mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-21 20:47:08 -05:00
Merge pull request #16194 from overleaf/bg-group-sso-fix-default-permission-check
fix default permission check for group sso GitOrigin-RevId: b78c3dd26d852822f06c44c2aef79daea36fc2bd
This commit is contained in:
Brian Gough
Copybot
parent
dfcdf8f266
commit
ec923c2144
2 changed files with 34 additions and 14 deletions
|
|
@ -272,8 +272,8 @@ function hasPermission(groupPolicy, capability) {
|
||||||
const results = getEnforcedPolicyNames(groupPolicy).map(userPolicyName =>
|
const results = getEnforcedPolicyNames(groupPolicy).map(userPolicyName =>
|
||||||
getCapabilityValueFromPolicy(userPolicyName, capability)
|
getCapabilityValueFromPolicy(userPolicyName, capability)
|
||||||
)
|
)
|
||||||
// if there are no results, return the default permission
|
// if there are no results, or none of the policies apply, return the default permission
|
||||||
if (results.length === 0) {
|
if (results.length === 0 || results.every(result => result === undefined)) {
|
||||||
return getDefaultPermission(capability)
|
return getDefaultPermission(capability)
|
||||||
}
|
}
|
||||||
// only allow the permission if all the results are true, otherwise deny it
|
// only allow the permission if all the results are true, otherwise deny it
|
||||||
|
|
|
||||||
|
|
@ -86,12 +86,22 @@ describe('PermissionsManager', function () {
|
||||||
const groupPolicy = {
|
const groupPolicy = {
|
||||||
policy: true,
|
policy: true,
|
||||||
}
|
}
|
||||||
const capability = 'capability3'
|
{
|
||||||
const result = this.PermissionsManager.hasPermission(
|
const capability = 'capability3'
|
||||||
groupPolicy,
|
const result = this.PermissionsManager.hasPermission(
|
||||||
capability
|
groupPolicy,
|
||||||
)
|
capability
|
||||||
expect(result).to.be.false
|
)
|
||||||
|
expect(result).to.be.true
|
||||||
|
}
|
||||||
|
{
|
||||||
|
const capability = 'capability4'
|
||||||
|
const result = this.PermissionsManager.hasPermission(
|
||||||
|
groupPolicy,
|
||||||
|
capability
|
||||||
|
)
|
||||||
|
expect(result).to.be.false
|
||||||
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
it('should return the default permission if the policy is not enforced', function () {
|
it('should return the default permission if the policy is not enforced', function () {
|
||||||
|
|
@ -192,12 +202,22 @@ describe('PermissionsManager', function () {
|
||||||
const groupPolicy = {
|
const groupPolicy = {
|
||||||
policy: true,
|
policy: true,
|
||||||
}
|
}
|
||||||
const capability = 'capability3'
|
{
|
||||||
const result = this.PermissionsManager.hasPermission(
|
const capability = 'capability3'
|
||||||
groupPolicy,
|
const result = this.PermissionsManager.hasPermission(
|
||||||
capability
|
groupPolicy,
|
||||||
)
|
capability
|
||||||
expect(result).to.be.false
|
)
|
||||||
|
expect(result).to.be.true
|
||||||
|
}
|
||||||
|
{
|
||||||
|
const capability = 'capability4'
|
||||||
|
const result = this.PermissionsManager.hasPermission(
|
||||||
|
groupPolicy,
|
||||||
|
capability
|
||||||
|
)
|
||||||
|
expect(result).to.be.false
|
||||||
|
}
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue