Only give current user create access in create collection test
This commit is contained in:
parent
55450a5ebc
commit
0389be522e
1 changed files with 10 additions and 6 deletions
|
@ -50,10 +50,7 @@ trait DatabasesBase
|
||||||
'name' => 'Movies',
|
'name' => 'Movies',
|
||||||
'documentSecurity' => true,
|
'documentSecurity' => true,
|
||||||
'permissions' => [
|
'permissions' => [
|
||||||
Permission::read(Role::any()),
|
Permission::create(Role::user($this->getUser()['$id'])),
|
||||||
Permission::create(Role::any()),
|
|
||||||
Permission::update(Role::any()),
|
|
||||||
Permission::delete(Role::any()),
|
|
||||||
],
|
],
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
@ -2289,13 +2286,20 @@ trait DatabasesBase
|
||||||
$this->assertCount(0, $document['body']['$permissions']);
|
$this->assertCount(0, $document['body']['$permissions']);
|
||||||
$this->assertEquals([], $document['body']['$permissions']);
|
$this->assertEquals([], $document['body']['$permissions']);
|
||||||
|
|
||||||
// Check user can still read document due to collection permissions of read("any")
|
// Check client side can no longer read the document.
|
||||||
$document = $this->client->call(Client::METHOD_GET, '/databases/' . $databaseId . '/collections/' . $data['moviesId'] . '/documents/' . $id, array_merge([
|
$document = $this->client->call(Client::METHOD_GET, '/databases/' . $databaseId . '/collections/' . $data['moviesId'] . '/documents/' . $id, array_merge([
|
||||||
'content-type' => 'application/json',
|
'content-type' => 'application/json',
|
||||||
'x-appwrite-project' => $this->getProject()['$id'],
|
'x-appwrite-project' => $this->getProject()['$id'],
|
||||||
], $this->getHeaders()));
|
], $this->getHeaders()));
|
||||||
|
|
||||||
|
switch ($this->getSide()) {
|
||||||
|
case 'client':
|
||||||
|
$this->assertEquals(404, $document['headers']['status-code']);
|
||||||
|
break;
|
||||||
|
case 'server':
|
||||||
$this->assertEquals(200, $document['headers']['status-code']);
|
$this->assertEquals(200, $document['headers']['status-code']);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
return $data;
|
return $data;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue