Some more work and start of a test case towards resource permissions.
This commit is contained in:
parent
7d8cdafc60
commit
d9ca4f0eed
|
@ -26,6 +26,8 @@ async function updatePermissionOnRole(
|
||||||
const dbRoles = body.rows.map(row => row.doc)
|
const dbRoles = body.rows.map(row => row.doc)
|
||||||
const docUpdates = []
|
const docUpdates = []
|
||||||
|
|
||||||
|
// TODO NEED TO HANDLE BUILTINS HERE - THE dbRoles doesn't contain them
|
||||||
|
|
||||||
// now try to find any roles which need updated, e.g. removing the
|
// now try to find any roles which need updated, e.g. removing the
|
||||||
// resource from another role and then adding to the new role
|
// resource from another role and then adding to the new role
|
||||||
for (let role of dbRoles) {
|
for (let role of dbRoles) {
|
||||||
|
|
|
@ -4,6 +4,9 @@ const { BUILTIN_ROLE_IDS } = require("../../../utilities/security/roles")
|
||||||
const packageJson = require("../../../../package")
|
const packageJson = require("../../../../package")
|
||||||
const jwt = require("jsonwebtoken")
|
const jwt = require("jsonwebtoken")
|
||||||
const env = require("../../../environment")
|
const env = require("../../../environment")
|
||||||
|
const {
|
||||||
|
BUILTIN_PERMISSION_IDS,
|
||||||
|
} = require("../../../utilities/security/permissions")
|
||||||
|
|
||||||
const TEST_CLIENT_ID = "test-client-id"
|
const TEST_CLIENT_ID = "test-client-id"
|
||||||
|
|
||||||
|
@ -70,6 +73,21 @@ exports.createTable = async (request, appId, table, removeId = true) => {
|
||||||
return res.body
|
return res.body
|
||||||
}
|
}
|
||||||
|
|
||||||
|
exports.createRole = async (request, appId) => {
|
||||||
|
const roleBody = {
|
||||||
|
name: "NewRole",
|
||||||
|
inherits: BUILTIN_ROLE_IDS.BASIC,
|
||||||
|
permissionId: BUILTIN_PERMISSION_IDS.READ_ONLY,
|
||||||
|
}
|
||||||
|
const res = await request
|
||||||
|
.post(`/api/roles`)
|
||||||
|
.send(roleBody)
|
||||||
|
.set(exports.defaultHeaders(appId))
|
||||||
|
.expect("Content-Type", /json/)
|
||||||
|
.expect(200)
|
||||||
|
return res.body
|
||||||
|
}
|
||||||
|
|
||||||
exports.createLinkedTable = async (request, appId) => {
|
exports.createLinkedTable = async (request, appId) => {
|
||||||
// get the ID to link to
|
// get the ID to link to
|
||||||
const table = await exports.createTable(request, appId)
|
const table = await exports.createTable(request, appId)
|
||||||
|
|
|
@ -0,0 +1,54 @@
|
||||||
|
const {
|
||||||
|
createApplication,
|
||||||
|
createTable,
|
||||||
|
supertest,
|
||||||
|
defaultHeaders,
|
||||||
|
} = require("./couchTestUtils")
|
||||||
|
const { BUILTIN_ROLE_IDS } = require("../../../utilities/security/roles")
|
||||||
|
|
||||||
|
const STD_ROLE_ID = BUILTIN_ROLE_IDS.BASIC
|
||||||
|
|
||||||
|
describe("/permission", () => {
|
||||||
|
let server
|
||||||
|
let request
|
||||||
|
let appId
|
||||||
|
let table
|
||||||
|
|
||||||
|
beforeAll(async () => {
|
||||||
|
;({ request, server } = await supertest())
|
||||||
|
})
|
||||||
|
|
||||||
|
afterAll(() => {
|
||||||
|
server.close()
|
||||||
|
})
|
||||||
|
|
||||||
|
beforeEach(async () => {
|
||||||
|
let app = await createApplication(request)
|
||||||
|
appId = app.instance._id
|
||||||
|
table = await createTable(request, appId)
|
||||||
|
})
|
||||||
|
|
||||||
|
describe("levels", () => {
|
||||||
|
it("should be able to get levels", async () => {
|
||||||
|
const res = await request
|
||||||
|
.get(`/api/permission/levels`)
|
||||||
|
.set(defaultHeaders(appId))
|
||||||
|
.expect("Content-Type", /json/)
|
||||||
|
.expect(200)
|
||||||
|
expect(res.body).toBeDefined()
|
||||||
|
expect(res.body.length).toEqual(2)
|
||||||
|
expect(res.body).toContain("read")
|
||||||
|
expect(res.body).toContain("write")
|
||||||
|
})
|
||||||
|
})
|
||||||
|
|
||||||
|
describe("add", () => {
|
||||||
|
it("should be able to add permission to a role for the table", async () => {
|
||||||
|
const res = await request
|
||||||
|
.post(`/api/permission/${STD_ROLE_ID}/${table._id}/read`)
|
||||||
|
.set(defaultHeaders(appId))
|
||||||
|
.expect("Content-Type", /json/)
|
||||||
|
.expect(200)
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
|
@ -23,7 +23,6 @@ exports.HostingTypes = {
|
||||||
}
|
}
|
||||||
|
|
||||||
exports.getHostingInfo = async () => {
|
exports.getHostingInfo = async () => {
|
||||||
console.trace("DID A GET!")
|
|
||||||
const db = new CouchDB(BUILDER_CONFIG_DB)
|
const db = new CouchDB(BUILDER_CONFIG_DB)
|
||||||
let doc
|
let doc
|
||||||
try {
|
try {
|
||||||
|
|
Loading…
Reference in New Issue