1 | 'use strict';
|
2 |
|
3 | var expect = require('chai').expect
|
4 | , admittance = require('../admittance.js')
|
5 | , rewire = require('rewire')
|
6 | , admitRewire = rewire('../admittance.js')
|
7 |
|
8 |
|
9 | describe('admittance', function () {
|
10 |
|
11 | describe('checking permissions', function () {
|
12 |
|
13 | it('should return true when a user has a given permission', function () {
|
14 | admittance.load({1:'admin'});
|
15 | var userid = 1;
|
16 | expect(admittance(userid).is('admin')).to.equal(true);
|
17 | })
|
18 |
|
19 | it('should return false when a user does not have a given permission', function () {
|
20 | admittance.load({1: 'admin'});
|
21 | var userid = 1;
|
22 | expect(admittance(userid).is('monkey')).to.equal(false);
|
23 | })
|
24 |
|
25 | it('should return true when a user has several permissions assigned', function () {
|
26 | admittance.load({1: ['admin', 'subscriber']});
|
27 | var userid = 1;
|
28 | expect(admittance(userid).is('admin')).to.equal(true);
|
29 | expect(admittance(userid).is('subscriber')).to.equal(true);
|
30 | expect(admittance(userid).is('monkey')).to.equal(false);
|
31 | })
|
32 |
|
33 | it('should return false if userid is undefined or null', function () {
|
34 | admittance.load({1: ['admin', 'subscriber']});
|
35 | var userid;
|
36 | expect(admittance(userid).is('admin')).to.equal(false);
|
37 | userid = null;
|
38 | expect(admittance(userid).is('admin')).to.equal(false);
|
39 | })
|
40 |
|
41 | it('should return false if permission is empty', function () {
|
42 | admittance.load({1: ['admin', 'subscriber']});
|
43 | var userid = 1;
|
44 | expect(admittance(userid).is('')).to.equal(false);
|
45 | })
|
46 |
|
47 | it('should return false if is is called with no parameter', function () {
|
48 | admittance.load({1: ['admin', 'subscriber']});
|
49 | var userid = 1;
|
50 | expect(admittance(userid).is()).to.equal(false);
|
51 | })
|
52 |
|
53 | })
|
54 |
|
55 | describe('nested permissions hierarchies', function () {
|
56 |
|
57 | it('should return true if a user has been assigned a parent permission of a checked permission', function () {
|
58 | var permissions = {
|
59 | 'admin': 'subscriber',
|
60 | 1: 'admin'
|
61 | }
|
62 | admittance.load(permissions);
|
63 | var userid = 1;
|
64 | expect(admittance(userid).is('subscriber')).to.equal(true);
|
65 | })
|
66 |
|
67 | })
|
68 |
|
69 | describe('#getAllChildren method', function () {
|
70 |
|
71 | it('should get all children from a permissions tree', function () {
|
72 | var getAllChildren = admitRewire.__get__('getAllChildren')
|
73 | , permissions = {
|
74 | 'admin': 'editor',
|
75 | 'editor': 'subscriber',
|
76 | 'superadmin': ['admin', 'user']
|
77 | }
|
78 |
|
79 | admitRewire.load(permissions)
|
80 |
|
81 | var allChildren = getAllChildren('superadmin')
|
82 |
|
83 | expect(allChildren[0]).to.equal('admin')
|
84 | expect(allChildren[1]).to.equal('user')
|
85 | expect(allChildren[2]).to.equal('editor')
|
86 | expect(allChildren[3]).to.equal('subscriber')
|
87 |
|
88 | })
|
89 |
|
90 | })
|
91 |
|
92 | describe('#checkIsParent method', function () {
|
93 |
|
94 | it('should return true if a permission is a child of a given parent', function () {
|
95 |
|
96 | var checkIsParent = admitRewire.__get__('checkIsParent')
|
97 | , permissions = {
|
98 | 'admin': 'editor',
|
99 | 'editor': 'subscriber',
|
100 | 'superadmin': ['admin', 'user']
|
101 | }
|
102 |
|
103 | admitRewire.load(permissions)
|
104 |
|
105 | expect(checkIsParent('admin', 'admin')).to.equal(false)
|
106 | expect(checkIsParent('admin', 'editor')).to.equal(true)
|
107 | expect(checkIsParent('admin', 'subscriber')).to.equal(true)
|
108 | expect(checkIsParent('superadmin', 'subscriber')).to.equal(true)
|
109 | expect(checkIsParent('user', 'editor')).to.equal(false)
|
110 |
|
111 | })
|
112 |
|
113 | })
|
114 |
|
115 | describe('#getDirectChildren method', function () {
|
116 |
|
117 | it('should return immediate children for given parent', function () {
|
118 |
|
119 | var getDirectChildren = admitRewire.__get__('getDirectChildren')
|
120 | , children
|
121 | , permissions = {
|
122 | 'admin': 'editor',
|
123 | 'editor': 'subscriber',
|
124 | 'superadmin': ['admin', 'user']
|
125 | }
|
126 |
|
127 | admitRewire.load(permissions)
|
128 |
|
129 | children = getDirectChildren('superadmin')
|
130 | expect(children[0]).to.equal('admin')
|
131 | expect(children[1]).to.equal('user')
|
132 | expect(children.length).to.equal(2)
|
133 |
|
134 | children = getDirectChildren('admin')
|
135 | expect(children[0]).to.equal('editor')
|
136 | expect(children.length).to.equal(1)
|
137 |
|
138 | })
|
139 |
|
140 | })
|
141 |
|
142 | describe('#getUserPermissions method', function () {
|
143 |
|
144 | it('should return given users permissions', function () {
|
145 |
|
146 | var getUserPermissions = admitRewire.__get__('getUserPermissions')
|
147 | , userPermissions
|
148 | , permissions = {
|
149 | 'admin': 'editor',
|
150 | 'editor': 'subscriber',
|
151 | 'superadmin': ['admin', 'user'],
|
152 | 1: 'editor',
|
153 | 2: 'superadmin'
|
154 | }
|
155 |
|
156 | admitRewire.load(permissions)
|
157 |
|
158 | userPermissions = getUserPermissions(1)
|
159 | expect(userPermissions).to.contain('editor');
|
160 | expect(userPermissions).not.to.contain('admin');
|
161 |
|
162 | userPermissions = getUserPermissions(2)
|
163 | expect(userPermissions).to.contain('superadmin');
|
164 |
|
165 | })
|
166 |
|
167 | })
|
168 |
|
169 | describe('#getDirectPermissionChildren method', function () {
|
170 |
|
171 | it('should return immediate children for given permission', function () {
|
172 |
|
173 | var getDirectPermissionChildren = admitRewire.__get__('getDirectPermissionChildren')
|
174 | , directPermissions
|
175 | , permissions = {
|
176 | 'admin': 'editor',
|
177 | 'editor': 'subscriber',
|
178 | 'superadmin': ['admin', 'user']
|
179 | }
|
180 |
|
181 | admitRewire.load(permissions)
|
182 |
|
183 | directPermissions = getDirectPermissionChildren('superadmin')
|
184 | expect(directPermissions).to.contain('admin');
|
185 | expect(directPermissions).to.contain('user');
|
186 | expect(directPermissions).not.to.contain('editor');
|
187 |
|
188 | })
|
189 |
|
190 | })
|
191 |
|
192 | describe('#checkAccess method', function () {
|
193 |
|
194 | it('should return true if a given user has (directly or indirectly) a given permission', function () {
|
195 |
|
196 | var checkAccess = admitRewire.__get__('checkAccess')
|
197 | , permissions = {
|
198 | 'admin': 'editor',
|
199 | 'editor': 'subscriber',
|
200 | 'superadmin': ['admin', 'user'],
|
201 | 1: 'editor',
|
202 | 2: 'superadmin'
|
203 | }
|
204 |
|
205 | admitRewire.load(permissions)
|
206 |
|
207 | expect(checkAccess(2, 'superadmin')).to.equal(true)
|
208 |
|
209 | })
|
210 |
|
211 | })
|
212 |
|
213 | describe('#isnt method', function () {
|
214 |
|
215 | it('should return true if a given user does not have a given permission',
|
216 | function () {
|
217 | admitRewire.load({1: 'admin'})
|
218 | expect(admittance(1).isnt('editor')).to.equal(true)
|
219 | })
|
220 |
|
221 | })
|
222 |
|
223 | describe('#can method', function () {
|
224 | it('should return true when a user has a given permission', function () {
|
225 | admittance.load({1:'edit'});
|
226 | var userid = 1;
|
227 | expect(admittance(userid).can('edit')).to.equal(true);
|
228 | })
|
229 | })
|
230 |
|
231 | describe('#cant method', function () {
|
232 |
|
233 | it('should return true if a given user does not have a given permission',
|
234 | function () {
|
235 | admitRewire.load({1: 'admin'})
|
236 | expect(admittance(1).cant('editor')).to.equal(true)
|
237 | })
|
238 |
|
239 | })
|
240 |
|
241 | describe('#load method', function () {
|
242 |
|
243 | it('should load a permissions object',
|
244 | function () {
|
245 | admitRewire.load({1: 'admin'})
|
246 | expect(admitRewire.__get__('permissions')).to.be.an('object')
|
247 | expect(admitRewire.__get__('permissions')['1']).to.equal('admin')
|
248 | })
|
249 |
|
250 | })
|
251 |
|
252 | })
|
253 |
|