UNPKG

@bigfishtv/cockpit

Version:

88 lines (73 loc) 3.42 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
import { userCanAccess } from './roleUtils' describe('roleUtils.userCanAccess', () => { it('allows admin without explicit permissions', () => { const resources = [{ model: 'Acorns' }] const user = { admin: true } expect(userCanAccess(resources, user)).toEqual(true) }) it('allows if no resources specified', () => { const resources = [] const user = { permissions: [] } expect(userCanAccess(resources, user)).toEqual(true) }) it('denies if user has no permissions', () => { const resources = [{ model: 'Acorns' }] const user = { permissions: [] } expect(userCanAccess(resources, user)).toEqual(false) }) it('allows if resource is more specific than permission', () => { const resources = [{ model: 'Acorns', foreign_key: 1 }] const user = { permissions: [{ model: 'Acorns' }] } expect(userCanAccess(resources, user)).toEqual(true) }) it('allows if permission is more specific than resource', () => { const resources = [{ model: 'Acorns' }] const user = { permissions: [{ model: 'Acorns', foreign_key: 1 }] } expect(userCanAccess(resources, user)).toEqual(true) }) it('denies if permission is same specific as resource but different id', () => { const resources = [{ model: 'Acorns', foreign_key: 2 }] const user = { permissions: [{ model: 'Acorns', foreign_key: 1 }] } expect(userCanAccess(resources, user)).toEqual(false) }) it('accepts resource object instead of array', () => { const resource = { model: 'Acorns', foreign_key: 1 } const user = { permissions: [{ model: 'Acorns' }] } expect(userCanAccess(resource, user)).toEqual(true) }) it('allows if user has permission for at least one resource', () => { const resources = [{ model: 'Bananas' }, { model: 'Acorns' }, { model: 'Berries' }] const user = { permissions: [{ model: 'Acorns' }] } expect(userCanAccess(resources, user)).toEqual(true) }) it('allows if user has permission for action', () => { const resources = [{ model: 'Acorns', action: 'peel' }] const user = { permissions: [{ model: 'Acorns', actions: ['discover', 'peel', 'eat'] }] } expect(userCanAccess(resources, user)).toEqual(true) }) it('accepts permission actions to be a string instead of an array', () => { const resources = [{ model: 'Acorns', action: 'peel' }] const user = { permissions: [{ model: 'Acorns', actions: 'peel' }] } expect(userCanAccess(resources, user)).toEqual(true) }) it('denies if user has no permission for action', () => { const resources = [{ model: 'Acorns', action: 'peel' }] const user = { permissions: [{ model: 'Acorns', actions: ['discover'] }] } expect(userCanAccess(resources, user)).toEqual(false) }) it('allows if user has no actions specified in permission', () => { const resources = [{ model: 'Acorns', action: 'peel' }] const user = { permissions: [{ model: 'Acorns', actions: null }] } expect(userCanAccess(resources, user)).toEqual(true) }) it('empty array is same as null for permission actions', () => { const resources = [{ model: 'Acorns', action: 'peel' }] const user = { permissions: [{ model: 'Acorns', actions: [] }] } expect(userCanAccess(resources, user)).toEqual(true) }) it('denies if action is for a different model', () => { const resources = [{ model: 'Acorns', action: 'peel' }] const user = { permissions: [{ model: 'Berries', actions: ['peel'] }] } expect(userCanAccess(resources, user)).toEqual(false) }) })