





























@@ -15,6 +15,7 @@ vi.mock("./http-common.js", () => {
1515readJsonBodyOrError: vi.fn(),
1616sendJson: vi.fn(),
1717sendMethodNotAllowed: vi.fn(),
18+sendMissingScopeForbidden: vi.fn(),
1819};
1920});
2021@@ -24,7 +25,8 @@ vi.mock("./method-scopes.js", () => {
2425};
2526});
262727-const { readJsonBodyOrError, sendJson, sendMethodNotAllowed } = await import("./http-common.js");
28+const { readJsonBodyOrError, sendJson, sendMethodNotAllowed, sendMissingScopeForbidden } =
29+await import("./http-common.js");
2830const { authorizeGatewayHttpRequestOrReply, resolveTrustedHttpOperatorScopes } =
2931await import("./http-utils.js");
3032const { authorizeOperatorScopesForMethod } = await import("./method-scopes.js");
@@ -102,8 +104,8 @@ describe("handleGatewayPostJsonEndpoint", () => {
102104allowed: false,
103105missingScope: "operator.write",
104106});
105-const mockedSendJson = vi.mocked(sendJson);
106-mockedSendJson.mockClear();
107+const mockedSendMissingScopeForbidden = vi.mocked(sendMissingScopeForbidden);
108+mockedSendMissingScopeForbidden.mockClear();
107109vi.mocked(readJsonBodyOrError).mockClear();
108110109111const result = await handleGatewayPostJsonEndpoint(
@@ -125,16 +127,9 @@ describe("handleGatewayPostJsonEndpoint", () => {
125127expect(vi.mocked(authorizeOperatorScopesForMethod)).toHaveBeenCalledWith("chat.send", [
126128"operator.approvals",
127129]);
128-expect(mockedSendJson).toHaveBeenCalledWith(
130+expect(mockedSendMissingScopeForbidden).toHaveBeenCalledWith(
129131expect.anything(),
130-403,
131-expect.objectContaining({
132-ok: false,
133-error: expect.objectContaining({
134-type: "forbidden",
135-message: "missing scope: operator.write",
136-}),
137-}),
132+"operator.write",
138133);
139134expect(vi.mocked(readJsonBodyOrError)).not.toHaveBeenCalled();
140135});
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。