added project deletion tests

fomalhautb · fomalhautb · commit 8cff34edcdcc · 2024-08-11T20:57:56.000-07:00
diff --git a/apps/backend/src/route-handlers/smart-request.tsx b/apps/backend/src/route-handlers/smart-request.tsx
@@ -231,7 +231,7 @@ async function parseAuth(req: NextRequest): Promise<SmartRequestAuth | null> {
 
   const project = await getProject(projectId);
   if (!project) {
-    throw new StackAssertionError("Project not found; this should never happen because having a project ID should guarantee a project");
+    throw new StackAssertionError("Project not found; this should only happen if the project was deleted and the access token is still valid", { projectId });
   }
 
   let user = null;
diff --git a/apps/e2e/tests/backend/endpoints/api/v1/projects.test.ts b/apps/e2e/tests/backend/endpoints/api/v1/projects.test.ts
@@ -2,7 +2,7 @@ import { it } from "../../../../helpers";
 import { Auth, InternalProjectKeys, Project, backendContext, niceBackendFetch } from "../../../backend-helpers";
 
 
-it("should not have have access to the project", async ({ expect }) => {
+it("should not have have access to the project without project keys", async ({ expect }) => {
   backendContext.set({
     projectKeys: 'no-project'
   });
@@ -801,3 +801,130 @@ it("updates the project oauth configuration", async ({ expect }) => {
     }
   `);
 });
+
+it("deletes a project with admin access", async ({ expect }) => {
+  await Auth.Otp.signIn();
+  const { adminAccessToken } = await Project.createAndGetAdminToken();
+
+  // Delete the project
+  const deleteResponse = await niceBackendFetch(`/api/v1/projects/current`, {
+    accessType: "admin",
+    method: "DELETE",
+    headers: {
+      'x-stack-admin-access-token': adminAccessToken,
+    }
+  });
+
+  expect(deleteResponse).toMatchInlineSnapshot(`
+    NiceResponse {
+      "status": 200,
+      "body": { "success": true },
+      "headers": Headers { <some fields may have been hidden> },
+    }
+  `);
+});
+
+it("deletes a project with server access", async ({ expect }) => {
+  await Auth.Otp.signIn();
+  const { adminAccessToken } = await Project.createAndGetAdminToken();
+
+  // Delete the project
+  const deleteResponse = await niceBackendFetch(`/api/v1/projects/current`, {
+    accessType: "server",
+    method: "DELETE",
+    headers: {
+      'x-stack-admin-access-token': adminAccessToken,
+    }
+  });
+
+  expect(deleteResponse).toMatchInlineSnapshot(`
+    NiceResponse {
+      "status": 401,
+      "body": {
+        "code": "INSUFFICIENT_ACCESS_TYPE",
+        "details": {
+          "actual_access_type": "server",
+          "allowed_access_types": ["admin"],
+        },
+        "error": "The x-stack-access-type header must be 'admin', but was 'server'.",
+      },
+      "headers": Headers {
+        "x-stack-known-error": "INSUFFICIENT_ACCESS_TYPE",
+        <some fields may have been hidden>,
+      },
+    }
+  `);
+});
+
+it("deletes a project with users, teams, and permissions", async ({ expect }) => {
+  await Auth.Otp.signIn();
+  const { adminAccessToken } = await Project.createAndGetAdminToken();
+
+  // Create a user
+  const userResponse = await niceBackendFetch(`/api/v1/users`, {
+    accessType: "server",
+    method: "POST",
+    headers: {
+      'x-stack-admin-access-token': adminAccessToken,
+    },
+    body: {
+      primary_email: "test@test.com",
+      password: "testing",
+      primary_email_auth_enabled: true,
+    }
+  });
+  expect(userResponse.status).toBe(201);
+
+  // Create a team
+  const teamResponse = await niceBackendFetch(`/api/v1/teams`, {
+    accessType: "server",
+    method: "POST",
+    headers: {
+      'x-stack-admin-access-token': adminAccessToken,
+    },
+    body: {
+      display_name: "Test Team",
+    }
+  });
+  expect(teamResponse.status).toBe(201);
+
+  // create a team permission
+  const teamPermissionResponse = await niceBackendFetch(`/api/v1/team-permission-definitions`, {
+    accessType: "admin",
+    method: "POST",
+    body: {
+      id: 'p1'
+    },
+    headers: {
+      'x-stack-admin-access-token': adminAccessToken
+    },
+  });
+  expect(teamPermissionResponse.status).toBe(201);
+
+  // Delete the project
+  const deleteResponse = await niceBackendFetch(`/api/v1/projects/current`, {
+    accessType: "server",
+    method: "DELETE",
+    headers: {
+      'x-stack-admin-access-token': adminAccessToken,
+    }
+  });
+
+  expect(deleteResponse).toMatchInlineSnapshot(`
+    NiceResponse {
+      "status": 401,
+      "body": {
+        "code": "INSUFFICIENT_ACCESS_TYPE",
+        "details": {
+          "actual_access_type": "server",
+          "allowed_access_types": ["admin"],
+        },
+        "error": "The x-stack-access-type header must be 'admin', but was 'server'.",
+      },
+      "headers": Headers {
+        "x-stack-known-error": "INSUFFICIENT_ACCESS_TYPE",
+        <some fields may have been hidden>,
+      },
+    }
+  `);
+});

Original file line number	Diff line number	Diff line change
`@@ -231,7 +231,7 @@ async function parseAuth(req: NextRequest): Promise<SmartRequestAuth \| null> {`
`231`	`231`
`232`	`232`	`const project = await getProject(projectId);`
`233`	`233`	`if (!project) {`
`234`		`- throw new StackAssertionError("Project not found; this should never happen because having a project ID should guarantee a project");`
	`234`	`+ throw new StackAssertionError("Project not found; this should only happen if the project was deleted and the access token is still valid", { projectId });`
`235`	`235`	`}`
`236`	`236`
`237`	`237`	`let user = null;`