Page Menu
Home
Sealhub
Search
Configure Global Search
Log In
Files
F996396
roles.subtest.ts
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
1 KB
Referenced Files
None
Subscribers
None
roles.subtest.ts
View Options
import
assert
from
"assert"
;
import
{
withStoppedApp
}
from
"../../../test_utils/with-test-app"
;
import
{
assertThrowsAsync
}
from
"../../../test_utils/assert-throws-async"
;
import
{
Collection
}
from
"../../../main"
;
describe
(
"roles"
,
()
=>
{
it
(
"allows access to users with designated role and denies access to users without it"
,
async
()
=>
withStoppedApp
(
async
({
app
,
rest_api
})
=>
{
Collection
.
fromDefinition
(
app
,
{
name
:
"secrets"
,
fields
:
[{
name
:
"content"
,
type
:
"text"
}],
access_strategy
:
{
default
:
[
"roles"
,
[
"admin"
]]
},
});
await
app
.
start
();
await
app
.
runAction
(
new
app
.
Sealious
.
SuperContext
(),
[
"collections"
,
"users"
],
"create"
,
{
username
:
"regular-user"
,
email
:
"regular@example.com"
,
password
:
"password"
,
}
);
const
admin
=
await
app
.
runAction
(
new
app
.
Sealious
.
SuperContext
(),
[
"collections"
,
"users"
],
"create"
,
{
username
:
"admin"
,
email
:
"admin@example.com"
,
password
:
"admin-password"
,
}
);
await
app
.
runAction
(
new
app
.
Sealious
.
SuperContext
(),
[
"collections"
,
"user-roles"
],
"create"
,
{
user
:
admin
.
id
,
role
:
"admin"
}
);
await
app
.
runAction
(
new
app
.
Sealious
.
SuperContext
(),
[
"collections"
,
"secrets"
],
"create"
,
{
content
:
"It's a secret to everybody"
}
);
const
admin_session
=
await
rest_api
.
login
({
username
:
"admin"
,
password
:
"admin-password"
,
});
const
{
items
:
admin_response
}
=
await
rest_api
.
get
(
"/api/v1/collections/secrets"
,
admin_session
);
assert
.
equal
(
admin_response
.
length
,
1
);
const
user_session
=
await
rest_api
.
login
({
username
:
"regular-user"
,
password
:
"password"
,
});
await
assertThrowsAsync
(
()
=>
rest_api
.
get
(
"/api/v1/collections/secrets"
,
user_session
),
(
error
)
=>
{
assert
.
equal
(
(
error
as
any
).
response
.
data
.
message
,
"Action allowed only for users with role admin."
);
}
);
}));
});
File Metadata
Details
Attached
Mime Type
text/x-java
Expires
Tue, Dec 24, 14:02 (11 h, 1 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
556830
Default Alt Text
roles.subtest.ts (1 KB)
Attached To
Mode
rS Sealious
Attached
Detach File
Event Timeline
Log In to Comment