2020-05-28 11:29:59 +02:00
|
|
|
'use strict';
|
|
|
|
|
2020-07-02 14:00:07 +02:00
|
|
|
const createContext = require('../../../../test/helpers/create-context');
|
2020-05-28 11:29:59 +02:00
|
|
|
const roleController = require('../role');
|
|
|
|
|
|
|
|
describe('Role controller', () => {
|
|
|
|
describe('getPermissions', () => {
|
|
|
|
test('Fails if role does not exist', async () => {
|
|
|
|
const findOne = jest.fn(() => Promise.resolve());
|
2020-05-28 13:02:06 +02:00
|
|
|
const notFound = jest.fn();
|
2020-05-28 11:29:59 +02:00
|
|
|
|
|
|
|
const ctx = createContext(
|
|
|
|
{
|
|
|
|
params: { id: 1 },
|
|
|
|
},
|
|
|
|
{
|
|
|
|
notFound,
|
|
|
|
}
|
|
|
|
);
|
|
|
|
|
|
|
|
global.strapi = {
|
|
|
|
admin: {
|
|
|
|
services: {
|
|
|
|
role: {
|
|
|
|
findOne,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
};
|
|
|
|
|
|
|
|
await roleController.getPermissions(ctx);
|
|
|
|
|
|
|
|
expect(findOne).toHaveBeenCalledWith({ id: ctx.params.id });
|
|
|
|
expect(notFound).toHaveBeenCalled();
|
|
|
|
});
|
2020-05-28 13:02:06 +02:00
|
|
|
|
|
|
|
test('Finds permissions correctly', async () => {
|
|
|
|
const permissions = [
|
|
|
|
{
|
|
|
|
action: 'test1',
|
|
|
|
},
|
|
|
|
{
|
|
|
|
action: 'test2',
|
|
|
|
subject: 'model1',
|
|
|
|
},
|
|
|
|
];
|
|
|
|
|
|
|
|
const findOneRole = jest.fn(() => Promise.resolve({ id: 1 }));
|
|
|
|
const findPermissions = jest.fn(() => Promise.resolve(permissions));
|
2020-07-20 17:40:01 +02:00
|
|
|
const sanitizePermission = jest.fn(perms => perms);
|
2020-05-28 13:02:06 +02:00
|
|
|
|
|
|
|
const ctx = createContext({
|
|
|
|
params: { id: 1 },
|
|
|
|
});
|
|
|
|
|
|
|
|
global.strapi = {
|
|
|
|
admin: {
|
|
|
|
services: {
|
|
|
|
role: {
|
|
|
|
findOne: findOneRole,
|
|
|
|
},
|
|
|
|
permission: {
|
|
|
|
find: findPermissions,
|
2020-07-20 17:40:01 +02:00
|
|
|
sanitizePermission,
|
2020-05-28 13:02:06 +02:00
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
};
|
|
|
|
|
|
|
|
await roleController.getPermissions(ctx);
|
|
|
|
|
|
|
|
expect(findOneRole).toHaveBeenCalledWith({ id: ctx.params.id });
|
|
|
|
expect(findPermissions).toHaveBeenCalledWith({ role: ctx.params.id, _limit: -1 });
|
|
|
|
expect(ctx.body).toEqual({
|
|
|
|
data: permissions,
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('updatePermissions', () => {
|
|
|
|
test('Fails on missing permissions input', async () => {
|
|
|
|
const badRequest = jest.fn();
|
2020-06-23 16:31:16 +02:00
|
|
|
const findOne = jest.fn(() => Promise.resolve({ id: 1 }));
|
2020-05-28 13:02:06 +02:00
|
|
|
|
|
|
|
const ctx = createContext(
|
|
|
|
{
|
|
|
|
params: { id: 1 },
|
|
|
|
body: {},
|
|
|
|
},
|
|
|
|
{ badRequest }
|
|
|
|
);
|
|
|
|
|
2020-06-16 18:49:49 +02:00
|
|
|
global.strapi = {
|
|
|
|
admin: {
|
|
|
|
services: {
|
2021-03-25 14:59:44 +01:00
|
|
|
permission: {
|
|
|
|
sanitizePermission: jest.fn(p => p),
|
|
|
|
},
|
2020-06-16 18:49:49 +02:00
|
|
|
role: {
|
2020-06-23 16:31:16 +02:00
|
|
|
findOne,
|
2020-06-16 18:49:49 +02:00
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
};
|
|
|
|
|
2020-05-28 13:02:06 +02:00
|
|
|
await roleController.updatePermissions(ctx);
|
|
|
|
|
|
|
|
expect(badRequest).toHaveBeenCalledWith(
|
|
|
|
'ValidationError',
|
|
|
|
expect.objectContaining({
|
|
|
|
permissions: expect.arrayContaining([]),
|
|
|
|
})
|
|
|
|
);
|
|
|
|
});
|
|
|
|
|
|
|
|
test('Fails on missing action permission', async () => {
|
|
|
|
const badRequest = jest.fn();
|
2020-06-23 16:31:16 +02:00
|
|
|
const findOne = jest.fn(() => Promise.resolve({ id: 1 }));
|
2020-05-28 13:02:06 +02:00
|
|
|
|
|
|
|
const ctx = createContext(
|
|
|
|
{
|
|
|
|
params: { id: 1 },
|
|
|
|
body: {
|
|
|
|
permissions: [{}],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{ badRequest }
|
|
|
|
);
|
2020-06-16 18:49:49 +02:00
|
|
|
global.strapi = {
|
|
|
|
admin: {
|
|
|
|
services: {
|
2020-06-23 16:31:16 +02:00
|
|
|
role: { findOne },
|
2021-03-25 14:59:44 +01:00
|
|
|
permission: {
|
|
|
|
sanitizePermission: jest.fn(p => p),
|
|
|
|
actionProvider: { get: jest.fn() },
|
|
|
|
conditionProvider: { values: jest.fn(() => []) },
|
|
|
|
},
|
2020-06-16 18:49:49 +02:00
|
|
|
},
|
|
|
|
},
|
|
|
|
};
|
2020-05-28 13:02:06 +02:00
|
|
|
|
|
|
|
await roleController.updatePermissions(ctx);
|
|
|
|
|
|
|
|
expect(badRequest).toHaveBeenCalledWith(
|
|
|
|
'ValidationError',
|
|
|
|
expect.objectContaining({
|
|
|
|
'permissions[0].action': expect.arrayContaining([
|
|
|
|
'permissions[0].action is a required field',
|
|
|
|
]),
|
|
|
|
})
|
|
|
|
);
|
|
|
|
});
|
|
|
|
|
|
|
|
test('Assign permissions if input is valid', async () => {
|
|
|
|
const roleID = 1;
|
|
|
|
const findOneRole = jest.fn(() => Promise.resolve({ id: roleID }));
|
|
|
|
const assignPermissions = jest.fn((roleID, permissions) => Promise.resolve(permissions));
|
|
|
|
const inputPermissions = [
|
|
|
|
{
|
|
|
|
action: 'test',
|
|
|
|
subject: 'model1',
|
2021-03-25 14:59:44 +01:00
|
|
|
properties: { fields: ['title'] },
|
2020-06-18 15:34:09 +02:00
|
|
|
conditions: ['admin::is-creator'],
|
2020-05-28 13:02:06 +02:00
|
|
|
},
|
|
|
|
];
|
|
|
|
|
|
|
|
const ctx = createContext({
|
|
|
|
params: { id: roleID },
|
|
|
|
body: {
|
|
|
|
permissions: inputPermissions,
|
|
|
|
},
|
|
|
|
});
|
|
|
|
|
|
|
|
global.strapi = {
|
|
|
|
admin: {
|
|
|
|
services: {
|
|
|
|
role: {
|
2020-10-19 16:34:02 +02:00
|
|
|
assignPermissions,
|
2020-05-28 13:02:06 +02:00
|
|
|
findOne: findOneRole,
|
2020-06-18 11:40:50 +02:00
|
|
|
getSuperAdmin: jest.fn(() => undefined),
|
2020-05-28 13:02:06 +02:00
|
|
|
},
|
|
|
|
permission: {
|
2021-03-25 14:59:44 +01:00
|
|
|
sanitizePermission: jest.fn(permissions => permissions),
|
2020-06-16 18:49:49 +02:00
|
|
|
conditionProvider: {
|
2021-03-25 14:59:44 +01:00
|
|
|
values: jest.fn(() => [{ id: 'admin::is-creator' }]),
|
2020-06-16 18:49:49 +02:00
|
|
|
},
|
|
|
|
actionProvider: {
|
2021-03-25 14:59:44 +01:00
|
|
|
values: jest.fn(() => [{ actionId: 'test', subjects: ['model1'] }]),
|
|
|
|
get: jest.fn(() => ({
|
|
|
|
actionId: 'test',
|
|
|
|
subjects: ['model1'],
|
|
|
|
options: { applyToProperties: ['fields'] },
|
|
|
|
})),
|
2020-06-16 18:49:49 +02:00
|
|
|
},
|
2020-05-28 13:02:06 +02:00
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
};
|
|
|
|
|
|
|
|
await roleController.updatePermissions(ctx);
|
|
|
|
|
|
|
|
expect(findOneRole).toHaveBeenCalledWith({ id: roleID });
|
|
|
|
expect(assignPermissions).toHaveBeenCalledWith(roleID, inputPermissions);
|
|
|
|
|
|
|
|
expect(ctx.body).toEqual({
|
|
|
|
data: inputPermissions,
|
|
|
|
});
|
|
|
|
});
|
2020-05-28 11:29:59 +02:00
|
|
|
});
|
|
|
|
});
|