Mirroristas/CommunitySolidServer
2
0
Fork 0
mirror of https://github.com/CommunitySolidServer/CommunitySolidServer.git synced 2024-10-03 14:55:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Use PermissionReaders to determine available permissions

Browse Source 
These readers will determine which permissions
are available for the incoming credentials.
Their results then get combined in a UnionReader
and authorized in a PermissionBasedAuthorizer
This commit is contained in:
Joachim Van Herwegen
2021-09-20 11:24:38 +02:00
parent e8dedf5c23
commit bf28c83ffa
50 changed files with 714 additions and 445 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
test/unit/authorization/UnionPermissionReader.test.ts Normal file
View File

@@ -0,0 +1,56 @@
import { CredentialGroup } from '../../../src/authentication/Credentials';
import type { PermissionReader, PermissionReaderInput } from '../../../src/authorization/PermissionReader';
import { UnionPermissionReader } from '../../../src/authorization/UnionPermissionReader';
describe('A UnionPermissionReader', (): void => {
const input: PermissionReaderInput = { credentials: {}, identifier: { path: 'http://test.com/foo' }};
let readers: jest.Mocked<PermissionReader>[];
let unionReader: UnionPermissionReader;
beforeEach(async(): Promise<void> => {
readers = [
{
canHandle: jest.fn(),
handle: jest.fn().mockResolvedValue({}),
} as any,
{
canHandle: jest.fn(),
handle: jest.fn().mockResolvedValue({}),
} as any,
];
unionReader = new UnionPermissionReader(readers);
});
it('only uses the results of readers that can handle the input.', async(): Promise<void> => {
readers[0].canHandle.mockRejectedValue(new Error('bad request'));
readers[0].handle.mockResolvedValue({ [CredentialGroup.agent]: { read: true }});
readers[1].handle.mockResolvedValue({ [CredentialGroup.agent]: { write: true }});
await expect(unionReader.handle(input)).resolves.toEqual({ [CredentialGroup.agent]: { write: true }});
});
it('combines results.', async(): Promise<void> => {
readers[0].handle.mockResolvedValue(
{ [CredentialGroup.agent]: { read: true }, [CredentialGroup.public]: undefined },
);
readers[1].handle.mockResolvedValue(
{ [CredentialGroup.agent]: { write: true }, [CredentialGroup.public]: { read: false }},
);
await expect(unionReader.handle(input)).resolves.toEqual({
[CredentialGroup.agent]: { read: true, write: true },
[CredentialGroup.public]: { read: false },
});
});
it('merges same fields using false > true > undefined.', async(): Promise<void> => {
readers[0].handle.mockResolvedValue(
{ [CredentialGroup.agent]: { read: true, write: false, append: undefined, control: true }},
);
readers[1].handle.mockResolvedValue(
{ [CredentialGroup.agent]: { read: false, write: true, append: true, control: true }},
);
await expect(unionReader.handle(input)).resolves.toEqual({
[CredentialGroup.agent]: { read: false, write: false, append: true, control: true },
});
});
});