Add unhappy paths tests
This commit is contained in:
Adria Navarro
parent
84a6f239a9
commit
8359185a22
|
|
@ -82,8 +82,14 @@ const resourceIdTranformers: Partial<
|
|||
> = {
|
||||
[PermissionType.VIEW]: async ctx => {
|
||||
const { resourceId } = ctx
|
||||
if (!resourceId) {
|
||||
ctx.throw(400, `Cannot obtain the view id`)
|
||||
return
|
||||
}
|
||||
|
||||
if (!isViewID(resourceId)) {
|
||||
ctx.throw(400, `"${resourceId}" is not a valid viewId`)
|
||||
ctx.throw(400, `"${resourceId}" is not a valid view id`)
|
||||
return
|
||||
}
|
||||
|
||||
if (await features.isViewPermissionEnabled()) {
|
||||
|
|
@ -121,17 +127,17 @@ const authorized =
|
|||
permLevel === PermissionLevel.READ
|
||||
? PermissionLevel.WRITE
|
||||
: PermissionLevel.READ
|
||||
const appId = context.getAppId()
|
||||
|
||||
if (resourcePath) {
|
||||
// Reusing the existing middleware to extract the value
|
||||
paramResource(resourcePath)(ctx, () => {})
|
||||
}
|
||||
|
||||
if (appId && hasResource(ctx)) {
|
||||
if (resourceIdTranformers[permType]) {
|
||||
await resourceIdTranformers[permType]!(ctx)
|
||||
}
|
||||
if (resourceIdTranformers[permType]) {
|
||||
await resourceIdTranformers[permType]!(ctx)
|
||||
}
|
||||
|
||||
if (hasResource(ctx)) {
|
||||
resourceRoles = await roles.getRequiredResourceRole(permLevel!, ctx)
|
||||
if (opts && opts.schema) {
|
||||
otherLevelRoles = await roles.getRequiredResourceRole(otherLevel, ctx)
|
||||
|
|
|
|||
|
|
@ -3,13 +3,16 @@ jest.mock("../../environment", () => ({
|
|||
isTest: () => true,
|
||||
// @ts-ignore
|
||||
isProd: () => this.prod,
|
||||
_set: function (key: string, value: string) {
|
||||
_set: function (_key: string, value: string) {
|
||||
this.prod = value === "production"
|
||||
},
|
||||
}))
|
||||
|
||||
import { PermissionType, PermissionLevel } from "@budibase/types"
|
||||
|
||||
import authorizedMiddleware from "../authorized"
|
||||
import env from "../../environment"
|
||||
import { PermissionType, PermissionLevel } from "@budibase/types"
|
||||
import { generateTableID, generateViewID } from "../../db/utils"
|
||||
|
||||
const APP_ID = ""
|
||||
|
||||
|
|
@ -51,7 +54,7 @@ class TestConfiguration {
|
|||
this.middleware = authorizedMiddleware(...perms)
|
||||
}
|
||||
|
||||
setResourceId(id: string) {
|
||||
setResourceId(id?: string) {
|
||||
this.ctx.resourceId = id
|
||||
}
|
||||
|
||||
|
|
@ -85,6 +88,7 @@ describe("Authorization middleware", () => {
|
|||
})
|
||||
|
||||
beforeEach(() => {
|
||||
jest.clearAllMocks()
|
||||
config = new TestConfiguration()
|
||||
})
|
||||
|
||||
|
|
@ -172,5 +176,44 @@ describe("Authorization middleware", () => {
|
|||
"User does not have permission"
|
||||
)
|
||||
})
|
||||
|
||||
describe("view type", () => {
|
||||
const tableId = generateTableID()
|
||||
const viewId = generateViewID(tableId)
|
||||
|
||||
beforeEach(() => {
|
||||
config.setMiddlewareRequiredPermission(
|
||||
PermissionType.VIEW,
|
||||
PermissionLevel.READ
|
||||
)
|
||||
config.setResourceId(viewId)
|
||||
|
||||
config.setUser({
|
||||
role: {
|
||||
_id: "",
|
||||
},
|
||||
})
|
||||
})
|
||||
|
||||
it("throw an exception if the resource id is not provided", async () => {
|
||||
config.setResourceId(undefined)
|
||||
await config.executeMiddleware()
|
||||
expect(config.throw).toHaveBeenNthCalledWith(
|
||||
1,
|
||||
400,
|
||||
"Cannot obtain the view id"
|
||||
)
|
||||
})
|
||||
|
||||
it("throw an exception if the resource id is not a valid view id", async () => {
|
||||
config.setResourceId(tableId)
|
||||
await config.executeMiddleware()
|
||||
expect(config.throw).toHaveBeenNthCalledWith(
|
||||
1,
|
||||
400,
|
||||
`"${tableId}" is not a valid view id`
|
||||
)
|
||||
})
|
||||
})
|
||||
})
|
||||
})
|
||||
|
|
|
|||
Loading…
Reference in a new issue