MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Tweak tests

This commit is contained in:
Adria Navarro 2024-09-06 10:37:52 +02:00
parent f1d0d9a171
commit c4c3c4a169
1 changed files with 123 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

155
packages/server/src/api/routes/tests/rowAction.spec.ts
View File

@ -651,13 +651,27 @@ describe("/rowsActions", () => {
}) })
describe("trigger", () => { describe("trigger", () => {
let row: Row let viewId: string
let rowId: string
let rowAction: RowActionResponse let rowAction: RowActionResponse
beforeEach(async () => { beforeEach(async () => {
row = await config.api.row.save(tableId, {}) const row = await config.api.row.save(tableId, {})
rowId = row._id!
rowAction = await createRowAction(tableId, createRowActionRequest()) rowAction = await createRowAction(tableId, createRowActionRequest())
viewId = (
await config.api.viewV2.create(
setup.structures.viewV2.createRequest(tableId)
)
).id
await config.api.rowAction.setViewPermission(
tableId,
viewId,
rowAction.id
)
await config.publish() await config.publish()
tk.travel(Date.now() + 100) tk.travel(Date.now() + 100)
}) })
@ -673,9 +687,7 @@ describe("/rowsActions", () => {
it("can trigger an automation given valid data", async () => { it("can trigger an automation given valid data", async () => {
expect(await getAutomationLogs()).toBeEmpty() expect(await getAutomationLogs()).toBeEmpty()
await config.api.rowAction.trigger(tableId, rowAction.id, { await config.api.rowAction.trigger(viewId, rowAction.id, { rowId })
rowId: row._id!,
})
const automationLogs = await getAutomationLogs() const automationLogs = await getAutomationLogs()
expect(automationLogs).toEqual([ expect(automationLogs).toEqual([
@ -687,8 +699,11 @@ describe("/rowsActions", () => {
inputs: null, inputs: null,
outputs: { outputs: {
fields: {}, fields: {},
row: await config.api.row.get(tableId, row._id!), row: await config.api.row.get(tableId, rowId),
table: await config.api.table.get(tableId), table: {
...(await config.api.table.get(tableId)),
views: expect.anything(),
},
automation: expect.objectContaining({ automation: expect.objectContaining({
_id: rowAction.automationId, _id: rowAction.automationId,
}), }),
@ -709,9 +724,7 @@ describe("/rowsActions", () => {
await config.api.rowAction.trigger( await config.api.rowAction.trigger(
viewId, viewId,
rowAction.id, rowAction.id,
{ { rowId },
rowId: row._id!,
},
{ {
status: 403, status: 403,
body: { body: {
@ -738,10 +751,9 @@ describe("/rowsActions", () => {
) )
await config.publish() await config.publish()
expect(await getAutomationLogs()).toBeEmpty() expect(await getAutomationLogs()).toBeEmpty()
await config.api.rowAction.trigger(viewId, rowAction.id, { await config.api.rowAction.trigger(viewId, rowAction.id, { rowId })
rowId: row._id!,
})
const automationLogs = await getAutomationLogs() const automationLogs = await getAutomationLogs()
expect(automationLogs).toEqual([ expect(automationLogs).toEqual([
@ -751,46 +763,7 @@ describe("/rowsActions", () => {
]) ])
}) })
describe.each([ describe("role permission checks", () => {
[
"table",
async () => ({ permissionResource: tableId, triggerResouce: tableId }),
],
[
"view (with implicit views)",
async () => {
const viewId = (
await config.api.viewV2.create(
setup.structures.viewV2.createRequest(tableId)
)
).id
await config.api.rowAction.setViewPermission(
tableId,
viewId,
rowAction.id
)
return { permissionResource: viewId, triggerResouce: viewId }
},
],
[
"view (without implicit views)",
async () => {
const viewId = (
await config.api.viewV2.create(
setup.structures.viewV2.createRequest(tableId)
)
).id
await config.api.rowAction.setViewPermission(
tableId,
viewId,
rowAction.id
)
return { permissionResource: tableId, triggerResouce: viewId }
},
],
])("role permission checks (for %s)", (_, getResources) => {
beforeAll(() => { beforeAll(() => {
mocks.licenses.useViewPermissions() mocks.licenses.useViewPermissions()
}) })
@ -831,6 +804,42 @@ describe("/rowsActions", () => {
) )
})() })()
describe.each([
[
"view (with implicit views)",
async () => {
const viewId = (
await config.api.viewV2.create(
setup.structures.viewV2.createRequest(tableId)
)
).id
await config.api.rowAction.setViewPermission(
tableId,
viewId,
rowAction.id
)
return { permissionResource: viewId, triggerResouce: viewId }
},
],
[
"view (without implicit views)",
async () => {
const viewId = (
await config.api.viewV2.create(
setup.structures.viewV2.createRequest(tableId)
)
).id
await config.api.rowAction.setViewPermission(
tableId,
viewId,
rowAction.id
)
return { permissionResource: tableId, triggerResouce: viewId }
},
],
])("checks for %s", (_, getResources) => {
it.each(allowedRoleConfig)( it.each(allowedRoleConfig)(
"allows triggering if the user has read permission (user %s, table %s)", "allows triggering if the user has read permission (user %s, table %s)",
async (userRole, resourcePermission) => { async (userRole, resourcePermission) => {
@ -849,9 +858,7 @@ describe("/rowsActions", () => {
await config.api.rowAction.trigger( await config.api.rowAction.trigger(
triggerResouce, triggerResouce,
rowAction.id, rowAction.id,
{ { rowId },
rowId: row._id!,
},
{ status: 200 } { status: 200 }
) )
}) })
@ -875,9 +882,7 @@ describe("/rowsActions", () => {
await config.api.rowAction.trigger( await config.api.rowAction.trigger(
triggerResouce, triggerResouce,
rowAction.id, rowAction.id,
{ { rowId },
rowId: row._id!,
},
{ {
status: 403, status: 403,
body: { message: "User does not have permission" }, body: { message: "User does not have permission" },
@ -890,5 +895,37 @@ describe("/rowsActions", () => {
} }
) )
}) })
it.each(allowedRoleConfig)(
"does not allow running row actions for tables by default even",
async (userRole, resourcePermission) => {
await config.api.permission.add({
level: PermissionLevel.READ,
resourceId: tableId,
roleId: resourcePermission,
})
const normalUser = await createUser(userRole)
await config.withUser(normalUser, async () => {
await config.publish()
await config.api.rowAction.trigger(
tableId,
rowAction.id,
{ rowId },
{
status: 403,
body: {
message: `Row action '${rowAction.id}' is not enabled for table '${tableId}'`,
},
}
)
const automationLogs = await getAutomationLogs()
expect(automationLogs).toBeEmpty()
})
}
)
})
}) })
}) })