37 lines
1.3 KiB
JavaScript
37 lines
1.3 KiB
JavaScript
|
const {models} = require('vn-loopback/server/server');
|
||
|
|
const id = {administrative: 5, employee: 1, productionBoss: 50};
|
||
|
|
|
||
|
|
describe('VnUser acls()', () => {
|
||
|
|
it('should get its owns acls', async() => {
|
||
|
|
const hasAdministrativeAcls = await hasAcl('administrative', id.administrative);
|
||
|
|
const hasProductionBossAcls = await hasAcl('productionBoss', id.productionBoss);
|
||
|
|
|
||
|
|
expect(hasAdministrativeAcls).toBeTruthy();
|
||
|
|
expect(hasProductionBossAcls).toBeTruthy();
|
||
|
|
});
|
||
|
|
|
||
|
|
it('should not get administrative acls', async() => {
|
||
|
|
const hasAdministrativeAcls = await hasAcl('administrative', id.employee);
|
||
|
|
|
||
|
|
expect(hasAdministrativeAcls).toBeFalsy();
|
||
|
|
});
|
||
|
|
|
||
|
|
it('should get the $authenticated acls', async() => {
|
||
|
|
const hasAuthAcls = await hasAcl('$authenticated', id.employee);
|
||
|
|
|
||
|
|
expect(hasAuthAcls).toBeTruthy();
|
||
|
|
});
|
||
|
|
|
||
|
|
it('should get the $everyone acls', async() => {
|
||
|
|
const hasEveryoneAcls = await hasAcl('$everyone', id.employee);
|
||
|
|
|
||
|
|
expect(hasEveryoneAcls).toBeTruthy();
|
||
|
|
});
|
||
|
|
});
|
||
|
|
|
||
|
|
const hasAcl = async(role, userId) => {
|
||
|
|
const ctx = {req: {accessToken: {userId}, headers: {origin: 'http://localhost'}}};
|
||
|
|
const acls = await models.VnUser.acls(ctx);
|
||
|
|
return Object.values(acls).some(acl => acl.principalId === role);
|
||
|
|
};
|