github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-11-21 20:47:08 -05:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #16194 from overleaf/bg-group-sso-fix-default-permission-check

Browse source 
fix default permission check for group sso

GitOrigin-RevId: b78c3dd26d852822f06c44c2aef79daea36fc2bd
This commit is contained in:
Brian Gough 2023-12-13 09:09:26 +00:00 committed by Copybot
parent dfcdf8f266
commit ec923c2144
2 changed files with 34 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
services/web/app/src/Features/Authorization/PermissionsManager.js
View file

@ -272,8 +272,8 @@ function hasPermission(groupPolicy, capability) {
const results = getEnforcedPolicyNames(groupPolicy).map(userPolicyName =>
getCapabilityValueFromPolicy(userPolicyName, capability)
)
// if there are no results, return the default permission
if (results.length === 0) {
// if there are no results, or none of the policies apply, return the default permission
if (results.length === 0 || results.every(result => result === undefined)) {
return getDefaultPermission(capability)
}
// only allow the permission if all the results are true, otherwise deny it

44
services/web/test/unit/src/Authorization/PermissionsManagerTests.js
View file

@ -86,12 +86,22 @@ describe('PermissionsManager', function () {
const groupPolicy = {
policy: true,
}
const capability = 'capability3'
const result = this.PermissionsManager.hasPermission(
groupPolicy,
capability
)
expect(result).to.be.false
{
const capability = 'capability3'
const result = this.PermissionsManager.hasPermission(
groupPolicy,
capability
)
expect(result).to.be.true
}
{
const capability = 'capability4'
const result = this.PermissionsManager.hasPermission(
groupPolicy,
capability
)
expect(result).to.be.false
}
})
it('should return the default permission if the policy is not enforced', function () {
@ -192,12 +202,22 @@ describe('PermissionsManager', function () {
const groupPolicy = {
policy: true,
}
const capability = 'capability3'
const result = this.PermissionsManager.hasPermission(
groupPolicy,
capability
)
expect(result).to.be.false
{
const capability = 'capability3'
const result = this.PermissionsManager.hasPermission(
groupPolicy,
capability
)
expect(result).to.be.true
}
{
const capability = 'capability4'
const result = this.PermissionsManager.hasPermission(
groupPolicy,
capability
)
expect(result).to.be.false
}
})
})
})