feat: Change permission interface to store identifiers

test/unit/server/AuthorizingHttpHandler.test.ts

@@ -3,6 +3,7 @@ import type { CredentialsExtractor } from '../../../src/authentication/Credentia
 import type { Authorizer } from '../../../src/authorization/Authorizer';
 import type { PermissionReader } from '../../../src/authorization/PermissionReader';
 import type { ModesExtractor } from '../../../src/authorization/permissions/ModesExtractor';
+import type { AccessMap, PermissionMap } from '../../../src/authorization/permissions/Permissions';
 import { AccessMode } from '../../../src/authorization/permissions/Permissions';
 import type { Operation } from '../../../src/http/Operation';
 import { BasicRepresentation } from '../../../src/http/representation/BasicRepresentation';
@@ -11,11 +12,15 @@ import type { HttpRequest } from '../../../src/server/HttpRequest';
 import type { HttpResponse } from '../../../src/server/HttpResponse';
 import type { OperationHttpHandler } from '../../../src/server/OperationHttpHandler';
 import { ForbiddenHttpError } from '../../../src/util/errors/ForbiddenHttpError';
+import { IdentifierMap, IdentifierSetMultiMap } from '../../../src/util/map/IdentifierMap';
 
 describe('An AuthorizingHttpHandler', (): void => {
   const credentials = { [CredentialGroup.public]: {}};
-  const modes = new Set([ AccessMode.read ]);
-  const permissionSet = { [CredentialGroup.public]: { read: true }};
+  const target = { path: 'http://test.com/foo' };
+  const requestedModes: AccessMap = new IdentifierSetMultiMap<AccessMode>([[ target, AccessMode.read ]]);
+  const availablePermissions: PermissionMap = new IdentifierMap(
+    [[ target, { [CredentialGroup.public]: { read: true }}]],
+  );
   const request: HttpRequest = {} as any;
   const response: HttpResponse = {} as any;
   let operation: Operation;
@@ -28,7 +33,7 @@ describe('An AuthorizingHttpHandler', (): void => {
 
   beforeEach(async(): Promise<void> => {
     operation = {
-      target: { path: 'http://test.com/foo' },
+      target,
       method: 'GET',
       preferences: {},
       body: new BasicRepresentation(),
@@ -38,10 +43,10 @@ describe('An AuthorizingHttpHandler', (): void => {
       handleSafe: jest.fn().mockResolvedValue(credentials),
     } as any;
     modesExtractor = {
-      handleSafe: jest.fn().mockResolvedValue(modes),
+      handleSafe: jest.fn().mockResolvedValue(requestedModes),
     } as any;
     permissionReader = {
-      handleSafe: jest.fn().mockResolvedValue(permissionSet),
+      handleSafe: jest.fn().mockResolvedValue(availablePermissions),
     } as any;
     authorizer = {
       handleSafe: jest.fn(),
@@ -62,13 +67,12 @@ describe('An AuthorizingHttpHandler', (): void => {
     expect(modesExtractor.handleSafe).toHaveBeenCalledTimes(1);
     expect(modesExtractor.handleSafe).toHaveBeenLastCalledWith(operation);
     expect(permissionReader.handleSafe).toHaveBeenCalledTimes(1);
-    expect(permissionReader.handleSafe).toHaveBeenLastCalledWith({ credentials, identifier: operation.target, modes });
+    expect(permissionReader.handleSafe).toHaveBeenLastCalledWith({ credentials, requestedModes });
     expect(authorizer.handleSafe).toHaveBeenCalledTimes(1);
-    expect(authorizer.handleSafe)
-      .toHaveBeenLastCalledWith({ credentials, identifier: operation.target, modes, permissionSet });
+    expect(authorizer.handleSafe).toHaveBeenLastCalledWith({ credentials, requestedModes, availablePermissions });
     expect(source.handleSafe).toHaveBeenCalledTimes(1);
     expect(source.handleSafe).toHaveBeenLastCalledWith({ request, response, operation });
-    expect(operation.permissionSet).toBe(permissionSet);
+    expect(operation.availablePermissions).toBe(availablePermissions);
   });
 
   it('errors if authorization fails.', async(): Promise<void> => {