Select Git revision
Downloader.go
ruleset_test.go 3.54 KiB
package permission
import (
"testing"
"github.com/stretchr/testify/assert"
)
func TestMerge(t *testing.T) {
const (
col1 = "colID"
col2 = "colViewID"
)
tests := []struct {
name string
first, second, expect *Rule
}{
{
name: "simple",
first: &Rule{Actions: []Action{ActionUpdate, ActionCreate}, CollectionID: col1, HiddenFields: []string{"1", "2"}, DenyWriteFields: []string{"7"}, DenyReadFields: []string{"4"}, ReadFilter: "3 != 'test'", WriteFilter: "4 == '0_0'"},
second: &Rule{Actions: []Action{ActionUpdate, ActionDelete}, CollectionID: col2, HiddenFields: []string{"3", "2"}, DenyWriteFields: []string{}, DenyReadFields: []string{"5"}, ReadFilter: "5 != 'dev'", WriteFilter: "4 == '0_0'"},
expect: &Rule{Actions: []Action{ActionUpdate}, HiddenFields: []string{"1", "2", "3"}, DenyWriteFields: []string{"7"}, DenyReadFields: []string{"4", "5"}, ReadFilter: "3 != 'test' && 5 != 'dev'", WriteFilter: "4 == '0_0'"},
},
{
name: "first is privileged",
first: PrivilegedRuleset{}.GetRule(col1),
second: &Rule{Actions: []Action{ActionUpdate, ActionDelete}, CollectionID: col2, WriteFilter: "test"},
expect: &Rule{Actions: []Action{ActionUpdate, ActionDelete}, WriteFilter: "test", ReadFilter: "", HiddenFields: []string{}, DenyWriteFields: []string{}, DenyReadFields: []string{}},
},
{
name: "second is privileged",
first: &Rule{Actions: []Action{ActionUpdate, ActionDelete}, CollectionID: col1, WriteFilter: "test"},
second: PrivilegedRuleset{}.GetRule(col2),
expect: &Rule{Actions: []Action{ActionUpdate, ActionDelete}, WriteFilter: "test", ReadFilter: "", HiddenFields: []string{}, DenyWriteFields: []string{}, DenyReadFields: []string{}},
},
{
name: "both is privileged",
first: PrivilegedRuleset{}.GetRule(col1),
second: PrivilegedRuleset{}.GetRule(col2),
expect: PrivilegedRuleset{}.GetRule(""),
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
result := MergeRule(tt.first, tt.second)
assert.Equal(t, tt.expect, result)
})
}
}
func TestRule_GetPermission(t *testing.T) {
tests := []struct {
name string
action Action
rule Rule
unallowedFields []string
want *Permission
}{
{
name: "ActionRead",
action: ActionRead,
rule: Rule{Actions: []Action{ActionRead, ActionUpdate}, DenyWriteFields: []string{"f1"}, HiddenFields: []string{"f2"}, DenyReadFields: []string{"f3"}},
unallowedFields: []string{"f2", "f3"},
},
{
name: "ActionRead readonly&writeonly",
action: ActionRead,
rule: Rule{Actions: []Action{ActionRead, ActionUpdate}, DenyWriteFields: []string{"f1"}, HiddenFields: []string{"f2"}, DenyReadFields: []string{"f1"}}, unallowedFields: []string{"f1", "f2"},
},
{
name: "ActionUpdate",
action: ActionUpdate,
rule: Rule{Actions: []Action{ActionRead, ActionUpdate}, DenyWriteFields: []string{"f1"}, HiddenFields: []string{"f2"}, DenyReadFields: []string{"f3"}},
unallowedFields: []string{"f1"},
},
{
name: "ActionUpdate readonly&writeonly",
action: ActionUpdate,
rule: Rule{Actions: []Action{ActionRead, ActionUpdate}, DenyWriteFields: []string{"f1"}, HiddenFields: []string{"f2"}, DenyReadFields: []string{"f1"}},
unallowedFields: []string{"f1"},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
p := tt.rule.GetPermission(tt.action)
assert.ElementsMatch(t, tt.unallowedFields, p.UnallowedFields)
})
}
}