Mirroristas/CommunitySolidServer
2
0
Fork 0
mirror of https://github.com/CommunitySolidServer/CommunitySolidServer.git synced 2024-10-03 14:55:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add permissions extractor for acl resources

Browse Source
This commit is contained in:
Joachim Van Herwegen
2021-01-29 16:48:09 +01:00
parent 758f5ed083
commit 8339413ab4
8 changed files with 94 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
test/integration/LdpHandlerWithAuth.test.ts
View File

@@ -59,8 +59,7 @@ describe.each(stores)('An LDP handler with auth using %s', (name, { storeUrn, te
await teardown();
});
it('can add a file to the store, read it and delete it if allowed.', async():
Promise<void> => {
it('can add a file to the store, read it and delete it if allowed.', async(): Promise<void> => {
// Set acl
await aclHelper.setSimpleAcl({ read: true, write: true, append: true, control: false }, 'agent');
@@ -82,8 +81,7 @@ describe.each(stores)('An LDP handler with auth using %s', (name, { storeUrn, te
await resourceHelper.shouldNotExist(id);
});
it('can not add a file to the store if not allowed.', async():
Promise<void> => {
it('can not add a file to the store if not allowed.', async(): Promise<void> => {
// Set acl
await aclHelper.setSimpleAcl({ read: true, write: true, append: true, control: false }, 'authenticated');
@@ -94,8 +92,7 @@ describe.each(stores)('An LDP handler with auth using %s', (name, { storeUrn, te
expect(response.statusCode).toBe(401);
});
it('can not add/delete, but only read files if allowed.', async():
Promise<void> => {
it('can not add/delete, but only read files if allowed.', async(): Promise<void> => {
// Set acl
await aclHelper.setSimpleAcl({ read: true, write: false, append: false, control: false }, 'agent');
@@ -135,4 +132,20 @@ describe.each(stores)('An LDP handler with auth using %s', (name, { storeUrn, te
);
expect(response.statusCode).toBe(401);
});
it('can not access an acl file if no control rights are provided.', async(): Promise<void> => {
// Set acl
await aclHelper.setSimpleAcl({ read: true, write: true, append: true, control: false }, 'agent');
const response = await resourceHelper.performRequest(new URL('http://test.com/.acl'), 'GET', { accept: '*/*' });
expect(response.statusCode).toBe(401);
});
it('can only access an acl file if control rights are provided.', async(): Promise<void> => {
// Set acl
await aclHelper.setSimpleAcl({ read: false, write: false, append: false, control: true }, 'agent');
const response = await resourceHelper.performRequest(new URL('http://test.com/.acl'), 'GET', { accept: '*/*' });
expect(response.statusCode).toBe(200);
});
});