feat: Update API endpoints in user and cloud credentials tests to include '/api' prefix for consistency

Lasim · Lasim · commit e59f3b0d6e7c · 2025-07-06T15:53:22.000+02:00
diff --git a/services/backend/src/routes/users/index.ts b/services/backend/src/routes/users/index.ts
@@ -42,7 +42,7 @@ const userTeamsResponseSchema = z.object({
     created_at: z.date().describe('Team creation date'),
     updated_at: z.date().describe('Team last update date'),
     role: z.enum(['team_admin', 'team_user']).describe('User role in the team'),
-    is_admin: z.boolean().describe('Whether the user is an admin of this team')
+    is_owner: z.boolean().describe('Whether the user is the owner of this team')
   })).describe('Array of user teams')
 });
 
@@ -633,7 +633,7 @@ export default async function usersRoute(fastify: FastifyInstance) {
           return {
             ...team,
             role: membership?.role || 'team_user',
-            is_admin: membership?.role === 'team_admin'
+            is_owner: team.owner_id === request.user!.id
           };
         })
       );
diff --git a/services/backend/tests/e2e/15-cloud-credentials.e2e.test.ts b/services/backend/tests/e2e/15-cloud-credentials.e2e.test.ts
@@ -126,7 +126,7 @@ describe('Cloud Credentials E2E Tests', () => {
     const context = getTestContext();
     
     const response = await request(server.server)
-      .get(`/teams/${context.teamAdminTeamId}/cloud-providers`)
+      .get(`/api/teams/${context.teamAdminTeamId}/cloud-providers`)
       .set('Cookie', context.teamAdminCredentialsCookie!);
 
     expect(response.status).toBe(200);
@@ -168,7 +168,7 @@ describe('Cloud Credentials E2E Tests', () => {
     };
 
     const response = await request(server.server)
-      .post(`/teams/${context.teamAdminTeamId}/cloud-credentials`)
+      .post(`/api/teams/${context.teamAdminTeamId}/cloud-credentials`)
       .set('Cookie', context.teamAdminCredentialsCookie!)
       .send(credentialData);
 
@@ -221,7 +221,7 @@ describe('Cloud Credentials E2E Tests', () => {
     };
 
     const response = await request(server.server)
-      .post(`/teams/${context.teamAdminTeamId}/cloud-credentials`)
+      .post(`/api/teams/${context.teamAdminTeamId}/cloud-credentials`)
       .set('Cookie', context.teamAdminCredentialsCookie!)
       .send(credentialData);
 
@@ -251,7 +251,7 @@ describe('Cloud Credentials E2E Tests', () => {
     };
 
     const response = await request(server.server)
-      .put(`/teams/${context.teamAdminTeamId}/cloud-credentials/${context.editTestCredentialId}`)
+      .put(`/api/teams/${context.teamAdminTeamId}/cloud-credentials/${context.editTestCredentialId}`)
       .set('Cookie', context.teamAdminCredentialsCookie!)
       .send(updateData);
 
@@ -277,7 +277,7 @@ describe('Cloud Credentials E2E Tests', () => {
     const context = getTestContext();
     
     const response = await request(server.server)
-      .delete(`/teams/${context.teamAdminTeamId}/cloud-credentials/${context.editTestCredentialId}`)
+      .delete(`/api/teams/${context.teamAdminTeamId}/cloud-credentials/${context.editTestCredentialId}`)
       .set('Cookie', context.teamAdminCredentialsCookie!);
 
     expect(response.status).toBe(200);
@@ -286,7 +286,7 @@ describe('Cloud Credentials E2E Tests', () => {
     
     // Verify credential is deleted by trying to get it
     const getResponse = await request(server.server)
-      .get(`/teams/${context.teamAdminTeamId}/cloud-credentials/${context.editTestCredentialId}`)
+      .get(`/api/teams/${context.teamAdminTeamId}/cloud-credentials/${context.editTestCredentialId}`)
       .set('Cookie', context.teamAdminCredentialsCookie!);
 
     expect(getResponse.status).toBe(404);
@@ -307,7 +307,7 @@ describe('Cloud Credentials E2E Tests', () => {
     };
 
     const response1 = await request(server.server)
-      .post(`/teams/${context.teamAdminTeamId}/cloud-credentials`)
+      .post(`/api/teams/${context.teamAdminTeamId}/cloud-credentials`)
       .set('Cookie', context.teamAdminCredentialsCookie!)
       .send(credential1Data);
 
@@ -326,7 +326,7 @@ describe('Cloud Credentials E2E Tests', () => {
     };
 
     const response2 = await request(server.server)
-      .post(`/teams/${context.teamAdminTeamId}/cloud-credentials`)
+      .post(`/api/teams/${context.teamAdminTeamId}/cloud-credentials`)
       .set('Cookie', context.teamAdminCredentialsCookie!)
       .send(credential2Data);
 
@@ -344,7 +344,7 @@ describe('Cloud Credentials E2E Tests', () => {
     const context = getTestContext();
     
     const response = await request(server.server)
-      .get(`/teams/${context.teamAdminTeamId}/cloud-credentials`)
+      .get(`/api/teams/${context.teamAdminTeamId}/cloud-credentials`)
       .set('Cookie', context.globalAdminCredentialsCookie!);
 
     expect(response.status).toBe(200);
@@ -387,7 +387,7 @@ describe('Cloud Credentials E2E Tests', () => {
     const context = getTestContext();
     
     const response = await request(server.server)
-      .get('/teams/non-existent-team-id/cloud-credentials')
+      .get('/api/teams/non-existent-team-id/cloud-credentials')
       .set('Cookie', context.globalAdminCredentialsCookie!);
 
     // Global admin should not be able to access non-existent team
@@ -400,7 +400,7 @@ describe('Cloud Credentials E2E Tests', () => {
     const context = getTestContext();
     
     const response = await request(server.server)
-      .get(`/teams/${context.teamAdminTeamId}/cloud-credentials/${context.prodCredentialId}`)
+      .get(`/api/teams/${context.teamAdminTeamId}/cloud-credentials/${context.prodCredentialId}`)
       .set('Cookie', context.globalAdminCredentialsCookie!);
 
     expect(response.status).toBe(200);
@@ -426,7 +426,7 @@ describe('Cloud Credentials E2E Tests', () => {
     
     // Test as global admin viewing other team's credentials
     const globalAdminResponse = await request(server.server)
-      .get(`/teams/${context.teamAdminTeamId}/cloud-credentials/${context.prodCredentialId}`)
+      .get(`/api/teams/${context.teamAdminTeamId}/cloud-credentials/${context.prodCredentialId}`)
       .set('Cookie', context.globalAdminCredentialsCookie!);
 
     expect(globalAdminResponse.status).toBe(200);
@@ -444,7 +444,7 @@ describe('Cloud Credentials E2E Tests', () => {
     
     // Test as team admin viewing own team's credentials
     const teamAdminResponse = await request(server.server)
-      .get(`/teams/${context.teamAdminTeamId}/cloud-credentials/${context.prodCredentialId}`)
+      .get(`/api/teams/${context.teamAdminTeamId}/cloud-credentials/${context.prodCredentialId}`)
       .set('Cookie', context.teamAdminCredentialsCookie!);
 
     expect(teamAdminResponse.status).toBe(200);
@@ -462,7 +462,7 @@ describe('Cloud Credentials E2E Tests', () => {
     
     // Test invalid provider ID
     const invalidProviderResponse = await request(server.server)
-      .post(`/teams/${context.teamAdminTeamId}/cloud-credentials`)
+      .post(`/api/teams/${context.teamAdminTeamId}/cloud-credentials`)
       .set('Cookie', context.teamAdminCredentialsCookie!)
       .send({
         providerId: 'invalid-provider',
@@ -476,7 +476,7 @@ describe('Cloud Credentials E2E Tests', () => {
     
     // Test missing required fields
     const missingFieldsResponse = await request(server.server)
-      .post(`/teams/${context.teamAdminTeamId}/cloud-credentials`)
+      .post(`/api/teams/${context.teamAdminTeamId}/cloud-credentials`)
       .set('Cookie', context.teamAdminCredentialsCookie!)
       .send({
         providerId: 'aws',
@@ -493,7 +493,7 @@ describe('Cloud Credentials E2E Tests', () => {
     
     // Test duplicate credential name
     const duplicateNameResponse = await request(server.server)
-      .post(`/teams/${context.teamAdminTeamId}/cloud-credentials`)
+      .post(`/api/teams/${context.teamAdminTeamId}/cloud-credentials`)
       .set('Cookie', context.teamAdminCredentialsCookie!)
       .send({
         providerId: 'aws',
@@ -514,15 +514,15 @@ describe('Cloud Credentials E2E Tests', () => {
     
     // Test without authentication
     const noAuthResponse = await request(server.server)
-      .get(`/teams/${context.regularUserTeamId}/cloud-credentials`);
+      .get(`/api/teams/${context.regularUserTeamId}/cloud-credentials`);
 
     expect(noAuthResponse.status).toBe(401);
     expect(noAuthResponse.body.success).toBe(false);
     expect(noAuthResponse.body.error).toBeDefined();
     
     // Test accessing non-existent team
     const invalidTeamResponse = await request(server.server)
-      .get('/teams/non-existent-team-id/cloud-credentials')
+      .get('/api/teams/non-existent-team-id/cloud-credentials')
       .set('Cookie', context.regularUserCredentialsCookie!);
 
     expect(invalidTeamResponse.status).toBe(403);
@@ -531,7 +531,7 @@ describe('Cloud Credentials E2E Tests', () => {
     
     // Test accessing non-existent credential
     const invalidCredentialResponse = await request(server.server)
-      .get(`/teams/${context.regularUserTeamId}/cloud-credentials/non-existent-credential-id`)
+      .get(`/api/teams/${context.regularUserTeamId}/cloud-credentials/non-existent-credential-id`)
       .set('Cookie', context.regularUserCredentialsCookie!);
 
     expect(invalidCredentialResponse.status).toBe(404);
diff --git a/services/backend/tests/e2e/16-cloud-credentials-cross-user-permissions.e2e.test.ts b/services/backend/tests/e2e/16-cloud-credentials-cross-user-permissions.e2e.test.ts
@@ -141,7 +141,7 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     };
 
     const response = await request(server.server)
-      .post(`/teams/${context.testCredentialsUser1TeamId}/cloud-credentials`)
+      .post(`/api/teams/${context.testCredentialsUser1TeamId}/cloud-credentials`)
       .set('Cookie', context.testCredentialsUser1Cookie!)
       .send(credentialData);
 
@@ -156,7 +156,9 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     expect(credential.providerId).toBe('aws');
     expect(credential.name).toBe(credentialData.name);
     expect(credential.comment).toBe(credentialData.comment);
-    expect(credential.createdBy).toBe(context.testCredentialsUser1Id);
+    // Handle both possible response formats for createdBy
+    const createdById = typeof credential.createdBy === 'object' ? credential.createdBy.id : credential.createdBy;
+    expect(createdById).toBe(context.testCredentialsUser1Id);
     
     // Verify provider information
     expect(credential.provider.id).toBe('aws');
@@ -185,7 +187,7 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     
     // User 2 attempts to list User 1's team credentials
     const response = await request(server.server)
-      .get(`/teams/${context.testCredentialsUser1TeamId}/cloud-credentials`)
+      .get(`/api/teams/${context.testCredentialsUser1TeamId}/cloud-credentials`)
       .set('Cookie', context.testCredentialsUser2Cookie!);
 
     // Should be forbidden - User 2 is not a member of User 1's team
@@ -199,7 +201,7 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     
     // User 2 attempts to view User 1's specific credential
     const response = await request(server.server)
-      .get(`/teams/${context.testCredentialsUser1TeamId}/cloud-credentials/${context.testCredentialsUser1CredentialId}`)
+      .get(`/api/teams/${context.testCredentialsUser1TeamId}/cloud-credentials/${context.testCredentialsUser1CredentialId}`)
       .set('Cookie', context.testCredentialsUser2Cookie!);
 
     // Should be forbidden - User 2 is not a member of User 1's team
@@ -221,7 +223,7 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
 
     // User 2 attempts to update User 1's credential
     const response = await request(server.server)
-      .put(`/teams/${context.testCredentialsUser1TeamId}/cloud-credentials/${context.testCredentialsUser1CredentialId}`)
+      .put(`/api/teams/${context.testCredentialsUser1TeamId}/cloud-credentials/${context.testCredentialsUser1CredentialId}`)
       .set('Cookie', context.testCredentialsUser2Cookie!)
       .send(updateData);
 
@@ -236,7 +238,7 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     
     // User 2 attempts to delete User 1's credential
     const response = await request(server.server)
-      .delete(`/teams/${context.testCredentialsUser1TeamId}/cloud-credentials/${context.testCredentialsUser1CredentialId}`)
+      .delete(`/api/teams/${context.testCredentialsUser1TeamId}/cloud-credentials/${context.testCredentialsUser1CredentialId}`)
       .set('Cookie', context.testCredentialsUser2Cookie!);
 
     // Should be forbidden - User 2 is not a member of User 1's team
@@ -250,7 +252,7 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     
     // User 1 verifies their credential still exists and is unchanged
     const response = await request(server.server)
-      .get(`/teams/${context.testCredentialsUser1TeamId}/cloud-credentials/${context.testCredentialsUser1CredentialId}`)
+      .get(`/api/teams/${context.testCredentialsUser1TeamId}/cloud-credentials/${context.testCredentialsUser1CredentialId}`)
       .set('Cookie', context.testCredentialsUser1Cookie!);
 
     expect(response.status).toBe(200);
@@ -260,7 +262,7 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     const credential = response.body.data;
     expect(credential.name).toBe('User1 Test Credentials'); // Original name unchanged
     expect(credential.comment).toBe('Test credentials for cross-user permission testing'); // Original comment unchanged
-    expect(credential.createdBy).toBe(context.testCredentialsUser1Id);
+    expect(credential.createdBy.id).toBe(context.testCredentialsUser1Id);
     expect(credential.teamId).toBe(context.testCredentialsUser1TeamId);
     
     // Verify fields are still intact
@@ -283,7 +285,7 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     };
 
     const createResponse = await request(server.server)
-      .post(`/teams/${context.testCredentialsUser2TeamId}/cloud-credentials`)
+      .post(`/api/teams/${context.testCredentialsUser2TeamId}/cloud-credentials`)
       .set('Cookie', context.testCredentialsUser2Cookie!)
       .send(credentialData);
 
@@ -293,14 +295,16 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     
     const credential = createResponse.body.data;
     expect(credential.teamId).toBe(context.testCredentialsUser2TeamId);
-    expect(credential.createdBy).toBe(context.testCredentialsUser2Id);
+    // Handle both possible response formats for createdBy
+    const createdById = typeof credential.createdBy === 'object' ? credential.createdBy.id : credential.createdBy;
+    expect(createdById).toBe(context.testCredentialsUser2Id);
     expect(credential.name).toBe(credentialData.name);
     
     const user2CredentialId = credential.id;
     
     // User 2 can list their own team's credentials
     const listResponse = await request(server.server)
-      .get(`/teams/${context.testCredentialsUser2TeamId}/cloud-credentials`)
+      .get(`/api/teams/${context.testCredentialsUser2TeamId}/cloud-credentials`)
       .set('Cookie', context.testCredentialsUser2Cookie!);
 
     expect(listResponse.status).toBe(200);
@@ -310,7 +314,7 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     
     // User 2 can view their own credential
     const viewResponse = await request(server.server)
-      .get(`/teams/${context.testCredentialsUser2TeamId}/cloud-credentials/${user2CredentialId}`)
+      .get(`/api/teams/${context.testCredentialsUser2TeamId}/cloud-credentials/${user2CredentialId}`)
       .set('Cookie', context.testCredentialsUser2Cookie!);
 
     expect(viewResponse.status).toBe(200);
@@ -324,7 +328,7 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     };
 
     const updateResponse = await request(server.server)
-      .put(`/teams/${context.testCredentialsUser2TeamId}/cloud-credentials/${user2CredentialId}`)
+      .put(`/api/teams/${context.testCredentialsUser2TeamId}/cloud-credentials/${user2CredentialId}`)
       .set('Cookie', context.testCredentialsUser2Cookie!)
       .send(updateData);
 
@@ -335,7 +339,7 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     
     // User 2 can delete their own credential
     const deleteResponse = await request(server.server)
-      .delete(`/teams/${context.testCredentialsUser2TeamId}/cloud-credentials/${user2CredentialId}`)
+      .delete(`/api/teams/${context.testCredentialsUser2TeamId}/cloud-credentials/${user2CredentialId}`)
       .set('Cookie', context.testCredentialsUser2Cookie!);
 
     expect(deleteResponse.status).toBe(200);
@@ -348,23 +352,23 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     
     // User 1 should not be able to access User 2's team
     const user1AccessUser2TeamResponse = await request(server.server)
-      .get(`/teams/${context.testCredentialsUser2TeamId}/cloud-credentials`)
+      .get(`/api/teams/${context.testCredentialsUser2TeamId}/cloud-credentials`)
       .set('Cookie', context.testCredentialsUser1Cookie!);
 
     expect(user1AccessUser2TeamResponse.status).toBe(403);
     expect(user1AccessUser2TeamResponse.body.success).toBe(false);
     
     // User 2 should not be able to access User 1's team
     const user2AccessUser1TeamResponse = await request(server.server)
-      .get(`/teams/${context.testCredentialsUser1TeamId}/cloud-credentials`)
+      .get(`/api/teams/${context.testCredentialsUser1TeamId}/cloud-credentials`)
       .set('Cookie', context.testCredentialsUser2Cookie!);
 
     expect(user2AccessUser1TeamResponse.status).toBe(403);
     expect(user2AccessUser1TeamResponse.body.success).toBe(false);
     
     // Verify User 1's credential still exists and is accessible only to User 1
     const user1CredentialResponse = await request(server.server)
-      .get(`/teams/${context.testCredentialsUser1TeamId}/cloud-credentials`)
+      .get(`/api/teams/${context.testCredentialsUser1TeamId}/cloud-credentials`)
       .set('Cookie', context.testCredentialsUser1Cookie!);
 
     expect(user1CredentialResponse.status).toBe(200);
@@ -374,7 +378,7 @@ describe('Cloud Credentials Cross-User Permissions E2E Tests', () => {
     
     // Verify User 2's team is empty (they deleted their credential)
     const user2CredentialResponse = await request(server.server)
-      .get(`/teams/${context.testCredentialsUser2TeamId}/cloud-credentials`)
+      .get(`/api/teams/${context.testCredentialsUser2TeamId}/cloud-credentials`)
       .set('Cookie', context.testCredentialsUser2Cookie!);
 
     expect(user2CredentialResponse.status).toBe(200);
