mirror of
https://github.com/overleaf/overleaf.git
synced 2024-12-12 07:02:03 -05:00
97 lines
3.8 KiB
CoffeeScript
97 lines
3.8 KiB
CoffeeScript
|
SandboxedModule = require('sandboxed-module')
|
||
|
sinon = require('sinon')
|
||
|
require('chai').should()
|
||
|
modulePath = require('path').join __dirname, '../../../../app/js/Features/Security/AuthorizationManager'
|
||
|
MockClient = require "../helpers/MockClient"
|
||
|
|
||
|
describe "AuthorizationManager", ->
|
||
|
beforeEach ->
|
||
|
@client = new MockClient()
|
||
|
@AuthorizationManager = SandboxedModule.require modulePath, requires:
|
||
|
'../../managers/SecurityManager':{}
|
||
|
|
||
|
describe "ensureClientCanViewProject", ->
|
||
|
beforeEach ->
|
||
|
@client.set("project_id", "project-id")
|
||
|
|
||
|
it "should let the request through for a readOnly privilege", (done) ->
|
||
|
@client.set("privilege_level", "readOnly")
|
||
|
@AuthorizationManager.ensureClientCanViewProject @client, done
|
||
|
|
||
|
it "should let the request through for a readAndWrite privilege", (done) ->
|
||
|
@client.set("privilege_level", "readAndWrite")
|
||
|
@AuthorizationManager.ensureClientCanViewProject @client, done
|
||
|
|
||
|
it "should let the request through for a owner privilege", (done) ->
|
||
|
@client.set("privilege_level", "owner")
|
||
|
@AuthorizationManager.ensureClientCanViewProject @client, done
|
||
|
|
||
|
it "should ignore an empty privilege", ->
|
||
|
@AuthorizationManager.ensureClientCanViewProject @client, () ->
|
||
|
throw new Error("Should not be called")
|
||
|
|
||
|
describe "ensureClientCanEditProject", ->
|
||
|
beforeEach ->
|
||
|
@client.set("project_id", "project-id")
|
||
|
|
||
|
it "should ignore a readOnly privilege", ->
|
||
|
@client.set("privilege_level", "readOnly")
|
||
|
@AuthorizationManager.ensureClientCanEditProject @client, () ->
|
||
|
throw new Error("Should not be called")
|
||
|
|
||
|
it "should let the request through for a readAndWrite privilege", (done) ->
|
||
|
@client.set("privilege_level", "readAndWrite")
|
||
|
@AuthorizationManager.ensureClientCanEditProject @client, done
|
||
|
|
||
|
it "should let the request through for a owner privilege", (done) ->
|
||
|
@client.set("privilege_level", "owner")
|
||
|
@AuthorizationManager.ensureClientCanEditProject @client, done
|
||
|
|
||
|
it "should ignore an empty privilege", ->
|
||
|
@AuthorizationManager.ensureClientCanEditProject @client, () ->
|
||
|
throw new Error("Should not be called")
|
||
|
|
||
|
describe "ensureClientCanAdminProject", ->
|
||
|
beforeEach ->
|
||
|
@client.set("project_id", "project-id")
|
||
|
|
||
|
it "should ignore a readOnly privilege", ->
|
||
|
@client.set("privilege_level", "readOnly")
|
||
|
@AuthorizationManager.ensureClientCanAdminProject @client, () ->
|
||
|
throw new Error("Should not be called")
|
||
|
|
||
|
it "should ignore a readAndWrite privilege", ->
|
||
|
@client.set("privilege_level", "readAndWrite")
|
||
|
@AuthorizationManager.ensureClientCanAdminProject @client, () ->
|
||
|
throw new Error("Should not be called")
|
||
|
|
||
|
it "should let the request through for a owner privilege", (done) ->
|
||
|
@client.set("privilege_level", "owner")
|
||
|
@AuthorizationManager.ensureClientCanAdminProject @client, done
|
||
|
|
||
|
it "should ignore an empty privilege", ->
|
||
|
@AuthorizationManager.ensureClientCanAdminProject @client, () ->
|
||
|
throw new Error("Should not be called")
|
||
|
|
||
|
describe "ensureClientHasPrivilegeLevelForProject", ->
|
||
|
it "should ignore callback if privilege_level is not set", ->
|
||
|
@client.set("project_id", "project-id")
|
||
|
@AuthorizationManager.ensureClientHasPrivilegeLevelForProject @client,
|
||
|
["owner"], (error, project_id) ->
|
||
|
throw new Error("Should not be called")
|
||
|
|
||
|
it "should ignore callback if project_id is not set", ->
|
||
|
@client.set("privilege_level", "owner")
|
||
|
@AuthorizationManager.ensureClientHasPrivilegeLevelForProject @client,
|
||
|
["owner"], (error, project_id) ->
|
||
|
throw new Error("Should not be called")
|
||
|
|
||
|
it "should return the project_id", (done) ->
|
||
|
@client.set("privilege_level", "owner")
|
||
|
@client.set("project_id", "project-id-123")
|
||
|
@AuthorizationManager.ensureClientHasPrivilegeLevelForProject @client,
|
||
|
["owner"], (error, project_id) ->
|
||
|
project_id.should.equal "project-id-123"
|
||
|
done()
|
||
|
|