Page MenuHomeSealhub

same-as-for-resource-in-field.subtest.ts
No OneTemporary

same-as-for-resource-in-field.subtest.ts

import assert from "assert";
import { withRunningApp, MockRestApi } from "../../../test_utils/with-test-app";
import { assertThrowsAsync } from "../../../test_utils/assert-throws-async";
import { App, Collection, ActionName } from "../../../main";
import { AccessStrategyDefinition } from "../../../chip-types/access-strategy";
import Matches from "../special_filters/matches";
describe("SameAsForResourceInField", () => {
const sessions: { [username: string]: any } = {};
const numbers: number[] = [];
async function setup(
app: App,
rest_api: MockRestApi,
access_strategy: {
[action_name in ActionName]?: AccessStrategyDefinition;
}
) {
Collection.fromDefinition(app, {
name: "numbers",
fields: [
{
name: "number",
type: "int",
},
],
named_filters: {
greater_than_1: new Matches(app, {
number: { ">": 1 },
}),
},
access_strategy,
});
Collection.fromDefinition(app, {
name: "number-notes",
fields: [
{
name: "note",
type: "text",
},
{
name: "number",
type: "single_reference",
params: { collection: "numbers" },
},
],
access_strategy: {
create: [
"same-as-for-resource-in-field",
{
action_name: "create",
field: "number",
collection: "number-notes",
},
],
show: [
"same-as-for-resource-in-field",
{
action_name: "show",
field: "number",
collection: "number-notes",
},
],
},
});
const password = "password";
for (let username of ["alice", "bob"]) {
await app.runAction(
new app.Sealious.SuperContext(),
["collections", "users"],
"create",
{
username,
password,
email: `${username}@example.com`,
}
);
sessions[username] = await rest_api.login({
username,
password,
});
}
for (let n of [0, 1, 2]) {
numbers.push(
(
await rest_api.post(
"/api/v1/collections/numbers",
{
number: n,
},
sessions.alice
)
).id
);
}
}
async function post_number_notes(rest_api: MockRestApi, user: string) {
const notes = [];
for (let number of numbers) {
notes.push(
await rest_api.post(
"/api/v1/collections/number-notes",
{
note: "Lorem ipsum " + (notes.length + 1),
number: number,
},
sessions[user]
)
);
}
return notes;
}
it("returns everything for number-notes referring to own numbers", () =>
withRunningApp(async ({ app, rest_api }) => {
await setup(app, rest_api, {
create: "public",
show: "owner",
});
const posted_notes = await post_number_notes(rest_api, "alice");
const { items: got_notes } = await rest_api.get(
"/api/v1/collections/number-notes",
sessions.alice
);
assert.equal(got_notes.length, posted_notes.length);
}));
it("returns nothing for number-notes referring to other user's numbers", () =>
withRunningApp(async ({ app, rest_api }) => {
await setup(app, rest_api, { create: "public", show: "owner" });
await post_number_notes(rest_api, "alice");
const { items: got_notes } = await rest_api.get(
"/api/v1/collections/number-notes",
sessions.bob
);
assert.equal(got_notes.length, 0);
}));
it("returns item for number-notes referring to numbers with complex access strategy", () =>
withRunningApp(async ({ app, rest_api }) => {
await setup(app, rest_api, {
create: "logged-in",
show: [
"or",
[
"owner",
["when", ["numbers", "greater_than_1", "public"]],
],
],
});
await post_number_notes(rest_api, "alice");
const { items: got_notes } = await rest_api.get(
"/api/v1/collections/number-notes",
sessions.bob
);
assert.equal(got_notes.length, 1);
}));
it("doesn't allow to edit number-notes referring to other user's numbers", () =>
withRunningApp(async ({ app, rest_api }) => {
await setup(app, rest_api, {
create: "logged-in",
edit: "owner",
show: "owner",
});
const posted_notes = await post_number_notes(rest_api, "alice");
await assertThrowsAsync(
() =>
rest_api.patch(
`/api/v1/collections/number-notes/${posted_notes[0].id}`,
{ note: "Lorem ipsumm" },
sessions.bob
),
(error) => {
assert.equal(
(error as any).response.data.message,
"Only the owner of this resource can perform this operation on this item."
);
}
);
}));
});

File Metadata

Mime Type
text/x-java
Expires
Tue, Dec 24, 12:51 (19 h, 54 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
557096
Default Alt Text
same-as-for-resource-in-field.subtest.ts (4 KB)

Event Timeline