|
1 | 1 | /** |
2 | 2 | * @vitest-environment node |
3 | 3 | */ |
4 | | -import { dbChainMock, dbChainMockFns, resetDbChainMock } from '@sim/testing' |
| 4 | +import { auditMock, dbChainMock, dbChainMockFns, resetDbChainMock } from '@sim/testing' |
5 | 5 | import { beforeEach, describe, expect, it, vi } from 'vitest' |
6 | 6 |
|
7 | 7 | const { |
@@ -72,6 +72,8 @@ vi.mock('@/lib/credentials/environment', () => ({ |
72 | 72 | syncWorkspaceEnvCredentials: mockSyncWorkspaceEnvCredentials, |
73 | 73 | })) |
74 | 74 |
|
| 75 | +vi.mock('@sim/audit', () => auditMock) |
| 76 | + |
75 | 77 | import { acceptInvitation } from '@/lib/invitations/core' |
76 | 78 |
|
77 | 79 | function queueWhereResponses(responses: unknown[][]) { |
@@ -319,6 +321,81 @@ describe('acceptInvitation', () => { |
319 | 321 | actorId: 'invitee-user', |
320 | 322 | }) |
321 | 323 | expect(mockSetActiveOrganizationForCurrentSession).toHaveBeenCalledWith('org-new') |
| 324 | + expect(auditMock.recordAudit).toHaveBeenCalledWith( |
| 325 | + expect.objectContaining({ |
| 326 | + actorId: 'invitee-user', |
| 327 | + action: auditMock.AuditAction.ORG_MEMBER_ADDED, |
| 328 | + resourceType: auditMock.AuditResourceType.ORGANIZATION, |
| 329 | + resourceId: 'org-new', |
| 330 | + metadata: expect.objectContaining({ invitationId: 'inv-1', memberRole: 'member' }), |
| 331 | + }) |
| 332 | + ) |
| 333 | + }) |
| 334 | + |
| 335 | + it('does not record an ORG_MEMBER_ADDED audit for a user who is already a member', async () => { |
| 336 | + mockGetWorkspaceWithOwner.mockResolvedValueOnce({ |
| 337 | + id: 'workspace-1', |
| 338 | + name: 'Workspace', |
| 339 | + ownerId: 'owner-1', |
| 340 | + organizationId: 'org-1', |
| 341 | + workspaceMode: 'organization', |
| 342 | + billedAccountUserId: 'owner-1', |
| 343 | + }) |
| 344 | + mockEnsureTeamOrganizationForAcceptance.mockResolvedValueOnce({ |
| 345 | + success: true, |
| 346 | + organizationId: 'org-1', |
| 347 | + fixedSeats: false, |
| 348 | + }) |
| 349 | + mockEnsureUserInOrganization.mockResolvedValueOnce({ |
| 350 | + success: true, |
| 351 | + alreadyMember: true, |
| 352 | + billingActions: { proUsageSnapshotted: false, proCancelledAtPeriodEnd: false }, |
| 353 | + }) |
| 354 | + |
| 355 | + queueWhereResponses([ |
| 356 | + [ |
| 357 | + { |
| 358 | + id: 'inv-1', |
| 359 | + kind: 'workspace', |
| 360 | + email: 'invitee@example.com', |
| 361 | + organizationId: 'org-1', |
| 362 | + membershipIntent: 'internal', |
| 363 | + inviterId: 'owner-1', |
| 364 | + role: 'member', |
| 365 | + status: 'pending', |
| 366 | + token: 'tok-1', |
| 367 | + expiresAt: new Date(Date.now() + 60_000), |
| 368 | + createdAt: new Date(), |
| 369 | + updatedAt: new Date(), |
| 370 | + }, |
| 371 | + ], |
| 372 | + [ |
| 373 | + { |
| 374 | + id: 'grant-1', |
| 375 | + workspaceId: 'workspace-1', |
| 376 | + permission: 'write', |
| 377 | + workspaceName: 'Workspace', |
| 378 | + }, |
| 379 | + ], |
| 380 | + [{ name: 'Acme' }], |
| 381 | + [{ name: 'Owner', email: 'owner@example.com' }], |
| 382 | + [{ id: 'member-1' }], |
| 383 | + ]) |
| 384 | + |
| 385 | + const result = await acceptInvitation({ |
| 386 | + userId: 'invitee-user', |
| 387 | + userEmail: 'invitee@example.com', |
| 388 | + invitationId: 'inv-1', |
| 389 | + token: 'tok-1', |
| 390 | + }) |
| 391 | + |
| 392 | + expect(result.success).toBe(true) |
| 393 | + if (result.success) { |
| 394 | + expect(result.membershipAlreadyExists).toBe(true) |
| 395 | + } |
| 396 | + expect(auditMock.recordAudit).not.toHaveBeenCalledWith( |
| 397 | + expect.objectContaining({ action: auditMock.AuditAction.ORG_MEMBER_ADDED }) |
| 398 | + ) |
322 | 399 | }) |
323 | 400 |
|
324 | 401 | it('does not reconcile seats for an Enterprise organization (fixed seats)', async () => { |
|
0 commit comments