Some more work and start of a test case towards resource permissions.
This commit is contained in:
parent
7d8cdafc60
commit
d9ca4f0eed
|
@ -26,6 +26,8 @@ async function updatePermissionOnRole(
|
|||
const dbRoles = body.rows.map(row => row.doc)
|
||||
const docUpdates = []
|
||||
|
||||
// TODO NEED TO HANDLE BUILTINS HERE - THE dbRoles doesn't contain them
|
||||
|
||||
// now try to find any roles which need updated, e.g. removing the
|
||||
// resource from another role and then adding to the new role
|
||||
for (let role of dbRoles) {
|
||||
|
|
|
@ -4,6 +4,9 @@ const { BUILTIN_ROLE_IDS } = require("../../../utilities/security/roles")
|
|||
const packageJson = require("../../../../package")
|
||||
const jwt = require("jsonwebtoken")
|
||||
const env = require("../../../environment")
|
||||
const {
|
||||
BUILTIN_PERMISSION_IDS,
|
||||
} = require("../../../utilities/security/permissions")
|
||||
|
||||
const TEST_CLIENT_ID = "test-client-id"
|
||||
|
||||
|
@ -70,6 +73,21 @@ exports.createTable = async (request, appId, table, removeId = true) => {
|
|||
return res.body
|
||||
}
|
||||
|
||||
exports.createRole = async (request, appId) => {
|
||||
const roleBody = {
|
||||
name: "NewRole",
|
||||
inherits: BUILTIN_ROLE_IDS.BASIC,
|
||||
permissionId: BUILTIN_PERMISSION_IDS.READ_ONLY,
|
||||
}
|
||||
const res = await request
|
||||
.post(`/api/roles`)
|
||||
.send(roleBody)
|
||||
.set(exports.defaultHeaders(appId))
|
||||
.expect("Content-Type", /json/)
|
||||
.expect(200)
|
||||
return res.body
|
||||
}
|
||||
|
||||
exports.createLinkedTable = async (request, appId) => {
|
||||
// get the ID to link to
|
||||
const table = await exports.createTable(request, appId)
|
||||
|
|
|
@ -0,0 +1,54 @@
|
|||
const {
|
||||
createApplication,
|
||||
createTable,
|
||||
supertest,
|
||||
defaultHeaders,
|
||||
} = require("./couchTestUtils")
|
||||
const { BUILTIN_ROLE_IDS } = require("../../../utilities/security/roles")
|
||||
|
||||
const STD_ROLE_ID = BUILTIN_ROLE_IDS.BASIC
|
||||
|
||||
describe("/permission", () => {
|
||||
let server
|
||||
let request
|
||||
let appId
|
||||
let table
|
||||
|
||||
beforeAll(async () => {
|
||||
;({ request, server } = await supertest())
|
||||
})
|
||||
|
||||
afterAll(() => {
|
||||
server.close()
|
||||
})
|
||||
|
||||
beforeEach(async () => {
|
||||
let app = await createApplication(request)
|
||||
appId = app.instance._id
|
||||
table = await createTable(request, appId)
|
||||
})
|
||||
|
||||
describe("levels", () => {
|
||||
it("should be able to get levels", async () => {
|
||||
const res = await request
|
||||
.get(`/api/permission/levels`)
|
||||
.set(defaultHeaders(appId))
|
||||
.expect("Content-Type", /json/)
|
||||
.expect(200)
|
||||
expect(res.body).toBeDefined()
|
||||
expect(res.body.length).toEqual(2)
|
||||
expect(res.body).toContain("read")
|
||||
expect(res.body).toContain("write")
|
||||
})
|
||||
})
|
||||
|
||||
describe("add", () => {
|
||||
it("should be able to add permission to a role for the table", async () => {
|
||||
const res = await request
|
||||
.post(`/api/permission/${STD_ROLE_ID}/${table._id}/read`)
|
||||
.set(defaultHeaders(appId))
|
||||
.expect("Content-Type", /json/)
|
||||
.expect(200)
|
||||
})
|
||||
})
|
||||
})
|
|
@ -23,7 +23,6 @@ exports.HostingTypes = {
|
|||
}
|
||||
|
||||
exports.getHostingInfo = async () => {
|
||||
console.trace("DID A GET!")
|
||||
const db = new CouchDB(BUILDER_CONFIG_DB)
|
||||
let doc
|
||||
try {
|
||||
|
|
Loading…
Reference in New Issue