HyperSpaceOut/jackboxpartypack-gamepicker
3
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: gate full notes behind auth on single session endpoint

Browse Source 
Made-with: Cursor
This commit is contained in:
cottongin
2026-03-23 00:09:39 -04:00
parent e9f1b89d44
commit ce3347d0b1
3 changed files with 55 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tests/api/regression-sessions.test.js
View File

@@ -7,7 +7,7 @@ describe('GET /api/sessions (regression)', () => {
cleanDb();
});
test('GET /api/sessions/:id returns session object', async () => {
test('GET /api/sessions/:id returns session object with preview for unauthenticated', async () => {
const session = seedSession({ is_active: 1, notes: 'Test session' });
const res = await request(app).get(`/api/sessions/${session.id}`);
@@ -17,9 +17,11 @@ describe('GET /api/sessions (regression)', () => {
expect.objectContaining({
id: session.id,
is_active: 1,
notes: 'Test session',
has_notes: true,
notes_preview: 'Test session',
})
);
expect(res.body.notes).toBeUndefined();
expect(res.body).toHaveProperty('games_played');
});

41
tests/api/session-notes.test.js
View File

@@ -104,3 +104,44 @@ describe('GET /api/sessions list', () => {
});
});
describe('GET /api/sessions/:id notes visibility', () => {
beforeEach(() => {
cleanDb();
});
test('returns full notes when authenticated', async () => {
const session = seedSession({ notes: '**Full notes** here\n\nSecond paragraph' });
const res = await request(app)
.get(`/api/sessions/${session.id}`)
.set('Authorization', getAuthHeader());
expect(res.status).toBe(200);
expect(res.body.notes).toBe('**Full notes** here\n\nSecond paragraph');
expect(res.body.has_notes).toBe(true);
expect(res.body.notes_preview).toBe('Full notes here');
});
test('returns only preview when unauthenticated', async () => {
const session = seedSession({ notes: '**Full notes** here\n\nSecond paragraph' });
const res = await request(app)
.get(`/api/sessions/${session.id}`);
expect(res.status).toBe(200);
expect(res.body.notes).toBeUndefined();
expect(res.body.has_notes).toBe(true);
expect(res.body.notes_preview).toBe('Full notes here');
});
test('returns has_notes false when no notes', async () => {
const session = seedSession({ notes: null });
const res = await request(app)
.get(`/api/sessions/${session.id}`);
expect(res.status).toBe(200);
expect(res.body.has_notes).toBe(false);
expect(res.body.notes_preview).toBeNull();
});
});