authorizedjs

assert = require('assert') Auth = require('../index.js') users = require('./helpers/users') MyTestPermits = require('./helpers/test_permits') MyTest = require('./helpers/my_test') describe 'auth', -> describe 'authorization', -> describe 'test method', -> beforeEach (done) -> @auth = new Auth.Authorization({MyTest: MyTestPermits}) done() it "should not authorize when permits are missing", -> auth = new Auth.Authorization() assert.equal auth.test(users.admin, "missing", "someaction"), null it "should not authorize when permit is missing", -> assert.equal @auth.test(users.admin, "missing", "someaction"), undefined it 'should authorize valid user if permits are set', -> assert.equal @auth.test(users.admin, "MyTest", "adminAction"), true it 'should not authorize invalid user', -> assert.equal @auth.test(users.user, "MyTest", "adminAction"), false it 'should authorize user for specific resource', -> myTestResource = new MyTest(users.fake) assert.equal @auth.test(users.admin, myTestResource, "resourceAction"), true it 'should not authorize user for specific resource', -> myTestResource = new MyTest(users.fake) assert.equal @auth.test(users.user, myTestResource, "resourceAction"), false it "should not authorize when permit action does not exist", -> assert.equal @auth.test(users.user, "MyTest", "invalid"), false it "should authorize with constructor called as resource", -> assert.equal @auth.test(users.user, MyTest, "userAction"), true describe 'events', -> beforeEach (done) -> @auth = new Auth.Authorization({MyTest: MyTestPermits}) done() it "should not authorize when permits are missing", (done) -> auth = new Auth.Authorization() auth.on 'error', (error) -> assert.equal error, "MissingPermits" done() auth.check(users.admin, "missing", "someaction") it "should not authorize when permit is missing", (done) -> @auth.on 'error', (error) -> assert.equal error, "MissingPermit" done() @auth.check users.admin, "missing", "someaction" it 'should authorize valid user if permits are set', (done) -> @auth.on 'success', (data) -> assert.equal data, true done() @auth.check(users.admin, "MyTest", "adminAction") it 'should not authorize invalid user', (done) -> @auth.on 'error', (error) -> assert.equal error, "UnauthorizedAccess" done() @auth.check(users.user, "MyTest", "adminAction") it 'should authorize user for specific resource', (done) -> myTestResource = new MyTest(users.fake) @auth.on 'success', (data) -> assert.equal data, true done() @auth.check(users.admin, myTestResource, "resourceAction") it 'should not authorize user for specific resource', (done) -> myTestResource = new MyTest(users.fake) @auth.on 'error', (error) -> assert.equal error, "UnauthorizedAccess" done() @auth.check(users.user, myTestResource, "resourceAction") it "should not authorize when permit action does not exist", (done) -> @auth.on 'error', (error) -> assert.equal error, "UnauthorizedAccess" done() @auth.check(users.user, "MyTest", "invalid") it "should authorize with constructor called as resource", (done) -> @auth.on 'success', (data) -> assert.equal data, true done() @auth.check(users.user, MyTest, "userAction") describe 'callbacks', -> beforeEach (done) -> @auth = new Auth.Authorization({MyTest: MyTestPermits}) done() it "should not authorize when permits are missing", (done) -> auth = new Auth.Authorization() auth.check users.admin, "missing", "someaction", (data) -> false , (error) -> assert.equal error, 'MissingPermits' done() it "should not authorize when permit is missing", (done) -> @auth.check users.admin, "missing", "someaction", (data) -> false , (error) -> assert.equal error, "MissingPermit" done() it 'should authorize valid user if permits are set', (done) -> @auth.check users.admin, "MyTest", "adminAction", (data) -> assert.equal data, true done() , (error) -> false it 'should not authorize invalid user', (done) -> @auth.check users.user, "MyTest", "adminAction", (data) -> false , (error) -> assert.equal error, "UnauthorizedAccess" done() it 'should authorize user for specific resource', (done) -> myTestResource = new MyTest(users.fake) @auth.check users.admin, myTestResource, "resourceAction", (data) -> assert.equal data, true done() , (error) -> false it 'should not authorize user for specific resource', (done) -> myTestResource = new MyTest(users.fake) @auth.check users.user, myTestResource, "resourceAction", (data) -> false , (error) -> assert.equal error, "UnauthorizedAccess" done() it "should not authorize when permit action does not exist", (done) -> @auth.check users.user, "MyTest", "invalid", (data) -> false , (error) -> assert.equal error, "UnauthorizedAccess" done() it "should authorize with constructor called as resource", (done) -> @auth.check users.user, MyTest, "userAction", (data) -> assert.equal data, true done() , (error) -> false