1 | 'use strict';
|
2 |
|
3 | var expect = require('chai').expect
|
4 | , admittance = require('../admittance.js')
|
5 | , rewire = require('rewire')
|
6 | , admitRewire = rewire('../admittance.js')
|
7 |
|
8 |
|
9 | describe('admittance', function () {
|
10 |
|
11 | describe('checking permissions', function () {
|
12 |
|
13 | it('should return true when a user has a given permission', function () {
|
14 | var user = admittance({}, {1:'admin'})
|
15 | var userid = 1
|
16 | expect(user(userid).is('admin')).to.equal(true)
|
17 | })
|
18 |
|
19 | it('should return false when a user does not have a given permission', function () {
|
20 | var user = admittance({}, {1: 'admin'})
|
21 | var userid = 1
|
22 | expect(user(userid).is('monkey')).to.equal(false)
|
23 | })
|
24 |
|
25 | it('should return true when a user has several permissions assigned', function () {
|
26 | var user = admittance({}, {1: ['admin', 'subscriber']})
|
27 | var userid = 1
|
28 | expect(user(userid).is('admin')).to.equal(true)
|
29 | expect(user(userid).is('subscriber')).to.equal(true)
|
30 | expect(user(userid).is('monkey')).to.equal(false)
|
31 | })
|
32 |
|
33 | it('should return false if userid is undefined or null', function () {
|
34 | var user = admittance({}, {1: ['admin', 'subscriber']})
|
35 | var userid
|
36 | expect(user(userid).is('admin')).to.equal(false)
|
37 | userid = null
|
38 | expect(user(userid).is('admin')).to.equal(false)
|
39 | })
|
40 |
|
41 | it('should return false if permission is empty', function () {
|
42 | var user = admittance({}, {1: ['admin', 'subscriber']})
|
43 | var userid = 1
|
44 | expect(user(userid).is('')).to.equal(false)
|
45 | })
|
46 |
|
47 | it('should return false if is is called with no parameter', function () {
|
48 | var user = admittance({}, {1: ['admin', 'subscriber']})
|
49 | var userid = 1
|
50 | expect(user(userid).is()).to.equal(false)
|
51 | })
|
52 |
|
53 | })
|
54 |
|
55 | describe('nested permissions hierarchies', function () {
|
56 |
|
57 | it('should return true if a user has been assigned a parent permission of a checked permission', function () {
|
58 | var permissions = {
|
59 | 'admin': 'subscriber'
|
60 | }
|
61 | var user = admittance(permissions, {1: 'admin'})
|
62 | var userid = 1
|
63 | expect(user(userid).is('subscriber')).to.equal(true)
|
64 | })
|
65 |
|
66 | })
|
67 |
|
68 | describe('#getDirectChildren method', function () {
|
69 |
|
70 | it('should return immediate children for given parent', function () {
|
71 |
|
72 | var getDirectChildren = admitRewire.__get__('getDirectChildren')
|
73 | , children
|
74 |
|
75 | var permissions = {
|
76 | 'admin': 'editor',
|
77 | 'editor': 'subscriber',
|
78 | 'superadmin': ['admin', 'user']
|
79 | }
|
80 |
|
81 | children = getDirectChildren(permissions, 'superadmin')
|
82 | expect(children[0]).to.equal('admin')
|
83 | expect(children[1]).to.equal('user')
|
84 | expect(children.length).to.equal(2)
|
85 |
|
86 | children = getDirectChildren(permissions, 'admin')
|
87 | expect(children[0]).to.equal('editor')
|
88 | expect(children.length).to.equal(1)
|
89 |
|
90 | })
|
91 |
|
92 | })
|
93 |
|
94 | describe('#getUserPermissions method', function () {
|
95 |
|
96 | it('should return given users permissions', function () {
|
97 |
|
98 | var getUserPermissions = admitRewire.__get__('getUserPermissions')
|
99 | , userPermissions
|
100 |
|
101 | var assignments = {
|
102 | 1: 'editor',
|
103 | 2: 'superadmin'
|
104 | }
|
105 |
|
106 | userPermissions = getUserPermissions(assignments, 1)
|
107 | expect(userPermissions).to.contain('editor')
|
108 | expect(userPermissions).not.to.contain('admin')
|
109 |
|
110 | userPermissions = getUserPermissions(assignments, 2)
|
111 | expect(userPermissions).to.contain('superadmin')
|
112 |
|
113 | })
|
114 |
|
115 | })
|
116 |
|
117 | describe('#getDirectPermissionChildren method', function () {
|
118 |
|
119 | it('should return immediate children for given permission', function () {
|
120 |
|
121 | var getDirectPermissionChildren = admitRewire.__get__('getDirectPermissionChildren')
|
122 | , directPermissions
|
123 |
|
124 | var permissions = {
|
125 | 'admin': 'editor',
|
126 | 'editor': 'subscriber',
|
127 | 'superadmin': ['admin', 'user']
|
128 | }
|
129 |
|
130 | directPermissions = getDirectPermissionChildren(permissions, 'superadmin')
|
131 | expect(directPermissions).to.contain('admin')
|
132 | expect(directPermissions).to.contain('user')
|
133 | expect(directPermissions).not.to.contain('editor')
|
134 |
|
135 | })
|
136 |
|
137 | })
|
138 |
|
139 | describe('#getAllChildren method', function () {
|
140 |
|
141 | it('should get all children from a permissions tree', function () {
|
142 | var getAllChildren = admitRewire.__get__('getAllChildren')
|
143 |
|
144 | var permissions = {
|
145 | 'admin': 'editor',
|
146 | 'editor': 'subscriber',
|
147 | 'superadmin': ['admin', 'user']
|
148 | }
|
149 |
|
150 | var allChildren = getAllChildren(permissions, 'superadmin')
|
151 |
|
152 | expect(allChildren[0]).to.equal('admin')
|
153 | expect(allChildren[1]).to.equal('user')
|
154 |
|
155 | expect(allChildren[2]).to.equal('editor')
|
156 | expect(allChildren[3]).to.equal('subscriber')
|
157 |
|
158 | })
|
159 |
|
160 | })
|
161 |
|
162 | describe('#checkIsParent method', function () {
|
163 |
|
164 | it('should return true if a permission is a child of a given parent', function () {
|
165 |
|
166 | var checkIsParent = admitRewire.__get__('checkIsParent')
|
167 |
|
168 | var permissions = {
|
169 | 'admin': 'editor',
|
170 | 'editor': 'subscriber',
|
171 | 'superadmin': ['admin', 'user']
|
172 | }
|
173 |
|
174 | expect(checkIsParent(permissions, 'admin', 'admin')).to.equal(false)
|
175 | expect(checkIsParent(permissions, 'admin', 'editor')).to.equal(true)
|
176 | expect(checkIsParent(permissions, 'admin', 'subscriber')).to.equal(true)
|
177 | expect(checkIsParent(permissions, 'superadmin', 'subscriber')).to.equal(true)
|
178 | expect(checkIsParent(permissions, 'user', 'editor')).to.equal(false)
|
179 |
|
180 | })
|
181 |
|
182 | })
|
183 |
|
184 | describe('#checkAccess method', function () {
|
185 |
|
186 | it('should return true if a given user has (directly or indirectly) a given permission', function () {
|
187 |
|
188 | var checkAccess = admitRewire.__get__('checkAccess')
|
189 |
|
190 | var permissions = {
|
191 | 'admin': 'editor',
|
192 | 'editor': 'subscriber',
|
193 | 'superadmin': ['admin', 'user']
|
194 | }
|
195 |
|
196 | var assignments = {
|
197 | 1: 'editor',
|
198 | 2: 'superadmin'
|
199 | }
|
200 |
|
201 | expect(checkAccess(permissions, assignments, 2, 'superadmin')).to.equal(true)
|
202 |
|
203 | })
|
204 |
|
205 | })
|
206 |
|
207 | describe('#isnt method', function () {
|
208 |
|
209 | it('should return true if a given user does not have a given permission',
|
210 | function () {
|
211 | var user = admittance({}, {1: 'admin'})
|
212 | expect(user(1).isnt('editor')).to.equal(true)
|
213 | })
|
214 |
|
215 | })
|
216 |
|
217 | describe('#can method', function () {
|
218 | it('should return true when a user has a given permission', function () {
|
219 | var user = admittance({}, {1:'edit'})
|
220 | var userid = 1
|
221 | expect(user(userid).can('edit')).to.equal(true)
|
222 | })
|
223 | })
|
224 |
|
225 | describe('#cant method', function () {
|
226 |
|
227 | it('should return true if a given user does not have a given permission',
|
228 | function () {
|
229 | var user = admittance({}, {1: 'admin'})
|
230 | expect(user(1).cant('editor')).to.equal(true)
|
231 | })
|
232 |
|
233 | })
|
234 |
|
235 | describe('multiple admittance instances', function () {
|
236 | it('can be created at one time', function () {
|
237 |
|
238 | var user1 = admittance({}, {1: 'admin'})
|
239 | expect(user1(1).is('admin')).to.equal(true)
|
240 |
|
241 | var user2 = admittance({}, {1: 'user'})
|
242 | expect(user2(1).is('user')).to.equal(true)
|
243 | })
|
244 | })
|
245 |
|
246 | })
|
247 |
|