From 976e5671fa8ca6b5769d9db984f912cd7ac3ed39 Mon Sep 17 00:00:00 2001 From: David Mehren Date: Sun, 18 Sep 2022 18:30:00 +0200 Subject: [PATCH] test(e2e/public/notes): test permission api Signed-off-by: David Mehren --- backend/test/public-api/notes.e2e-spec.ts | 56 +++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/backend/test/public-api/notes.e2e-spec.ts b/backend/test/public-api/notes.e2e-spec.ts index 4cadbe60b..bf43f1f40 100644 --- a/backend/test/public-api/notes.e2e-spec.ts +++ b/backend/test/public-api/notes.e2e-spec.ts @@ -530,4 +530,60 @@ describe('Notes', () => { .expect(403); }); }); + + describe('permissions', () => { + it('can be fetched', async function () { + const permissions = await request(testSetup.app.getHttpServer()) + .get(`/api/v2/notes/testAlias1/metadata/permissions`) + .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`) + .expect('Content-Type', /json/) + .expect(200); + expect(permissions.body.owner).toBe('testuser1'); + expect(permissions.body.sharedToUsers).toEqual([]); + expect(permissions.body.sharedToGroups).toEqual([]); + }); + it('can be updated', async function () { + // add permission for testuser2 + await request(testSetup.app.getHttpServer()) + .put(`/api/v2/notes/testAlias1/metadata/permissions/users/testuser2`) + .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`) + .send({ + canEdit: true, + }) + .expect(200); + + // check permissions + let permissions = await request(testSetup.app.getHttpServer()) + .get(`/api/v2/notes/testAlias1/metadata/permissions`) + .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`) + .expect(200); + expect(permissions.body.owner).toBe('testuser1'); + expect(permissions.body.sharedToUsers).toEqual([ + { username: 'testuser2', canEdit: true }, + ]); + expect(permissions.body.sharedToGroups).toEqual([]); + + // add permission for everyone + await request(testSetup.app.getHttpServer()) + .put(`/api/v2/notes/testAlias1/metadata/permissions/groups/_EVERYONE`) + .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`) + .send({ + canEdit: true, + }) + .expect(200); + + // check permissions + permissions = await request(testSetup.app.getHttpServer()) + .get(`/api/v2/notes/testAlias1/metadata/permissions`) + .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`) + .expect(200); + expect(permissions.body.owner).toBe('testuser1'); + expect(permissions.body.sharedToUsers).toEqual([ + { username: 'testuser2', canEdit: true }, + ]); + expect(permissions.body.sharedToGroups).toEqual([ + { groupName: '_EVERYONE', canEdit: true }, + ]); + }); + }); });