test(back-e2e): Ensure users cannot follow themselves

momentum-mod · Jan 13, 2024 · f60a8ce · f60a8ce
1 parent 3371aa7
commit f60a8ce
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/apps/backend-e2e/src/user.e2e-spec.ts b/apps/backend-e2e/src/user.e2e-spec.ts
@@ -717,6 +717,14 @@ describe('User', () => {
         });
       });
 
+      it('should 400 if the authenticated user is the target user', async () => {
+        await req.post({
+          url: `user/follow/${u1.id}`,
+          status: 400,
+          token: u1Token
+        });
+      });
+
       it('should 401 when no access token is provided', () =>
         req.unauthorizedTest('user/follow/1', 'post'));
     });
@@ -760,6 +768,14 @@ describe('User', () => {
           token: u1Token
         }));
 
+      it('should 400 if the authenticated user is the target user', async () => {
+        await req.patch({
+          url: `user/follow/${u1.id}`,
+          status: 400,
+          token: u1Token
+        });
+      });
+
       it('should 404 if the target user does not exist', () =>
         req.patch({
           url: `user/follow/${NULL_ID}`,