UNPKG

@userfrosting/sprinkle-account

Version:

Account Sprinkle for UserFrosting

github.com/userfrosting/sprinkle-account

userfrosting/sprinkle-account

110 lines (93 loc) 4.07 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
import { afterEach, beforeEach, describe, expect, test, vi } from 'vitest' import { useConfigStore } from '@userfrosting/sprinkle-core/stores' import { useAuthorizationManager } from '../../composables' import type { UserDataInterface } from 'app/assets/interfaces' // Mock the user and it's permissions const mockUser: UserDataInterface = { id: 1, user_name: 'test_user', first_name: 'Test', last_name: 'User', full_name: 'Test User', email: 'test_user@example.com', avatar: '', flag_enabled: true, flag_verified: true, group_id: null, locale: 'en_US', created_at: new Date().toString(), updated_at: new Date().toString(), deleted_at: null, is_master: false, permissions: { 'test.permission': ['always()'], 'unsupported.permission': ['unsupportedCondition()'], 'multiple.conditions': ['always()', 'unsupportedCondition()'] } } // Mock the config store vi.mock('@userfrosting/sprinkle-core/stores') const mockUseConfigStore = { get: vi.fn() } describe('useAuthorizationManager', () => { afterEach(() => { vi.clearAllMocks() vi.resetAllMocks() }) beforeEach(() => { // Mock the config store mockUseConfigStore.get.mockReturnValue(true) vi.mocked(useConfigStore).mockReturnValue(mockUseConfigStore as any) // Mock console.debug vi.spyOn(console, 'debug').mockImplementation(() => {}) }) test('should deny access if no user is defined', () => { const { checkAccess } = useAuthorizationManager(null) expect(checkAccess('test.permission')).toBe(false) expect(console.debug).toHaveBeenCalledWith('No user defined. Access denied.', undefined) }) test('should deny access if no permissions are defined', () => { // Force mock user permissions to be empty const mockUserWithNoPermissions = { ...mockUser, permissions: {} } const { checkAccess } = useAuthorizationManager(mockUserWithNoPermissions) expect(checkAccess('test.permission')).toBe(false) }) test('should deny access if the permission slug is not found', () => { const { checkAccess } = useAuthorizationManager(mockUser) expect(checkAccess('nonexistent.permission')).toBe(false) }) test('should grant access if the condition is "always()"', () => { const { checkAccess } = useAuthorizationManager(mockUser) expect(checkAccess('test.permission')).toBe(true) }) test('should grant access if the user is the master user', () => { // Force mock user permissions to be empty const mockUserIsMaster = { ...mockUser, is_master: true } const { checkAccess } = useAuthorizationManager(mockUserIsMaster) // Accept even if the condition is unsupported or doesn't exist expect(checkAccess('test.permission')).toBe(true) expect(checkAccess('unsupported.permission')).toBe(true) expect(checkAccess('exist.not')).toBe(true) }) test('should deny access if the condition is unsupported', () => { const { checkAccess } = useAuthorizationManager(mockUser) expect(checkAccess('unsupported.permission')).toBe(false) }) test('should grant access if conditions contains one "always()"', () => { const { checkAccess } = useAuthorizationManager(mockUser) expect(checkAccess('multiple.conditions')).toBe(true) }) test('should deny access if no conditions are met', () => { const { checkAccess } = useAuthorizationManager(mockUser) expect(checkAccess('exist.not')).toBe(false) }) test('should not send debug to console if config disabled', () => { // Disable debug for this test mockUseConfigStore.get.mockReturnValue(false) vi.mocked(useConfigStore).mockReturnValue(mockUseConfigStore as any) const { checkAccess } = useAuthorizationManager(null) expect(checkAccess('test.permission')).toBe(false) expect(console.debug).not.toHaveBeenCalled() }) })