mirror of
https://github.com/CommunitySolidServer/CommunitySolidServer.git
synced 2024-10-03 14:55:10 +00:00
feat: Add more extensive permission parsing support
This commit is contained in:
Joachim Van Herwegen
@@ -1,5 +1,6 @@
|
||||
import { AcceptPreferenceParser } from '../../src/ldp/http/AcceptPreferenceParser';
|
||||
import { AuthenticatedLdpHandler } from '../../src/ldp/AuthenticatedLdpHandler';
|
||||
import { BasePermissionsExtractor } from '../../src/ldp/permissions/BasePermissionsExtractor';
|
||||
import { BodyParser } from '../../src/ldp/http/BodyParser';
|
||||
import { call } from '../util/Util';
|
||||
import { CompositeAsyncHandler } from '../../src/util/CompositeAsyncHandler';
|
||||
@@ -18,7 +19,6 @@ import { SimpleCredentialsExtractor } from '../../src/authentication/SimpleCrede
|
||||
import { SimpleDeleteOperationHandler } from '../../src/ldp/operations/SimpleDeleteOperationHandler';
|
||||
import { SimpleGetOperationHandler } from '../../src/ldp/operations/SimpleGetOperationHandler';
|
||||
import { SimplePatchOperationHandler } from '../../src/ldp/operations/SimplePatchOperationHandler';
|
||||
import { SimplePermissionsExtractor } from '../../src/ldp/permissions/SimplePermissionsExtractor';
|
||||
import { SimplePostOperationHandler } from '../../src/ldp/operations/SimplePostOperationHandler';
|
||||
import { SimpleRequestParser } from '../../src/ldp/http/SimpleRequestParser';
|
||||
import { SimpleResourceStore } from '../../src/storage/SimpleResourceStore';
|
||||
@@ -27,6 +27,7 @@ import { SimpleSparqlUpdateBodyParser } from '../../src/ldp/http/SimpleSparqlUpd
|
||||
import { SimpleSparqlUpdatePatchHandler } from '../../src/storage/patch/SimpleSparqlUpdatePatchHandler';
|
||||
import { SimpleTargetExtractor } from '../../src/ldp/http/SimpleTargetExtractor';
|
||||
import { SingleThreadedResourceLocker } from '../../src/storage/SingleThreadedResourceLocker';
|
||||
import { SparqlPatchPermissionsExtractor } from '../../src/ldp/permissions/SparqlPatchPermissionsExtractor';
|
||||
import { TurtleToQuadConverter } from '../../src/storage/conversion/TurtleToQuadConverter';
|
||||
import { namedNode, quad } from '@rdfjs/data-model';
|
||||
import * as url from 'url';
|
||||
@@ -40,7 +41,7 @@ describe('An integrated AuthenticatedLdpHandler', (): void => {
|
||||
});
|
||||
|
||||
const credentialsExtractor = new SimpleCredentialsExtractor();
|
||||
const permissionsExtractor = new SimplePermissionsExtractor();
|
||||
const permissionsExtractor = new BasePermissionsExtractor();
|
||||
const authorizer = new SimpleAuthorizer();
|
||||
|
||||
const store = new SimpleResourceStore('http://test.com/');
|
||||
@@ -108,7 +109,10 @@ describe('An integrated AuthenticatedLdpHandler', (): void => {
|
||||
});
|
||||
|
||||
const credentialsExtractor = new SimpleCredentialsExtractor();
|
||||
const permissionsExtractor = new SimplePermissionsExtractor();
|
||||
const permissionsExtractor = new CompositeAsyncHandler([
|
||||
new BasePermissionsExtractor(),
|
||||
new SparqlPatchPermissionsExtractor(),
|
||||
]);
|
||||
const authorizer = new SimpleAuthorizer();
|
||||
|
||||
const store = new SimpleResourceStore('http://test.com/');
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
import { AcceptPreferenceParser } from '../../src/ldp/http/AcceptPreferenceParser';
|
||||
import { AuthenticatedLdpHandler } from '../../src/ldp/AuthenticatedLdpHandler';
|
||||
import { BasePermissionsExtractor } from '../../src/ldp/permissions/BasePermissionsExtractor';
|
||||
import { BodyParser } from '../../src/ldp/http/BodyParser';
|
||||
import { call } from '../util/Util';
|
||||
import { CompositeAsyncHandler } from '../../src/util/CompositeAsyncHandler';
|
||||
@@ -17,7 +18,6 @@ import { SimpleCredentialsExtractor } from '../../src/authentication/SimpleCrede
|
||||
import { SimpleDeleteOperationHandler } from '../../src/ldp/operations/SimpleDeleteOperationHandler';
|
||||
import { SimpleExtensionAclManager } from '../../src/authorization/SimpleExtensionAclManager';
|
||||
import { SimpleGetOperationHandler } from '../../src/ldp/operations/SimpleGetOperationHandler';
|
||||
import { SimplePermissionsExtractor } from '../../src/ldp/permissions/SimplePermissionsExtractor';
|
||||
import { SimplePostOperationHandler } from '../../src/ldp/operations/SimplePostOperationHandler';
|
||||
import { SimplePutOperationHandler } from '../../src/ldp/operations/SimplePutOperationHandler';
|
||||
import { SimpleRequestParser } from '../../src/ldp/http/SimpleRequestParser';
|
||||
@@ -88,7 +88,7 @@ describe('A server with authorization', (): void => {
|
||||
const convertingStore = new RepresentationConvertingStore(store, converter);
|
||||
|
||||
const credentialsExtractor = new SimpleCredentialsExtractor();
|
||||
const permissionsExtractor = new SimplePermissionsExtractor();
|
||||
const permissionsExtractor = new BasePermissionsExtractor();
|
||||
const authorizer = new SimpleAclAuthorizer(
|
||||
new SimpleExtensionAclManager(),
|
||||
new UrlContainerManager('http://test.com/'),
|
||||
|
||||
56
test/unit/ldp/permissions/BasePermissionsExtractor.test.ts
Normal file
56
test/unit/ldp/permissions/BasePermissionsExtractor.test.ts
Normal file
@@ -0,0 +1,56 @@
|
||||
import { BasePermissionsExtractor } from '../../../../src/ldp/permissions/BasePermissionsExtractor';
|
||||
import { Operation } from '../../../../src/ldp/operations/Operation';
|
||||
import { UnsupportedHttpError } from '../../../../src/util/errors/UnsupportedHttpError';
|
||||
|
||||
describe('A BasePermissionsExtractor', (): void => {
|
||||
const extractor = new BasePermissionsExtractor();
|
||||
|
||||
it('can handle HEAD/GET/POST/PUT/DELETE.', async(): Promise<void> => {
|
||||
await expect(extractor.canHandle({ method: 'HEAD' } as Operation)).resolves.toBeUndefined();
|
||||
await expect(extractor.canHandle({ method: 'GET' } as Operation)).resolves.toBeUndefined();
|
||||
await expect(extractor.canHandle({ method: 'POST' } as Operation)).resolves.toBeUndefined();
|
||||
await expect(extractor.canHandle({ method: 'PUT' } as Operation)).resolves.toBeUndefined();
|
||||
await expect(extractor.canHandle({ method: 'DELETE' } as Operation)).resolves.toBeUndefined();
|
||||
await expect(extractor.canHandle({ method: 'PATCH' } as Operation)).rejects.toThrow(UnsupportedHttpError);
|
||||
});
|
||||
|
||||
it('requires read for HEAD operations.', async(): Promise<void> => {
|
||||
await expect(extractor.handle({ method: 'HEAD' } as Operation)).resolves.toEqual({
|
||||
read: true,
|
||||
append: false,
|
||||
write: false,
|
||||
});
|
||||
});
|
||||
|
||||
it('requires read for GET operations.', async(): Promise<void> => {
|
||||
await expect(extractor.handle({ method: 'GET' } as Operation)).resolves.toEqual({
|
||||
read: true,
|
||||
append: false,
|
||||
write: false,
|
||||
});
|
||||
});
|
||||
|
||||
it('requires write for POST operations.', async(): Promise<void> => {
|
||||
await expect(extractor.handle({ method: 'POST' } as Operation)).resolves.toEqual({
|
||||
read: false,
|
||||
append: true,
|
||||
write: true,
|
||||
});
|
||||
});
|
||||
|
||||
it('requires write for PUT operations.', async(): Promise<void> => {
|
||||
await expect(extractor.handle({ method: 'PUT' } as Operation)).resolves.toEqual({
|
||||
read: false,
|
||||
append: true,
|
||||
write: true,
|
||||
});
|
||||
});
|
||||
|
||||
it('requires write for DELETE operations.', async(): Promise<void> => {
|
||||
await expect(extractor.handle({ method: 'DELETE' } as Operation)).resolves.toEqual({
|
||||
read: false,
|
||||
append: true,
|
||||
write: true,
|
||||
});
|
||||
});
|
||||
});
|
||||
@@ -1,42 +0,0 @@
|
||||
import { Operation } from '../../../../src/ldp/operations/Operation';
|
||||
import { SimplePermissionsExtractor } from '../../../../src/ldp/permissions/SimplePermissionsExtractor';
|
||||
|
||||
describe('A SimplePermissionsExtractor', (): void => {
|
||||
const extractor = new SimplePermissionsExtractor();
|
||||
|
||||
it('can handle all input.', async(): Promise<void> => {
|
||||
await expect(extractor.canHandle()).resolves.toBeUndefined();
|
||||
});
|
||||
|
||||
it('requires read for GET operations.', async(): Promise<void> => {
|
||||
await expect(extractor.handle({ method: 'GET' } as Operation)).resolves.toEqual({
|
||||
read: true,
|
||||
append: false,
|
||||
write: false,
|
||||
});
|
||||
});
|
||||
|
||||
it('requires write for POST operations.', async(): Promise<void> => {
|
||||
await expect(extractor.handle({ method: 'POST' } as Operation)).resolves.toEqual({
|
||||
read: false,
|
||||
append: true,
|
||||
write: true,
|
||||
});
|
||||
});
|
||||
|
||||
it('requires write for PUT operations.', async(): Promise<void> => {
|
||||
await expect(extractor.handle({ method: 'PUT' } as Operation)).resolves.toEqual({
|
||||
read: false,
|
||||
append: true,
|
||||
write: true,
|
||||
});
|
||||
});
|
||||
|
||||
it('requires write for DELETE operations.', async(): Promise<void> => {
|
||||
await expect(extractor.handle({ method: 'DELETE' } as Operation)).resolves.toEqual({
|
||||
read: false,
|
||||
append: true,
|
||||
write: true,
|
||||
});
|
||||
});
|
||||
});
|
||||
@@ -0,0 +1,52 @@
|
||||
import { Factory } from 'sparqlalgebrajs';
|
||||
import { Operation } from '../../../../src/ldp/operations/Operation';
|
||||
import { SparqlPatchPermissionsExtractor } from '../../../../src/ldp/permissions/SparqlPatchPermissionsExtractor';
|
||||
import { SparqlUpdatePatch } from '../../../../src/ldp/http/SparqlUpdatePatch';
|
||||
import { UnsupportedHttpError } from '../../../../src/util/errors/UnsupportedHttpError';
|
||||
|
||||
describe('A SparqlPatchPermissionsExtractor', (): void => {
|
||||
const extractor = new SparqlPatchPermissionsExtractor();
|
||||
const factory = new Factory();
|
||||
|
||||
it('can only handle SPARQL DELETE/INSERT PATCH operations.', async(): Promise<void> => {
|
||||
const operation = { method: 'PATCH', body: { algebra: factory.createDeleteInsert() }} as unknown as Operation;
|
||||
await expect(extractor.canHandle(operation)).resolves.toBeUndefined();
|
||||
await expect(extractor.canHandle({ ...operation, method: 'GET' }))
|
||||
.rejects.toThrow(new UnsupportedHttpError('Only PATCH operations are supported.'));
|
||||
await expect(extractor.canHandle({ ...operation, body: undefined }))
|
||||
.rejects.toThrow(new UnsupportedHttpError('PATCH body is required to determine permissions.'));
|
||||
await expect(extractor.canHandle({ ...operation, body: {} as SparqlUpdatePatch }))
|
||||
.rejects.toThrow(new UnsupportedHttpError('Only SPARQL update PATCHes are supported.'));
|
||||
await expect(extractor.canHandle({ ...operation,
|
||||
body: { algebra: factory.createMove('DEFAULT', 'DEFAULT') } as unknown as SparqlUpdatePatch }))
|
||||
.rejects.toThrow(new UnsupportedHttpError('Only DELETE/INSERT SPARQL update operations are supported.'));
|
||||
});
|
||||
|
||||
it('requires append for INSERT operations.', async(): Promise<void> => {
|
||||
const operation = {
|
||||
method: 'PATCH',
|
||||
body: { algebra: factory.createDeleteInsert(undefined, [
|
||||
factory.createPattern(factory.createTerm('<s>'), factory.createTerm('<p>'), factory.createTerm('<o>')),
|
||||
]) },
|
||||
} as unknown as Operation;
|
||||
await expect(extractor.handle(operation)).resolves.toEqual({
|
||||
read: false,
|
||||
append: true,
|
||||
write: false,
|
||||
});
|
||||
});
|
||||
|
||||
it('requires write for DELETE operations.', async(): Promise<void> => {
|
||||
const operation = {
|
||||
method: 'PATCH',
|
||||
body: { algebra: factory.createDeleteInsert([
|
||||
factory.createPattern(factory.createTerm('<s>'), factory.createTerm('<p>'), factory.createTerm('<o>')),
|
||||
]) },
|
||||
} as unknown as Operation;
|
||||
await expect(extractor.handle(operation)).resolves.toEqual({
|
||||
read: false,
|
||||
append: true,
|
||||
write: true,
|
||||
});
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user