Updated unit tests & changed ACL
gitea/salix/pipeline/head This commit looks good Details

This commit is contained in:
Joan Sanchez 2020-12-11 15:04:55 +01:00
parent 59c622481f
commit 0a4016be41
12 changed files with 265 additions and 20 deletions

4
.gitignore vendored
View File

@ -2,10 +2,6 @@ coverage
node_modules node_modules
dist dist
storage storage
!storage/dms/c4c
!storage/dms/c81
!storage/dms/ecc
!storage/dms/a87
npm-debug.log npm-debug.log
.eslintcache .eslintcache
datasources.*.json datasources.*.json

View File

@ -3,10 +3,12 @@ const app = require('vn-loopback/server/server');
describe('image download()', () => { describe('image download()', () => {
const collection = 'user'; const collection = 'user';
const size = '160x160'; const size = '160x160';
const employeeId = 1;
const ctx = {req: {accessToken: {userId: employeeId}}};
it('should return the image content-type of the user', async() => { it('should return the image content-type of the user', async() => {
const userId = 9; const userId = 9;
const image = await app.models.Image.download(collection, size, userId); const image = await app.models.Image.download(ctx, collection, size, userId);
const contentType = image[1]; const contentType = image[1];
expect(contentType).toEqual('image/png'); expect(contentType).toEqual('image/png');
@ -14,7 +16,7 @@ describe('image download()', () => {
it(`should return false if the user doesn't have image`, async() => { it(`should return false if the user doesn't have image`, async() => {
const userId = 110; const userId = 110;
const image = await app.models.Image.download(collection, size, userId); const image = await app.models.Image.download(ctx, collection, size, userId);
expect(image).toBeFalse(); expect(image).toBeFalse();
}); });

View File

@ -0,0 +1,154 @@
const app = require('vn-loopback/server/server');
describe('image upload()', () => {
afterEach(() => {
// RESTORE NODE ENV
delete process.env.NODE_ENV;
});
describe('as buyer', () => {
const buyerId = 35;
const workerId = 106;
const itemId = 4;
it('should try to upload a file for the collection "catalog" and throw a privileges error', async() => {
const ctx = {req: {accessToken: {userId: buyerId}},
args: {
id: workerId,
collection: 'user'
}
};
let error;
try {
await app.models.Image.upload(ctx);
} catch (err) {
error = err;
}
expect(error.message).toEqual(`You don't have enough privileges`);
});
it('should call to the ImageContainer upload method for the collection "catalog"', async() => {
const containerModel = app.models.ImageContainer;
spyOn(containerModel, 'upload');
const ctx = {req: {accessToken: {userId: buyerId}},
args: {
id: itemId,
collection: 'catalog'
}
};
try {
await app.models.Image.upload(ctx);
} catch (err) { }
expect(containerModel.upload).toHaveBeenCalled();
});
it('should throw an error to upload a photo on test environment', async() => {
process.env.NODE_ENV = 'test';
const ctx = {req: {accessToken: {userId: buyerId}},
args: {
id: itemId,
collection: 'catalog'
}
};
let error;
try {
await app.models.Image.upload(ctx);
} catch (err) {
error = err;
}
expect(error.message).toEqual(`You can't upload images on the test instance`);
});
});
describe('as marketing', () => {
const marketingId = 51;
const workerId = 106;
const itemId = 4;
it('should be able to call to the ImageContainer upload method for the collection "user"', async() => {
const containerModel = app.models.ImageContainer;
spyOn(containerModel, 'upload');
const ctx = {req: {accessToken: {userId: marketingId}},
args: {
id: workerId,
collection: 'user'
}
};
try {
await app.models.Image.upload(ctx);
} catch (err) { }
expect(containerModel.upload).toHaveBeenCalled();
});
it('should be able to call to the ImageContainer upload method for the collection "catalog"', async() => {
const containerModel = app.models.ImageContainer;
spyOn(containerModel, 'upload');
const ctx = {req: {accessToken: {userId: marketingId}},
args: {
id: itemId,
collection: 'catalog'
}
};
try {
await app.models.Image.upload(ctx);
} catch (err) { }
expect(containerModel.upload).toHaveBeenCalled();
});
});
describe('as hhrr', () => {
const hhrrId = 37;
const workerId = 106;
const itemId = 4;
it('should upload a file for the collection "user" and call to the ImageContainer upload method', async() => {
const containerModel = app.models.ImageContainer;
spyOn(containerModel, 'upload');
const ctx = {req: {accessToken: {userId: hhrrId}},
args: {
id: itemId,
collection: 'user'
}
};
try {
await app.models.Image.upload(ctx);
} catch (err) { }
expect(containerModel.upload).toHaveBeenCalled();
});
it('should try to upload a file for the collection "catalog" and throw a privilege error', async() => {
const ctx = {req: {accessToken: {userId: hhrrId}},
args: {
id: workerId,
collection: 'catalog'
}
};
let error;
try {
await app.models.Image.upload(ctx);
} catch (err) {
error = err;
}
expect(error.message).toEqual(`You don't have enough privileges`);
});
});
});

View File

@ -28,10 +28,11 @@ module.exports = Self => {
* @return {boolean} True for user with write privileges * @return {boolean} True for user with write privileges
*/ */
Self.hasWriteRole = async(ctx, name, options) => { Self.hasWriteRole = async(ctx, name, options) => {
const collection = await Self.findOne({where: {name}}, { const collection = await Self.findOne({
include: { include: {
relation: 'writeRole' relation: 'writeRole'
} },
where: {name}
}, options); }, options);
return await hasRole(ctx, collection, options); return await hasRole(ctx, collection, options);

View File

@ -1,8 +0,0 @@
ALTER TABLE `hedera`.`imageCollection`
ADD writeRoleFk INT NULL DEFAULT 1;
ALTER TABLE `hedera`.`imageCollection`
ADD CONSTRAINT role_id___fk
FOREIGN KEY (writeRoleFk) REFERENCES account.role (id)
ON UPDATE CASCADE;

View File

@ -0,0 +1,13 @@
INSERT INTO account.role (id, name, description)
VALUES
(74, 'userPhotos', 'Privilegios para subir fotos de usuario'),
(75, 'catalogPhotos', 'Privilegios para subir fotos del catálogo');
INSERT INTO account.roleInherit (role, inheritsFrom)
VALUES
(37, (SELECT id FROM account.role WHERE name = 'userPhotos')),
(51, (SELECT id FROM account.role WHERE name = 'userPhotos')),
(51, (SELECT id FROM account.role WHERE name = 'catalogPhotos')),
(35, (SELECT id FROM account.role WHERE name = 'catalogPhotos'));
CALL account.role_sync();

View File

@ -0,0 +1,27 @@
ALTER TABLE `hedera`.`imageCollection`
ADD writeRoleFk INT UNSIGNED NULL DEFAULT 1;
ALTER TABLE `hedera`.`imageCollection`
ADD CONSTRAINT role_id_writeRoleFk
FOREIGN KEY (writeRoleFk) REFERENCES account.role (id)
ON UPDATE CASCADE;
ALTER TABLE `hedera`.`imageCollection` modify readRoleFk INT UNSIGNED default 1 null;
ALTER TABLE `hedera`.`imageCollection`
ADD CONSTRAINT role_id_readRoleFk
FOREIGN KEY (readRoleFk) REFERENCES account.role (id)
ON UPDATE CASCADE;
UPDATE hedera.imageCollection t SET t.writeRoleFk = (
SELECT id FROM `account`.`role` WHERE name = 'catalogPhotos'
)
WHERE t.name = 'catalog';
UPDATE hedera.imageCollection t SET t.writeRoleFk = (
SELECT id FROM `account`.`role` WHERE name = 'userPhotos'
)
WHERE t.name = 'user';
UPDATE hedera.imageCollection t SET t.writeRoleFk = 9
WHERE t.name IN ('link', 'news');

View File

@ -0,0 +1,57 @@
import './index.js';
describe('Salix', () => {
describe('Component vnUploadPhoto', () => {
let controller;
let $scope;
let $httpBackend;
beforeEach(ngModule('salix'));
beforeEach(inject(($componentController, $rootScope, _$httpBackend_) => {
$scope = $rootScope.$new();
$httpBackend = _$httpBackend_;
const $element = angular.element('<vn-upload-photo></vn-upload-photo>');
controller = $componentController('vnUploadPhoto', {$element, $scope});
controller.newPhoto = {};
}));
afterEach(() => {
$scope.$destroy();
});
describe('onUploadAccept()', () => {
it('should throw an error message containing "Select an image"', () => {
jest.spyOn(controller.vnApp, 'showError');
controller.onUploadAccept();
expect(controller.vnApp.showError).toHaveBeenCalledWith('Select an image');
});
it('should call to the makeRequest() method', () => {
jest.spyOn(controller, 'makeRequest');
controller.newPhoto.files = [0];
controller.onUploadAccept();
expect(controller.makeRequest).toHaveBeenCalledWith();
});
});
describe('makeRequest()', () => {
it('should make an http query and then emit a response event', () => {
jest.spyOn(controller.vnApp, 'showSuccess');
jest.spyOn(controller, 'emit');
controller.newPhoto.files = [{name: 'hola'}];
$httpBackend.expectRoute('POST', 'Images/upload').respond(200);
controller.makeRequest();
$httpBackend.flush();
expect(controller.vnApp.showSuccess).toHaveBeenCalledWith('Data saved!');
expect(controller.emit).toHaveBeenCalledWith('response');
});
});
});
});

View File

@ -2,14 +2,16 @@ import './index.js';
describe('Salix', () => { describe('Salix', () => {
describe('Component vnUserPopover', () => { describe('Component vnUserPopover', () => {
const userId = 9;
let controller; let controller;
let $scope; let $scope;
let $root;
beforeEach(ngModule('salix')); beforeEach(ngModule('salix'));
beforeEach(inject(($componentController, $rootScope, $httpBackend) => { beforeEach(inject(($componentController, $rootScope, $httpBackend) => {
$httpBackend.expectGET('UserConfigs/getUserConfig'); $httpBackend.expectGET('UserConfigs/getUserConfig');
$root = $rootScope;
$scope = $rootScope.$new(); $scope = $rootScope.$new();
controller = $componentController('vnUserPopover', {$scope}); controller = $componentController('vnUserPopover', {$scope});
})); }));
@ -60,9 +62,10 @@ describe('Salix', () => {
describe('getImageUrl()', () => { describe('getImageUrl()', () => {
it('should return de url image', () => { it('should return de url image', () => {
const url = controller.getImageUrl(); const url = $root.imagePath('user', '160x160', userId);
expect(url).toBeDefined(); expect(url).toBeDefined();
expect(url).toEqual(`/api/Images/user/160x160/${userId}/download?access_token=null`);
}); });
}); });
}); });

View File

@ -23,7 +23,7 @@
on-error-src/> on-error-src/>
<vn-float-button ng-click="uploadPhoto.show('catalog', $ctrl.item.id)" <vn-float-button ng-click="uploadPhoto.show('catalog', $ctrl.item.id)"
icon="edit" icon="edit"
vn-visible-by="marketing, buyer"> vn-visible-by="catalogPhotos">
</vn-float-button> </vn-float-button>
</div> </div>
<vn-horizontal class="item-state"> <vn-horizontal class="item-state">

View File

@ -9,7 +9,7 @@
on-error-src/> on-error-src/>
<vn-float-button ng-click="uploadPhoto.show('user', $ctrl.worker.id)" <vn-float-button ng-click="uploadPhoto.show('user', $ctrl.worker.id)"
icon="edit" icon="edit"
vn-visible-by="marketing, hr"> vn-visible-by="userPhotos">
</vn-float-button> </vn-float-button>
</div> </div>
</slot-before> </slot-before>

Binary file not shown.

Before

Width:  |  Height:  |  Size: 18 KiB