code: resolve,nextjs,frontends (1 files)

2026-05-01 01:05:00 +00:00 · 2025-12-26 00:34:35 +00:00
parent c547593a48
commit 96bb6db985
1 changed files with 60 additions and 0 deletions
--- a/frontends/nextjs/src/lib/auth/resolve-access-decision.test.ts
+++ b/frontends/nextjs/src/lib/auth/resolve-access-decision.test.ts
@@ -0,0 +1,60 @@
+import { describe, it, expect } from 'vitest'
+import { resolveAccessDecision } from './resolve-access-decision'
+
+describe('resolveAccessDecision', () => {
+  it('returns loading when auth is loading', () => {
+    const decision = resolveAccessDecision({
+      isAuthenticated: false,
+      isLoading: true,
+      requiresAuth: true,
+    })
+
+    expect(decision).toEqual({ allowed: false, reason: 'loading' })
+  })
+
+  it('blocks unauthenticated access when auth is required', () => {
+    const decision = resolveAccessDecision({
+      isAuthenticated: false,
+      isLoading: false,
+      requiresAuth: true,
+    })
+
+    expect(decision).toEqual({ allowed: false, reason: 'unauthenticated' })
+  })
+
+  it('blocks users below the required level', () => {
+    const decision = resolveAccessDecision({
+      isAuthenticated: true,
+      isLoading: false,
+      requiresAuth: true,
+      requiredLevel: 3,
+      userRole: 'user',
+    })
+
+    expect(decision).toEqual({ allowed: false, reason: 'insufficient_level' })
+  })
+
+  it('allows access when the required level is met', () => {
+    const decision = resolveAccessDecision({
+      isAuthenticated: true,
+      isLoading: false,
+      requiresAuth: true,
+      requiredLevel: 2,
+      userRole: 'user',
+    })
+
+    expect(decision).toEqual({ allowed: true })
+  })
+
+  it('uses userLevel when provided', () => {
+    const decision = resolveAccessDecision({
+      isAuthenticated: true,
+      isLoading: false,
+      requiresAuth: true,
+      requiredLevel: 4,
+      userLevel: 4,
+    })
+
+    expect(decision).toEqual({ allowed: true })
+  })
+})