strapi-plugin-keycloak-realm-users 1.0.0

package/__tests__/services/realm.test.mjs

@@ -0,0 +1,415 @@
+/**
+ * @fileoverview Unit tests for the realm configuration service.
+ * @module __tests__/services/realm
+ */
+
+import realmService from '../../server/src/services/realm.js';
+import { createMockStrapi, createMockRealmConfig } from '../mocks/strapi.mjs';
+import {
+  CONTENT_TYPES,
+  ERROR_MESSAGES,
+  DEFAULT_REALM_COLOR,
+} from '../../server/src/constants.js';
+
+describe('Realm Service', () => {
+  let strapi;
+  let service;
+  let mockKeycloakClient;
+
+  beforeEach(() => {
+    mockKeycloakClient = {
+      testConnection: jest.fn().mockResolvedValue({ success: true }),
+      clearTokenCache: jest.fn(),
+    };
+
+    strapi = createMockStrapi({
+      pluginServices: {
+        'keycloak-client': mockKeycloakClient,
+      },
+    });
+    service = realmService({ strapi });
+  });
+
+  describe('findAll', () => {
+    it('should return all realms sorted by displayName', async () => {
+      const realms = [
+        createMockRealmConfig({ displayName: 'Bravo' }),
+        createMockRealmConfig({ displayName: 'Alpha' }),
+      ];
+      strapi.documents.mockReturnValue({
+        findMany: jest.fn().mockResolvedValue(realms),
+      });
+
+      const result = await service.findAll();
+
+      expect(result).toEqual(realms);
+      expect(strapi.documents).toHaveBeenCalledWith(CONTENT_TYPES.REALM_CONFIG);
+    });
+  });
+
+  describe('findOne', () => {
+    it('should return realm when found', async () => {
+      const realm = createMockRealmConfig();
+      strapi.documents.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(realm),
+      });
+
+      const result = await service.findOne('realm-doc-123');
+
+      expect(result).toEqual(realm);
+    });
+
+    it('should throw when realm not found', async () => {
+      strapi.documents.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(null),
+      });
+
+      await expect(service.findOne('non-existent')).rejects.toThrow();
+    });
+
+    it('should throw with sanitized error message', async () => {
+      strapi.documents.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(null),
+      });
+
+      try {
+        await service.findOne('non-existent');
+      } catch (err) {
+        expect(err.sanitizedMessage).toBe(ERROR_MESSAGES.REALM_NOT_FOUND);
+      }
+    });
+  });
+
+  describe('findOneWithSecret', () => {
+    it('should return realm with clientSecret from db.query', async () => {
+      const realm = createMockRealmConfig({ clientSecret: 'super-secret' });
+      strapi.db.query.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(realm),
+      });
+
+      const result = await service.findOneWithSecret('realm-doc-123');
+
+      expect(result.clientSecret).toBe('super-secret');
+      expect(strapi.db.query).toHaveBeenCalledWith(CONTENT_TYPES.REALM_CONFIG);
+    });
+
+    it('should throw when realm not found', async () => {
+      strapi.db.query.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(null),
+      });
+
+      await expect(service.findOneWithSecret('non-existent')).rejects.toThrow();
+    });
+  });
+
+  describe('findByName', () => {
+    it('should return realm when found by name', async () => {
+      const realm = createMockRealmConfig({ name: 'production-users' });
+      strapi.documents.mockReturnValue({
+        findMany: jest.fn().mockResolvedValue([realm]),
+      });
+
+      const result = await service.findByName('production-users');
+
+      expect(result).toEqual(realm);
+    });
+
+    it('should return null when not found', async () => {
+      strapi.documents.mockReturnValue({
+        findMany: jest.fn().mockResolvedValue([]),
+      });
+
+      const result = await service.findByName('non-existent');
+
+      expect(result).toBeNull();
+    });
+  });
+
+  describe('isValidName', () => {
+    it('should accept valid names', () => {
+      expect(service.isValidName('valid-name')).toBe(true);
+      expect(service.isValidName('realm123')).toBe(true);
+      expect(service.isValidName('my-realm-v2')).toBe(true);
+    });
+
+    it('should reject invalid names', () => {
+      expect(service.isValidName('Invalid')).toBe(false);
+      expect(service.isValidName('has_underscore')).toBe(false);
+      expect(service.isValidName('has space')).toBe(false);
+      expect(service.isValidName('')).toBe(false);
+    });
+  });
+
+  describe('normalizeServerUrl', () => {
+    it('should remove trailing slash', () => {
+      expect(service.normalizeServerUrl('https://example.com/')).toBe('https://example.com');
+    });
+
+    it('should not modify URL without trailing slash', () => {
+      expect(service.normalizeServerUrl('https://example.com')).toBe('https://example.com');
+    });
+  });
+
+  describe('create', () => {
+    it('should create realm with valid data', async () => {
+      const createMock = jest.fn().mockResolvedValue({ documentId: 'new-realm' });
+      strapi.documents.mockReturnValue({
+        findMany: jest.fn().mockResolvedValue([]),
+        create: createMock,
+      });
+
+      await service.create({
+        name: 'new-realm',
+        displayName: 'New Realm',
+        serverUrl: 'https://keycloak.example.com/',
+        realmName: 'new',
+        clientId: 'admin-cli',
+        clientSecret: 'secret',
+      });
+
+      expect(createMock).toHaveBeenCalledWith({
+        data: expect.objectContaining({
+          name: 'new-realm',
+          displayName: 'New Realm',
+          serverUrl: 'https://keycloak.example.com', // normalized
+          realmName: 'new',
+          clientId: 'admin-cli',
+          clientSecret: 'secret',
+          enabled: true,
+          color: DEFAULT_REALM_COLOR,
+        }),
+      });
+    });
+
+    it('should throw when required fields are missing', async () => {
+      await expect(
+        service.create({
+          name: 'test',
+          // missing other required fields
+        })
+      ).rejects.toThrow();
+
+      try {
+        await service.create({ name: 'test' });
+      } catch (err) {
+        expect(err.sanitizedMessage).toBe(ERROR_MESSAGES.MISSING_REQUIRED_FIELDS);
+      }
+    });
+
+    it('should throw for invalid name format', async () => {
+      try {
+        await service.create({
+          name: 'Invalid Name',
+          displayName: 'Test',
+          serverUrl: 'https://example.com',
+          realmName: 'test',
+          clientId: 'client',
+        });
+      } catch (err) {
+        expect(err.sanitizedMessage).toBe(ERROR_MESSAGES.INVALID_NAME_FORMAT);
+      }
+    });
+
+    it('should throw when name already exists', async () => {
+      strapi.documents.mockReturnValue({
+        findMany: jest.fn().mockResolvedValue([createMockRealmConfig({ name: 'existing' })]),
+      });
+
+      try {
+        await service.create({
+          name: 'existing',
+          displayName: 'Test',
+          serverUrl: 'https://example.com',
+          realmName: 'test',
+          clientId: 'client',
+        });
+      } catch (err) {
+        expect(err.sanitizedMessage).toBe(ERROR_MESSAGES.REALM_NAME_EXISTS);
+      }
+    });
+
+    it('should allow null clientSecret', async () => {
+      const createMock = jest.fn().mockResolvedValue({});
+      strapi.documents.mockReturnValue({
+        findMany: jest.fn().mockResolvedValue([]),
+        create: createMock,
+      });
+
+      await service.create({
+        name: 'test-realm',
+        displayName: 'Test',
+        serverUrl: 'https://example.com',
+        realmName: 'test',
+        clientId: 'client',
+      });
+
+      const calledWith = createMock.mock.calls[0][0];
+      expect(calledWith.data.clientSecret).toBeNull();
+    });
+  });
+
+  describe('update', () => {
+    it('should update realm with valid data', async () => {
+      const existing = createMockRealmConfig();
+      const updateMock = jest.fn().mockResolvedValue({});
+      strapi.documents.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(existing),
+        findMany: jest.fn().mockResolvedValue([]),
+        update: updateMock,
+      });
+
+      await service.update('realm-123', { displayName: 'Updated Name' });
+
+      expect(updateMock).toHaveBeenCalledWith({
+        documentId: 'realm-123',
+        data: { displayName: 'Updated Name' },
+      });
+    });
+
+    it('should validate new name format on update', async () => {
+      const existing = createMockRealmConfig();
+      strapi.documents.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(existing),
+      });
+
+      try {
+        await service.update('realm-123', { name: 'Invalid Name' });
+      } catch (err) {
+        expect(err.sanitizedMessage).toBe(ERROR_MESSAGES.INVALID_NAME_FORMAT);
+      }
+    });
+
+    it('should check for duplicate name on update', async () => {
+      const existing = createMockRealmConfig({ documentId: 'realm-123', name: 'old-name' });
+      const duplicate = createMockRealmConfig({ documentId: 'other-realm', name: 'taken-name' });
+      strapi.documents.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(existing),
+        findMany: jest.fn().mockResolvedValue([duplicate]),
+      });
+
+      try {
+        await service.update('realm-123', { name: 'taken-name' });
+      } catch (err) {
+        expect(err.sanitizedMessage).toBe(ERROR_MESSAGES.REALM_NAME_EXISTS);
+      }
+    });
+
+    it('should allow same name for same realm', async () => {
+      const existing = createMockRealmConfig({ documentId: 'realm-123', name: 'same-name' });
+      const updateMock = jest.fn().mockResolvedValue({});
+      strapi.documents.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(existing),
+        findMany: jest.fn().mockResolvedValue([existing]), // same realm
+        update: updateMock,
+      });
+
+      await service.update('realm-123', { name: 'same-name' });
+
+      expect(updateMock).toHaveBeenCalled();
+    });
+
+    it('should normalize serverUrl on update', async () => {
+      const existing = createMockRealmConfig();
+      const updateMock = jest.fn().mockResolvedValue({});
+      strapi.documents.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(existing),
+        update: updateMock,
+      });
+
+      await service.update('realm-123', { serverUrl: 'https://new-server.com/' });
+
+      const calledWith = updateMock.mock.calls[0][0];
+      expect(calledWith.data.serverUrl).toBe('https://new-server.com');
+    });
+
+    it('should clear token cache when connection details change', async () => {
+      const existing = createMockRealmConfig();
+      strapi.documents.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(existing),
+        update: jest.fn().mockResolvedValue({}),
+      });
+
+      await service.update('realm-123', { clientSecret: 'new-secret' });
+
+      expect(mockKeycloakClient.clearTokenCache).toHaveBeenCalledWith(existing);
+    });
+  });
+
+  describe('delete', () => {
+    it('should delete realm and all admin assignments', async () => {
+      const realm = createMockRealmConfig();
+      const assignments = [
+        { documentId: 'assignment-1' },
+        { documentId: 'assignment-2' },
+      ];
+      const deleteMock = jest.fn().mockResolvedValue({});
+      strapi.documents.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(realm),
+        findMany: jest.fn().mockResolvedValue(assignments),
+        delete: deleteMock,
+      });
+
+      const result = await service.delete('realm-123');
+
+      expect(result).toEqual({ success: true });
+      expect(deleteMock).toHaveBeenCalledTimes(3); // 2 assignments + 1 realm
+      expect(mockKeycloakClient.clearTokenCache).toHaveBeenCalledWith(realm);
+    });
+
+    it('should throw when realm not found', async () => {
+      strapi.documents.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(null),
+      });
+
+      await expect(service.delete('non-existent')).rejects.toThrow();
+    });
+  });
+
+  describe('testConnection', () => {
+    it('should test connection for enabled realm', async () => {
+      const realm = createMockRealmConfig({ enabled: true });
+      strapi.documents.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(realm),
+      });
+      strapi.db.query.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue({ ...realm, clientSecret: 'secret' }),
+      });
+
+      const result = await service.testConnection('realm-123');
+
+      expect(result.success).toBe(true);
+      expect(mockKeycloakClient.testConnection).toHaveBeenCalled();
+    });
+
+    it('should return failure for disabled realm', async () => {
+      const realm = createMockRealmConfig({ enabled: false });
+      strapi.documents.mockReturnValue({
+        findOne: jest.fn().mockResolvedValue(realm),
+      });
+
+      const result = await service.testConnection('realm-123');
+
+      expect(result.success).toBe(false);
+      expect(result.message).toBe(ERROR_MESSAGES.REALM_DISABLED);
+    });
+  });
+
+  describe('testConnectionRaw', () => {
+    it('should test connection with raw config', async () => {
+      mockKeycloakClient.testConnection.mockResolvedValue({
+        success: true,
+        realmDisplayName: 'Test Realm',
+      });
+
+      const result = await service.testConnectionRaw({
+        serverUrl: 'https://keycloak.example.com',
+        realmName: 'test',
+        clientId: 'admin-cli',
+        clientSecret: 'secret',
+      });
+
+      expect(result.success).toBe(true);
+      expect(result.realmDisplayName).toBe('Test Realm');
+    });
+  });
+});