openhim-core
Version:
The OpenHIM core application that provides logging and routing of http requests
165 lines (143 loc) • 4.67 kB
text/coffeescript
should = require "should"
sinon = require "sinon"
authorisation = require "../../lib/api/authorisation"
Channel = require("../../lib/model/channels").Channel
User = require("../../lib/model/users").User
describe "API authorisation test", ->
user = new User
firstname: 'Bill'
surname: 'Murray'
email: 'bfm@crazy.net'
passwordAlgorithm: 'sha512'
passwordHash: '3cc90918-7044-4e55-b61d-92ae73cb261e'
passwordSalt: '22a61686-66f6-483c-a524-185aac251fb0'
groups: [ 'HISP' , 'group2' ]
user2 = new User
firstname: 'Random'
surname: 'User'
email: 'someguy@meh.net'
passwordAlgorithm: 'sha512'
passwordHash: '3cc90918-7044-4e55-b61d-92ae73cb261e'
passwordSalt: '22a61686-66f6-483c-a524-185aac251fb0'
groups: [ 'nothing', 'here' ]
user3 = new User
firstname: 'Random'
surname: 'User'
email: 'someguy@meh.net'
passwordAlgorithm: 'sha512'
passwordHash: '3cc90918-7044-4e55-b61d-92ae73cb261e'
passwordSalt: '22a61686-66f6-483c-a524-185aac251fb0'
groups: [ 'admin' ]
before (done) ->
channel1 = new Channel
name: "TestChannel1 - api authorisation"
urlPattern: "test/sample"
allow: [ "PoC", "Test1", "Test2" ]
routes: [
name: "test route"
host: "localhost"
port: 9876
primary: true
]
txViewAcl: [ "group1", "group2" ]
txRerunAcl: [ "group2" ]
channel2 = new Channel
name: "TestChannel2 - api authorisation"
urlPattern: "test/sample"
allow: [ "PoC", "Test1", "Test2" ]
routes: [
name: "test route"
host: "localhost"
port: 9876
primary: true
]
txViewAcl: [ "group2", "group3" ]
txRerunAcl: [ "group1", "group3" ]
channel3 = new Channel
name: "TestChannel3 - api authorisation"
urlPattern: "test/sample"
allow: [ "PoC", "Test1", "Test2" ]
routes: [
name: "test route"
host: "localhost"
port: 9876
primary: true
]
txViewAcl: [ "group4" ]
txRerunAcl: [ "group4" ]
channel1.save ->
channel2.save ->
channel3.save ->
done()
after (done) ->
Channel.remove {}, ->
done()
describe ".inGroup", ->
it "should return true when a user is in a particular group", ->
result = authorisation.inGroup 'group2', user
result.should.be.true
it "should return falsse when a user is in NOT a particular group", ->
result = authorisation.inGroup 'somethingelse', user
result.should.be.false
describe ".getUserViewableChannels", ->
it "should return channels that a user can view", (done) ->
promise = authorisation.getUserViewableChannels user
promise.then (channels) ->
try
channels.should.have.length(2)
catch err
return done err
done()
, (err) ->
done err
it "should return an empty array when there are no channel that a user can view", (done) ->
promise = authorisation.getUserViewableChannels user2
promise.then (channels) ->
try
channels.should.have.length(0)
catch err
return done err
done()
, (err) ->
done err
it "should return all channels for viewing if a user is in the admin group", (done) ->
promise = authorisation.getUserViewableChannels user3
promise.then (channels) ->
try
channels.should.have.length(3)
catch err
return done err
done()
, (err) ->
done err
describe ".getUserRerunableChannels", ->
it "should return channels that a user can rerun", (done) ->
promise = authorisation.getUserRerunableChannels user
promise.then (channels) ->
try
channels.should.have.length(1)
catch err
return done err
done()
, (err) ->
done err
it "should return an empty array when there are no channel that a user can rerun", (done) ->
promise = authorisation.getUserRerunableChannels user2
promise.then (channels) ->
try
channels.should.have.length(0)
catch err
return done err
done()
, (err) ->
done err
it "should return all channels for rerunning if a user is in the admin group", (done) ->
promise = authorisation.getUserRerunableChannels user3
promise.then (channels) ->
try
channels.should.have.length(3)
catch err
return done err
done()
, (err) ->
done err