Differential D362 Diff 1357 lib/app/base-chips/access-strategy-types/same-as-for-resource-in-field.subtest.js
Changeset View
Changeset View
Standalone View
Standalone View
lib/app/base-chips/access-strategy-types/same-as-for-resource-in-field.subtest.js
const assert = require("assert"); | const assert = require("assert"); | ||||
const locreq = require("locreq")(__dirname); | const locreq = require("locreq")(__dirname); | ||||
const { with_running_app } = locreq("test_utils/with-test-app.js"); | const { with_running_app } = locreq("test_utils/with-test-app.js"); | ||||
const assert_throws_async = locreq("test_utils/assert_throws_async.js"); | const assert_throws_async = locreq("test_utils/assert_throws_async.js"); | ||||
describe("SameAsForResourceInField", () => { | describe("SameAsForResourceInField", () => { | ||||
let port; | |||||
let numbers; | let numbers; | ||||
const sessions = {}; | const sessions = {}; | ||||
async function setup(app, rest_api, access_strategy) { | async function setup(app, rest_api, access_strategy) { | ||||
numbers = []; | numbers = []; | ||||
port = app.ConfigManager.get("www-server.port"); | |||||
app.createChip(Sealious.Collection, { | app.createChip(Sealious.Collection, { | ||||
name: "numbers", | name: "numbers", | ||||
fields: [ | fields: [ | ||||
{ | { | ||||
name: "number", | name: "number", | ||||
type: "int", | type: "int", | ||||
}, | }, | ||||
], | ], | ||||
Show All 35 Lines | app.createChip(Sealious.Collection, { | ||||
collection: "number-notes", | collection: "number-notes", | ||||
}, | }, | ||||
], | ], | ||||
}, | }, | ||||
}); | }); | ||||
const password = "password"; | const password = "password"; | ||||
for (let username of ["alice", "bob"]) { | for (let username of ["alice", "bob"]) { | ||||
const user = await app.run_action( | await app.run_action( | ||||
new app.Sealious.SuperContext(), | new app.Sealious.SuperContext(), | ||||
["collections", "users"], | ["collections", "users"], | ||||
"create", | "create", | ||||
{ | { | ||||
username, | username, | ||||
password, | password, | ||||
email: `${username}@example.com`, | email: `${username}@example.com`, | ||||
} | } | ||||
Show All 19 Lines | describe("SameAsForResourceInField", () => { | ||||
async function post_number_notes(app, rest_api, user) { | async function post_number_notes(app, rest_api, user) { | ||||
const notes = []; | const notes = []; | ||||
for (let number of numbers) { | for (let number of numbers) { | ||||
notes.push( | notes.push( | ||||
await rest_api.post( | await rest_api.post( | ||||
"/api/v1/collections/number-notes", | "/api/v1/collections/number-notes", | ||||
{ | { | ||||
note: "Lorem ipsum " + (notes.length + 1), | note: `Lorem ipsum ${notes.length + 1}`, | ||||
number: number, | number, | ||||
}, | }, | ||||
sessions[user] | sessions[user] | ||||
) | ) | ||||
); | ); | ||||
} | } | ||||
return notes; | return notes; | ||||
} | } | ||||
Show All 16 Lines | with_running_app(async ({ app, rest_api, base_url }) => { | ||||
); | ); | ||||
assert.equal(got_notes.length, posted_notes.length); | assert.equal(got_notes.length, posted_notes.length); | ||||
})); | })); | ||||
it("returns nothing for number-notes referring to other user's numbers", () => | it("returns nothing for number-notes referring to other user's numbers", () => | ||||
with_running_app(async ({ app, rest_api, base_url }) => { | with_running_app(async ({ app, rest_api, base_url }) => { | ||||
await setup(app, rest_api, { create: "public", show: "owner" }); | await setup(app, rest_api, { create: "public", show: "owner" }); | ||||
await post_number_notes(app, rest_api, "alice"); | |||||
const posted_notes = await post_number_notes( | |||||
app, | |||||
rest_api, | |||||
"alice" | |||||
); | |||||
const { items: got_notes } = await rest_api.get( | const { items: got_notes } = await rest_api.get( | ||||
"/api/v1/collections/number-notes", | "/api/v1/collections/number-notes", | ||||
sessions.bob | sessions.bob | ||||
); | ); | ||||
assert.equal(got_notes.length, 0); | assert.equal(got_notes.length, 0); | ||||
})); | })); | ||||
it("returns item for number-notes referring to numbers with complex access strategy", () => | it("returns item for number-notes referring to numbers with complex access strategy", () => | ||||
with_running_app(async ({ app, rest_api, base_url }) => { | with_running_app(async ({ app, rest_api, base_url }) => { | ||||
await setup(app, rest_api, { | await setup(app, rest_api, { | ||||
create: "logged_in", | create: "logged_in", | ||||
show: [ | show: [ | ||||
"or", | "or", | ||||
[ | [ | ||||
"owner", | "owner", | ||||
["when", ["numbers", "greater_than_1", "public"]], | ["when", ["numbers", "greater_than_1", "public"]], | ||||
], | ], | ||||
], | ], | ||||
}); | }); | ||||
await post_number_notes(app, rest_api, "alice"); | |||||
const posted_notes = await post_number_notes( | |||||
app, | |||||
rest_api, | |||||
"alice" | |||||
); | |||||
const { items: got_notes } = await rest_api.get( | const { items: got_notes } = await rest_api.get( | ||||
"/api/v1/collections/number-notes", | "/api/v1/collections/number-notes", | ||||
sessions.bob | sessions.bob | ||||
); | ); | ||||
assert.equal(got_notes.length, 1); | assert.equal(got_notes.length, 1); | ||||
})); | })); | ||||
it("doesn't allow to edit number-notes referring to other user's numbers", () => | it("doesn't allow to edit number-notes referring to other user's numbers", () => | ||||
with_running_app(async ({ app, rest_api, base_url }) => { | with_running_app(async ({ app, rest_api, base_url }) => { | ||||
await setup(app, rest_api, { | await setup(app, rest_api, { | ||||
create: "logged_in", | create: "logged_in", | ||||
edit: "owner", | edit: "owner", | ||||
Show All 26 Lines |