(ns auto-ap.company.profile-test (:require [auto-ap.datomic :refer [conn]] [auto-ap.integration.util :refer [admin-token setup-test-data test-client test-payment test-vendor user-token wrap-setup]] [auto-ap.permissions :as permissions] [auto-ap.ssr.company :as company] [clojure.string :as str] [clojure.test :refer [deftest is testing use-fixtures]] [datomic.api :as dc])) (use-fixtures :each wrap-setup) ;; ============================================================================ ;; Company Profile - Display Behaviors ;; ============================================================================ (deftest test-download-vendor-list-button (testing "Behavior 1.6: It should show a download link to the vendor list export" (let [{:strs [test-client-id]} (setup-test-data [(test-client :db/id "test-client-id" :client/code "TEST01")]) response (company/page {:identity (user-token test-client-id) :client {:db/id test-client-id} :clients [{:db/id test-client-id}] :trimmed-clients [test-client-id]})] (is (= 200 (:status response))) (is (re-find #"Download vendor list" (:body response))) (is (re-find #"/api/vendors/company/export" (:body response)))))) ;; ============================================================================ ;; Company Profile - Signature Behaviors ;; ============================================================================ (deftest test-signature-section-visibility (testing "Behavior 2.1: It should show the signature section only when the user has signature edit permission" (let [{:strs [test-client-id]} (setup-test-data [(test-client :db/id "test-client-id" :client/code "TEST01")])] ;; Admin user should see signature section (testing "Admin user sees signature section" (let [response (company/page {:identity (admin-token) :client {:db/id test-client-id} :clients [{:db/id test-client-id}] :trimmed-clients [test-client-id]})] (is (= 200 (:status response))) (is (re-find #"Signature" (:body response))))) ;; Regular user with signature edit permission should see signature section (testing "Regular user with signature permission sees signature section" (let [response (company/page {:identity (user-token test-client-id) :client {:db/id test-client-id} :clients [{:db/id test-client-id}] :trimmed-clients [test-client-id]})] (is (= 200 (:status response))) (is (re-find #"Signature" (:body response))))) ;; Read-only user should NOT see signature section (testing "Read-only user does not see signature section" (let [response (company/page {:identity {:user "READONLY" :exp (clj-time.core/plus (clj-time.core/now) (clj-time.core/days 1)) :user/role "read-only" :user/name "READONLY" :user/clients [{:db/id test-client-id}]} :client {:db/id test-client-id} :clients [{:db/id test-client-id}] :trimmed-clients [test-client-id]})] (is (= 200 (:status response))) (is (not (re-find #"Signature" (:body response))))))))) (deftest test-invalid-signature-rejected (testing "Behavior 2.6: It should reject invalid signature image data with a validation error" (let [{:strs [test-client-id]} (setup-test-data [(test-client :db/id "test-client-id" :client/code "TEST01")])] ;; Invalid signature data (not starting with data:image/png;base64,) (testing "Signature data without proper prefix is rejected" (is (thrown-with-msg? Exception #"Invalid signature image" (company/upload-signature-data {:identity (user-token test-client-id) :client {:db/id test-client-id} :form-params {"signatureData" "invalid-data"}})))) ;; Empty signature data should be handled gracefully (testing "Empty signature data is handled gracefully" (let [response (company/upload-signature-data {:identity (user-token test-client-id) :client {:db/id test-client-id} :form-params {"signatureData" nil}})] (is (or (nil? response) (= 200 (:status response))))))))) (deftest test-signature-upload-refreshes-section (testing "Behavior 2.9: It should refresh the signature section with the uploaded image on successful upload" (let [{:strs [test-client-id]} (setup-test-data [(test-client :db/id "test-client-id" :client/code "TEST01")]) valid-signature-data "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mP8z8BQDwAEhQGAhKmMIQAAAABJRU5ErkJggg=="] (with-redefs [amazonica.aws.s3/put-object (fn [& _] nil)] (let [response (company/upload-signature-data {:identity (user-token test-client-id) :client {:db/id test-client-id} :form-params {"signatureData" valid-signature-data}})] (is (= 200 (:status response))) ;; The response should contain the refreshed signature section (is (re-find #"Signature" (:body response))) ;; Verify the client now has a signature file URL in the database (let [client (dc/pull (dc/db conn) [:client/signature-file] test-client-id)] (is (some? (:client/signature-file client))) (is (str/starts-with? (:client/signature-file client) "https://"))))))))