Fix found by authorized test case.
This commit is contained in:
parent
3a211b8865
commit
7b9f86d7ea
|
@ -149,8 +149,8 @@ describe("check service difference", () => {
|
||||||
const ctx = buildUserCtx({
|
const ctx = buildUserCtx({
|
||||||
...basicUser,
|
...basicUser,
|
||||||
builder: {
|
builder: {
|
||||||
apps: [appId]
|
apps: [appId],
|
||||||
}
|
},
|
||||||
})
|
})
|
||||||
const next = jest.fn()
|
const next = jest.fn()
|
||||||
doInAppContext(appId, () => {
|
doInAppContext(appId, () => {
|
||||||
|
@ -168,8 +168,8 @@ describe("check service difference", () => {
|
||||||
const ctx = buildUserCtx({
|
const ctx = buildUserCtx({
|
||||||
...basicUser,
|
...basicUser,
|
||||||
builder: {
|
builder: {
|
||||||
apps: ["app_a"]
|
apps: ["app_a"],
|
||||||
}
|
},
|
||||||
})
|
})
|
||||||
const next = jest.fn()
|
const next = jest.fn()
|
||||||
doInAppContext("app_b", () => {
|
doInAppContext("app_b", () => {
|
||||||
|
|
|
@ -9,7 +9,7 @@ jest.mock("../../environment", () => ({
|
||||||
)
|
)
|
||||||
const authorizedMiddleware = require("../authorized").default
|
const authorizedMiddleware = require("../authorized").default
|
||||||
const env = require("../../environment")
|
const env = require("../../environment")
|
||||||
const { permissions } = require("@budibase/backend-core")
|
const { PermissionType, PermissionLevel } = require("@budibase/types")
|
||||||
|
|
||||||
const APP_ID = ""
|
const APP_ID = ""
|
||||||
|
|
||||||
|
@ -112,7 +112,7 @@ describe("Authorization middleware", () => {
|
||||||
|
|
||||||
it("throws if the user does not have builder permissions", async () => {
|
it("throws if the user does not have builder permissions", async () => {
|
||||||
config.setEnvironment(false)
|
config.setEnvironment(false)
|
||||||
config.setMiddlewareRequiredPermission(permissions.PermissionType.BUILDER)
|
config.setMiddlewareRequiredPermission(PermissionType.BUILDER)
|
||||||
config.setUser({
|
config.setUser({
|
||||||
role: {
|
role: {
|
||||||
_id: ""
|
_id: ""
|
||||||
|
@ -124,13 +124,13 @@ describe("Authorization middleware", () => {
|
||||||
})
|
})
|
||||||
|
|
||||||
it("passes on to next() middleware if the user has resource permission", async () => {
|
it("passes on to next() middleware if the user has resource permission", async () => {
|
||||||
config.setResourceId(permissions.PermissionType.QUERY)
|
config.setResourceId(PermissionType.QUERY)
|
||||||
config.setUser({
|
config.setUser({
|
||||||
role: {
|
role: {
|
||||||
_id: ""
|
_id: ""
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
config.setMiddlewareRequiredPermission(permissions.PermissionType.QUERY)
|
config.setMiddlewareRequiredPermission(PermissionType.QUERY)
|
||||||
|
|
||||||
await config.executeMiddleware()
|
await config.executeMiddleware()
|
||||||
expect(config.next).toHaveBeenCalled()
|
expect(config.next).toHaveBeenCalled()
|
||||||
|
@ -154,7 +154,7 @@ describe("Authorization middleware", () => {
|
||||||
_id: ""
|
_id: ""
|
||||||
},
|
},
|
||||||
})
|
})
|
||||||
config.setMiddlewareRequiredPermission(permissions.PermissionType.ADMIN, permissions.PermissionLevel.BASIC)
|
config.setMiddlewareRequiredPermission(PermissionType.ADMIN, PermissionLevel.BASIC)
|
||||||
|
|
||||||
await config.executeMiddleware()
|
await config.executeMiddleware()
|
||||||
expect(config.throw).toHaveBeenCalledWith(403, "User does not have permission")
|
expect(config.throw).toHaveBeenCalledWith(403, "User does not have permission")
|
||||||
|
|
|
@ -37,7 +37,8 @@ export function hasAppBuilderPermissions(user?: User | ContextUser) {
|
||||||
if (!user) {
|
if (!user) {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
return !user.builder?.global && user.builder?.apps?.length !== 0
|
const appLength = user.builder?.apps?.length
|
||||||
|
return !user.builder?.global && appLength && appLength > 0
|
||||||
}
|
}
|
||||||
|
|
||||||
// checks if a user is capable of building any app
|
// checks if a user is capable of building any app
|
||||||
|
|
Loading…
Reference in New Issue