UNPKG

@furystack/core

Version:

Core FuryStack package

github.com/furystack/furystack

furystack/furystack

92 lines (80 loc) 3.63 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
import { createInjector, InjectorDisposedError } from '@furystack/inject' import { usingAsync } from '@furystack/utils' import { describe, expect, it } from 'vitest' import { getCurrentUser, isAuthenticated, isAuthorized } from './helpers.js' import { IdentityContext } from './identity-context.js' import { createSystemIdentityContext, useSystemIdentityContext } from './system-identity-context.js' describe('createSystemIdentityContext', () => { it('reports isAuthenticated as true', async () => { const ctx = createSystemIdentityContext() expect(await ctx.isAuthenticated()).toBe(true) }) it('reports isAuthorized as true without roles', async () => { const ctx = createSystemIdentityContext() expect(await ctx.isAuthorized()).toBe(true) }) it('reports isAuthorized as true for any roles', async () => { const ctx = createSystemIdentityContext() expect(await ctx.isAuthorized('admin', 'superuser')).toBe(true) }) it('returns the default system user when username is omitted', async () => { const ctx = createSystemIdentityContext() expect(await ctx.getCurrentUser()).toEqual({ username: 'system', roles: [] }) }) it('honours a custom username', async () => { const ctx = createSystemIdentityContext({ username: 'migration-job' }) expect(await ctx.getCurrentUser()).toEqual({ username: 'migration-job', roles: [] }) }) }) describe('useSystemIdentityContext', () => { it('returns a child scope, not the parent injector', async () => { await usingAsync(createInjector(), async (parent) => { const child = useSystemIdentityContext({ injector: parent }) expect(child).not.toBe(parent) await child[Symbol.asyncDispose]() }) }) it('binds an elevated identity on the child scope only', async () => { await usingAsync(createInjector(), async (parent) => { await usingAsync(useSystemIdentityContext({ injector: parent }), async (child) => { expect(await isAuthenticated(child)).toBe(true) expect(await isAuthorized(child, 'admin')).toBe(true) expect(await isAuthenticated(parent)).toBe(false) }) }) }) it('uses the default username when not specified', async () => { await usingAsync(createInjector(), async (parent) => { await usingAsync(useSystemIdentityContext({ injector: parent }), async (child) => { const user = await getCurrentUser(child) expect(user.username).toBe('system') }) }) }) it('propagates the configured username through getCurrentUser', async () => { await usingAsync(createInjector(), async (parent) => { await usingAsync(useSystemIdentityContext({ injector: parent, username: 'seed-script' }), async (child) => { const user = await getCurrentUser(child) expect(user).toEqual({ username: 'seed-script', roles: [] }) }) }) }) it('disposes the child scope once usingAsync completes', async () => { await usingAsync(createInjector(), async (parent) => { let childRef: ReturnType<typeof useSystemIdentityContext> | undefined await usingAsync(useSystemIdentityContext({ injector: parent }), async (child) => { childRef = child }) expect(childRef).toBeDefined() expect(() => childRef!.get(IdentityContext)).toThrow(InjectorDisposedError) }) }) it('does not dispose the parent injector', async () => { await usingAsync(createInjector(), async (parent) => { await usingAsync(useSystemIdentityContext({ injector: parent }), async () => { // no-op }) expect(() => parent.createScope()).not.toThrow() }) }) })