@@ -23,6 +23,7 @@ vi.mock('node:crypto', () => ({
2323
2424describe ( 'ResourceRegistration' , ( ) : void => {
2525 const owner = 'owner' ;
26+ const resource = 'http://example.com/resource' ;
2627 let input : HttpHandlerContext < ResourceDescription > ;
2728 let policyStore : Store ;
2829
@@ -61,7 +62,7 @@ describe('ResourceRegistration', (): void => {
6162 } satisfies Partial < KeyValueStorage < string , ResourceDescription > > as any ;
6263
6364 ownershipStore = {
64- get : vi . fn ( ) . mockResolvedValue ( [ ] ) ,
65+ get : vi . fn ( ) . mockResolvedValue ( [ resource ] ) ,
6566 set : vi . fn ( ) ,
6667 delete : vi . fn ( ) ,
6768 } satisfies Partial < KeyValueStorage < string , string [ ] > > as any ;
@@ -80,9 +81,38 @@ describe('ResourceRegistration', (): void => {
8081 } ) ;
8182
8283 it ( 'throws an error if the method is not allowed.' , async ( ) : Promise < void > => {
84+ input . request . method = 'PATCH' ;
8385 await expect ( handler . handle ( input ) ) . rejects . toThrow ( MethodNotAllowedHttpError ) ;
8486 } ) ;
8587
88+ describe ( 'with GET requests' , ( ) : void => {
89+ it ( 'can return a list of owned resource identifiers.' , async ( ) : Promise < void > => {
90+ await expect ( handler . handle ( input ) ) . resolves . toEqual ( { status : 200 , body : [ resource ] } ) ;
91+ expect ( ownershipStore . get ) . toHaveBeenCalledExactlyOnceWith ( owner ) ;
92+ } ) ;
93+
94+ it ( 'can return the details of a single resource.' , async ( ) : Promise < void > => {
95+ input . request . parameters = { id : resource } ;
96+ await expect ( handler . handle ( input ) ) . resolves
97+ . toEqual ( { status : 200 , body : input . request . body } ) ;
98+ expect ( registrationStore . get ) . toHaveBeenCalledExactlyOnceWith ( resource ) ;
99+ } ) ;
100+
101+ it ( 'returns a 404 for unknown resource identifiers.' , async ( ) : Promise < void > => {
102+ input . request . parameters = { id : resource } ;
103+ registrationStore . get . mockResolvedValueOnce ( undefined ) ;
104+ await expect ( handler . handle ( input ) ) . rejects . toThrow ( NotFoundHttpError ) ;
105+ expect ( registrationStore . get ) . toHaveBeenCalledExactlyOnceWith ( resource ) ;
106+ } ) ;
107+
108+ it ( 'returns a 403 if the user is not the actual owner.' , async ( ) : Promise < void > => {
109+ input . request . parameters = { id : resource } ;
110+ registrationStore . get . mockResolvedValueOnce ( { owner : 'someone else' } as any ) ;
111+ await expect ( handler . handle ( input ) ) . rejects . toThrow ( ForbiddenHttpError ) ;
112+ expect ( registrationStore . get ) . toHaveBeenCalledExactlyOnceWith ( resource ) ;
113+ } ) ;
114+ } ) ;
115+
86116 describe ( 'with POST requests' , ( ) : void => {
87117 beforeEach ( async ( ) : Promise < void > => {
88118 input . request . method = 'POST' ;
0 commit comments