162 lines
4.5 KiB
JavaScript
162 lines
4.5 KiB
JavaScript
const models = require('vn-loopback/server/server').models;
|
|
|
|
describe('Application execute()/executeProc()/executeFunc()', () => {
|
|
const userWithoutPrivileges = 1;
|
|
const userWithPrivileges = 9;
|
|
const userWithInheritedPrivileges = 120;
|
|
let tx;
|
|
|
|
function getCtx(userId) {
|
|
return {
|
|
req: {
|
|
accessToken: {userId},
|
|
headers: {origin: 'http://localhost'}
|
|
}
|
|
};
|
|
}
|
|
|
|
beforeEach(async() => {
|
|
tx = await models.Application.beginTransaction({});
|
|
const options = {transaction: tx};
|
|
|
|
await models.Application.rawSql(`
|
|
CREATE OR REPLACE PROCEDURE vn.myProcedure(vMyParam INT)
|
|
BEGIN
|
|
SELECT vMyParam myParam, t.*
|
|
FROM ticket t
|
|
LIMIT 2;
|
|
END
|
|
`, null, options);
|
|
|
|
await models.Application.rawSql(`
|
|
CREATE OR REPLACE FUNCTION bs.myFunction(vMyParam INT) RETURNS int(11)
|
|
BEGIN
|
|
RETURN vMyParam;
|
|
END
|
|
`, null, options);
|
|
|
|
await models.Application.rawSql(`
|
|
GRANT EXECUTE ON PROCEDURE vn.myProcedure TO developer;
|
|
GRANT EXECUTE ON FUNCTION bs.myFunction TO developer;
|
|
`, null, options);
|
|
});
|
|
|
|
it('should throw error when execute procedure and not have privileges', async() => {
|
|
const ctx = getCtx(userWithoutPrivileges);
|
|
|
|
let error;
|
|
try {
|
|
const options = {transaction: tx};
|
|
|
|
await models.Application.execute(
|
|
ctx,
|
|
'PROCEDURE',
|
|
'CALL vn.myProcedure',
|
|
[1],
|
|
options
|
|
);
|
|
|
|
await tx.rollback();
|
|
} catch (e) {
|
|
await tx.rollback();
|
|
error = e;
|
|
}
|
|
|
|
expect(error.message).toEqual(`You don't have enough privileges`);
|
|
});
|
|
|
|
it('should execute procedure and get data', async() => {
|
|
const ctx = getCtx(userWithPrivileges);
|
|
try {
|
|
const options = {transaction: tx};
|
|
|
|
const response = await models.Application.execute(
|
|
ctx,
|
|
'PROCEDURE',
|
|
'CALL vn.myProcedure',
|
|
[1],
|
|
options
|
|
);
|
|
|
|
expect(response.length).toEqual(2);
|
|
expect(response[0].myParam).toEqual(1);
|
|
|
|
await tx.rollback();
|
|
} catch (e) {
|
|
await tx.rollback();
|
|
throw e;
|
|
}
|
|
});
|
|
|
|
describe('Application executeProc()', () => {
|
|
it('should execute procedure and get data (executeProc)', async() => {
|
|
const ctx = getCtx(userWithPrivileges);
|
|
try {
|
|
const options = {transaction: tx};
|
|
|
|
const response = await models.Application.executeProc(
|
|
ctx,
|
|
'myProcedure',
|
|
'vn',
|
|
[1],
|
|
options
|
|
);
|
|
|
|
expect(response.length).toEqual(2);
|
|
expect(response[0].myParam).toEqual(1);
|
|
|
|
await tx.rollback();
|
|
} catch (e) {
|
|
await tx.rollback();
|
|
throw e;
|
|
}
|
|
});
|
|
});
|
|
|
|
describe('Application executeFunc()', () => {
|
|
it('should execute function and get data', async() => {
|
|
const ctx = getCtx(userWithPrivileges);
|
|
try {
|
|
const options = {transaction: tx};
|
|
|
|
const response = await models.Application.executeFunc(
|
|
ctx,
|
|
'myFunction',
|
|
'bs',
|
|
[1],
|
|
options
|
|
);
|
|
|
|
expect(response).toEqual(1);
|
|
|
|
await tx.rollback();
|
|
} catch (e) {
|
|
await tx.rollback();
|
|
throw e;
|
|
}
|
|
});
|
|
|
|
it('should execute function and get data with user with inherited privileges', async() => {
|
|
const ctx = getCtx(userWithInheritedPrivileges);
|
|
try {
|
|
const options = {transaction: tx};
|
|
|
|
const response = await models.Application.executeFunc(
|
|
ctx,
|
|
'myFunction',
|
|
'bs',
|
|
[1],
|
|
options
|
|
);
|
|
|
|
expect(response).toEqual(1);
|
|
|
|
await tx.rollback();
|
|
} catch (e) {
|
|
await tx.rollback();
|
|
throw e;
|
|
}
|
|
});
|
|
});
|
|
});
|