From 8390133a5a4278f4436b7709603890e3208730e4 Mon Sep 17 00:00:00 2001
From: juancarmore <juancar_more2@hotmail.com>
Date: Sat, 17 May 2025 12:58:33 +0200
Subject: [PATCH] test: update security preferences tests to handle partial
 data and validation; add missing access check for recording preferences in
 update room preferences tests

---
 .../api/global-preferences/security.test.ts   | 33 +++++++++++--------
 .../integration/api/rooms/update-room.test.ts | 31 ++++++++++++++---
 2 files changed, 46 insertions(+), 18 deletions(-)

diff --git a/backend/tests/integration/api/global-preferences/security.test.ts b/backend/tests/integration/api/global-preferences/security.test.ts
index a7465ce..b9532fa 100644
--- a/backend/tests/integration/api/global-preferences/security.test.ts
+++ b/backend/tests/integration/api/global-preferences/security.test.ts
@@ -60,8 +60,7 @@ describe('Security Preferences API Tests', () => {
 		it('should update security preferences with valid partial data (roomCreationPolicy)', async () => {
 			const validPreferences = {
 				roomCreationPolicy: {
-					allowRoomCreation: false,
-					requireAuthentication: true
+					allowRoomCreation: false
 				}
 			};
 			let response = await updateSecurityPreferences(validPreferences);
@@ -71,7 +70,9 @@ describe('Security Preferences API Tests', () => {
 
 			response = await getSecurityPreferences();
 			expect(response.status).toBe(200);
-			expect(response.body.roomCreationPolicy).toEqual(validPreferences.roomCreationPolicy);
+			expect(response.body.roomCreationPolicy.allowRoomCreation).toEqual(
+				validPreferences.roomCreationPolicy.allowRoomCreation
+			);
 			expect(response.body.authentication).toEqual(defaultPreferences.authentication);
 		});
 
@@ -127,15 +128,8 @@ describe('Security Preferences API Tests', () => {
 			);
 		});
 
-		it('should reject when allowRoomCreation or requireAuthentication is not provided', async () => {
-			let response = await updateSecurityPreferences({
-				roomCreationPolicy: {
-					allowRoomCreation: true
-				}
-			});
-			expectValidationError(response, 'roomCreationPolicy.requireAuthentication', 'Required');
-
-			response = await updateSecurityPreferences({
+		it('should reject when allowRoomCreation is not provided', async () => {
+			const response = await updateSecurityPreferences({
 				roomCreationPolicy: {
 					requireAuthentication: true
 				}
@@ -143,6 +137,19 @@ describe('Security Preferences API Tests', () => {
 			expectValidationError(response, 'roomCreationPolicy.allowRoomCreation', 'Required');
 		});
 
+		it('should reject when allowRoomCreation is true and requireAuthentication is not provided', async () => {
+			const response = await updateSecurityPreferences({
+				roomCreationPolicy: {
+					allowRoomCreation: true
+				}
+			});
+			expectValidationError(
+				response,
+				'roomCreationPolicy.requireAuthentication',
+				'requireAuthentication is required when allowRoomCreation is true'
+			);
+		});
+
 		it('should reject when authMode is not a valid enum value', async () => {
 			const response = await updateSecurityPreferences({
 				authentication: {
@@ -177,7 +184,7 @@ describe('Security Preferences API Tests', () => {
 			);
 		});
 
-		it('should reject when authMode or method.type is not provided', async () => {
+		it('should reject when authMode or method are not provided', async () => {
 			let response = await updateSecurityPreferences({
 				authentication: {
 					authMode: AuthMode.NONE
diff --git a/backend/tests/integration/api/rooms/update-room.test.ts b/backend/tests/integration/api/rooms/update-room.test.ts
index b2701fc..37d158f 100644
--- a/backend/tests/integration/api/rooms/update-room.test.ts
+++ b/backend/tests/integration/api/rooms/update-room.test.ts
@@ -1,6 +1,12 @@
 import { afterEach, beforeAll, describe, expect, it } from '@jest/globals';
 import { MeetRecordingAccess } from '../../../../src/typings/ce/index.js';
-import { createRoom, deleteAllRooms, getRoom, startTestServer, updateRoomPreferences } from '../../../helpers/request-helpers.js';
+import {
+	createRoom,
+	deleteAllRooms,
+	getRoom,
+	startTestServer,
+	updateRoomPreferences
+} from '../../../helpers/request-helpers.js';
 
 describe('Room API Tests', () => {
 	beforeAll(() => {
@@ -95,8 +101,7 @@ describe('Room API Tests', () => {
 			// Invalid preferences (missing required fields)
 			const invalidPreferences = {
 				recordingPreferences: {
-					enabled: false,
-					allowAccessTo: MeetRecordingAccess.ADMIN_MODERATOR_PUBLISHER
+					enabled: false
 				},
 				// Missing chatPreferences
 				virtualBackgroundPreferences: { enabled: false }
@@ -144,13 +149,29 @@ describe('Room API Tests', () => {
 			expect(response.body.error).toContain('Unprocessable Entity');
 		});
 
+		it('should fail when recording is enabled but allowAccessTo is missing', async () => {
+			const createdRoom = await createRoom({
+				roomIdPrefix: 'missing-access'
+			});
+			const invalidPreferences = {
+				recordingPreferences: {
+					enabled: true // Missing allowAccessTo
+				},
+				chatPreferences: { enabled: false },
+				virtualBackgroundPreferences: { enabled: false }
+			};
+			const response = await updateRoomPreferences(createdRoom.roomId, invalidPreferences);
+			expect(response.status).toBe(422);
+			expect(response.body.error).toContain('Unprocessable Entity');
+			expect(JSON.stringify(response.body.details)).toContain('recordingPreferences.allowAccessTo');
+		});
+
 		it('should fail when room ID contains invalid characters', async () => {
 			const invalidRoomId = '!@#$%^&*()';
 
 			const preferences = {
 				recordingPreferences: {
-					enabled: false,
-					allowAccessTo: MeetRecordingAccess.ADMIN_MODERATOR_PUBLISHER
+					enabled: false
 				},
 				chatPreferences: { enabled: false },
 				virtualBackgroundPreferences: { enabled: false }