feat: Add control permission to PermissionSet

This is in preparation of generalizing permissions of auxiliary resources.
2024-10-03 14:55:10 +00:00 · 2021-01-25 11:31:48 +01:00
parent 1486f01aaf
commit 766e6318ba
8 changed files with 24 additions and 10 deletions
--- a/src/ldp/permissions/MethodPermissionsExtractor.ts
+++ b/src/ldp/permissions/MethodPermissionsExtractor.ts
@@ -23,6 +23,7 @@ export class MethodPermissionsExtractor extends PermissionsExtractor {
    const read = READ_METHODS.has(method);
    const write = WRITE_METHODS.has(method);
    const append = write || APPEND_METHODS.has(method);
-    return { read, write, append };
+    const control = false;
+    return { read, write, append, control };
  }
 }
--- a/src/ldp/permissions/PermissionSet.ts
+++ b/src/ldp/permissions/PermissionSet.ts
@@ -1,8 +1,9 @@
 /**
- * A data interface indicating which permissions are allowed (based on the context).
+ * A data interface indicating which permissions are required (based on the context).
 */
 export interface PermissionSet {
  read: boolean;
  append: boolean;
  write: boolean;
+  control: boolean;
 }
--- a/src/ldp/permissions/SparqlPatchPermissionsExtractor.ts
+++ b/src/ldp/permissions/SparqlPatchPermissionsExtractor.ts
@@ -35,7 +35,8 @@ export class SparqlPatchPermissionsExtractor extends PermissionsExtractor {
    const read = false;
    const write = this.needsWrite(update);
    const append = write || this.needsAppend(update);
-    return { read, write, append };
+    const control = false;
+    return { read, write, append, control };
  }

  private isSparql(data: Representation): data is SparqlUpdatePatch {
--- a/test/integration/LdpHandlerWithAuth.test.ts
+++ b/test/integration/LdpHandlerWithAuth.test.ts
@@ -62,7 +62,7 @@ describe.each(stores)('An LDP handler with auth using %s', (name, { storeUrn, te
  it('can add a file to the store, read it and delete it if allowed.', async():
  Promise<void> => {
    // Set acl
-    await aclHelper.setSimpleAcl({ read: true, write: true, append: true }, 'agent');
+    await aclHelper.setSimpleAcl({ read: true, write: true, append: true, control: false }, 'agent');

    // Create file
    let response = await resourceHelper.createResource(
@@ -85,7 +85,7 @@ describe.each(stores)('An LDP handler with auth using %s', (name, { storeUrn, te
  it('can not add a file to the store if not allowed.', async():
  Promise<void> => {
    // Set acl
-    await aclHelper.setSimpleAcl({ read: true, write: true, append: true }, 'authenticated');
+    await aclHelper.setSimpleAcl({ read: true, write: true, append: true, control: false }, 'authenticated');

    // Try to create file
    const response = await resourceHelper.createResource(
@@ -97,7 +97,7 @@ describe.each(stores)('An LDP handler with auth using %s', (name, { storeUrn, te
  it('can not add/delete, but only read files if allowed.', async():
  Promise<void> => {
    // Set acl
-    await aclHelper.setSimpleAcl({ read: true, write: false, append: false }, 'agent');
+    await aclHelper.setSimpleAcl({ read: true, write: false, append: false, control: false }, 'agent');

    // Try to create file
    let response = await resourceHelper.createResource(
@@ -118,7 +118,7 @@ describe.each(stores)('An LDP handler with auth using %s', (name, { storeUrn, te

  it('can add files but not write to them if append is allowed.', async(): Promise<void> => {
    // Set acl
-    await aclHelper.setSimpleAcl({ read: true, write: false, append: true }, 'agent');
+    await aclHelper.setSimpleAcl({ read: true, write: false, append: true, control: false }, 'agent');

    // Add a file
    let response = await resourceHelper.createResource(
--- a/test/integration/ServerWithAuth.test.ts
+++ b/test/integration/ServerWithAuth.test.ts
@@ -36,7 +36,7 @@ describe('A server with authorization', (): void => {
  });

  it('can create new entries.', async(): Promise<void> => {
-    await aclHelper.setSimpleAcl({ read: true, write: true, append: true }, 'agent');
+    await aclHelper.setSimpleAcl({ read: true, write: true, append: true, control: false }, 'agent');

    // POST
    let requestUrl = new URL('http://test.com/');
@@ -62,7 +62,7 @@ describe('A server with authorization', (): void => {
  });

  it('cannot create new entries if not allowed.', async(): Promise<void> => {
-    await aclHelper.setSimpleAcl({ read: true, write: true, append: true }, 'authenticated');
+    await aclHelper.setSimpleAcl({ read: true, write: true, append: true, control: false }, 'authenticated');

    // POST
    let requestUrl = new URL('http://test.com/');
@@ -89,7 +89,7 @@ describe('A server with authorization', (): void => {

  // https://github.com/solid/community-server/issues/498
  it('accepts a GET with Content-Length: 0.', async(): Promise<void> => {
-    await aclHelper.setSimpleAcl({ read: true, write: true, append: true }, 'agent');
+    await aclHelper.setSimpleAcl({ read: true, write: true, append: true, control: false }, 'agent');

    // PUT
    let requestUrl = new URL('http://test.com/foo/bar');
--- a/test/unit/authorization/WebAclAuthorizer.test.ts
+++ b/test/unit/authorization/WebAclAuthorizer.test.ts
@@ -36,6 +36,7 @@ describe('A WebAclAuthorizer', (): void => {
      read: true,
      append: false,
      write: true,
+      control: false,
    };
    credentials = {};
    identifier = { path: 'http://test.com/foo' };
@@ -169,6 +170,7 @@ describe('A WebAclAuthorizer', (): void => {
      read: false,
      write: false,
      append: true,
+      control: false,
    };
    store.getRepresentation = async(): Promise<Representation> => ({ data: streamifyArray([
      quad(nn('auth'), nn(`${acl}agent`), nn(credentials.webId!)),
--- a/test/unit/ldp/permissions/MethodPermissionsExtractor.test.ts
+++ b/test/unit/ldp/permissions/MethodPermissionsExtractor.test.ts
@@ -19,6 +19,7 @@ describe('A MethodPermissionsExtractor', (): void => {
      read: true,
      append: false,
      write: false,
+      control: false,
    });
  });

@@ -27,6 +28,7 @@ describe('A MethodPermissionsExtractor', (): void => {
      read: true,
      append: false,
      write: false,
+      control: false,
    });
  });

@@ -35,6 +37,7 @@ describe('A MethodPermissionsExtractor', (): void => {
      read: false,
      append: true,
      write: false,
+      control: false,
    });
  });

@@ -43,6 +46,7 @@ describe('A MethodPermissionsExtractor', (): void => {
      read: false,
      append: true,
      write: true,
+      control: false,
    });
  });

@@ -51,6 +55,7 @@ describe('A MethodPermissionsExtractor', (): void => {
      read: false,
      append: true,
      write: true,
+      control: false,
    });
  });
 });
--- a/test/unit/ldp/permissions/SparqlPatchPermissionsExtractor.test.ts
+++ b/test/unit/ldp/permissions/SparqlPatchPermissionsExtractor.test.ts
@@ -43,6 +43,7 @@ describe('A SparqlPatchPermissionsExtractor', (): void => {
      read: false,
      append: true,
      write: false,
+      control: false,
    });
  });

@@ -57,6 +58,7 @@ describe('A SparqlPatchPermissionsExtractor', (): void => {
      read: false,
      append: true,
      write: true,
+      control: false,
    });
  });

@@ -71,6 +73,7 @@ describe('A SparqlPatchPermissionsExtractor', (): void => {
      read: false,
      append: true,
      write: false,
+      control: false,
    });
  });

@@ -88,6 +91,7 @@ describe('A SparqlPatchPermissionsExtractor', (): void => {
      read: false,
      append: true,
      write: true,
+      control: false,
    });
  });
 });