Goal-Calibration/cypress/e2e/userText.cy.js

describe('The user text detail page', () => {
    beforeEach(() => {
        cy.exec('npm run db:seed')
    })
    afterEach(() => {
        cy.exec('npm run db:wipe')
    })

    it('renders own text with heading', () => {
        cy.loginAsUser()
        cy.intercept('GET', '/api/texts/0').as('getText')
        cy.visit('/texts/0')
        cy.wait('@getText')
        cy.get('h1').should('contain', 'Tanach')
    })

    it('returns 403 when accessing another user text', () => {
        cy.loginAsSecondUser()
        cy.request({
            url: '/api/texts/0',
            failOnStatusCode: false,
        }).then((response) => {
            expect(response.status).to.eq(403)
        })
    })

    it('owner can add a child node', () => {
        cy.loginAsUser()
        cy.intercept('GET', '/api/nodes/0').as('getNodes')
        cy.visit('/texts/0')
        cy.wait('@getNodes')

        cy.get('#text-detail > ul > li').first().activateNode()
            .children('button.add-child').click()
        cy.get('#text-detail > ul > li').first()
            .children('input.child-title').type('My new child')
        cy.get('#text-detail > ul > li').first()
            .children('button.save-child').click()

        cy.contains('My new child')
    })

    it('non-owner gets 403 when posting a node to that text', () => {
        cy.loginAsSecondUser()
        cy.request({
            method: 'POST',
            url: '/api/nodes',
            body: {
                textId: 0,
                title: 'Hijack',
                parentNodeId: 0,
            },
            failOnStatusCode: false,
        }).then((response) => {
            expect(response.status).to.eq(403)
        })
    })

    it('non-owner sees forbidden message when viewing another user text', () => {
        cy.loginAsSecondUser()
        cy.intercept('GET', '/api/texts/0').as('getText')
        cy.visit('/texts/0')
        cy.wait('@getText')
        cy.get('#text-detail').should(
            'contain',
            "You don't have permission to view this text"
        )
    })

    it('user sees not found for non-existent text', () => {
        cy.loginAsUser()
        cy.intercept('GET', '/api/texts/999').as('getText')
        cy.visit('/texts/999')
        cy.wait('@getText')
        cy.get('#text-detail').should('contain', 'Text not found')
    })
})