From 62b5e08cdeff6b039b2029d53296a800538f0131 Mon Sep 17 00:00:00 2001 From: Mateus Badan de Pieri Date: Fri, 14 Apr 2023 10:25:38 +0100 Subject: [PATCH 1/8] primary test cases, level to number working already --- .../backend-core/src/security/permissions.ts | 2 +- .../src/security/tests/permissions.spec.ts | 74 +++++++++++++++++++ 2 files changed, 75 insertions(+), 1 deletion(-) create mode 100644 packages/backend-core/src/security/tests/permissions.spec.ts diff --git a/packages/backend-core/src/security/permissions.ts b/packages/backend-core/src/security/permissions.ts index 42189bba0c..1daf7d7067 100644 --- a/packages/backend-core/src/security/permissions.ts +++ b/packages/backend-core/src/security/permissions.ts @@ -34,7 +34,7 @@ class Permission { } } -function levelToNumber(perm: PermissionLevel) { +export function levelToNumber(perm: PermissionLevel) { switch (perm) { // not everything has execute privileges case PermissionLevel.EXECUTE: diff --git a/packages/backend-core/src/security/tests/permissions.spec.ts b/packages/backend-core/src/security/tests/permissions.spec.ts new file mode 100644 index 0000000000..e77394d947 --- /dev/null +++ b/packages/backend-core/src/security/tests/permissions.spec.ts @@ -0,0 +1,74 @@ +import { + doesHaveBasePermission, + getBuiltinPermissionByID, + isPermissionLevelHigherThanRead, + PermissionLevel, + PermissionType, + levelToNumber, +} from "../permissions" + +describe("levelToNumber", () => { + it("should return 0 for EXECUTE", () => { + expect(levelToNumber(PermissionLevel.EXECUTE)).toBe(0) + }) + + it("should return 1 for READ", () => { + expect(levelToNumber(PermissionLevel.READ)).toBe(1) + }) + + it("should return 2 for WRITE", () => { + expect(levelToNumber(PermissionLevel.WRITE)).toBe(2) + }) + + it("should return 3 for ADMIN", () => { + expect(levelToNumber(PermissionLevel.ADMIN)).toBe(3) + }) + + it("should return -1 for an unknown permission level", () => { + expect(levelToNumber("unknown" as PermissionLevel)).toBe(-1) + }) +}) +describe("getBuiltinPermissionByID", () => { + it("should return the correct permission object", () => { + const id = "123" + const permission = { _id: id, name: "Test Permission" } + expect(getBuiltinPermissionByID(id)).toEqual(permission) + expect(getBuiltinPermissionByID("456")).toBeUndefined() + }) +}) + +describe("doesHaveBasePermission", () => { + it("should return true if base permission has the required level", () => { + const permType = PermissionType.APP + const permLevel = PermissionLevel.READ + const rolesHierarchy = [ + { roleId: "role1", permissionId: "permission1" }, + { roleId: "role2", permissionId: "permission2" }, + ] + expect(doesHaveBasePermission(permType, permLevel, rolesHierarchy)).toBe( + true + ) + }) + + it("should return false if base permission does not have the required level", () => { + const permType = PermissionType.APP + const permLevel = PermissionLevel.READ + const rolesHierarchy = [ + { roleId: "role1", permissionId: "permission1" }, + { roleId: "role2", permissionId: "permission2" }, + ] + expect(doesHaveBasePermission(permType, permLevel, rolesHierarchy)).toBe( + false + ) + }) +}) + +describe("isPermissionLevelHigherThanRead", () => { + it("should return true if level is higher than read", () => { + expect(isPermissionLevelHigherThanRead(PermissionLevel.WRITE)).toBe(true) + }) + + it("should return false if level is read or lower", () => { + expect(isPermissionLevelHigherThanRead(PermissionLevel.READ)).toBe(false) + }) +}) From fa83c5d7a1dd77e34d967d764f7c07987b3e54a4 Mon Sep 17 00:00:00 2001 From: Mateus Badan de Pieri Date: Fri, 14 Apr 2023 10:29:52 +0100 Subject: [PATCH 2/8] added get allowed levels (not working yet) --- .../src/security/tests/permissions.spec.ts | 39 ++++++++++++++++--- 1 file changed, 33 insertions(+), 6 deletions(-) diff --git a/packages/backend-core/src/security/tests/permissions.spec.ts b/packages/backend-core/src/security/tests/permissions.spec.ts index e77394d947..264e521f8b 100644 --- a/packages/backend-core/src/security/tests/permissions.spec.ts +++ b/packages/backend-core/src/security/tests/permissions.spec.ts @@ -5,6 +5,7 @@ import { PermissionLevel, PermissionType, levelToNumber, + getAllowedLevels, } from "../permissions" describe("levelToNumber", () => { @@ -28,12 +29,38 @@ describe("levelToNumber", () => { expect(levelToNumber("unknown" as PermissionLevel)).toBe(-1) }) }) -describe("getBuiltinPermissionByID", () => { - it("should return the correct permission object", () => { - const id = "123" - const permission = { _id: id, name: "Test Permission" } - expect(getBuiltinPermissionByID(id)).toEqual(permission) - expect(getBuiltinPermissionByID("456")).toBeUndefined() +describe("getAllowedLevels", () => { + it('should return ["execute"] for EXECUTE', () => { + expect(getAllowedLevels(PermissionLevel.EXECUTE)).toEqual([ + PermissionLevel.EXECUTE, + ]) + }) + + it('should return ["execute", "read"] for READ', () => { + expect(getAllowedLevels(PermissionLevel.READ)).toEqual([ + PermissionLevel.EXECUTE, + PermissionLevel.READ, + ]) + }) + + it('should return ["execute", "read", "write"] for WRITE', () => { + expect(getAllowedLevels(PermissionLevel.WRITE)).toEqual([ + PermissionLevel.EXECUTE, + PermissionLevel.READ, + PermissionLevel.WRITE, + ]) + }) + + it('should return ["execute", "read", "write"] for ADMIN', () => { + expect(getAllowedLevels(PermissionLevel.ADMIN)).toEqual([ + PermissionLevel.EXECUTE, + PermissionLevel.READ, + PermissionLevel.WRITE, + ]) + }) + + it("should return [] for an unknown permission level", () => { + expect(getAllowedLevels("unknown" as PermissionLevel)).toEqual([]) }) }) From 696eea9f92224cd6395d7a0821a100e7ae8911a4 Mon Sep 17 00:00:00 2001 From: Mateus Badan de Pieri Date: Fri, 14 Apr 2023 11:39:36 +0100 Subject: [PATCH 3/8] exporting function to test --- packages/backend-core/src/security/permissions.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/backend-core/src/security/permissions.ts b/packages/backend-core/src/security/permissions.ts index 1daf7d7067..dfe7988f76 100644 --- a/packages/backend-core/src/security/permissions.ts +++ b/packages/backend-core/src/security/permissions.ts @@ -55,7 +55,7 @@ export function levelToNumber(perm: PermissionLevel) { * @param {string} userPermLevel The permission level of the user. * @return {string[]} All the permission levels this user is allowed to carry out. */ -function getAllowedLevels(userPermLevel: PermissionLevel) { +export function getAllowedLevels(userPermLevel: PermissionLevel): string[] { switch (userPermLevel) { case PermissionLevel.EXECUTE: return [PermissionLevel.EXECUTE] @@ -64,9 +64,9 @@ function getAllowedLevels(userPermLevel: PermissionLevel) { case PermissionLevel.WRITE: case PermissionLevel.ADMIN: return [ + PermissionLevel.EXECUTE, PermissionLevel.READ, PermissionLevel.WRITE, - PermissionLevel.EXECUTE, ] default: return [] From 038476523fd9a5c6fcfe2152cfddad99cc0fd2b9 Mon Sep 17 00:00:00 2001 From: Mateus Badan de Pieri Date: Fri, 14 Apr 2023 11:39:52 +0100 Subject: [PATCH 4/8] doesHaveBasePermission tests --- .../src/security/tests/permissions.spec.ts | 64 ++++++++++++------- 1 file changed, 41 insertions(+), 23 deletions(-) diff --git a/packages/backend-core/src/security/tests/permissions.spec.ts b/packages/backend-core/src/security/tests/permissions.spec.ts index 264e521f8b..621a662933 100644 --- a/packages/backend-core/src/security/tests/permissions.spec.ts +++ b/packages/backend-core/src/security/tests/permissions.spec.ts @@ -1,13 +1,21 @@ import { - doesHaveBasePermission, - getBuiltinPermissionByID, - isPermissionLevelHigherThanRead, + RoleHierarchy, PermissionLevel, PermissionType, levelToNumber, getAllowedLevels, + BuiltinPermissionID, + getBuiltinPermissions, + getBuiltinPermissionByID, + doesHaveBasePermission, + isPermissionLevelHigherThanRead, + BUILDER, } from "../permissions" +jest.mock("../permissions", () => ({ + // getTenantId: jest.fn(() => "budibase"), + // DEFAULT_TENANT_ID: "default", +})) describe("levelToNumber", () => { it("should return 0 for EXECUTE", () => { expect(levelToNumber(PermissionLevel.EXECUTE)).toBe(0) @@ -65,28 +73,38 @@ describe("getAllowedLevels", () => { }) describe("doesHaveBasePermission", () => { - it("should return true if base permission has the required level", () => { - const permType = PermissionType.APP - const permLevel = PermissionLevel.READ - const rolesHierarchy = [ - { roleId: "role1", permissionId: "permission1" }, - { roleId: "role2", permissionId: "permission2" }, - ] - expect(doesHaveBasePermission(permType, permLevel, rolesHierarchy)).toBe( - true - ) + const rolesHierarchy: RoleHierarchy = [ + { permissionId: BuiltinPermissionID.READ_ONLY }, + ] + + it("should return true for read permission of read only role", () => { + expect( + doesHaveBasePermission( + PermissionType.TABLE, + PermissionLevel.READ, + rolesHierarchy + ) + ).toBe(true) }) - it("should return false if base permission does not have the required level", () => { - const permType = PermissionType.APP - const permLevel = PermissionLevel.READ - const rolesHierarchy = [ - { roleId: "role1", permissionId: "permission1" }, - { roleId: "role2", permissionId: "permission2" }, - ] - expect(doesHaveBasePermission(permType, permLevel, rolesHierarchy)).toBe( - false - ) + it("should return false for write permission of read only role", () => { + expect( + doesHaveBasePermission( + PermissionType.TABLE, + PermissionLevel.WRITE, + rolesHierarchy + ) + ).toBe(false) + }) + + it("should return true for execute permission of public role", () => { + expect( + doesHaveBasePermission( + PermissionType.WEBHOOK, + PermissionLevel.EXECUTE, + rolesHierarchy + ) + ).toBe(true) }) }) From 2f98ce977254d86683c7de0bf4f77de29a230614 Mon Sep 17 00:00:00 2001 From: Mateus Badan de Pieri Date: Fri, 14 Apr 2023 11:45:27 +0100 Subject: [PATCH 5/8] reverting some breaking changes --- .../src/security/tests/permissions.spec.ts | 64 +++++++------------ 1 file changed, 23 insertions(+), 41 deletions(-) diff --git a/packages/backend-core/src/security/tests/permissions.spec.ts b/packages/backend-core/src/security/tests/permissions.spec.ts index 621a662933..264e521f8b 100644 --- a/packages/backend-core/src/security/tests/permissions.spec.ts +++ b/packages/backend-core/src/security/tests/permissions.spec.ts @@ -1,21 +1,13 @@ import { - RoleHierarchy, + doesHaveBasePermission, + getBuiltinPermissionByID, + isPermissionLevelHigherThanRead, PermissionLevel, PermissionType, levelToNumber, getAllowedLevels, - BuiltinPermissionID, - getBuiltinPermissions, - getBuiltinPermissionByID, - doesHaveBasePermission, - isPermissionLevelHigherThanRead, - BUILDER, } from "../permissions" -jest.mock("../permissions", () => ({ - // getTenantId: jest.fn(() => "budibase"), - // DEFAULT_TENANT_ID: "default", -})) describe("levelToNumber", () => { it("should return 0 for EXECUTE", () => { expect(levelToNumber(PermissionLevel.EXECUTE)).toBe(0) @@ -73,38 +65,28 @@ describe("getAllowedLevels", () => { }) describe("doesHaveBasePermission", () => { - const rolesHierarchy: RoleHierarchy = [ - { permissionId: BuiltinPermissionID.READ_ONLY }, - ] - - it("should return true for read permission of read only role", () => { - expect( - doesHaveBasePermission( - PermissionType.TABLE, - PermissionLevel.READ, - rolesHierarchy - ) - ).toBe(true) + it("should return true if base permission has the required level", () => { + const permType = PermissionType.APP + const permLevel = PermissionLevel.READ + const rolesHierarchy = [ + { roleId: "role1", permissionId: "permission1" }, + { roleId: "role2", permissionId: "permission2" }, + ] + expect(doesHaveBasePermission(permType, permLevel, rolesHierarchy)).toBe( + true + ) }) - it("should return false for write permission of read only role", () => { - expect( - doesHaveBasePermission( - PermissionType.TABLE, - PermissionLevel.WRITE, - rolesHierarchy - ) - ).toBe(false) - }) - - it("should return true for execute permission of public role", () => { - expect( - doesHaveBasePermission( - PermissionType.WEBHOOK, - PermissionLevel.EXECUTE, - rolesHierarchy - ) - ).toBe(true) + it("should return false if base permission does not have the required level", () => { + const permType = PermissionType.APP + const permLevel = PermissionLevel.READ + const rolesHierarchy = [ + { roleId: "role1", permissionId: "permission1" }, + { roleId: "role2", permissionId: "permission2" }, + ] + expect(doesHaveBasePermission(permType, permLevel, rolesHierarchy)).toBe( + false + ) }) }) From 5180ac29d2a99122309f73b57cfa713b65223930 Mon Sep 17 00:00:00 2001 From: Mateus Badan de Pieri Date: Fri, 14 Apr 2023 12:16:01 +0100 Subject: [PATCH 6/8] final functions being tested --- .../backend-core/src/security/permissions.ts | 4 +- .../src/security/tests/permissions.spec.ts | 41 ++++++++++++++++--- 2 files changed, 38 insertions(+), 7 deletions(-) diff --git a/packages/backend-core/src/security/permissions.ts b/packages/backend-core/src/security/permissions.ts index dfe7988f76..6cacc12dd6 100644 --- a/packages/backend-core/src/security/permissions.ts +++ b/packages/backend-core/src/security/permissions.ts @@ -24,7 +24,7 @@ export enum PermissionType { QUERY = "query", } -class Permission { +export class Permission { type: PermissionType level: PermissionLevel @@ -81,7 +81,7 @@ export enum BuiltinPermissionID { POWER = "power", } -const BUILTIN_PERMISSIONS = { +export const BUILTIN_PERMISSIONS = { PUBLIC: { _id: BuiltinPermissionID.PUBLIC, name: "Public", diff --git a/packages/backend-core/src/security/tests/permissions.spec.ts b/packages/backend-core/src/security/tests/permissions.spec.ts index 264e521f8b..8f6ee76c81 100644 --- a/packages/backend-core/src/security/tests/permissions.spec.ts +++ b/packages/backend-core/src/security/tests/permissions.spec.ts @@ -1,3 +1,4 @@ +import { cloneDeep } from "lodash" import { doesHaveBasePermission, getBuiltinPermissionByID, @@ -6,7 +7,12 @@ import { PermissionType, levelToNumber, getAllowedLevels, + BuiltinPermissionID, + getBuiltinPermissions, + BUILTIN_PERMISSIONS, + Permission, } from "../permissions" +import { BUILTIN_ROLE_IDS } from "../roles" describe("levelToNumber", () => { it("should return 0 for EXECUTE", () => { @@ -66,11 +72,13 @@ describe("getAllowedLevels", () => { describe("doesHaveBasePermission", () => { it("should return true if base permission has the required level", () => { - const permType = PermissionType.APP + const permType = PermissionType.USER const permLevel = PermissionLevel.READ const rolesHierarchy = [ - { roleId: "role1", permissionId: "permission1" }, - { roleId: "role2", permissionId: "permission2" }, + { + roleId: BUILTIN_ROLE_IDS.ADMIN, + permissionId: BuiltinPermissionID.ADMIN, + }, ] expect(doesHaveBasePermission(permType, permLevel, rolesHierarchy)).toBe( true @@ -81,8 +89,10 @@ describe("doesHaveBasePermission", () => { const permType = PermissionType.APP const permLevel = PermissionLevel.READ const rolesHierarchy = [ - { roleId: "role1", permissionId: "permission1" }, - { roleId: "role2", permissionId: "permission2" }, + { + roleId: BUILTIN_ROLE_IDS.PUBLIC, + permissionId: BuiltinPermissionID.PUBLIC, + }, ] expect(doesHaveBasePermission(permType, permLevel, rolesHierarchy)).toBe( false @@ -99,3 +109,24 @@ describe("isPermissionLevelHigherThanRead", () => { expect(isPermissionLevelHigherThanRead(PermissionLevel.READ)).toBe(false) }) }) + +describe("getBuiltinPermissions", () => { + test("returns a clone of the builtin permissions", () => { + const builtins = getBuiltinPermissions() + expect(builtins).toEqual(cloneDeep(BUILTIN_PERMISSIONS)) + expect(builtins).not.toBe(BUILTIN_PERMISSIONS) + }) +}) + +describe("getBuiltinPermissionByID", () => { + test("returns correct permission object for valid ID", () => { + const expectedPermission = { + _id: BuiltinPermissionID.PUBLIC, + name: "Public", + permissions: [ + new Permission(PermissionType.WEBHOOK, PermissionLevel.EXECUTE), + ], + } + expect(getBuiltinPermissionByID("public")).toEqual(expectedPermission) + }) +}) From 643ca614a447354dc9d56e2aa49b16cf1c1d6930 Mon Sep 17 00:00:00 2001 From: Mateus Badan de Pieri Date: Sun, 16 Apr 2023 22:27:02 +0100 Subject: [PATCH 7/8] changing test to it --- packages/backend-core/src/security/tests/permissions.spec.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/backend-core/src/security/tests/permissions.spec.ts b/packages/backend-core/src/security/tests/permissions.spec.ts index 8f6ee76c81..97c14879b3 100644 --- a/packages/backend-core/src/security/tests/permissions.spec.ts +++ b/packages/backend-core/src/security/tests/permissions.spec.ts @@ -111,7 +111,7 @@ describe("isPermissionLevelHigherThanRead", () => { }) describe("getBuiltinPermissions", () => { - test("returns a clone of the builtin permissions", () => { + it("returns a clone of the builtin permissions", () => { const builtins = getBuiltinPermissions() expect(builtins).toEqual(cloneDeep(BUILTIN_PERMISSIONS)) expect(builtins).not.toBe(BUILTIN_PERMISSIONS) @@ -119,7 +119,7 @@ describe("getBuiltinPermissions", () => { }) describe("getBuiltinPermissionByID", () => { - test("returns correct permission object for valid ID", () => { + it("returns correct permission object for valid ID", () => { const expectedPermission = { _id: BuiltinPermissionID.PUBLIC, name: "Public", From de968b5332def45f26ea8e8fd0afebaecdccd283 Mon Sep 17 00:00:00 2001 From: Mateus Badan de Pieri Date: Mon, 17 Apr 2023 10:04:50 +0100 Subject: [PATCH 8/8] changin syntax to permission function --- .../src/security/tests/permissions.spec.ts | 119 ++++++++++-------- 1 file changed, 66 insertions(+), 53 deletions(-) diff --git a/packages/backend-core/src/security/tests/permissions.spec.ts b/packages/backend-core/src/security/tests/permissions.spec.ts index 97c14879b3..caf8bb29a6 100644 --- a/packages/backend-core/src/security/tests/permissions.spec.ts +++ b/packages/backend-core/src/security/tests/permissions.spec.ts @@ -1,132 +1,145 @@ import { cloneDeep } from "lodash" -import { - doesHaveBasePermission, - getBuiltinPermissionByID, - isPermissionLevelHigherThanRead, - PermissionLevel, - PermissionType, - levelToNumber, - getAllowedLevels, - BuiltinPermissionID, - getBuiltinPermissions, - BUILTIN_PERMISSIONS, - Permission, -} from "../permissions" +import * as permissions from "../permissions" import { BUILTIN_ROLE_IDS } from "../roles" describe("levelToNumber", () => { it("should return 0 for EXECUTE", () => { - expect(levelToNumber(PermissionLevel.EXECUTE)).toBe(0) + expect(permissions.levelToNumber(permissions.PermissionLevel.EXECUTE)).toBe( + 0 + ) }) it("should return 1 for READ", () => { - expect(levelToNumber(PermissionLevel.READ)).toBe(1) + expect(permissions.levelToNumber(permissions.PermissionLevel.READ)).toBe(1) }) it("should return 2 for WRITE", () => { - expect(levelToNumber(PermissionLevel.WRITE)).toBe(2) + expect(permissions.levelToNumber(permissions.PermissionLevel.WRITE)).toBe(2) }) it("should return 3 for ADMIN", () => { - expect(levelToNumber(PermissionLevel.ADMIN)).toBe(3) + expect(permissions.levelToNumber(permissions.PermissionLevel.ADMIN)).toBe(3) }) it("should return -1 for an unknown permission level", () => { - expect(levelToNumber("unknown" as PermissionLevel)).toBe(-1) + expect( + permissions.levelToNumber("unknown" as permissions.PermissionLevel) + ).toBe(-1) }) }) describe("getAllowedLevels", () => { it('should return ["execute"] for EXECUTE', () => { - expect(getAllowedLevels(PermissionLevel.EXECUTE)).toEqual([ - PermissionLevel.EXECUTE, - ]) + expect( + permissions.getAllowedLevels(permissions.PermissionLevel.EXECUTE) + ).toEqual([permissions.PermissionLevel.EXECUTE]) }) it('should return ["execute", "read"] for READ', () => { - expect(getAllowedLevels(PermissionLevel.READ)).toEqual([ - PermissionLevel.EXECUTE, - PermissionLevel.READ, + expect( + permissions.getAllowedLevels(permissions.PermissionLevel.READ) + ).toEqual([ + permissions.PermissionLevel.EXECUTE, + permissions.PermissionLevel.READ, ]) }) it('should return ["execute", "read", "write"] for WRITE', () => { - expect(getAllowedLevels(PermissionLevel.WRITE)).toEqual([ - PermissionLevel.EXECUTE, - PermissionLevel.READ, - PermissionLevel.WRITE, + expect( + permissions.getAllowedLevels(permissions.PermissionLevel.WRITE) + ).toEqual([ + permissions.PermissionLevel.EXECUTE, + permissions.PermissionLevel.READ, + permissions.PermissionLevel.WRITE, ]) }) it('should return ["execute", "read", "write"] for ADMIN', () => { - expect(getAllowedLevels(PermissionLevel.ADMIN)).toEqual([ - PermissionLevel.EXECUTE, - PermissionLevel.READ, - PermissionLevel.WRITE, + expect( + permissions.getAllowedLevels(permissions.PermissionLevel.ADMIN) + ).toEqual([ + permissions.PermissionLevel.EXECUTE, + permissions.PermissionLevel.READ, + permissions.PermissionLevel.WRITE, ]) }) it("should return [] for an unknown permission level", () => { - expect(getAllowedLevels("unknown" as PermissionLevel)).toEqual([]) + expect( + permissions.getAllowedLevels("unknown" as permissions.PermissionLevel) + ).toEqual([]) }) }) describe("doesHaveBasePermission", () => { it("should return true if base permission has the required level", () => { - const permType = PermissionType.USER - const permLevel = PermissionLevel.READ + const permType = permissions.PermissionType.USER + const permLevel = permissions.PermissionLevel.READ const rolesHierarchy = [ { roleId: BUILTIN_ROLE_IDS.ADMIN, - permissionId: BuiltinPermissionID.ADMIN, + permissionId: permissions.BuiltinPermissionID.ADMIN, }, ] - expect(doesHaveBasePermission(permType, permLevel, rolesHierarchy)).toBe( - true - ) + expect( + permissions.doesHaveBasePermission(permType, permLevel, rolesHierarchy) + ).toBe(true) }) it("should return false if base permission does not have the required level", () => { - const permType = PermissionType.APP - const permLevel = PermissionLevel.READ + const permType = permissions.PermissionType.APP + const permLevel = permissions.PermissionLevel.READ const rolesHierarchy = [ { roleId: BUILTIN_ROLE_IDS.PUBLIC, - permissionId: BuiltinPermissionID.PUBLIC, + permissionId: permissions.BuiltinPermissionID.PUBLIC, }, ] - expect(doesHaveBasePermission(permType, permLevel, rolesHierarchy)).toBe( - false - ) + expect( + permissions.doesHaveBasePermission(permType, permLevel, rolesHierarchy) + ).toBe(false) }) }) describe("isPermissionLevelHigherThanRead", () => { it("should return true if level is higher than read", () => { - expect(isPermissionLevelHigherThanRead(PermissionLevel.WRITE)).toBe(true) + expect( + permissions.isPermissionLevelHigherThanRead( + permissions.PermissionLevel.WRITE + ) + ).toBe(true) }) it("should return false if level is read or lower", () => { - expect(isPermissionLevelHigherThanRead(PermissionLevel.READ)).toBe(false) + expect( + permissions.isPermissionLevelHigherThanRead( + permissions.PermissionLevel.READ + ) + ).toBe(false) }) }) describe("getBuiltinPermissions", () => { it("returns a clone of the builtin permissions", () => { - const builtins = getBuiltinPermissions() - expect(builtins).toEqual(cloneDeep(BUILTIN_PERMISSIONS)) - expect(builtins).not.toBe(BUILTIN_PERMISSIONS) + const builtins = permissions.getBuiltinPermissions() + expect(builtins).toEqual(cloneDeep(permissions.BUILTIN_PERMISSIONS)) + expect(builtins).not.toBe(permissions.BUILTIN_PERMISSIONS) }) }) describe("getBuiltinPermissionByID", () => { it("returns correct permission object for valid ID", () => { const expectedPermission = { - _id: BuiltinPermissionID.PUBLIC, + _id: permissions.BuiltinPermissionID.PUBLIC, name: "Public", permissions: [ - new Permission(PermissionType.WEBHOOK, PermissionLevel.EXECUTE), + new permissions.Permission( + permissions.PermissionType.WEBHOOK, + permissions.PermissionLevel.EXECUTE + ), ], } - expect(getBuiltinPermissionByID("public")).toEqual(expectedPermission) + expect(permissions.getBuiltinPermissionByID("public")).toEqual( + expectedPermission + ) }) })