MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Test adding when forbidden

This commit is contained in:
Adria Navarro 2023-08-22 10:26:46 +03:00
parent f1232eac90
commit 96f9a34136
2 changed files with 39 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
packages/server/src/api/routes/tests/permissions.spec.ts
View File

@ -1,14 +1,18 @@
import * as permissionSdk from "../../../sdk/app/permissions" const mockedSdk = sdk.permissions as jest.Mocked<typeof sdk.permissions>
jest.mock( jest.mock("../../../sdk/app/permissions", () => ({
"../../../sdk/app/permissions", resourceActionAllowed: jest.fn(),
(): jest.Mocked<typeof permissionSdk> => ({ }))
resourceActionAllowed: jest.fn(),
}) import sdk from "../../../sdk"
)
const mockedSdk = permissionSdk as jest.Mocked<typeof permissionSdk>
import { roles } from "@budibase/backend-core" import { roles } from "@budibase/backend-core"
import { Document, Row, Table } from "@budibase/types" import {
Document,
DocumentType,
PermissionLevel,
Row,
Table,
} from "@budibase/types"
import * as setup from "./utilities" import * as setup from "./utilities"
const { basicRow } = setup.structures const { basicRow } = setup.structures
@ -78,7 +82,11 @@ describe("/permission", () => {
}) })
it("should get resource permissions with multiple roles", async () => { it("should get resource permissions with multiple roles", async () => {
perms = await config.addPermission(HIGHER_ROLE_ID, table._id, "write") perms = await config.addPermission(
HIGHER_ROLE_ID,
table._id,
PermissionLevel.WRITE
)
const res = await getTablePermissions() const res = await getTablePermissions()
expect(res.body["read"]).toEqual(STD_ROLE_ID) expect(res.body["read"]).toEqual(STD_ROLE_ID)
expect(res.body["write"]).toEqual(HIGHER_ROLE_ID) expect(res.body["write"]).toEqual(HIGHER_ROLE_ID)
@ -90,6 +98,26 @@ describe("/permission", () => {
expect(allRes.body[table._id]["write"]).toEqual(HIGHER_ROLE_ID) expect(allRes.body[table._id]["write"]).toEqual(HIGHER_ROLE_ID)
expect(allRes.body[table._id]["read"]).toEqual(STD_ROLE_ID) expect(allRes.body[table._id]["read"]).toEqual(STD_ROLE_ID)
}) })
it("throw forbidden if the action is not allowed for the resource", async () => {
mockedSdk.resourceActionAllowed.mockResolvedValue({
allowed: false,
resourceType: DocumentType.DATASOURCE,
level: PermissionLevel.READ,
})
const response = await config.api.permission.create(
{
roleId: STD_ROLE_ID,
resourceId: table._id,
level: PermissionLevel.EXECUTE,
},
{ expectStatus: 403 }
)
expect(response.message).toEqual(
"You are not allowed to 'read' the resource type 'datasource'"
)
})
}) })
describe("remove", () => { describe("remove", () => {

2
packages/server/src/tests/utilities/api/permission.ts
View File

@ -14,7 +14,7 @@ export class PermissionAPI extends TestAPI {
level, level,
}: { roleId: string; resourceId: string; level: PermissionLevel }, }: { roleId: string; resourceId: string; level: PermissionLevel },
{ expectStatus } = { expectStatus: 200 } { expectStatus } = { expectStatus: 200 }
): Promise<AnyDocument[]> => { ): Promise<any> => {
const res = await this.request const res = await this.request
.post(`/api/permission/${roleId}/${resourceId}/${level}`) .post(`/api/permission/${roleId}/${resourceId}/${level}`)
.set(this.config.defaultHeaders()) .set(this.config.defaultHeaders())