Updated unit tests & changed ACL
gitea/salix/pipeline/head This commit looks good
Details
gitea/salix/pipeline/head This commit looks good
Details
This commit is contained in:
parent
59c622481f
commit
0a4016be41
|
@ -2,10 +2,6 @@ coverage
|
||||||
node_modules
|
node_modules
|
||||||
dist
|
dist
|
||||||
storage
|
storage
|
||||||
!storage/dms/c4c
|
|
||||||
!storage/dms/c81
|
|
||||||
!storage/dms/ecc
|
|
||||||
!storage/dms/a87
|
|
||||||
npm-debug.log
|
npm-debug.log
|
||||||
.eslintcache
|
.eslintcache
|
||||||
datasources.*.json
|
datasources.*.json
|
||||||
|
|
|
@ -3,10 +3,12 @@ const app = require('vn-loopback/server/server');
|
||||||
describe('image download()', () => {
|
describe('image download()', () => {
|
||||||
const collection = 'user';
|
const collection = 'user';
|
||||||
const size = '160x160';
|
const size = '160x160';
|
||||||
|
const employeeId = 1;
|
||||||
|
const ctx = {req: {accessToken: {userId: employeeId}}};
|
||||||
|
|
||||||
it('should return the image content-type of the user', async() => {
|
it('should return the image content-type of the user', async() => {
|
||||||
const userId = 9;
|
const userId = 9;
|
||||||
const image = await app.models.Image.download(collection, size, userId);
|
const image = await app.models.Image.download(ctx, collection, size, userId);
|
||||||
const contentType = image[1];
|
const contentType = image[1];
|
||||||
|
|
||||||
expect(contentType).toEqual('image/png');
|
expect(contentType).toEqual('image/png');
|
||||||
|
@ -14,7 +16,7 @@ describe('image download()', () => {
|
||||||
|
|
||||||
it(`should return false if the user doesn't have image`, async() => {
|
it(`should return false if the user doesn't have image`, async() => {
|
||||||
const userId = 110;
|
const userId = 110;
|
||||||
const image = await app.models.Image.download(collection, size, userId);
|
const image = await app.models.Image.download(ctx, collection, size, userId);
|
||||||
|
|
||||||
expect(image).toBeFalse();
|
expect(image).toBeFalse();
|
||||||
});
|
});
|
||||||
|
|
|
@ -0,0 +1,154 @@
|
||||||
|
const app = require('vn-loopback/server/server');
|
||||||
|
|
||||||
|
describe('image upload()', () => {
|
||||||
|
afterEach(() => {
|
||||||
|
// RESTORE NODE ENV
|
||||||
|
delete process.env.NODE_ENV;
|
||||||
|
});
|
||||||
|
|
||||||
|
describe('as buyer', () => {
|
||||||
|
const buyerId = 35;
|
||||||
|
const workerId = 106;
|
||||||
|
const itemId = 4;
|
||||||
|
|
||||||
|
it('should try to upload a file for the collection "catalog" and throw a privileges error', async() => {
|
||||||
|
const ctx = {req: {accessToken: {userId: buyerId}},
|
||||||
|
args: {
|
||||||
|
id: workerId,
|
||||||
|
collection: 'user'
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
let error;
|
||||||
|
try {
|
||||||
|
await app.models.Image.upload(ctx);
|
||||||
|
} catch (err) {
|
||||||
|
error = err;
|
||||||
|
}
|
||||||
|
|
||||||
|
expect(error.message).toEqual(`You don't have enough privileges`);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should call to the ImageContainer upload method for the collection "catalog"', async() => {
|
||||||
|
const containerModel = app.models.ImageContainer;
|
||||||
|
spyOn(containerModel, 'upload');
|
||||||
|
|
||||||
|
const ctx = {req: {accessToken: {userId: buyerId}},
|
||||||
|
args: {
|
||||||
|
id: itemId,
|
||||||
|
collection: 'catalog'
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
try {
|
||||||
|
await app.models.Image.upload(ctx);
|
||||||
|
} catch (err) { }
|
||||||
|
|
||||||
|
expect(containerModel.upload).toHaveBeenCalled();
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should throw an error to upload a photo on test environment', async() => {
|
||||||
|
process.env.NODE_ENV = 'test';
|
||||||
|
|
||||||
|
const ctx = {req: {accessToken: {userId: buyerId}},
|
||||||
|
args: {
|
||||||
|
id: itemId,
|
||||||
|
collection: 'catalog'
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
let error;
|
||||||
|
try {
|
||||||
|
await app.models.Image.upload(ctx);
|
||||||
|
} catch (err) {
|
||||||
|
error = err;
|
||||||
|
}
|
||||||
|
|
||||||
|
expect(error.message).toEqual(`You can't upload images on the test instance`);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe('as marketing', () => {
|
||||||
|
const marketingId = 51;
|
||||||
|
const workerId = 106;
|
||||||
|
const itemId = 4;
|
||||||
|
|
||||||
|
it('should be able to call to the ImageContainer upload method for the collection "user"', async() => {
|
||||||
|
const containerModel = app.models.ImageContainer;
|
||||||
|
spyOn(containerModel, 'upload');
|
||||||
|
|
||||||
|
const ctx = {req: {accessToken: {userId: marketingId}},
|
||||||
|
args: {
|
||||||
|
id: workerId,
|
||||||
|
collection: 'user'
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
try {
|
||||||
|
await app.models.Image.upload(ctx);
|
||||||
|
} catch (err) { }
|
||||||
|
|
||||||
|
expect(containerModel.upload).toHaveBeenCalled();
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should be able to call to the ImageContainer upload method for the collection "catalog"', async() => {
|
||||||
|
const containerModel = app.models.ImageContainer;
|
||||||
|
spyOn(containerModel, 'upload');
|
||||||
|
|
||||||
|
const ctx = {req: {accessToken: {userId: marketingId}},
|
||||||
|
args: {
|
||||||
|
id: itemId,
|
||||||
|
collection: 'catalog'
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
try {
|
||||||
|
await app.models.Image.upload(ctx);
|
||||||
|
} catch (err) { }
|
||||||
|
|
||||||
|
expect(containerModel.upload).toHaveBeenCalled();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe('as hhrr', () => {
|
||||||
|
const hhrrId = 37;
|
||||||
|
const workerId = 106;
|
||||||
|
const itemId = 4;
|
||||||
|
|
||||||
|
it('should upload a file for the collection "user" and call to the ImageContainer upload method', async() => {
|
||||||
|
const containerModel = app.models.ImageContainer;
|
||||||
|
spyOn(containerModel, 'upload');
|
||||||
|
|
||||||
|
const ctx = {req: {accessToken: {userId: hhrrId}},
|
||||||
|
args: {
|
||||||
|
id: itemId,
|
||||||
|
collection: 'user'
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
try {
|
||||||
|
await app.models.Image.upload(ctx);
|
||||||
|
} catch (err) { }
|
||||||
|
|
||||||
|
expect(containerModel.upload).toHaveBeenCalled();
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should try to upload a file for the collection "catalog" and throw a privilege error', async() => {
|
||||||
|
const ctx = {req: {accessToken: {userId: hhrrId}},
|
||||||
|
args: {
|
||||||
|
id: workerId,
|
||||||
|
collection: 'catalog'
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
let error;
|
||||||
|
try {
|
||||||
|
await app.models.Image.upload(ctx);
|
||||||
|
} catch (err) {
|
||||||
|
error = err;
|
||||||
|
}
|
||||||
|
|
||||||
|
expect(error.message).toEqual(`You don't have enough privileges`);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
|
@ -28,10 +28,11 @@ module.exports = Self => {
|
||||||
* @return {boolean} True for user with write privileges
|
* @return {boolean} True for user with write privileges
|
||||||
*/
|
*/
|
||||||
Self.hasWriteRole = async(ctx, name, options) => {
|
Self.hasWriteRole = async(ctx, name, options) => {
|
||||||
const collection = await Self.findOne({where: {name}}, {
|
const collection = await Self.findOne({
|
||||||
include: {
|
include: {
|
||||||
relation: 'writeRole'
|
relation: 'writeRole'
|
||||||
}
|
},
|
||||||
|
where: {name}
|
||||||
}, options);
|
}, options);
|
||||||
|
|
||||||
return await hasRole(ctx, collection, options);
|
return await hasRole(ctx, collection, options);
|
||||||
|
|
|
@ -1,8 +0,0 @@
|
||||||
ALTER TABLE `hedera`.`imageCollection`
|
|
||||||
ADD writeRoleFk INT NULL DEFAULT 1;
|
|
||||||
|
|
||||||
ALTER TABLE `hedera`.`imageCollection`
|
|
||||||
ADD CONSTRAINT role_id___fk
|
|
||||||
FOREIGN KEY (writeRoleFk) REFERENCES account.role (id)
|
|
||||||
ON UPDATE CASCADE;
|
|
||||||
|
|
|
@ -0,0 +1,13 @@
|
||||||
|
INSERT INTO account.role (id, name, description)
|
||||||
|
VALUES
|
||||||
|
(74, 'userPhotos', 'Privilegios para subir fotos de usuario'),
|
||||||
|
(75, 'catalogPhotos', 'Privilegios para subir fotos del catálogo');
|
||||||
|
|
||||||
|
INSERT INTO account.roleInherit (role, inheritsFrom)
|
||||||
|
VALUES
|
||||||
|
(37, (SELECT id FROM account.role WHERE name = 'userPhotos')),
|
||||||
|
(51, (SELECT id FROM account.role WHERE name = 'userPhotos')),
|
||||||
|
(51, (SELECT id FROM account.role WHERE name = 'catalogPhotos')),
|
||||||
|
(35, (SELECT id FROM account.role WHERE name = 'catalogPhotos'));
|
||||||
|
|
||||||
|
CALL account.role_sync();
|
|
@ -0,0 +1,27 @@
|
||||||
|
ALTER TABLE `hedera`.`imageCollection`
|
||||||
|
ADD writeRoleFk INT UNSIGNED NULL DEFAULT 1;
|
||||||
|
|
||||||
|
ALTER TABLE `hedera`.`imageCollection`
|
||||||
|
ADD CONSTRAINT role_id_writeRoleFk
|
||||||
|
FOREIGN KEY (writeRoleFk) REFERENCES account.role (id)
|
||||||
|
ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
ALTER TABLE `hedera`.`imageCollection` modify readRoleFk INT UNSIGNED default 1 null;
|
||||||
|
|
||||||
|
ALTER TABLE `hedera`.`imageCollection`
|
||||||
|
ADD CONSTRAINT role_id_readRoleFk
|
||||||
|
FOREIGN KEY (readRoleFk) REFERENCES account.role (id)
|
||||||
|
ON UPDATE CASCADE;
|
||||||
|
|
||||||
|
UPDATE hedera.imageCollection t SET t.writeRoleFk = (
|
||||||
|
SELECT id FROM `account`.`role` WHERE name = 'catalogPhotos'
|
||||||
|
)
|
||||||
|
WHERE t.name = 'catalog';
|
||||||
|
|
||||||
|
UPDATE hedera.imageCollection t SET t.writeRoleFk = (
|
||||||
|
SELECT id FROM `account`.`role` WHERE name = 'userPhotos'
|
||||||
|
)
|
||||||
|
WHERE t.name = 'user';
|
||||||
|
|
||||||
|
UPDATE hedera.imageCollection t SET t.writeRoleFk = 9
|
||||||
|
WHERE t.name IN ('link', 'news');
|
|
@ -0,0 +1,57 @@
|
||||||
|
import './index.js';
|
||||||
|
|
||||||
|
describe('Salix', () => {
|
||||||
|
describe('Component vnUploadPhoto', () => {
|
||||||
|
let controller;
|
||||||
|
let $scope;
|
||||||
|
let $httpBackend;
|
||||||
|
|
||||||
|
beforeEach(ngModule('salix'));
|
||||||
|
|
||||||
|
beforeEach(inject(($componentController, $rootScope, _$httpBackend_) => {
|
||||||
|
$scope = $rootScope.$new();
|
||||||
|
$httpBackend = _$httpBackend_;
|
||||||
|
const $element = angular.element('<vn-upload-photo></vn-upload-photo>');
|
||||||
|
controller = $componentController('vnUploadPhoto', {$element, $scope});
|
||||||
|
controller.newPhoto = {};
|
||||||
|
}));
|
||||||
|
|
||||||
|
afterEach(() => {
|
||||||
|
$scope.$destroy();
|
||||||
|
});
|
||||||
|
|
||||||
|
describe('onUploadAccept()', () => {
|
||||||
|
it('should throw an error message containing "Select an image"', () => {
|
||||||
|
jest.spyOn(controller.vnApp, 'showError');
|
||||||
|
|
||||||
|
controller.onUploadAccept();
|
||||||
|
|
||||||
|
expect(controller.vnApp.showError).toHaveBeenCalledWith('Select an image');
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should call to the makeRequest() method', () => {
|
||||||
|
jest.spyOn(controller, 'makeRequest');
|
||||||
|
|
||||||
|
controller.newPhoto.files = [0];
|
||||||
|
controller.onUploadAccept();
|
||||||
|
|
||||||
|
expect(controller.makeRequest).toHaveBeenCalledWith();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe('makeRequest()', () => {
|
||||||
|
it('should make an http query and then emit a response event', () => {
|
||||||
|
jest.spyOn(controller.vnApp, 'showSuccess');
|
||||||
|
jest.spyOn(controller, 'emit');
|
||||||
|
|
||||||
|
controller.newPhoto.files = [{name: 'hola'}];
|
||||||
|
$httpBackend.expectRoute('POST', 'Images/upload').respond(200);
|
||||||
|
controller.makeRequest();
|
||||||
|
$httpBackend.flush();
|
||||||
|
|
||||||
|
expect(controller.vnApp.showSuccess).toHaveBeenCalledWith('Data saved!');
|
||||||
|
expect(controller.emit).toHaveBeenCalledWith('response');
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
|
@ -2,14 +2,16 @@ import './index.js';
|
||||||
|
|
||||||
describe('Salix', () => {
|
describe('Salix', () => {
|
||||||
describe('Component vnUserPopover', () => {
|
describe('Component vnUserPopover', () => {
|
||||||
|
const userId = 9;
|
||||||
let controller;
|
let controller;
|
||||||
let $scope;
|
let $scope;
|
||||||
|
let $root;
|
||||||
|
|
||||||
beforeEach(ngModule('salix'));
|
beforeEach(ngModule('salix'));
|
||||||
|
|
||||||
beforeEach(inject(($componentController, $rootScope, $httpBackend) => {
|
beforeEach(inject(($componentController, $rootScope, $httpBackend) => {
|
||||||
$httpBackend.expectGET('UserConfigs/getUserConfig');
|
$httpBackend.expectGET('UserConfigs/getUserConfig');
|
||||||
|
$root = $rootScope;
|
||||||
$scope = $rootScope.$new();
|
$scope = $rootScope.$new();
|
||||||
controller = $componentController('vnUserPopover', {$scope});
|
controller = $componentController('vnUserPopover', {$scope});
|
||||||
}));
|
}));
|
||||||
|
@ -60,9 +62,10 @@ describe('Salix', () => {
|
||||||
|
|
||||||
describe('getImageUrl()', () => {
|
describe('getImageUrl()', () => {
|
||||||
it('should return de url image', () => {
|
it('should return de url image', () => {
|
||||||
const url = controller.getImageUrl();
|
const url = $root.imagePath('user', '160x160', userId);
|
||||||
|
|
||||||
expect(url).toBeDefined();
|
expect(url).toBeDefined();
|
||||||
|
expect(url).toEqual(`/api/Images/user/160x160/${userId}/download?access_token=null`);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
|
@ -23,7 +23,7 @@
|
||||||
on-error-src/>
|
on-error-src/>
|
||||||
<vn-float-button ng-click="uploadPhoto.show('catalog', $ctrl.item.id)"
|
<vn-float-button ng-click="uploadPhoto.show('catalog', $ctrl.item.id)"
|
||||||
icon="edit"
|
icon="edit"
|
||||||
vn-visible-by="marketing, buyer">
|
vn-visible-by="catalogPhotos">
|
||||||
</vn-float-button>
|
</vn-float-button>
|
||||||
</div>
|
</div>
|
||||||
<vn-horizontal class="item-state">
|
<vn-horizontal class="item-state">
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
on-error-src/>
|
on-error-src/>
|
||||||
<vn-float-button ng-click="uploadPhoto.show('user', $ctrl.worker.id)"
|
<vn-float-button ng-click="uploadPhoto.show('user', $ctrl.worker.id)"
|
||||||
icon="edit"
|
icon="edit"
|
||||||
vn-visible-by="marketing, hr">
|
vn-visible-by="userPhotos">
|
||||||
</vn-float-button>
|
</vn-float-button>
|
||||||
</div>
|
</div>
|
||||||
</slot-before>
|
</slot-before>
|
||||||
|
|
Binary file not shown.
Before Width: | Height: | Size: 18 KiB |
Loading…
Reference in New Issue