const models = require('vn-loopback/server/server').models; describe('Application execute()/executeProc()/executeFunc()', () => { const userWithoutPrivileges = 1; const userWithPrivileges = 9; const userWithInheritedPrivileges = 120; let tx; function getCtx(userId) { return { req: { accessToken: {userId}, headers: {origin: 'http://localhost'} } }; } beforeEach(async() => { tx = await models.Application.beginTransaction({}); const options = {transaction: tx}; await models.Application.rawSql(` CREATE OR REPLACE PROCEDURE vn.myProcedure(vMyParam INT) BEGIN SELECT vMyParam myParam, t.* FROM ticket t LIMIT 2; END `, null, options); await models.Application.rawSql(` CREATE OR REPLACE FUNCTION bs.myFunction(vMyParam INT) RETURNS int(11) BEGIN RETURN vMyParam; END `, null, options); await models.Application.rawSql(` GRANT EXECUTE ON PROCEDURE vn.myProcedure TO developer; GRANT EXECUTE ON FUNCTION bs.myFunction TO developer; `, null, options); }); it('should throw error when execute procedure and not have privileges', async() => { const ctx = getCtx(userWithoutPrivileges); let error; try { const options = {transaction: tx}; await models.Application.execute( ctx, 'PROCEDURE', 'CALL vn.myProcedure', [1], options ); await tx.rollback(); } catch (e) { await tx.rollback(); error = e; } expect(error.message).toEqual(`You don't have enough privileges`); }); it('should execute procedure and get data', async() => { const ctx = getCtx(userWithPrivileges); try { const options = {transaction: tx}; const response = await models.Application.execute( ctx, 'PROCEDURE', 'CALL vn.myProcedure', [1], options ); expect(response.length).toEqual(2); expect(response[0].myParam).toEqual(1); await tx.rollback(); } catch (e) { await tx.rollback(); throw e; } }); describe('Application executeProc()', () => { it('should execute procedure and get data (executeProc)', async() => { const ctx = getCtx(userWithPrivileges); try { const options = {transaction: tx}; const response = await models.Application.executeProc( ctx, 'myProcedure', 'vn', [1], options ); expect(response.length).toEqual(2); expect(response[0].myParam).toEqual(1); await tx.rollback(); } catch (e) { await tx.rollback(); throw e; } }); }); describe('Application executeFunc()', () => { it('should execute function and get data', async() => { const ctx = getCtx(userWithPrivileges); try { const options = {transaction: tx}; const response = await models.Application.executeFunc( ctx, 'myFunction', 'bs', [1], options ); expect(response).toEqual(1); await tx.rollback(); } catch (e) { await tx.rollback(); throw e; } }); it('should execute function and get data with user with inherited privileges', async() => { const ctx = getCtx(userWithInheritedPrivileges); try { const options = {transaction: tx}; const response = await models.Application.executeFunc( ctx, 'myFunction', 'bs', [1], options ); expect(response).toEqual(1); await tx.rollback(); } catch (e) { await tx.rollback(); throw e; } }); }); });