Page MenuHomeSealhub

owner.subtest.ts
No OneTemporary

owner.subtest.ts

import { TestAppConstructor, withRunningApp } from "../../test_utils/with-test-app";
import { TestApp } from "../../test_utils/test-app";
import { Collection, Context, FieldTypes, Policies, Policy } from "../../main";
import assert from "assert";
import { assertThrowsAsync } from "../../test_utils/assert-throws-async";
const extend = (defaultPolicy: Policy) => (t: TestAppConstructor) => {
return class extends t {
collections = {
...TestApp.BaseCollections,
numbers: new (class extends Collection {
name = "numbers";
fields = {
number: new FieldTypes.Int(),
};
policies = {
create: new Policies.Public(),
};
defaultPolicy = defaultPolicy;
})(),
};
};
};
describe("OwnerPolicy", () => {
it("it allows only the owner to access the item they created", async () => {
await withRunningApp(extend(new Policies.Owner()), async ({ app }) => {
const owner = await app.collections.users.suCreate({
password: "12345678",
username: "Adam",
});
const guest = await app.collections.users.suCreate({
password: "12345678",
username: "Guest",
});
const ownerContext = new Context(app, new Date().getTime(), owner.id);
const guestContext = new Context(app, new Date().getTime(), guest.id);
const notLoggedInContext = new Context(app, new Date().getTime(), null);
await app.collections.numbers.create(ownerContext, { number: 12 });
const ownerRetrive = await app.collections.numbers.list(ownerContext).fetch();
assert.strictEqual(ownerRetrive.items.length, 1);
const guestRetrive = await app.collections.numbers.list(guestContext).fetch();
assert.strictEqual(guestRetrive.items.length, 0);
const notLoggedInRetrive = await app.collections.numbers
.list(notLoggedInContext)
.fetch();
assert.strictEqual(notLoggedInRetrive.items.length, 0);
});
});
it("it doesn't allow owner to access items they have created when used with Not", async () => {
await withRunningApp(extend(new Policies.Not(new Policies.Owner())), async ({ app }) => {
const owner = await app.collections.users.suCreate({
password: "12345678",
username: "Adam",
});
const guest = await app.collections.users.suCreate({
password: "12345678",
username: "Guest",
});
const ownerContext = new Context(app, new Date().getTime(), owner.id);
const guestContext = new Context(app, new Date().getTime(), guest.id);
const item = await app.collections.numbers.create(ownerContext, { number: 12 });
await assertThrowsAsync(
async () => await app.collections.numbers.getByID(ownerContext, item.id, true),
(error) => {
assert.strictEqual(
error.message,
ownerContext.app.i18n("policy_not_allow", [
ownerContext.app.i18n("policy_owner_allow"),
])
);
}
);
const guestRetrive = await app.collections.numbers.getByID(guestContext, item.id, true);
assert.strictEqual(guestRetrive.get("number"), 12);
});
});
});

File Metadata

Mime Type
text/x-java
Expires
Tue, Dec 24, 08:58 (1 d, 1 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
556499
Default Alt Text
owner.subtest.ts (2 KB)

Event Timeline