diff --git a/packages/core/permissions/lib/__tests__/permissions.engine.test.js b/packages/core/permissions/lib/__tests__/permissions.engine.test.js index b4e48af73b..272289986b 100644 --- a/packages/core/permissions/lib/__tests__/permissions.engine.test.js +++ b/packages/core/permissions/lib/__tests__/permissions.engine.test.js @@ -5,7 +5,7 @@ const permissions = require('../'); describe('Permissions Engine', () => { const providers = { action: { get: jest.fn() }, - condition: { values: jest.fn(() => []) }, + condition: { get: jest.fn(() => []) }, }; // const generateInvalidateActionHook = action => { @@ -15,7 +15,7 @@ describe('Permissions Engine', () => { // }; const buildEngine = (engineProviders = providers, engineHooks = []) => { - const engine = permissions.engine.new(engineProviders); + const engine = permissions.engine.new({ providers: engineProviders }); // jest.spyOn(engine.generateAbility, 'register'); engineHooks.forEach(({ hookName, hookFn }) => { engine.on(hookName, hookFn); @@ -29,33 +29,71 @@ describe('Permissions Engine', () => { return { engine, ability }; }; - describe('registers', () => { - beforeEach(() => { - // - }); + beforeEach(() => { + // + }); - it('action (with nothing else)', async () => { - const { ability } = await buildEngineWithAbility({ - permissions: [{ action: 'read' }], - }); - expect(ability.can('read')).toBeTruthy(); - expect(ability.can('i_dont_exist')).toBeFalsy(); - // expect(permissions.engine.new).toBeCalledTimes(1); + it('register action', async () => { + const { ability } = await buildEngineWithAbility({ + permissions: [{ action: 'read' }], }); + expect(ability.can('read')).toBeTruthy(); + expect(ability.can('i_dont_exist')).toBeFalsy(); + }); - it('action with subject', async () => { + it('registers action with null subject', async () => { + const { ability } = await buildEngineWithAbility({ + permissions: [{ action: 'read', subject: null }], + }); + expect(ability.can('read')).toBeTruthy(); + }); + + it('registers action with subject', async () => { + const { ability } = await buildEngineWithAbility({ + permissions: [{ action: 'read', subject: 'article' }], + }); + expect(ability.can('read', 'article')).toBeTruthy(); + expect(ability.can('read', 'user')).toBeFalsy(); + }); + + // TODO: I noticed another test checking this. Looks like we just test === on subject, so primitives or + // objects passed by reference will work but object values will not work + // it('requires subject to be string ', async () => { + // const subject = { id: 123 }; + // const { ability } = await buildEngineWithAbility({ + // permissions: [{ action: 'read', subject }], + // }); + // expect(ability.can('read', subject)).toBeFalsy(); + // }); + + it('registers action with subject and properties', async () => { + const { ability } = await buildEngineWithAbility({ + permissions: [{ action: 'read', subject: 'article', properties: { fields: ['title'] } }], + }); + expect(ability.can('read')).toBeFalsy(); + expect(ability.can('read', 'user')).toBeFalsy(); + expect(ability.can('read', 'article')).toBeTruthy(); + expect(ability.can('read', 'article', 'title')).toBeTruthy(); + expect(ability.can('read', 'article', 'name')).toBeFalsy(); + }); + + describe('conditions', () => { + it('does not register action when conditions not met', async () => { const { ability } = await buildEngineWithAbility({ - permissions: [{ action: 'read', subject: 'article' }], + permissions: [ + { + action: 'read', + subject: 'article', + properties: { fields: ['title'] }, + conditions: ['isAuthor'], + }, + ], }); - expect(ability.can('read', 'article')).toBeTruthy(); + expect(ability.can('read')).toBeFalsy(); expect(ability.can('read', 'user')).toBeFalsy(); - }); - - it('action with null subject', async () => { - const { ability } = await buildEngineWithAbility({ - permissions: [{ action: 'read', subject: null, properties: {} }], - }); - expect(ability.can('read')).toBeTruthy(); + expect(ability.can('read', 'article')).toBeFalsy(); + expect(ability.can('read', 'article', 'title')).toBeFalsy(); + expect(ability.can('read', 'article', 'name')).toBeFalsy(); }); }); });