Add tests
This commit is contained in:
parent
fc0ee3f462
commit
f6329e6a22
1 changed files with 83 additions and 1 deletions
|
@ -1,11 +1,12 @@
|
||||||
import tk from "timekeeper"
|
import tk from "timekeeper"
|
||||||
import { outputProcessing } from "../../../utilities/rowProcessor"
|
import { outputProcessing } from "../../../utilities/rowProcessor"
|
||||||
import * as setup from "./utilities"
|
import * as setup from "./utilities"
|
||||||
import { context, tenancy } from "@budibase/backend-core"
|
import { context, roles, tenancy } from "@budibase/backend-core"
|
||||||
import { quotas } from "@budibase/pro"
|
import { quotas } from "@budibase/pro"
|
||||||
import {
|
import {
|
||||||
FieldType,
|
FieldType,
|
||||||
MonthlyQuotaName,
|
MonthlyQuotaName,
|
||||||
|
PermissionLevel,
|
||||||
QuotaUsageType,
|
QuotaUsageType,
|
||||||
Row,
|
Row,
|
||||||
SortOrder,
|
SortOrder,
|
||||||
|
@ -16,6 +17,7 @@ import {
|
||||||
import {
|
import {
|
||||||
expectAnyInternalColsAttributes,
|
expectAnyInternalColsAttributes,
|
||||||
generator,
|
generator,
|
||||||
|
mocks,
|
||||||
structures,
|
structures,
|
||||||
} from "@budibase/backend-core/tests"
|
} from "@budibase/backend-core/tests"
|
||||||
|
|
||||||
|
@ -37,6 +39,7 @@ describe("/rows", () => {
|
||||||
})
|
})
|
||||||
|
|
||||||
beforeEach(async () => {
|
beforeEach(async () => {
|
||||||
|
mocks.licenses.useCloudFree()
|
||||||
table = await config.createTable()
|
table = await config.createTable()
|
||||||
row = basicRow(table._id!)
|
row = basicRow(table._id!)
|
||||||
})
|
})
|
||||||
|
@ -1314,6 +1317,85 @@ describe("/rows", () => {
|
||||||
bookmark: expect.any(String),
|
bookmark: expect.any(String),
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
|
describe("permissions", () => {
|
||||||
|
let viewId: string
|
||||||
|
let tableId: string
|
||||||
|
|
||||||
|
beforeAll(async () => {
|
||||||
|
const table = await config.createTable(userTable())
|
||||||
|
const rows = []
|
||||||
|
for (let i = 0; i < 10; i++) {
|
||||||
|
rows.push(await config.createRow({ tableId: table._id }))
|
||||||
|
}
|
||||||
|
|
||||||
|
const createViewResponse = await config.api.viewV2.create()
|
||||||
|
|
||||||
|
tableId = table._id!
|
||||||
|
viewId = createViewResponse.id
|
||||||
|
})
|
||||||
|
|
||||||
|
beforeEach(() => {
|
||||||
|
mocks.licenses.useViewPermissions()
|
||||||
|
})
|
||||||
|
|
||||||
|
it("does not allow public users to fetch by default", async () => {
|
||||||
|
await config.publish()
|
||||||
|
await config.api.viewV2.search(viewId, undefined, {
|
||||||
|
expectStatus: 403,
|
||||||
|
usePublicUser: true,
|
||||||
|
})
|
||||||
|
})
|
||||||
|
|
||||||
|
it("allow public users to fetch when permissions are explicit", async () => {
|
||||||
|
await config.api.permission.set({
|
||||||
|
roleId: roles.BUILTIN_ROLE_IDS.PUBLIC,
|
||||||
|
level: PermissionLevel.READ,
|
||||||
|
resourceId: viewId,
|
||||||
|
})
|
||||||
|
await config.publish()
|
||||||
|
|
||||||
|
const response = await config.api.viewV2.search(viewId, undefined, {
|
||||||
|
usePublicUser: true,
|
||||||
|
})
|
||||||
|
|
||||||
|
expect(response.body.rows).toHaveLength(10)
|
||||||
|
})
|
||||||
|
|
||||||
|
it("allow public users to fetch when permissions are inherited", async () => {
|
||||||
|
await config.api.permission.set({
|
||||||
|
roleId: roles.BUILTIN_ROLE_IDS.PUBLIC,
|
||||||
|
level: PermissionLevel.READ,
|
||||||
|
resourceId: tableId,
|
||||||
|
})
|
||||||
|
await config.publish()
|
||||||
|
|
||||||
|
const response = await config.api.viewV2.search(viewId, undefined, {
|
||||||
|
usePublicUser: true,
|
||||||
|
})
|
||||||
|
|
||||||
|
expect(response.body.rows).toHaveLength(10)
|
||||||
|
})
|
||||||
|
|
||||||
|
it("respects inherited permissions, not allowing not public views from public tables", async () => {
|
||||||
|
await config.api.permission.set({
|
||||||
|
roleId: roles.BUILTIN_ROLE_IDS.PUBLIC,
|
||||||
|
level: PermissionLevel.READ,
|
||||||
|
resourceId: tableId,
|
||||||
|
})
|
||||||
|
await config.api.permission.set({
|
||||||
|
roleId: roles.BUILTIN_ROLE_IDS.POWER,
|
||||||
|
level: PermissionLevel.READ,
|
||||||
|
resourceId: viewId,
|
||||||
|
})
|
||||||
|
await config.publish()
|
||||||
|
|
||||||
|
await config.api.viewV2.search(viewId, undefined, {
|
||||||
|
usePublicUser: true,
|
||||||
|
expectStatus: 403,
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
Loading…
Reference in a new issue