Mirroristas/CommunitySolidServer
2
0
Fork 0
mirror of https://github.com/CommunitySolidServer/CommunitySolidServer.git synced 2024-10-03 14:55:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
CommunitySolidServer/test/unit/authorization/permissions/MethodModesExtractor.test.ts
Joachim Van Herwegen 9a29cc2257 fix: Extract correct access modes from request
2022-03-18 14:15:12 +01:00

60 lines
3.0 KiB
TypeScript
Raw Blame History

import { MethodModesExtractor } from '../../../../src/authorization/permissions/MethodModesExtractor';
import { AccessMode } from '../../../../src/authorization/permissions/Permissions';
import type { Operation } from '../../../../src/http/Operation';
import type { ResourceSet } from '../../../../src/storage/ResourceSet';
import { NotImplementedHttpError } from '../../../../src/util/errors/NotImplementedHttpError';
describe('A MethodModesExtractor', (): void => {
let resourceSet: jest.Mocked<ResourceSet>;
let extractor: MethodModesExtractor;
beforeEach(async(): Promise<void> => {
resourceSet = {
hasResource: jest.fn().mockResolvedValue(true),
};
extractor = new MethodModesExtractor(resourceSet);
});
it('can handle HEAD/GET/POST/PUT/DELETE.', async(): Promise<void> => {
await expect(extractor.canHandle({ method: 'HEAD' } as Operation)).resolves.toBeUndefined();
await expect(extractor.canHandle({ method: 'GET' } as Operation)).resolves.toBeUndefined();
await expect(extractor.canHandle({ method: 'POST' } as Operation)).resolves.toBeUndefined();
await expect(extractor.canHandle({ method: 'PUT' } as Operation)).resolves.toBeUndefined();
await expect(extractor.canHandle({ method: 'DELETE' } as Operation)).resolves.toBeUndefined();
await expect(extractor.canHandle({ method: 'PATCH' } as Operation)).rejects.toThrow(NotImplementedHttpError);
});
it('requires read for HEAD operations.', async(): Promise<void> => {
await expect(extractor.handle({ method: 'HEAD' } as Operation)).resolves.toEqual(new Set([ AccessMode.read ]));
});
it('requires read for GET operations.', async(): Promise<void> => {
await expect(extractor.handle({ method: 'GET' } as Operation)).resolves.toEqual(new Set([ AccessMode.read ]));
});
it('requires append for POST operations.', async(): Promise<void> => {
await expect(extractor.handle({ method: 'POST' } as Operation)).resolves.toEqual(new Set([ AccessMode.append ]));
});
it('requires write for PUT operations.', async(): Promise<void> => {
await expect(extractor.handle({ method: 'PUT' } as Operation))
.resolves.toEqual(new Set([ AccessMode.write ]));
});
it('requires create for PUT operations if the target does not exist.', async(): Promise<void> => {
resourceSet.hasResource.mockResolvedValueOnce(false);
await expect(extractor.handle({ method: 'PUT' } as Operation))
.resolves.toEqual(new Set([ AccessMode.write, AccessMode.create ]));
});
it('requires delete for DELETE operations.', async(): Promise<void> => {
await expect(extractor.handle({ method: 'DELETE', target: { path: 'http://example.com/foo' }} as Operation))
.resolves.toEqual(new Set([ AccessMode.delete ]));
});
it('also requires read for DELETE operations on containers.', async(): Promise<void> => {
await expect(extractor.handle({ method: 'DELETE', target: { path: 'http://example.com/foo/' }} as Operation))
.resolves.toEqual(new Set([ AccessMode.delete, AccessMode.read ]));
});
});
Reference in New Issue View Git Blame Copy Permalink