Add failing test for one edge case

A member of private projects should be able to see himself, but currently he cannot. He could if he was in an org, but he cannot see himself if he's in one private project but no orgs.
sillsdev · Nov 19, 2024 · 096d825 · 096d825
1 parent f1747b2
commit 096d825
Showing 1 changed file with 14 additions and 2 deletions.
diff --git a/backend/Testing/LexCore/Services/UserServiceTest.cs b/backend/Testing/LexCore/Services/UserServiceTest.cs
@@ -24,6 +24,7 @@ public class UserServiceTest : IAsyncLifetime
     // Users created for this test
     private User? Robin { get; set; }
     private User? John { get; set; }
+    private User? Alan { get; set; }
     private User? Marian { get; set; }
     private User? Bishop { get; set; }
     private User? Tuck { get; set; }
@@ -52,16 +53,17 @@ public Task InitializeAsync()
     {
         Robin = CreateUser("Robin Hood");
         John = CreateUser("Little John");
+        Alan = CreateUser("Alan a Dale");
         Marian = CreateUser("Maid Marian");
         Bishop = CreateUser("Bishop of Hereford");
         Tuck = CreateUser("Friar Tuck");
         Sheriff = CreateUser("Sheriff of Nottingham");
         Guy = CreateUser("Guy of Gisbourne");
 
         Nottingham = CreateProject([Sheriff.Id], [Marian.Id, Tuck.Id]);
-        Sherwood = CreateConfidentialProject([Robin.Id, Marian.Id], [John.Id, Tuck.Id]);
+        Sherwood = CreateConfidentialProject([Robin.Id, Marian.Id], [John.Id, Alan.Id, Tuck.Id]);
 
-        Outlaws = CreateOrg([Robin.Id], [John.Id]);
+        Outlaws = CreateOrg([Robin.Id], [John.Id]); // Alan a Dale should *NOT* be in this org
         LawEnforcement = CreateOrg([Sheriff.Id], [Guy.Id]);
         Church = CreateOrg([Bishop.Id], [Tuck.Id]);
 
@@ -171,6 +173,16 @@ public async Task OrgAndProjectMembersCanSeeFellowOrgMembersAndFellowPublicProje
         UserListShouldBe(users, [Bishop, Tuck, Sheriff, Marian]);
     }
 
+    [Fact]
+    public async Task MemberOfOnePrivateProjectButNoOrgsCanOnlySeeHimself()
+    {
+        // Alan a Dale is in Sherwood project (private, member) but no orgs
+        var authUser = new LexAuthUser(Alan!);
+        var users = await _userService.UserQueryForTypeahead(authUser).ToArrayAsync();
+        // Alan can see himself in the Sherwood project, but nobody else because it's private
+        UserListShouldBe(users, [Alan]);
+    }
+
     private User CreateUser(string name)
     {
         var email = name.ToLowerInvariant().Replace(' ', '_') + "@example.com";