feat: Add more extensive permission parsing support

2024-10-03 14:55:10 +00:00 · 2020-08-07 16:39:34 +02:00
parent 769b49293c
commit e06d0bc8c5
11 changed files with 217 additions and 74 deletions
--- a/test/unit/ldp/permissions/BasePermissionsExtractor.test.ts
+++ b/test/unit/ldp/permissions/BasePermissionsExtractor.test.ts
@@ -0,0 +1,56 @@
+import { BasePermissionsExtractor } from '../../../../src/ldp/permissions/BasePermissionsExtractor';
+import { Operation } from '../../../../src/ldp/operations/Operation';
+import { UnsupportedHttpError } from '../../../../src/util/errors/UnsupportedHttpError';
+
+describe('A BasePermissionsExtractor', (): void => {
+  const extractor = new BasePermissionsExtractor();
+
+  it('can handle HEAD/GET/POST/PUT/DELETE.', async(): Promise<void> => {
+    await expect(extractor.canHandle({ method: 'HEAD' } as Operation)).resolves.toBeUndefined();
+    await expect(extractor.canHandle({ method: 'GET' } as Operation)).resolves.toBeUndefined();
+    await expect(extractor.canHandle({ method: 'POST' } as Operation)).resolves.toBeUndefined();
+    await expect(extractor.canHandle({ method: 'PUT' } as Operation)).resolves.toBeUndefined();
+    await expect(extractor.canHandle({ method: 'DELETE' } as Operation)).resolves.toBeUndefined();
+    await expect(extractor.canHandle({ method: 'PATCH' } as Operation)).rejects.toThrow(UnsupportedHttpError);
+  });
+
+  it('requires read for HEAD operations.', async(): Promise<void> => {
+    await expect(extractor.handle({ method: 'HEAD' } as Operation)).resolves.toEqual({
+      read: true,
+      append: false,
+      write: false,
+    });
+  });
+
+  it('requires read for GET operations.', async(): Promise<void> => {
+    await expect(extractor.handle({ method: 'GET' } as Operation)).resolves.toEqual({
+      read: true,
+      append: false,
+      write: false,
+    });
+  });
+
+  it('requires write for POST operations.', async(): Promise<void> => {
+    await expect(extractor.handle({ method: 'POST' } as Operation)).resolves.toEqual({
+      read: false,
+      append: true,
+      write: true,
+    });
+  });
+
+  it('requires write for PUT operations.', async(): Promise<void> => {
+    await expect(extractor.handle({ method: 'PUT' } as Operation)).resolves.toEqual({
+      read: false,
+      append: true,
+      write: true,
+    });
+  });
+
+  it('requires write for DELETE operations.', async(): Promise<void> => {
+    await expect(extractor.handle({ method: 'DELETE' } as Operation)).resolves.toEqual({
+      read: false,
+      append: true,
+      write: true,
+    });
+  });
+});
--- a/test/unit/ldp/permissions/SimplePermissionsExtractor.test.ts
+++ b/test/unit/ldp/permissions/SimplePermissionsExtractor.test.ts
@@ -1,42 +0,0 @@
-import { Operation } from '../../../../src/ldp/operations/Operation';
-import { SimplePermissionsExtractor } from '../../../../src/ldp/permissions/SimplePermissionsExtractor';
-
-describe('A SimplePermissionsExtractor', (): void => {
-  const extractor = new SimplePermissionsExtractor();
-
-  it('can handle all input.', async(): Promise<void> => {
-    await expect(extractor.canHandle()).resolves.toBeUndefined();
-  });
-
-  it('requires read for GET operations.', async(): Promise<void> => {
-    await expect(extractor.handle({ method: 'GET' } as Operation)).resolves.toEqual({
-      read: true,
-      append: false,
-      write: false,
-    });
-  });
-
-  it('requires write for POST operations.', async(): Promise<void> => {
-    await expect(extractor.handle({ method: 'POST' } as Operation)).resolves.toEqual({
-      read: false,
-      append: true,
-      write: true,
-    });
-  });
-
-  it('requires write for PUT operations.', async(): Promise<void> => {
-    await expect(extractor.handle({ method: 'PUT' } as Operation)).resolves.toEqual({
-      read: false,
-      append: true,
-      write: true,
-    });
-  });
-
-  it('requires write for DELETE operations.', async(): Promise<void> => {
-    await expect(extractor.handle({ method: 'DELETE' } as Operation)).resolves.toEqual({
-      read: false,
-      append: true,
-      write: true,
-    });
-  });
-});
--- a/test/unit/ldp/permissions/SparqlPatchPermissionsExtractor.test.ts
+++ b/test/unit/ldp/permissions/SparqlPatchPermissionsExtractor.test.ts
@@ -0,0 +1,52 @@
+import { Factory } from 'sparqlalgebrajs';
+import { Operation } from '../../../../src/ldp/operations/Operation';
+import { SparqlPatchPermissionsExtractor } from '../../../../src/ldp/permissions/SparqlPatchPermissionsExtractor';
+import { SparqlUpdatePatch } from '../../../../src/ldp/http/SparqlUpdatePatch';
+import { UnsupportedHttpError } from '../../../../src/util/errors/UnsupportedHttpError';
+
+describe('A SparqlPatchPermissionsExtractor', (): void => {
+  const extractor = new SparqlPatchPermissionsExtractor();
+  const factory = new Factory();
+
+  it('can only handle SPARQL DELETE/INSERT PATCH operations.', async(): Promise<void> => {
+    const operation = { method: 'PATCH', body: { algebra: factory.createDeleteInsert() }} as unknown as Operation;
+    await expect(extractor.canHandle(operation)).resolves.toBeUndefined();
+    await expect(extractor.canHandle({ ...operation, method: 'GET' }))
+      .rejects.toThrow(new UnsupportedHttpError('Only PATCH operations are supported.'));
+    await expect(extractor.canHandle({ ...operation, body: undefined }))
+      .rejects.toThrow(new UnsupportedHttpError('PATCH body is required to determine permissions.'));
+    await expect(extractor.canHandle({ ...operation, body: {} as SparqlUpdatePatch }))
+      .rejects.toThrow(new UnsupportedHttpError('Only SPARQL update PATCHes are supported.'));
+    await expect(extractor.canHandle({ ...operation,
+      body: { algebra: factory.createMove('DEFAULT', 'DEFAULT') } as unknown as SparqlUpdatePatch }))
+      .rejects.toThrow(new UnsupportedHttpError('Only DELETE/INSERT SPARQL update operations are supported.'));
+  });
+
+  it('requires append for INSERT operations.', async(): Promise<void> => {
+    const operation = {
+      method: 'PATCH',
+      body: { algebra: factory.createDeleteInsert(undefined, [
+        factory.createPattern(factory.createTerm('<s>'), factory.createTerm('<p>'), factory.createTerm('<o>')),
+      ]) },
+    } as unknown as Operation;
+    await expect(extractor.handle(operation)).resolves.toEqual({
+      read: false,
+      append: true,
+      write: false,
+    });
+  });
+
+  it('requires write for DELETE operations.', async(): Promise<void> => {
+    const operation = {
+      method: 'PATCH',
+      body: { algebra: factory.createDeleteInsert([
+        factory.createPattern(factory.createTerm('<s>'), factory.createTerm('<p>'), factory.createTerm('<o>')),
+      ]) },
+    } as unknown as Operation;
+    await expect(extractor.handle(operation)).resolves.toEqual({
+      read: false,
+      append: true,
+      write: true,
+    });
+  });
+});