MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add extra tests

This commit is contained in:
Adria Navarro 2024-09-04 12:26:12 +02:00
parent f4f503690d
commit 19963f496f
1 changed files with 30 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
packages/server/src/api/routes/tests/rowAction.spec.ts
View File

@ -744,9 +744,12 @@ describe("/rowsActions", () => {
}) })
describe.each([ describe.each([
["table", async () => tableId],
[ [
"view", "table",
async () => ({ permissionResource: tableId, triggerResouce: tableId }),
],
[
"view (with implicit views)",
async () => { async () => {
const viewId = ( const viewId = (
await config.api.viewV2.create( await config.api.viewV2.create(
@ -759,10 +762,27 @@ describe("/rowsActions", () => {
viewId, viewId,
rowAction.id rowAction.id
) )
return viewId return { permissionResource: viewId, triggerResouce: viewId }
}, },
], ],
])("role permission checks (for %s)", (_, getResourceId) => { [
"view (without implicit views)",
async () => {
const viewId = (
await config.api.viewV2.create(
setup.structures.viewV2.createRequest(tableId)
)
).id
await config.api.rowAction.setViewPermission(
tableId,
viewId,
rowAction.id
)
return { permissionResource: tableId, triggerResouce: viewId }
},
],
])("role permission checks (for %s)", (_, getResources) => {
beforeAll(() => { beforeAll(() => {
mocks.licenses.useViewPermissions() mocks.licenses.useViewPermissions()
}) })
@ -806,11 +826,11 @@ describe("/rowsActions", () => {
it.each(allowedRoleConfig)( it.each(allowedRoleConfig)(
"allows triggering if the user has read permission (user %s, table %s)", "allows triggering if the user has read permission (user %s, table %s)",
async (userRole, resourcePermission) => { async (userRole, resourcePermission) => {
const resourceId = await getResourceId() const { permissionResource, triggerResouce } = await getResources()
await config.api.permission.add({ await config.api.permission.add({
level: PermissionLevel.READ, level: PermissionLevel.READ,
resourceId, resourceId: permissionResource,
roleId: resourcePermission, roleId: resourcePermission,
}) })
@ -819,7 +839,7 @@ describe("/rowsActions", () => {
await config.withUser(normalUser, async () => { await config.withUser(normalUser, async () => {
await config.publish() await config.publish()
await config.api.rowAction.trigger( await config.api.rowAction.trigger(
resourceId, triggerResouce,
rowAction.id, rowAction.id,
{ {
rowId: row._id!, rowId: row._id!,
@ -833,10 +853,10 @@ describe("/rowsActions", () => {
it.each(disallowedRoleConfig)( it.each(disallowedRoleConfig)(
"rejects if the user does not have table read permission (user %s, table %s)", "rejects if the user does not have table read permission (user %s, table %s)",
async (userRole, resourcePermission) => { async (userRole, resourcePermission) => {
const resourceId = await getResourceId() const { permissionResource, triggerResouce } = await getResources()
await config.api.permission.add({ await config.api.permission.add({
level: PermissionLevel.READ, level: PermissionLevel.READ,
resourceId, resourceId: permissionResource,
roleId: resourcePermission, roleId: resourcePermission,
}) })
@ -845,7 +865,7 @@ describe("/rowsActions", () => {
await config.withUser(normalUser, async () => { await config.withUser(normalUser, async () => {
await config.publish() await config.publish()
await config.api.rowAction.trigger( await config.api.rowAction.trigger(
resourceId, triggerResouce,
rowAction.id, rowAction.id,
{ {
rowId: row._id!, rowId: row._id!,