Mirroristas/CommunitySolidServer
2
0
Fork 0
mirror of https://github.com/CommunitySolidServer/CommunitySolidServer.git synced 2024-10-03 14:55:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Update WebAclMetadataCollector to support new permission interface

Browse Source
This commit is contained in:
Joachim Van Herwegen 2022-06-29 11:01:22 +02:00
parent 7996fe5c3b
commit fd83f4b013
2 changed files with 24 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/http/ldp/metadata/WebAclMetadataCollector.ts
View File

@ -15,11 +15,12 @@ const VALID_ACL_MODES = new Set([ AccessMode.read, AccessMode.write, AccessMode.
*/ */
export class WebAclMetadataCollector extends OperationMetadataCollector { export class WebAclMetadataCollector extends OperationMetadataCollector {
public async handle({ metadata, operation }: OperationMetadataCollectorInput): Promise<void> { public async handle({ metadata, operation }: OperationMetadataCollectorInput): Promise<void> {
if (!operation.permissionSet || !VALID_METHODS.has(operation.method)) { const permissionSet = operation.availablePermissions?.get(operation.target);
if (!permissionSet || !VALID_METHODS.has(operation.method)) {
return; return;
} }
const user: AclPermission = operation.permissionSet.agent ?? {}; const user: AclPermission = permissionSet.agent ?? {};
const everyone: AclPermission = operation.permissionSet.public ?? {}; const everyone: AclPermission = permissionSet.public ?? {};
const modes = new Set<AccessMode>([ ...Object.keys(user), ...Object.keys(everyone) ] as AccessMode[]); const modes = new Set<AccessMode>([ ...Object.keys(user), ...Object.keys(everyone) ] as AccessMode[]);

27
test/unit/http/ldp/metadata/WebAclMetadataCollector.test.ts
View File

@ -5,9 +5,11 @@ import { WebAclMetadataCollector } from '../../../../../src/http/ldp/metadata/We
import type { Operation } from '../../../../../src/http/Operation'; import type { Operation } from '../../../../../src/http/Operation';
import { BasicRepresentation } from '../../../../../src/http/representation/BasicRepresentation'; import { BasicRepresentation } from '../../../../../src/http/representation/BasicRepresentation';
import { RepresentationMetadata } from '../../../../../src/http/representation/RepresentationMetadata'; import { RepresentationMetadata } from '../../../../../src/http/representation/RepresentationMetadata';
import { IdentifierMap } from '../../../../../src/util/map/IdentifierMap';
import { ACL, AUTH } from '../../../../../src/util/Vocabularies'; import { ACL, AUTH } from '../../../../../src/util/Vocabularies';
describe('A WebAclMetadataCollector', (): void => { describe('A WebAclMetadataCollector', (): void => {
const target = { path: 'http://example.com/foo' };
let operation: Operation; let operation: Operation;
let metadata: RepresentationMetadata; let metadata: RepresentationMetadata;
const writer = new WebAclMetadataCollector(); const writer = new WebAclMetadataCollector();
@ -15,7 +17,7 @@ describe('A WebAclMetadataCollector', (): void => {
beforeEach(async(): Promise<void> => { beforeEach(async(): Promise<void> => {
operation = { operation = {
method: 'GET', method: 'GET',
target: { path: 'http://test.com/foo' }, target,
preferences: {}, preferences: {},
body: new BasicRepresentation(), body: new BasicRepresentation(),
}; };
@ -23,27 +25,38 @@ describe('A WebAclMetadataCollector', (): void => {
metadata = new RepresentationMetadata(); metadata = new RepresentationMetadata();
}); });
it('adds no metadata if there is no target entry.', async(): Promise<void> => {
await expect(writer.handle({ metadata, operation })).resolves.toBeUndefined();
expect(metadata.quads()).toHaveLength(0);
operation.availablePermissions = new IdentifierMap();
await expect(writer.handle({ metadata, operation })).resolves.toBeUndefined();
expect(metadata.quads()).toHaveLength(0);
});
it('adds no metadata if there are no permissions.', async(): Promise<void> => { it('adds no metadata if there are no permissions.', async(): Promise<void> => {
await expect(writer.handle({ metadata, operation })).resolves.toBeUndefined(); await expect(writer.handle({ metadata, operation })).resolves.toBeUndefined();
expect(metadata.quads()).toHaveLength(0); expect(metadata.quads()).toHaveLength(0);
operation.permissionSet = {}; operation.availablePermissions = new IdentifierMap([[ target, {}]]);
await expect(writer.handle({ metadata, operation })).resolves.toBeUndefined(); await expect(writer.handle({ metadata, operation })).resolves.toBeUndefined();
expect(metadata.quads()).toHaveLength(0); expect(metadata.quads()).toHaveLength(0);
}); });
it('adds no metadata if the method is wrong.', async(): Promise<void> => { it('adds no metadata if the method is wrong.', async(): Promise<void> => {
operation.permissionSet = { [CredentialGroup.public]: { read: true, write: false }}; operation.availablePermissions = new IdentifierMap(
[[ target, { [CredentialGroup.public]: { read: true, write: false }}]],
);
operation.method = 'DELETE'; operation.method = 'DELETE';
await expect(writer.handle({ metadata, operation })).resolves.toBeUndefined(); await expect(writer.handle({ metadata, operation })).resolves.toBeUndefined();
expect(metadata.quads()).toHaveLength(0); expect(metadata.quads()).toHaveLength(0);
}); });
it('adds corresponding metadata for all permissions present.', async(): Promise<void> => { it('adds corresponding metadata for all permissions present.', async(): Promise<void> => {
operation.permissionSet = { operation.availablePermissions = new IdentifierMap([[ target, {
[CredentialGroup.agent]: { read: true, write: true, control: false } as AclPermission, [CredentialGroup.agent]: { read: true, write: true, control: false } as AclPermission,
[CredentialGroup.public]: { read: true, write: false }, [CredentialGroup.public]: { read: true, write: false },
}; }]]);
await expect(writer.handle({ metadata, operation })).resolves.toBeUndefined(); await expect(writer.handle({ metadata, operation })).resolves.toBeUndefined();
expect(metadata.quads()).toHaveLength(3); expect(metadata.quads()).toHaveLength(3);
expect(metadata.getAll(AUTH.terms.userMode)).toEqualRdfTermArray([ ACL.terms.Read, ACL.terms.Write ]); expect(metadata.getAll(AUTH.terms.userMode)).toEqualRdfTermArray([ ACL.terms.Read, ACL.terms.Write ]);
@ -51,10 +64,10 @@ describe('A WebAclMetadataCollector', (): void => {
}); });
it('ignores unknown modes.', async(): Promise<void> => { it('ignores unknown modes.', async(): Promise<void> => {
operation.permissionSet = { operation.availablePermissions = new IdentifierMap([[ target, {
[CredentialGroup.agent]: { read: true, create: true }, [CredentialGroup.agent]: { read: true, create: true },
[CredentialGroup.public]: { read: true }, [CredentialGroup.public]: { read: true },
}; }]]);
await expect(writer.handle({ metadata, operation })).resolves.toBeUndefined(); await expect(writer.handle({ metadata, operation })).resolves.toBeUndefined();
expect(metadata.quads()).toHaveLength(2); expect(metadata.quads()).toHaveLength(2);
expect(metadata.getAll(AUTH.terms.userMode)).toEqualRdfTermArray([ ACL.terms.Read ]); expect(metadata.getAll(AUTH.terms.userMode)).toEqualRdfTermArray([ ACL.terms.Read ]);