2013-11-10 06:22:16 +00:00
|
|
|
var assert = require('assert');
|
|
|
|
var loopback = require('../index');
|
2013-11-12 06:16:51 +00:00
|
|
|
var role = require('../lib/models/role');
|
|
|
|
var Role = role.Role;
|
|
|
|
var RoleMapping = role.RoleMapping;
|
2013-11-10 06:22:16 +00:00
|
|
|
var User = loopback.User;
|
2013-11-19 19:58:30 +00:00
|
|
|
var ACL = require('../lib/models/acl');
|
2013-11-10 06:22:16 +00:00
|
|
|
|
2013-11-12 18:10:32 +00:00
|
|
|
function checkResult(err, result) {
|
|
|
|
// console.log(err, result);
|
|
|
|
assert(!err);
|
|
|
|
}
|
|
|
|
|
|
|
|
describe('role model', function () {
|
2014-01-23 22:26:45 +00:00
|
|
|
var ds;
|
|
|
|
|
|
|
|
beforeEach(function() {
|
|
|
|
ds = loopback.createDataSource({connector: 'memory'});
|
2014-02-14 18:31:30 +00:00
|
|
|
// Re-attach the models so that they can have isolated store to avoid
|
|
|
|
// pollutions from other tests
|
2014-01-23 22:26:45 +00:00
|
|
|
User.attachTo(ds);
|
|
|
|
Role.attachTo(ds);
|
|
|
|
RoleMapping.attachTo(ds);
|
|
|
|
});
|
2013-11-12 18:10:32 +00:00
|
|
|
|
|
|
|
it("should define role/role relations", function () {
|
|
|
|
Role.create({name: 'user'}, function (err, userRole) {
|
|
|
|
Role.create({name: 'admin'}, function (err, adminRole) {
|
|
|
|
userRole.principals.create({principalType: RoleMapping.ROLE, principalId: adminRole.id}, function (err, mapping) {
|
|
|
|
Role.find(function (err, roles) {
|
|
|
|
assert.equal(roles.length, 2);
|
|
|
|
});
|
|
|
|
RoleMapping.find(function (err, mappings) {
|
|
|
|
assert.equal(mappings.length, 1);
|
|
|
|
assert.equal(mappings[0].principalType, RoleMapping.ROLE);
|
|
|
|
assert.equal(mappings[0].principalId, adminRole.id);
|
|
|
|
});
|
|
|
|
userRole.principals(function (err, principals) {
|
|
|
|
assert.equal(principals.length, 1);
|
|
|
|
});
|
|
|
|
userRole.roles(function (err, roles) {
|
|
|
|
assert.equal(roles.length, 1);
|
2013-11-12 06:16:51 +00:00
|
|
|
});
|
2013-11-10 06:22:16 +00:00
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
2013-11-12 18:10:32 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
it("should define role/user relations", function () {
|
2014-01-23 22:26:45 +00:00
|
|
|
|
2013-11-12 18:10:32 +00:00
|
|
|
User.create({name: 'Raymond', email: 'x@y.com', password: 'foobar'}, function (err, user) {
|
|
|
|
// console.log('User: ', user.id);
|
|
|
|
Role.create({name: 'userRole'}, function (err, role) {
|
|
|
|
role.principals.create({principalType: RoleMapping.USER, principalId: user.id}, function (err, p) {
|
2013-11-19 19:58:30 +00:00
|
|
|
Role.find(function (err, roles) {
|
2013-11-12 18:10:32 +00:00
|
|
|
assert(!err);
|
|
|
|
assert.equal(roles.length, 1);
|
|
|
|
assert.equal(roles[0].name, 'userRole');
|
|
|
|
});
|
2013-11-19 19:58:30 +00:00
|
|
|
role.principals(function (err, principals) {
|
2013-11-12 18:10:32 +00:00
|
|
|
assert(!err);
|
|
|
|
// console.log(principals);
|
|
|
|
assert.equal(principals.length, 1);
|
|
|
|
assert.equal(principals[0].principalType, RoleMapping.USER);
|
|
|
|
assert.equal(principals[0].principalId, user.id);
|
|
|
|
});
|
2013-11-19 19:58:30 +00:00
|
|
|
role.users(function (err, users) {
|
2013-11-12 18:10:32 +00:00
|
|
|
assert(!err);
|
|
|
|
assert.equal(users.length, 1);
|
|
|
|
assert.equal(users[0].principalType, RoleMapping.USER);
|
|
|
|
assert.equal(users[0].principalId, user.id);
|
2013-11-12 06:16:51 +00:00
|
|
|
});
|
2013-11-10 06:22:16 +00:00
|
|
|
});
|
|
|
|
});
|
2014-06-10 23:39:32 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
it("should automatically generate role id", function () {
|
|
|
|
|
|
|
|
User.create({name: 'Raymond', email: 'x@y.com', password: 'foobar'}, function (err, user) {
|
|
|
|
// console.log('User: ', user.id);
|
|
|
|
Role.create({name: 'userRole'}, function (err, role) {
|
|
|
|
assert(role.id);
|
|
|
|
role.principals.create({principalType: RoleMapping.USER, principalId: user.id}, function (err, p) {
|
|
|
|
assert(p.id);
|
|
|
|
assert.equal(p.roleId, role.id);
|
|
|
|
Role.find(function (err, roles) {
|
|
|
|
assert(!err);
|
|
|
|
assert.equal(roles.length, 1);
|
|
|
|
assert.equal(roles[0].name, 'userRole');
|
|
|
|
});
|
|
|
|
role.principals(function (err, principals) {
|
|
|
|
assert(!err);
|
|
|
|
// console.log(principals);
|
|
|
|
assert.equal(principals.length, 1);
|
|
|
|
assert.equal(principals[0].principalType, RoleMapping.USER);
|
|
|
|
assert.equal(principals[0].principalId, user.id);
|
|
|
|
});
|
|
|
|
role.users(function (err, users) {
|
|
|
|
assert(!err);
|
|
|
|
assert.equal(users.length, 1);
|
|
|
|
assert.equal(users[0].principalType, RoleMapping.USER);
|
|
|
|
assert.equal(users[0].principalId, user.id);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
2013-11-10 06:22:16 +00:00
|
|
|
});
|
2013-11-12 06:16:51 +00:00
|
|
|
|
2013-11-10 06:22:16 +00:00
|
|
|
});
|
2013-11-12 18:10:32 +00:00
|
|
|
|
2013-11-12 18:47:59 +00:00
|
|
|
it("should support getRoles() and isInRole()", function () {
|
|
|
|
User.create({name: 'Raymond', email: 'x@y.com', password: 'foobar'}, function (err, user) {
|
|
|
|
// console.log('User: ', user.id);
|
|
|
|
Role.create({name: 'userRole'}, function (err, role) {
|
|
|
|
role.principals.create({principalType: RoleMapping.USER, principalId: user.id}, function (err, p) {
|
|
|
|
// Role.find(console.log);
|
|
|
|
// role.principals(console.log);
|
2013-11-19 19:58:30 +00:00
|
|
|
Role.isInRole('userRole', {principalType: RoleMapping.USER, principalId: user.id}, function (err, exists) {
|
2013-11-12 18:47:59 +00:00
|
|
|
assert(!err && exists === true);
|
|
|
|
});
|
|
|
|
|
2013-11-19 19:58:30 +00:00
|
|
|
Role.isInRole('userRole', {principalType: RoleMapping.APP, principalId: user.id}, function (err, exists) {
|
2013-11-12 18:47:59 +00:00
|
|
|
assert(!err && exists === false);
|
|
|
|
});
|
|
|
|
|
2013-11-19 19:58:30 +00:00
|
|
|
Role.isInRole('userRole', {principalType: RoleMapping.USER, principalId: 100}, function (err, exists) {
|
2013-11-12 18:47:59 +00:00
|
|
|
assert(!err && exists === false);
|
|
|
|
});
|
|
|
|
|
2013-12-11 17:06:21 +00:00
|
|
|
Role.getRoles({principalType: RoleMapping.USER, principalId: user.id}, function (err, roles) {
|
|
|
|
assert.equal(roles.length, 3); // everyone, authenticated, userRole
|
|
|
|
assert(roles.indexOf(role.id) >=0);
|
|
|
|
assert(roles.indexOf(Role.EVERYONE) >=0);
|
|
|
|
assert(roles.indexOf(Role.AUTHENTICATED) >=0);
|
|
|
|
});
|
|
|
|
Role.getRoles({principalType: RoleMapping.APP, principalId: user.id}, function (err, roles) {
|
|
|
|
assert.equal(roles.length, 2);
|
|
|
|
assert(roles.indexOf(Role.EVERYONE) >=0);
|
|
|
|
assert(roles.indexOf(Role.AUTHENTICATED) >=0);
|
2013-11-12 18:47:59 +00:00
|
|
|
});
|
2013-12-11 17:06:21 +00:00
|
|
|
Role.getRoles({principalType: RoleMapping.USER, principalId: 100}, function (err, roles) {
|
|
|
|
assert.equal(roles.length, 2);
|
|
|
|
assert(roles.indexOf(Role.EVERYONE) >=0);
|
|
|
|
assert(roles.indexOf(Role.AUTHENTICATED) >=0);
|
2013-11-12 18:47:59 +00:00
|
|
|
});
|
2013-12-11 17:06:21 +00:00
|
|
|
Role.getRoles({principalType: RoleMapping.USER, principalId: null}, function (err, roles) {
|
|
|
|
assert.equal(roles.length, 2);
|
|
|
|
assert(roles.indexOf(Role.EVERYONE) >=0);
|
|
|
|
assert(roles.indexOf(Role.UNAUTHENTICATED) >=0);
|
2013-11-12 18:47:59 +00:00
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
});
|
|
|
|
|
2013-11-19 19:58:30 +00:00
|
|
|
it("should support owner role resolver", function () {
|
|
|
|
|
|
|
|
var Album = ds.createModel('Album', {
|
|
|
|
name: String,
|
|
|
|
userId: Number
|
|
|
|
}, {
|
|
|
|
relations: {
|
|
|
|
user: {
|
|
|
|
type: 'belongsTo',
|
|
|
|
model: 'User',
|
|
|
|
foreignKey: 'userId'
|
|
|
|
}
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
|
|
|
User.create({name: 'Raymond', email: 'x@y.com', password: 'foobar'}, function (err, user) {
|
|
|
|
Role.isInRole(Role.AUTHENTICATED, {principalType: ACL.USER, principalId: user.id}, function (err, yes) {
|
|
|
|
assert(!err && yes);
|
|
|
|
});
|
|
|
|
Role.isInRole(Role.AUTHENTICATED, {principalType: ACL.USER, principalId: null}, function (err, yes) {
|
|
|
|
assert(!err && !yes);
|
|
|
|
});
|
|
|
|
|
2013-11-20 21:38:14 +00:00
|
|
|
Role.isInRole(Role.UNAUTHENTICATED, {principalType: ACL.USER, principalId: user.id}, function (err, yes) {
|
|
|
|
assert(!err && !yes);
|
|
|
|
});
|
|
|
|
Role.isInRole(Role.UNAUTHENTICATED, {principalType: ACL.USER, principalId: null}, function (err, yes) {
|
|
|
|
assert(!err && yes);
|
|
|
|
});
|
|
|
|
|
2013-11-19 19:58:30 +00:00
|
|
|
Role.isInRole(Role.EVERYONE, {principalType: ACL.USER, principalId: user.id}, function (err, yes) {
|
|
|
|
assert(!err && yes);
|
|
|
|
});
|
|
|
|
|
|
|
|
Role.isInRole(Role.EVERYONE, {principalType: ACL.USER, principalId: null}, function (err, yes) {
|
|
|
|
assert(!err && yes);
|
|
|
|
});
|
|
|
|
|
|
|
|
// console.log('User: ', user.id);
|
|
|
|
Album.create({name: 'Album 1', userId: user.id}, function (err, album1) {
|
|
|
|
Role.isInRole(Role.OWNER, {principalType: ACL.USER, principalId: user.id, model: Album, id: album1.id}, function (err, yes) {
|
|
|
|
assert(!err && yes);
|
|
|
|
});
|
|
|
|
Album.create({name: 'Album 2'}, function (err, album2) {
|
|
|
|
Role.isInRole(Role.OWNER, {principalType: ACL.USER, principalId: user.id, model: Album, id: album2.id}, function (err, yes) {
|
|
|
|
assert(!err && !yes);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
});
|
|
|
|
|
2013-11-10 06:22:16 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
2013-11-12 18:10:32 +00:00
|
|
|
|