From 038476523fd9a5c6fcfe2152cfddad99cc0fd2b9 Mon Sep 17 00:00:00 2001
From: Mateus Badan de Pieri <mateuspieri@gmail.com>
Date: Fri, 14 Apr 2023 11:39:52 +0100
Subject: [PATCH] doesHaveBasePermission tests

---
 .../src/security/tests/permissions.spec.ts    | 64 ++++++++++++-------
 1 file changed, 41 insertions(+), 23 deletions(-)

diff --git a/packages/backend-core/src/security/tests/permissions.spec.ts b/packages/backend-core/src/security/tests/permissions.spec.ts
index 264e521f8b..621a662933 100644
--- a/packages/backend-core/src/security/tests/permissions.spec.ts
+++ b/packages/backend-core/src/security/tests/permissions.spec.ts
@@ -1,13 +1,21 @@
 import {
-  doesHaveBasePermission,
-  getBuiltinPermissionByID,
-  isPermissionLevelHigherThanRead,
+  RoleHierarchy,
   PermissionLevel,
   PermissionType,
   levelToNumber,
   getAllowedLevels,
+  BuiltinPermissionID,
+  getBuiltinPermissions,
+  getBuiltinPermissionByID,
+  doesHaveBasePermission,
+  isPermissionLevelHigherThanRead,
+  BUILDER,
 } from "../permissions"
 
+jest.mock("../permissions", () => ({
+  // getTenantId: jest.fn(() => "budibase"),
+  // DEFAULT_TENANT_ID: "default",
+}))
 describe("levelToNumber", () => {
   it("should return 0 for EXECUTE", () => {
     expect(levelToNumber(PermissionLevel.EXECUTE)).toBe(0)
@@ -65,28 +73,38 @@ describe("getAllowedLevels", () => {
 })
 
 describe("doesHaveBasePermission", () => {
-  it("should return true if base permission has the required level", () => {
-    const permType = PermissionType.APP
-    const permLevel = PermissionLevel.READ
-    const rolesHierarchy = [
-      { roleId: "role1", permissionId: "permission1" },
-      { roleId: "role2", permissionId: "permission2" },
-    ]
-    expect(doesHaveBasePermission(permType, permLevel, rolesHierarchy)).toBe(
-      true
-    )
+  const rolesHierarchy: RoleHierarchy = [
+    { permissionId: BuiltinPermissionID.READ_ONLY },
+  ]
+
+  it("should return true for read permission of read only role", () => {
+    expect(
+      doesHaveBasePermission(
+        PermissionType.TABLE,
+        PermissionLevel.READ,
+        rolesHierarchy
+      )
+    ).toBe(true)
   })
 
-  it("should return false if base permission does not have the required level", () => {
-    const permType = PermissionType.APP
-    const permLevel = PermissionLevel.READ
-    const rolesHierarchy = [
-      { roleId: "role1", permissionId: "permission1" },
-      { roleId: "role2", permissionId: "permission2" },
-    ]
-    expect(doesHaveBasePermission(permType, permLevel, rolesHierarchy)).toBe(
-      false
-    )
+  it("should return false for write permission of read only role", () => {
+    expect(
+      doesHaveBasePermission(
+        PermissionType.TABLE,
+        PermissionLevel.WRITE,
+        rolesHierarchy
+      )
+    ).toBe(false)
+  })
+
+  it("should return true for execute permission of public role", () => {
+    expect(
+      doesHaveBasePermission(
+        PermissionType.WEBHOOK,
+        PermissionLevel.EXECUTE,
+        rolesHierarchy
+      )
+    ).toBe(true)
   })
 })