testing/role_grant_helpers.ts

RPC-flow helpers for role_grant lifecycle in tests.
Sibling to db_entities.ts's create_test_role_grant_direct — that one
seeds a role_grant directly via query_create_role_grant (bypassing the
consent flow) for tests that focus on revoke or isolation semantics. This
file ships the RPC-driven complement: role_grant_offer_and_accept
exercises the same role_grant_offer_create + role_grant_offer_accept
specs the admin UI consumes, so consumer tests pick up post-commit
fan-out (audit, SSE broadcasts, _supersede notifications) end-to-end.

Declarations
#

2 declarations

view source

role_grant_offer_and_accept
#

testing/role_grant_helpers.ts view source

(args: RoleGrantOfferAndAcceptArgs): Promise<{ offer_id: string & $brand<"Uuid">; role_grant_id: string & $brand<"Uuid">; }>

Drive the full consent flow (grantor offer → recipient accept) over the
production RPC surface and return the materialized role_grant id.
grantor and recipient carry both the account id (for to_account_id
derivation) and the create_session_headers factory (for cookie-threaded
auth) — closing that loop on a single object per party rules out
caller-side header/account mismatch.

`args`

type RoleGrantOfferAndAcceptArgs

returns

Promise<{ offer_id: string & $brand<"Uuid">; role_grant_id: string & $brand<"Uuid">; }>

RoleGrantOfferAndAcceptArgs
#

testing/role_grant_helpers.ts view source

RoleGrantOfferAndAcceptArgs

`app`

type RpcCallArgs['app']

`rpc_path`

type string

`grantor`

Account doing the granting. TestApp / TestAccount cover the
in-process shape; TestFixture covers the cross-backend fixture
protocol. All three carry account.id + create_session_headers.

type TestApp | TestAccount | TestFixture

`recipient`

type TestAccount

`role`