CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-02 10:54:44 +12:00
Code Issues Projects Releases Wiki Activity

init draft of permission tests

Browse source
This commit is contained in:
Torsten Dittmann 2021-10-08 14:49:45 +02:00
parent 3e7605d195
commit 6e87d261fe
3 changed files with 344 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

95
tests/e2e/Services/Database/DatabasePermissionsGuestTest.php Normal file
View file

@ -0,0 +1,95 @@
<?php
namespace Tests\E2E\Services\Database;
use Tests\E2E\Client;
use Tests\E2E\Scopes\Scope;
use Tests\E2E\Scopes\ProjectCustom;
use Tests\E2E\Scopes\SideClient;
class DatabasePermissionsGuestTest extends Scope
{
use ProjectCustom;
use SideClient;
use DatabasePermissionsScope;
public array $mockPermissions = [
[
'read' => ['role:all'],
'write' => []
],
[
'read' => ['role:member'],
'write' => []
],
[
'read' => ['user:random'],
'write' => []
],
[
'read' => [],
'write' => ['role:all']
],
[
'read' => ['role:all'],
'write' => ['role:all']
],
[
'read' => ['role:member'],
'write' => ['role:member']
],
[
'read' => ['role:all'],
'write' => ['role:member']
]
];
public function createCollection(): array
{
$movies = $this->client->call(Client::METHOD_POST, '/database/collections', $this->getServerHeader(), [
'collectionId' => 'unique()',
'name' => 'Movies',
'read' => ['role:all'],
'write' => ['role:all'],
'permission' => 'document',
]);
$collection = ['id' => $movies['body']['$id']];
$this->client->call(Client::METHOD_POST, '/database/collections/' . $collection['id'] . '/attributes/string', $this->getServerHeader(), [
'attributeId' => 'title',
'size' => 256,
'required' => true,
]);
sleep(2);
return $collection;
}
public function testReadDocuments()
{
$collection = $this->createCollection();
foreach ($this->mockPermissions as $permissions) {
$response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $collection['id'] . '/documents', $this->getServerHeader(), [
'documentId' => 'unique()',
'data' => [
'title' => 'Lorem',
],
'read' => $permissions['read'],
'write' => $permissions['write'],
]);
$this->assertEquals(201, $response['headers']['status-code']);
}
$documents = $this->client->call(Client::METHOD_GET, '/database/collections/' . $collection['id'] . '/documents', [
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
]);
foreach ($documents['body']['documents'] as $document) {
$this->assertContains('role:all', $document['$read']);
}
}
}

165
tests/e2e/Services/Database/DatabasePermissionsMemberTest.php Normal file
View file

@ -0,0 +1,165 @@
<?php
namespace Tests\E2E\Services\Database;
use Tests\E2E\Client;
use Tests\E2E\Scopes\Scope;
use Tests\E2E\Scopes\ProjectCustom;
use Tests\E2E\Scopes\SideClient;
class DatabasePermissionsMemberTest extends Scope
{
use ProjectCustom;
use SideClient;
use DatabasePermissionsScope;
public array $mockPermissions = [
[
'read' => ['role:all'],
'write' => []
],
[
'read' => ['role:member'],
'write' => []
],
[
'read' => ['user:random'],
'write' => []
],
[
'read' => ['user:lorem'],
'write' => ['user:lorem']
],
[
'read' => ['user:dolor'],
'write' => ['user:dolor']
],
[
'read' => ['user:dolor', 'user:lorem'],
'write' => ['user:dolor']
],
[
'read' => [],
'write' => ['role:all']
],
[
'read' => ['role:all'],
'write' => ['role:all']
],
[
'read' => ['role:member'],
'write' => ['role:member']
],
[
'read' => ['role:all'],
'write' => ['role:member']
]
];
public function createCollections(): array
{
$movies = $this->client->call(Client::METHOD_POST, '/database/collections', $this->getServerHeader(), [
'collectionId' => 'unique()',
'name' => 'Movies',
'read' => ['role:all'],
'write' => ['role:all'],
'permission' => 'document',
]);
$collections = ['public' => $movies['body']['$id']];
$this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['public'] . '/attributes/string', $this->getServerHeader(), [
'attributeId' => 'title',
'size' => 256,
'required' => true,
]);
$private = $this->client->call(Client::METHOD_POST, '/database/collections', $this->getServerHeader(), [
'collectionId' => 'unique()',
'name' => 'Private Movies',
'read' => ['role:member'],
'write' => ['role:member'],
'permission' => 'document',
]);
$collections['private'] = $private['body']['$id'];
$this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['private'] . '/attributes/string', $this->getServerHeader(), [
'attributeId' => 'title',
'size' => 256,
'required' => true,
]);
sleep(2);
return $collections;
}
public function testReadDocuments()
{
$user1 = $this->createUser('lorem', 'lorem@ipsum.com');
$user2 = $this->createUser('dolor', 'dolor@ipsum.com');
$collections = $this->createCollections();
foreach ($this->mockPermissions as $permissions) {
$response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['public'] . '/documents', $this->getServerHeader(), [
'documentId' => 'unique()',
'data' => [
'title' => 'Lorem',
],
'read' => $permissions['read'],
'write' => $permissions['write'],
]);
$this->assertEquals(201, $response['headers']['status-code']);
}
foreach ($this->mockPermissions as $permissions) {
$response = $this->client->call(Client::METHOD_POST, '/database/collections/' . $collections['private'] . '/documents', $this->getServerHeader(), [
'documentId' => 'unique()',
'data' => [
'title' => 'Lorem',
],
'read' => $permissions['read'],
'write' => $permissions['write'],
]);
$this->assertEquals(201, $response['headers']['status-code']);
}
/**
* Check role:all collection
*/
$documents = $this->client->call(Client::METHOD_GET, '/database/collections/' . $collections['public'] . '/documents', [
'origin' => 'http://localhost',
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $user1['session'],
]);
foreach ($documents['body']['documents'] as $document) {
$hasPermissions = \array_reduce(['role:all', 'role:member', 'user:' . $user1['$id']], function ($carry, $item) use ($document) {
return $carry ? true : \in_array($item, $document['$read']);
}, false);
$this->assertTrue($hasPermissions);
}
/**
* Check role:member collection
*/
$documents = $this->client->call(Client::METHOD_GET, '/database/collections/' . $collections['private'] . '/documents', [
'origin' => 'http://localhost',
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'cookie' => 'a_session_' . $this->getProject()['$id'] . '=' . $user1['session'],
]);
foreach ($documents['body']['documents'] as $document) {
$hasPermissions = \array_reduce(['role:all', 'role:member', 'user:' . $user1['$id']], function ($carry, $item) use ($document) {
return $carry ? true : \in_array($item, $document['$read']);
}, false);
$this->assertTrue($hasPermissions);
}
}
}

84
tests/e2e/Services/Database/DatabasePermissionsScope.php Normal file
View file

@ -0,0 +1,84 @@
<?php
namespace Tests\E2E\Services\Database;
use Tests\E2E\Client;
trait DatabasePermissionsScope
{
public array $users = [];
public function createUser(string $id, string $email, string $password = 'test123'): array
{
$user = $this->client->call(Client::METHOD_POST, '/account', [
'origin' => 'http://localhost',
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], [
'userId' => $id,
'email' => $email,
'password' => $password
]);
$this->assertEquals(201, $user['headers']['status-code']);
$session = $this->client->call(Client::METHOD_POST, '/account/sessions', [
'origin' => 'http://localhost',
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
], [
'email' => $email,
'password' => $password,
]);
$session = $this->client->parseCookie((string)$session['headers']['set-cookie'])['a_session_' . $this->getProject()['$id']];
$user = [
'$id' => $user['body']['$id'],
'email' => $user['body']['email'],
'session' => $session,
];
$this->users[$email] = $user;
return $user;
}
public function getCreatedUser(string $id): array
{
return $this->users[$id] ?? [];
}
public function createTeam(string $id, string $name): array
{
$team = $this->client->call(Client::METHOD_POST, '/teams', $this->getServerHeader(), [
'teamId' => $id,
'name' => $name
]);
return $team;
}
public function addToTeam(string $user, string $team, array $roles = []): array
{
$membership = $this->client->call(Client::METHOD_POST, '/teams/' . $team . '/memberships', $this->getServerHeader(), [
'teamId' => $team,
'email' => $this->getCreatedUser($user)['email'],
'roles' => $roles,
'url' => 'http://localhost:5000/join-us#title'
]);
return [
'user' => $membership['body']['userId'],
'membership' => $membership['body']['$id']
];
}
public function getServerHeader(): array
{
return [
'content-type' => 'application/json',
'x-appwrite-project' => $this->getProject()['$id'],
'x-appwrite-key' => $this->getProject()['apiKey']
];
}
}