2022-10-03 13:11:29 +00:00
|
|
|
const models = require('vn-loopback/server/server').models;
|
|
|
|
|
|
|
|
|
|
describe('account privileges()', () => {
|
|
|
|
|
const employeeId = 1;
|
|
|
|
|
const developerId = 9;
|
|
|
|
|
const sysadminId = 66;
|
2022-10-26 06:27:28 +00:00
|
|
|
const clarkKent = 1103;
|
2022-10-03 13:11:29 +00:00
|
|
|
|
|
|
|
|
it('should throw an error when user not has privileges', async() => {
|
|
|
|
|
const ctx = {req: {accessToken: {userId: developerId}}};
|
|
|
|
|
const tx = await models.Account.beginTransaction({});
|
|
|
|
|
|
|
|
|
|
let error;
|
|
|
|
|
try {
|
|
|
|
|
const options = {transaction: tx};
|
|
|
|
|
|
|
|
|
|
await models.Account.privileges(ctx, employeeId, null, true, options);
|
|
|
|
|
|
|
|
|
|
await tx.rollback();
|
|
|
|
|
} catch (e) {
|
|
|
|
|
error = e;
|
|
|
|
|
await tx.rollback();
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-26 06:27:28 +00:00
|
|
|
expect(error.message).toContain(`You don't have grant privilege`);
|
2022-10-03 13:11:29 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should throw an error when user has privileges but not has the role', async() => {
|
|
|
|
|
const ctx = {req: {accessToken: {userId: sysadminId}}};
|
|
|
|
|
const tx = await models.Account.beginTransaction({});
|
|
|
|
|
|
|
|
|
|
let error;
|
|
|
|
|
try {
|
|
|
|
|
const options = {transaction: tx};
|
|
|
|
|
|
|
|
|
|
const root = await models.Role.findOne({
|
|
|
|
|
where: {
|
|
|
|
|
name: 'root'
|
|
|
|
|
}
|
|
|
|
|
}, options);
|
|
|
|
|
await models.Account.privileges(ctx, employeeId, root.id, null, options);
|
|
|
|
|
|
|
|
|
|
await tx.rollback();
|
|
|
|
|
} catch (e) {
|
|
|
|
|
error = e;
|
|
|
|
|
await tx.rollback();
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-26 06:27:28 +00:00
|
|
|
expect(error.message).toContain(`You don't own the role and you can't assign it to another user`);
|
2022-10-03 13:11:29 +00:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should change role', async() => {
|
|
|
|
|
const ctx = {req: {accessToken: {userId: sysadminId}}};
|
|
|
|
|
const tx = await models.Account.beginTransaction({});
|
|
|
|
|
|
|
|
|
|
const options = {transaction: tx};
|
|
|
|
|
const agency = await models.Role.findOne({
|
|
|
|
|
where: {
|
|
|
|
|
name: 'agency'
|
|
|
|
|
}
|
|
|
|
|
}, options);
|
|
|
|
|
|
|
|
|
|
let error;
|
|
|
|
|
let result;
|
|
|
|
|
try {
|
2022-10-26 06:27:28 +00:00
|
|
|
await models.Account.privileges(ctx, clarkKent, agency.id, null, options);
|
|
|
|
|
result = await models.Account.findById(clarkKent, null, options);
|
2022-10-03 13:11:29 +00:00
|
|
|
|
|
|
|
|
await tx.rollback();
|
|
|
|
|
} catch (e) {
|
|
|
|
|
error = e;
|
|
|
|
|
await tx.rollback();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
expect(error).not.toBeDefined();
|
|
|
|
|
expect(result.roleFk).toEqual(agency.id);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('should change hasGrant', async() => {
|
|
|
|
|
const ctx = {req: {accessToken: {userId: sysadminId}}};
|
|
|
|
|
const tx = await models.Account.beginTransaction({});
|
|
|
|
|
|
|
|
|
|
let error;
|
|
|
|
|
let result;
|
|
|
|
|
try {
|
|
|
|
|
const options = {transaction: tx};
|
2022-10-26 06:27:28 +00:00
|
|
|
await models.Account.privileges(ctx, clarkKent, null, true, options);
|
|
|
|
|
result = await models.Account.findById(clarkKent, null, options);
|
2022-10-03 13:11:29 +00:00
|
|
|
|
|
|
|
|
await tx.rollback();
|
|
|
|
|
} catch (e) {
|
|
|
|
|
error = e;
|
|
|
|
|
await tx.rollback();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
expect(error).not.toBeDefined();
|
|
|
|
|
expect(result.hasGrant).toBeTruthy();
|
|
|
|
|
});
|
|
|
|
|
});
|
