);
+            databaseService.withTransaction.mockImplementation(async ({ }, fn) => {
+                return await fn(mockSession);
+            });
+            roleCollection.deleteOne.mockResolvedValue(undefined as any);
+            organizationCollection.deleteOne.mockResolvedValue(undefined as any);
+
+            const result = await service.deleteOrganization(organizationId, auditContext);
+
+            expect(organizationCollection.get).toHaveBeenCalledWith(organizationId);
+            expect(organizationRoleService.find).toHaveBeenCalledWith(organizationId);
+            expect(databaseService.withTransaction).toHaveBeenCalledWith({}, expect.any(Function));
+            expect(roleCollection.deleteOne).toHaveBeenCalledWith(role._id, auditContext, mockSession);
+            expect(organizationCollection.deleteOne).toHaveBeenCalledWith(organizationId, auditContext, mockSession);
+            expect(result).toEqual({
+                organizationDeleted: true,
+                rolesDeletedCount: 1,
+            });
+        });
+
+        it('executes all operations within a single transaction (ensuring atomicity)', async () => {
+            const organization = TestUtils.Entities.createOrganization({ _id: organizationId });
+            const role1 = TestUtils.Models.createOrganizationRoleModel({ organization_id: organizationId });
+            const role2 = TestUtils.Models.createOrganizationRoleModel({ organization_id: organizationId });
+            const organizationRoles = [role1, role2];
+            const mockSession = {} as ClientSession;
+            let transactionCallback: ((session: ClientSession) => Promise<any>) | null = null;
+
+            organizationCollection.get.mockResolvedValue(organization);
+            organizationRoleService.find.mockResolvedValue(organizationRoles);
+            databaseService.withTransaction.mockImplementation(async ({ }, fn) => {
+                transactionCallback = fn;
+                return await fn(mockSession);
+            });
+            roleCollection.deleteOne.mockResolvedValue(undefined as any);
+            organizationCollection.deleteOne.mockResolvedValue(undefined as any);
+
+            await service.deleteOrganization(organizationId, auditContext);
+
+            // Verify that withTransaction was called
+            expect(databaseService.withTransaction).toHaveBeenCalledWith({}, expect.any(Function));
+
+            // Verify that all delete operations were called with the same session
+            expect(roleCollection.deleteOne).toHaveBeenCalledWith(role1._id, auditContext, mockSession);
+            expect(roleCollection.deleteOne).toHaveBeenCalledWith(role2._id, auditContext, mockSession);
+            expect(organizationCollection.deleteOne).toHaveBeenCalledWith(organizationId, auditContext, mockSession);
+        });
+
+        it('handles transaction errors properly (ensuring transaction rollback on error)', async () => {
+            const organization = TestUtils.Entities.createOrganization({ _id: organizationId });
+            const role = TestUtils.Models.createOrganizationRoleModel({ organization_id: organizationId });
+            const organizationRoles = [role];
+            const mockSession = {} as ClientSession;
+            const transactionError = new Error('Transaction failed');
+
+            organizationCollection.get.mockResolvedValue(organization);
+            organizationRoleService.find.mockResolvedValue(organizationRoles);
+            databaseService.withTransaction.mockImplementation(async ({ }, fn) => {
+                throw transactionError;
+            });
+
+            await expect(
+                service.deleteOrganization(organizationId, auditContext)
+            ).rejects.toThrow('Transaction failed');
+
+            expect(organizationCollection.get).toHaveBeenCalledWith(organizationId);
+            expect(organizationRoleService.find).toHaveBeenCalledWith(organizationId);
+            expect(databaseService.withTransaction).toHaveBeenCalledWith({}, expect.any(Function));
+            // Verify that delete operations were attempted but transaction failed
+            expect(roleCollection.deleteOne).not.toHaveBeenCalled();
+            expect(organizationCollection.deleteOne).not.toHaveBeenCalled();
+        });
+
+        it('handles hook errors within transaction (ensuring hook errors propagate)', async () => {
+            const organization = TestUtils.Entities.createOrganization({ _id: organizationId });
+            const mockSession = {} as ClientSession;
+            const hookError = new Error('Hook execution failed');
+            const mockHook: jest.Mocked<OrganizationDeleteHook> = {
+                onHook: jest.fn().mockRejectedValue(hookError),
+            };
+
+            // Create a new module with the hook provider
+            const moduleWithHook: TestingModule = await Test.createTestingModule({
+                providers: [
+                    OrganizationService,
+                    {
+                        provide: OrganizationCollection,
+                        useValue: organizationCollection,
+                    },
+                    {
+                        provide: RoleCollection,
+                        useValue: roleCollection,
+                    },
+                    {
+                        provide: OrganizationRoleService,
+                        useValue: organizationRoleService,
+                    },
+                    {
+                        provide: DatabaseService,
+                        useValue: databaseService,
+                    },
+                    {
+                        provide: PROVIDER_SYMBOLS.ORGANIZATION_DELETE_HOOK,
+                        useValue: mockHook,
+                    },
+                ],
+            }).compile();
+
+            const serviceWithHook = moduleWithHook.get<OrganizationService>(OrganizationService);
+
+            organizationCollection.get.mockResolvedValue(organization);
+            organizationRoleService.find.mockResolvedValue([]);
+            databaseService.withTransaction.mockImplementation(async ({ }, fn) => {
+                return await fn(mockSession);
+            });
+
+            await expect(
+                serviceWithHook.deleteOrganization(organizationId, auditContext)
+            ).rejects.toThrow('Hook execution failed');
+
+            expect(mockHook.onHook).toHaveBeenCalledWith(organizationId, organization, auditContext, mockSession);
+            expect(organizationCollection.deleteOne).not.toHaveBeenCalled();
+        });
+    });
+});

package/test/utils/auth-guard.ts

@@ -0,0 +1,114 @@
+import { AccountCollection } from '@/collections/account.collection';
+import { AccountService } from '@/services/account.service';
+import { SecurityAuditCollection } from '@/collections/security-audit.collection';
+import { ApiKeyCollection } from '@/collections/api-key.collection';
+import { AuthService } from '@/services/auth.service';
+import { AuthGuardHook } from '@/types';
+import { PROVIDER_SYMBOLS } from '@/constants';
+
+export interface AuthGuardMocks {
+    accountCollection: jest.Mocked<AccountCollection>;
+    accountService: jest.Mocked<AccountService>;
+    securityAuditCollection: jest.Mocked<SecurityAuditCollection>;
+    apiKeyCollection: jest.Mocked<ApiKeyCollection>;
+    authService: jest.Mocked<AuthService>;
+    authGuardHook?: jest.Mocked<AuthGuardHook>;
+}
+
+export interface AuthGuardProviders {
+    mocks: AuthGuardMocks;
+    providers: any[];
+}
+
+/**
+ * Creates mock dependencies and providers for AuthGuard testing.
+ * 
+ * @param overrides Optional overrides for default mock implementations
+ * @returns Object containing mocks and providers array for NestJS TestingModule
+ */
+export function createAuthGuardDependencies(overrides?: {
+    accountCollection?: Partial<jest.Mocked<AccountCollection>>;
+    accountService?: Partial<jest.Mocked<AccountService>>;
+    securityAuditCollection?: Partial<jest.Mocked<SecurityAuditCollection>>;
+    apiKeyCollection?: Partial<jest.Mocked<ApiKeyCollection>>;
+    authService?: Partial<jest.Mocked<AuthService>>;
+    authGuardHook?: Partial<jest.Mocked<AuthGuardHook>>;
+}): AuthGuardProviders {
+    const mockAccountCollection: jest.Mocked<AccountCollection> = {
+        findOne: jest.fn(),
+        upsertOne: jest.fn(),
+        ...overrides?.accountCollection,
+    } as any;
+
+    const mockAccountService: jest.Mocked<AccountService> = {
+        getAccount: jest.fn(),
+        upsertAccount: jest.fn(),
+        ...overrides?.accountService,
+    } as any;
+
+    const mockSecurityAuditCollection: jest.Mocked<SecurityAuditCollection> = {
+        insertOne: jest.fn(),
+        ...overrides?.securityAuditCollection,
+    } as any;
+
+    const mockApiKeyCollection: jest.Mocked<ApiKeyCollection> = {
+        findOne: jest.fn(),
+        ...overrides?.apiKeyCollection,
+    } as any;
+
+    const mockAuthService: jest.Mocked<AuthService> = {
+        getPrincipal: jest.fn(),
+        validateAuth: jest.fn(),
+        ...overrides?.authService,
+    } as any;
+
+    const mockAuthGuardHook: jest.Mocked<AuthGuardHook> | undefined = overrides?.authGuardHook
+        ? {
+            onHook: jest.fn(),
+            ...overrides.authGuardHook,
+        } as any
+        : undefined;
+
+    const providers = [
+        {
+            provide: AccountService,
+            useValue: mockAccountService,
+        },
+        {
+            provide: AccountCollection,
+            useValue: mockAccountCollection,
+        },
+        {
+            provide: SecurityAuditCollection,
+            useValue: mockSecurityAuditCollection,
+        },
+        {
+            provide: ApiKeyCollection,
+            useValue: mockApiKeyCollection,
+        },
+        {
+            provide: AuthService,
+            useValue: mockAuthService,
+        },
+        ...(mockAuthGuardHook
+            ? [
+                {
+                    provide: PROVIDER_SYMBOLS.AUTH_GUARD_HOOK,
+                    useValue: mockAuthGuardHook,
+                },
+            ]
+            : []),
+    ];
+
+    return {
+        mocks: {
+            accountCollection: mockAccountCollection,
+            accountService: mockAccountService,
+            securityAuditCollection: mockSecurityAuditCollection,
+            apiKeyCollection: mockApiKeyCollection,
+            authService: mockAuthService,
+            ...(mockAuthGuardHook ? { authGuardHook: mockAuthGuardHook } : {}),
+        },
+        providers,
+    };
+}

package/test/utils/base.ts

@@ -0,0 +1,16 @@
+import { BaseEntity, baseEntitySchema } from '@trailmix-cms/models';
+import { faker } from '@faker-js/faker';
+import dayjs from 'dayjs';
+import { ObjectId } from 'mongodb';
+
+export function createBaseEntity() {
+    const createdAt = dayjs(faker.date.past()).toDate();
+    const updatedAt = dayjs(createdAt).add(1, 'day').toDate();
+    const entity: BaseEntity = {
+        _id: new ObjectId(),
+        created_at: createdAt,
+        updated_at: updatedAt,
+    };
+    baseEntitySchema.encode(entity);
+    return entity;
+}

package/test/utils/entities/account.ts

@@ -0,0 +1,13 @@
+import { faker } from '@faker-js/faker';
+import { Account } from '@trailmix-cms/models';
+import { createBaseEntity } from '../base';
+
+export function createAccount(overrides?: Partial<Account.Entity>) {
+    const entity: Account.Entity = {
+        ...createBaseEntity(),
+        user_id: faker.string.uuid(),
+        ...overrides,
+    };
+    Account.schema.encode(entity);
+    return entity;
+}

package/test/utils/entities/api-key.ts

@@ -0,0 +1,15 @@
+import { faker } from '@faker-js/faker';
+import { ApiKey, ApiKeyScope } from '@trailmix-cms/models';
+import { createBaseEntity } from '../base';
+
+export function createApiKey(overrides?: Partial<ApiKey.Entity>) {
+    const entity: ApiKey.Entity = {
+        ...createBaseEntity(),
+        api_key: faker.string.alphanumeric(32),
+        name: faker.word.noun(),
+        scope_type: ApiKeyScope.Global,
+        ...overrides,
+    };
+    ApiKey.schema.encode(entity);
+    return entity;
+}

package/test/utils/entities/audit.ts

@@ -0,0 +1,18 @@
+import { faker } from '@faker-js/faker';
+import { Audit } from '@trailmix-cms/models';
+import { ObjectId } from 'mongodb';
+import { createBaseEntity } from '../base';
+import { createAuditContext } from '../models/audit-context';
+
+export function createAudit(overrides?: Partial<Audit.Entity>) {
+    const entity: Audit.Entity = {
+        ...createBaseEntity(),
+        entity_id: new ObjectId(),
+        entity_type: faker.string.alpha(10),
+        action: faker.helpers.arrayElement(['create', 'update', 'delete'] as const),
+        context: createAuditContext(),
+        ...overrides,
+    };
+    Audit.schema.encode(entity);
+    return entity;
+}

package/test/utils/entities/index.ts

@@ -0,0 +1,6 @@
+export * from './account';
+export * from './api-key';
+export * from './audit';
+export * from './organization';
+export * from './security-audit';
+export * from './role';

package/test/utils/entities/mapping.ts

@@ -0,0 +1,20 @@
+import { faker } from '@faker-js/faker';
+import { Mapping } from '@trailmix-cms/models';
+import { ObjectId } from 'mongodb';
+import { createBaseEntity } from '../base';
+
+export function createMapping(overrides?: Partial<Mapping.Entity>) {
+    const firstCollection = faker.helpers.arrayElement(['account', 'organization', 'file']);
+    const secondCollection = faker.helpers.arrayElement(['text', 'file', 'organization']);
+    
+    const entity: Mapping.Entity = {
+        ...createBaseEntity(),
+        first_collection: firstCollection,
+        first_id: new ObjectId(),
+        second_collection: secondCollection,
+        second_id: new ObjectId(),
+        ...overrides,
+    };
+    Mapping.schema.encode(entity);
+    return entity;
+}

package/test/utils/entities/organization.ts

@@ -0,0 +1,13 @@
+import { faker } from '@faker-js/faker';
+import { Organization } from '@trailmix-cms/models';
+import { createBaseEntity } from '../base';
+
+export function createOrganization(overrides?: Partial<Organization.Entity>) {
+    const entity: Organization.Entity = {
+        ...createBaseEntity(),
+        name: faker.company.name(),
+        ...overrides,
+    };
+    Organization.schema.encode(entity);
+    return entity;
+}

package/test/utils/entities/role.ts

@@ -0,0 +1,21 @@
+import { faker } from '@faker-js/faker';
+import { Role } from '@trailmix-cms/models';
+import { createBaseEntity } from '../base';
+import { RoleType } from '@trailmix-cms/models';
+import { ObjectId } from 'mongodb';
+import { Principal } from '@trailmix-cms/models';
+import { RoleValue } from '@trailmix-cms/models';
+
+export function createRole(overrides?: Partial<Role.Entity>) {
+    const entity: Role.Entity = {
+        ...createBaseEntity(),
+        type: faker.helpers.arrayElement(Object.values(RoleType)),
+        principal_id: new ObjectId(),
+        principal_type: faker.helpers.arrayElement(Object.values(Principal)),
+        organization_id: new ObjectId(),
+        role: faker.helpers.arrayElement(Object.values(RoleValue)),
+        ...overrides,
+    };
+    Role.schema.encode(entity);
+    return entity;
+}

package/test/utils/entities/security-audit.ts

@@ -0,0 +1,16 @@
+import { faker } from '@faker-js/faker';
+import { SecurityAudit, Principal, SecurityAuditEventType } from '@trailmix-cms/models';
+import { ObjectId } from 'mongodb';
+import { createBaseEntity } from '../base';
+
+export function createSecurityAudit(overrides?: Partial<SecurityAudit.Entity>) {
+    const entity: SecurityAudit.Entity = {
+        ...createBaseEntity(),
+        event_type: faker.helpers.arrayElement(Object.values(SecurityAuditEventType)),
+        principal_id: new ObjectId(),
+        principal_type: faker.helpers.arrayElement(Object.values(Principal)),
+        ...overrides,
+    };
+    SecurityAudit.schema.encode(entity);
+    return entity;
+}

package/test/utils/index.ts

@@ -0,0 +1,4 @@
+export * as Entities from './entities';
+export * as Models from './models';
+export * as Base from './base';
+export * from './auth-guard';

package/test/utils/models/audit-context.ts

@@ -0,0 +1,10 @@
+import { AuditContext } from '@trailmix-cms/models';
+
+export function createAuditContext(overrides?: Partial<AuditContext.Model>) {
+    const model: AuditContext.Model = {
+        system: true,
+        ...overrides,
+    };
+    AuditContext.schema.encode(model);
+    return model;
+}

package/test/utils/models/authorization.ts

@@ -0,0 +1,7 @@
+import { Authorization } from '@trailmix-cms/models';
+
+export function createAuthorization(overrides?: Partial<Authorization.Model>) {
+    return Authorization.schema.parse({
+        ...overrides,
+    });
+}