yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-08-10 17:58:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
strapi/packages/strapi-admin/controllers/__tests__/permission.test.js

126 lines
3.8 KiB
JavaScript
Raw Normal View History

Add check many permissions route/controller / Add userAbility to the context's state / Add isAuthenticatedAdmin.js Signed-off-by: Convly <jean-sebastien.herbaux@epitech.eu>
2020-06-10 18:04:47 +02:00
'use strict';
const permissionController = require('../permission');
const createContext = ({ params = {}, query = {}, body = {} }, overrides = {}) => ({
params,
query,
request: {
body,
},
...overrides,
});
describe('Permission Controller', () => {
const localTestData = {
permissions: {
valid: [
{ action: 'read', subject: 'article', field: 'title' },
{ action: 'read', subject: 'article' },
{ action: 'read' },
],
invalid: [
{ action: {}, subject: '', field: '' },
{ subject: 'article', field: 'title' },
{ action: 'read', subject: {}, field: 'title' },
{ action: 'read', subject: 'article', field: {} },
{ action: 'read', subject: 'article', field: 'title', foo: 'bar' },
],
},
ability: {
can: jest.fn(() => true),
},
badRequest: jest.fn(),
};
global.strapi = {
admin: {
services: {
permission: {
engine: {
checkMany: jest.fn(ability => permissions => {
return permissions.map(({ action, subject, field }) =>
ability.can(action, subject, field)
);
}),
},
},
},
},
};
afterEach(async () => {
jest.clearAllMocks();
});
describe('Check Many Permissions', () => {
test('Invalid Permission Shape (bad type for action)', async () => {
const ctx = createContext(
{ body: { permissions: [localTestData.permissions.invalid[0]] } },
{ state: { userAbility: localTestData.ability }, badRequest: localTestData.badRequest }
);
await permissionController.check(ctx);
expect(localTestData.badRequest).toHaveBeenCalled();
});
test('Invalid Permission Shape (missing required action)', async () => {
const ctx = createContext(
{ body: { permissions: [localTestData.permissions.invalid[1]] } },
{ state: { userAbility: localTestData.ability }, badRequest: localTestData.badRequest }
);
await permissionController.check(ctx);
expect(localTestData.badRequest).toHaveBeenCalled();
});
test('Invalid Permission Shape (bad type for subject)', async () => {
const ctx = createContext(
{ body: { permissions: [localTestData.permissions.invalid[2]] } },
{ state: { userAbility: localTestData.ability }, badRequest: localTestData.badRequest }
);
await permissionController.check(ctx);
expect(localTestData.badRequest).toHaveBeenCalled();
});
test('Invalid Permission Shape (bad type for field)', async () => {
const ctx = createContext(
{ body: { permissions: [localTestData.permissions.invalid[3]] } },
{ state: { userAbility: localTestData.ability }, badRequest: localTestData.badRequest }
);
await permissionController.check(ctx);
expect(localTestData.badRequest).toHaveBeenCalled();
});
test('Invalid Permission Shape (unrecognized foo param)', async () => {
const ctx = createContext(
{ body: { permissions: [localTestData.permissions.invalid[4]] } },
{ state: { userAbility: localTestData.ability }, badRequest: localTestData.badRequest }
);
await permissionController.check(ctx);
expect(localTestData.badRequest).toHaveBeenCalled();
});
test('Check Many Permissions', async () => {
const ctx = createContext(
{ body: { permissions: localTestData.permissions.valid } },
{ state: { userAbility: localTestData.ability } }
);
await permissionController.check(ctx);
expect(localTestData.ability.can).toHaveBeenCalled();
expect(strapi.admin.services.permission.engine.checkMany).toHaveBeenCalled();
expect(ctx.body.data).toHaveLength(localTestData.permissions.valid.length);
});
});
});
Reference in New Issue Copy Permalink