Auth/pm 17233/tests for multiple users on single device for web approvals (#5316)

* test(test-device-repository): [PM-17233] Add Test Case for Critical Bug Found in Device Repository - Added new test case for previously found bug.
2025-04-04 20:50:21 -05:00 · 2025-01-23 11:21:28 -05:00 · 2025-01-23 11:21:28 -05:00 · 275f7ceb27
commit 275f7ceb27
parent 20fb45b05c
1 changed files with 66 additions and 1 deletions
--- a/test/Infrastructure.IntegrationTest/Auth/Repositories/DeviceRepositoryTests.cs
+++ b/test/Infrastructure.IntegrationTest/Auth/Repositories/DeviceRepositoryTests.cs
@ -73,6 +73,71 @@ public class DeviceRepositoryTests
        Assert.Equal(response.First().AuthRequestId, freshAuthRequest.Id);
    }

+    [DatabaseTheory]
+    [DatabaseData]
+    public async Task GetManyByUserIdWithDeviceAuth_WorksWithMultipleUsersOnSameDevice_ReturnsExpectedResults(
+        IDeviceRepository sutRepository,
+        IUserRepository userRepository,
+        IAuthRequestRepository authRequestRepository)
+    {
+        // Arrange
+        var userA = await userRepository.CreateAsync(new User
+        {
+            Name = "Test User A",
+            Email = $"test_user_A+{Guid.NewGuid()}@email.com",
+            ApiKey = "TEST",
+            SecurityStamp = "stamp",
+        });
+
+        var userB = await userRepository.CreateAsync(new User
+        {
+            Name = "Test User B",
+            Email = $"test_user_B+{Guid.NewGuid()}@email.com",
+            ApiKey = "TEST",
+            SecurityStamp = "stamp",
+        });
+
+        var sharedDeviceIdentifier = Guid.NewGuid().ToString();
+
+        var deviceForUserA = await sutRepository.CreateAsync(new Device
+        {
+            Active = true,
+            Name = "chrome-test",
+            UserId = userA.Id,
+            Type = DeviceType.ChromeBrowser,
+            Identifier = sharedDeviceIdentifier,
+        });
+
+        var deviceForUserB = await sutRepository.CreateAsync(new Device
+        {
+            Active = true,
+            Name = "chrome-test",
+            UserId = userB.Id,
+            Type = DeviceType.ChromeBrowser,
+            Identifier = sharedDeviceIdentifier,
+        });
+
+        var userAAuthRequest = await authRequestRepository.CreateAsync(new AuthRequest
+        {
+            ResponseDeviceId = null,
+            Approved = null,
+            Type = AuthRequestType.AuthenticateAndUnlock,
+            OrganizationId = null,
+            UserId = userA.Id,
+            RequestIpAddress = ":1",
+            RequestDeviceIdentifier = deviceForUserA.Identifier,
+            AccessCode = "AccessCode_1234",
+            PublicKey = "PublicKey_1234"
+        });
+
+        // Act
+        var response = await sutRepository.GetManyByUserIdWithDeviceAuth(userB.Id);
+
+        // Assert
+        Assert.Null(response.First().AuthRequestId);
+        Assert.Null(response.First().AuthRequestCreatedAt);
+    }
+
    [DatabaseTheory]
    [DatabaseData]
    public async Task GetManyByUserIdWithDeviceAuth_WorksWithNoAuthRequestAndMultipleDevices_ReturnsExpectedResults(
@ -117,7 +182,7 @@ public class DeviceRepositoryTests

    [DatabaseTheory]
    [DatabaseData]
-    public async Task GetManyByUserIdWithDeviceAuth_FailsToRespondWithAnyAuthData_ReturnsExpectedResults(
+    public async Task GetManyByUserIdWithDeviceAuth_FailsToRespondWithAnyAuthData_ReturnsEmptyResults(
        IDeviceRepository sutRepository,
        IUserRepository userRepository,
        IAuthRequestRepository authRequestRepository)