test(e2e/public/notes): test permission api

Signed-off-by: David Mehren <git@herrmehren.de>
2024-11-25 03:06:31 -05:00 · 2022-09-18 18:30:00 +02:00 · 2022-09-18 18:30:00 +02:00 · 976e5671fa
commit 976e5671fa
parent 068517a73b
1 changed files with 56 additions and 0 deletions
--- a/backend/test/public-api/notes.e2e-spec.ts
+++ b/backend/test/public-api/notes.e2e-spec.ts
@ -530,4 +530,60 @@ describe('Notes', () => {
        .expect(403);
    });
  });
  describe('permissions', () => {
    it('can be fetched', async function () {
      const permissions = await request(testSetup.app.getHttpServer())
        .get(`/api/v2/notes/testAlias1/metadata/permissions`)
        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
        .expect('Content-Type', /json/)
        .expect(200);
      expect(permissions.body.owner).toBe('testuser1');
      expect(permissions.body.sharedToUsers).toEqual([]);
      expect(permissions.body.sharedToGroups).toEqual([]);
    });
    it('can be updated', async function () {
      // add permission for testuser2
      await request(testSetup.app.getHttpServer())
        .put(`/api/v2/notes/testAlias1/metadata/permissions/users/testuser2`)
        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
        .send({
          canEdit: true,
        })
        .expect(200);
      // check permissions
      let permissions = await request(testSetup.app.getHttpServer())
        .get(`/api/v2/notes/testAlias1/metadata/permissions`)
        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
        .expect(200);
      expect(permissions.body.owner).toBe('testuser1');
      expect(permissions.body.sharedToUsers).toEqual([
        { username: 'testuser2', canEdit: true },
      ]);
      expect(permissions.body.sharedToGroups).toEqual([]);
      // add permission for everyone
      await request(testSetup.app.getHttpServer())
        .put(`/api/v2/notes/testAlias1/metadata/permissions/groups/_EVERYONE`)
        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
        .send({
          canEdit: true,
        })
        .expect(200);
      // check permissions
      permissions = await request(testSetup.app.getHttpServer())
        .get(`/api/v2/notes/testAlias1/metadata/permissions`)
        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
        .expect(200);
      expect(permissions.body.owner).toBe('testuser1');
      expect(permissions.body.sharedToUsers).toEqual([
        { username: 'testuser2', canEdit: true },
      ]);
      expect(permissions.body.sharedToGroups).toEqual([
        { groupName: '_EVERYONE', canEdit: true },
      ]);
    });
  });
 });