UNPKG

policyline

Version:

Attributes Based Access Control library for Node.JS

209 lines (185 loc) 4.47 kB
let expect = require('chai').expect; let PolicyLine = require('../dist/policyline.min'); let Policy = PolicyLine.Policy; describe("Conditions Checking", function () { it(": positive case condition", function () { let rules = { target: [ 'user.role="admin"', 'user.company=resource.company', ] }; let policy = new Policy(rules); let data = { user: { role: 'admin', company: 'companyA' }, action: {}, env: {} }; expect(policy.check(data)).to.equal(true); let conditions = policy.getConditions(); let result = {company: 'companyA'}; expect(conditions).to.deep.equal(result); }); it(": positive case condition with mixin", function () { let rules = { target: [ 'resource.author=user.cuid', 'resource.company="company_c"' ] }; let policy = new Policy(rules); let data = { user: { cuid: '873n4y2xn4' }, action: {}, env: {} }; expect(policy.check(data)).to.equal(true); let conditions = policy.getConditions({ id: '98245n524n' }); let result = { id: '98245n524n', author: '873n4y2xn4', company: 'company_c' }; expect(conditions).to.deep.equal(result); }); it(": double condition checking", function () { let rules = { target: [ 'user.role="admin"', 'user.company=resource.company', ] }; let policy = new Policy(rules); let data = { user: { role: 'admin', company: 'companyA' }, action: {}, env: {} }; expect(policy.check({ user: {}, action: {}, env: {} })).to.equal(false); expect(policy.getConditions()).to.equal(undefined); expect(policy.check(data)).to.equal(true); expect(policy.getConditions()).to.deep.equal({company: 'companyA'}); }); it(": empty condition", function () { let rules = { target: [ 'user.role="admin"' ] }; let policy = new Policy(rules); let data = { user: { role: 'admin' }, action: {}, env: {} }; expect(policy.check(data)).to.equal(true); let conditions = policy.getConditions(); expect(Object.keys(conditions).length).equal(0); }); it(": negative case condition", function () { let rules = { target: [ 'user.role="admin"', 'user.company=resource.company', ] }; let policy = new Policy(rules); let data = { user: { role: 'developer', company: 'companyA' }, action: {}, env: {} }; expect(policy.check(data)).to.equal(false); let conditions = policy.getConditions(); expect(conditions).to.equal(undefined); }); it(": complex test", function () { let rules = { target: [ 'user.company=resource.company', 'resource.type="inner"', 'resource.value>=100', 'resource.value<200', 'resource.likes~=["vaporizing", "talking"]', 'resource.occupation="host/gi"..regExp', // /host/gi 'resource.name.last="Ghost"', 'resource.name.first~=["Ghost", "Non"]', 'resource.department..or="R&D"', 'resource.department..or="sale"', 'resource.location..radius=100', 'resource.location..inArea=user.location' ] }; let policy = new Policy(rules); let data = { user: { location: [49.9935, 36.2304], company: 'companyA' }, action: {}, env: {} }; expect(policy.check(data)).to.equal(true); let conditions = policy.getConditions(); let result = { "company": "companyA", "type": "inner", "value": { "$gte": 100, "$lt": 200 }, "likes": { "$in": [ "vaporizing", "talking" ] }, "occupation": /host/gi, "name.last": "Ghost", "name.first": { "$in": [ "Ghost", "Non" ] }, "department": { "$or": [ "R&D", "sale" ] }, "location": { "$near": { "$geometry": { "type": "Point", "coordinates": [ 49.9935, 36.2304 ] }, "$maxDistance": 100000 } } }; expect(conditions).to.deep.equal(result); }); });