pelagia-portal/App/tests/unit/crew-pii.test.ts

import { describe, it, expect } from "vitest";
import { maskTail, canViewFullBankEpf, canViewSalary, bankEpfValue } from "@/lib/crew-pii";

// PII visibility rules for the crew profile (Crewing-Implementation-Spec §6/§8.8).
describe("crew PII masking", () => {
  describe("maskTail", () => {
    it("keeps the last 4 by default", () => {
      expect(maskTail("123456789")).toBe("•••• 6789");
    });
    it("renders — for empty values", () => {
      expect(maskTail(null)).toBe("—");
      expect(maskTail("")).toBe("—");
    });
    it("fully masks values at or under the visible length", () => {
      expect(maskTail("12")).toBe("••••");
      expect(maskTail("1234")).toBe("••••");
    });
  });

  describe("canViewFullBankEpf", () => {
    it("only Accounts and SuperUser see full bank/EPF", () => {
      expect(canViewFullBankEpf("ACCOUNTS")).toBe(true);
      expect(canViewFullBankEpf("SUPERUSER")).toBe(true);
      expect(canViewFullBankEpf("MANAGER")).toBe(false);
      expect(canViewFullBankEpf("MANNING")).toBe(false);
      expect(canViewFullBankEpf("SITE_STAFF")).toBe(false);
    });
  });

  describe("canViewSalary", () => {
    it("hides salary from site staff only", () => {
      expect(canViewSalary("SITE_STAFF")).toBe(false);
      expect(canViewSalary("MANAGER")).toBe(true);
      expect(canViewSalary("ACCOUNTS")).toBe(true);
      expect(canViewSalary("MANNING")).toBe(true);
    });
  });

  describe("bankEpfValue", () => {
    it("shows full to Accounts, masked to others, — when empty", () => {
      expect(bankEpfValue("123456789", "ACCOUNTS")).toBe("123456789");
      expect(bankEpfValue("123456789", "MANAGER")).toBe("•••• 6789");
      expect(bankEpfValue(null, "ACCOUNTS")).toBe("—");
    });
  });
});