test: add private api tests for checkPermissionOnNote and checkMediaDeletePermission

Signed-off-by: Yannick Bungers <git@innay.de>
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
This commit is contained in:
Yannick Bungers 2023-03-26 18:04:19 +02:00 committed by Yannick Bungers
parent 001a49329c
commit fad5e1e22e

View file

@ -28,6 +28,7 @@ import { GroupsModule } from '../groups/groups.module';
import { SpecialGroup } from '../groups/groups.special'; import { SpecialGroup } from '../groups/groups.special';
import { Identity } from '../identity/identity.entity'; import { Identity } from '../identity/identity.entity';
import { LoggerModule } from '../logger/logger.module'; import { LoggerModule } from '../logger/logger.module';
import { MediaUpload } from '../media/media-upload.entity';
import { Alias } from '../notes/alias.entity'; import { Alias } from '../notes/alias.entity';
import { import {
NoteGroupPermissionUpdateDto, NoteGroupPermissionUpdateDto,
@ -43,6 +44,7 @@ import { User } from '../users/user.entity';
import { UsersModule } from '../users/users.module'; import { UsersModule } from '../users/users.module';
import { NoteGroupPermission } from './note-group-permission.entity'; import { NoteGroupPermission } from './note-group-permission.entity';
import { NoteUserPermission } from './note-user-permission.entity'; import { NoteUserPermission } from './note-user-permission.entity';
import { Permission } from './permissions.enum';
import { PermissionsModule } from './permissions.module'; import { PermissionsModule } from './permissions.module';
import { PermissionsService } from './permissions.service'; import { PermissionsService } from './permissions.service';
@ -736,6 +738,96 @@ describe('PermissionsService', () => {
}); });
}); });
describe('checkMediaDeletePermission', () => {
describe('accepts', () => {
it('for media owner', async () => {
const mediaUpload = {} as MediaUpload;
mediaUpload.note = Promise.resolve(notes[1]);
mediaUpload.user = Promise.resolve(user1);
expect(
service.checkMediaDeletePermission(user1, mediaUpload),
).toBeTruthy();
});
it('for note owner', async () => {
const mediaUpload = {} as MediaUpload;
mediaUpload.note = Promise.resolve(notes[1]);
mediaUpload.user = Promise.resolve(user1);
expect(
service.checkMediaDeletePermission(user2, mediaUpload),
).toBeTruthy();
});
});
describe('denies', () => {
it('for not owner', async () => {
const user3 = {} as User;
user3.id = 3;
const mediaUpload = {} as MediaUpload;
mediaUpload.note = Promise.resolve(notes[1]);
mediaUpload.user = Promise.resolve(user1);
expect(
await service.checkMediaDeletePermission(user3, mediaUpload),
).toBeFalsy();
});
});
});
describe('checkPermissionOnNote', () => {
describe('accepts', () => {
it('with mayRead', async () => {
jest.spyOn(service, 'mayRead').mockImplementationOnce(async () => {
return true;
});
expect(
await service.checkPermissionOnNote(Permission.READ, user1, notes[0]),
).toBeTruthy();
});
it('with mayWrite', async () => {
jest.spyOn(service, 'mayWrite').mockImplementationOnce(async () => {
return true;
});
expect(
await service.checkPermissionOnNote(
Permission.WRITE,
user1,
notes[0],
),
).toBeTruthy();
});
it('with isOwner', async () => {
jest.spyOn(service, 'isOwner').mockImplementationOnce(async () => {
return true;
});
expect(
await service.checkPermissionOnNote(
Permission.OWNER,
user1,
notes[0],
),
).toBeTruthy();
});
});
describe('denies', () => {
it('with no permission', async () => {
jest.spyOn(service, 'mayRead').mockImplementationOnce(async () => {
return false;
});
jest.spyOn(service, 'mayWrite').mockImplementationOnce(async () => {
return false;
});
jest.spyOn(service, 'isOwner').mockImplementationOnce(async () => {
return false;
});
expect(
await service.checkPermissionOnNote(
Permission.OWNER,
user1,
notes[0],
),
).toBeFalsy();
});
});
});
describe('updateNotePermissions', () => { describe('updateNotePermissions', () => {
const userPermissionUpdate = new NoteUserPermissionUpdateDto(); const userPermissionUpdate = new NoteUserPermissionUpdateDto();
userPermissionUpdate.username = 'hardcoded'; userPermissionUpdate.username = 'hardcoded';