MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Extra tests

This commit is contained in:
Adria Navarro 2024-08-26 13:21:34 +02:00
parent b461025639
commit 98347b45ce
2 changed files with 89 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

147
packages/server/src/api/routes/tests/rowAction.spec.ts
View File

@ -491,36 +491,54 @@ describe("/rowsActions", () => {
}) })
}) })
describe("setViewPermission", () => { describe("set/unsetViewPermission", () => {
unauthorisedTests((expectations, testConfig) => describe.each([
config.api.rowAction.setViewPermission( ["setViewPermission", config.api.rowAction.setViewPermission],
tableId, ["unsetViewPermission", config.api.rowAction.unsetViewPermission],
generator.guid(), ])("unauthorisedTests for %s", (__, delegateTest) => {
generator.guid(), unauthorisedTests((expectations, testConfig) =>
expectations, delegateTest(
testConfig tableId,
generator.guid(),
generator.guid(),
expectations,
testConfig
)
) )
) })
it("can set permission views", async () => { let tableIdForDescribe: string
let actionId1: string, actionId2: string
let viewId1: string, viewId2: string
beforeAll(async () => {
tableIdForDescribe = tableId
for (const rowAction of createRowActionRequests(3)) { for (const rowAction of createRowActionRequests(3)) {
await createRowAction(tableId, rowAction) await createRowAction(tableId, rowAction)
} }
const persisted = await config.api.rowAction.find(tableId) const persisted = await config.api.rowAction.find(tableId)
const [actionId1, actionId2] = _.sampleSize( const actions = _.sampleSize(Object.keys(persisted.actions), 2)
Object.keys(persisted.actions), actionId1 = actions[0]
2 actionId2 = actions[1]
)
const { id: viewId1 } = await config.api.viewV2.create( viewId1 = (
setup.structures.viewV2.createRequest(tableId) await config.api.viewV2.create(
) setup.structures.viewV2.createRequest(tableId)
const { id: viewId2 } = await config.api.viewV2.create( )
setup.structures.viewV2.createRequest(tableId) ).id
) viewId2 = (
await config.api.viewV2.create(
setup.structures.viewV2.createRequest(tableId)
)
).id
})
beforeEach(() => {
// Hack to reuse tables for these given tests
tableId = tableIdForDescribe
})
it("can set permission views", async () => {
await config.api.rowAction.setViewPermission( await config.api.rowAction.setViewPermission(
tableId, tableId,
viewId1, viewId1,
@ -566,56 +584,12 @@ describe("/rowsActions", () => {
expectedActions expectedActions
) )
}) })
})
describe("unsetViewPermission", () => {
unauthorisedTests((expectations, testConfig) =>
config.api.rowAction.unsetViewPermission(
tableId,
generator.guid(),
generator.guid(),
expectations,
testConfig
)
)
it("can unset permission views", async () => { it("can unset permission views", async () => {
for (const rowAction of createRowActionRequests(3)) {
await createRowAction(tableId, rowAction)
}
const persisted = await config.api.rowAction.find(tableId)
const [actionId] = _.sampleSize(Object.keys(persisted.actions), 1)
const { id: viewId1 } = await config.api.viewV2.create(
setup.structures.viewV2.createRequest(tableId)
)
const { id: viewId2 } = await config.api.viewV2.create(
setup.structures.viewV2.createRequest(tableId)
)
await config.api.rowAction.setViewPermission(tableId, viewId1, actionId, {
status: 200,
body: {},
})
await config.api.rowAction.setViewPermission(tableId, viewId2, actionId, {
status: 200,
body: {},
})
expect((await config.api.rowAction.find(tableId)).actions).toEqual(
expect.objectContaining({
[actionId]: expect.objectContaining({
allowedViews: [viewId1, viewId2],
}),
})
)
const actionResult = await config.api.rowAction.unsetViewPermission( const actionResult = await config.api.rowAction.unsetViewPermission(
tableId, tableId,
viewId1, viewId1,
actionId, actionId1,
{ {
status: 200, status: 200,
body: {}, body: {},
@ -627,8 +601,47 @@ describe("/rowsActions", () => {
}) })
expect(actionResult).toEqual(expectedAction) expect(actionResult).toEqual(expectedAction)
expect( expect(
(await config.api.rowAction.find(tableId)).actions[actionId] (await config.api.rowAction.find(tableId)).actions[actionId1]
).toEqual(expectedAction) ).toEqual(expectedAction)
}) })
it.each([
["setViewPermission", config.api.rowAction.setViewPermission],
["unsetViewPermission", config.api.rowAction.unsetViewPermission],
])(
"cannot update permission views for unexisting views (%s)",
async (__, delegateTest) => {
const viewId = generator.guid()
await delegateTest(tableId, viewId, actionId1, {
status: 400,
body: {
message: `View '${viewId}' not found in '${tableId}'`,
},
})
}
)
it.each([
["setViewPermission", config.api.rowAction.setViewPermission],
["unsetViewPermission", config.api.rowAction.unsetViewPermission],
])(
"cannot update permission views crossing table views (%s)",
async (__, delegateTest) => {
const anotherTable = await config.api.table.save(
setup.structures.basicTable()
)
const { id: viewId } = await config.api.viewV2.create(
setup.structures.viewV2.createRequest(anotherTable._id!)
)
await delegateTest(tableId, viewId, actionId1, {
status: 400,
body: {
message: `View '${viewId}' not found in '${tableId}'`,
},
})
}
)
}) })
}) })

10
packages/server/src/sdk/app/rowActions.ts
View File

@ -142,7 +142,15 @@ export async function update(
} }
async function guardView(tableId: string, viewId: string) { async function guardView(tableId: string, viewId: string) {
const view = await sdk.views.get(viewId) let view
try {
view = await sdk.views.get(viewId)
} catch (e: any) {
if (e?.message !== "Unable to extract table ID, is not a view ID") {
throw e
}
// View id is not valid
}
if (!view || view.tableId !== tableId) { if (!view || view.tableId !== tableId) {
throw new HTTPError(`View '${viewId}' not found in '${tableId}'`, 400) throw new HTTPError(`View '${viewId}' not found in '${tableId}'`, 400)
} }