-
Notifications
You must be signed in to change notification settings - Fork 48
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
added permset in the cache layer - upsert/ bulk upsert endpoints
- Loading branch information
1 parent
cce90eb
commit cbbf0d8
Showing
9 changed files
with
208 additions
and
33 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,107 @@ | ||
/** | ||
* Copyright (c) 2016, salesforce.com, inc. | ||
* All rights reserved. | ||
* Licensed under the BSD 3-Clause license. | ||
* For full license text, see LICENSE.txt file in the repo root or | ||
* https://opensource.org/licenses/BSD-3-Clause | ||
*/ | ||
|
||
/** | ||
* tests/cache/models/samples/upsertWithoutPerms.js | ||
*/ | ||
'use strict'; | ||
|
||
const supertest = require('supertest'); | ||
const api = supertest(require('../../../../index').app); | ||
const constants = require('../../../../api/v1/constants'); | ||
const samstoinit = require('../../../../cache/sampleStoreInit'); | ||
const tu = require('../../../testUtils'); | ||
const rtu = require('../redisTestUtil'); | ||
const Subject = tu.db.Subject; | ||
const Aspect = tu.db.Aspect; | ||
const User = tu.db.User; | ||
|
||
const upsertPath = '/v1/samples/upsert'; | ||
const bulkUpsertPath = '/v1/samples/upsert/bulk'; | ||
describe('api: upsert samples without perms', () => { | ||
const sub = { name: `${tu.namePrefix}NorthAmerica`, isPublished: true }; | ||
const asp = { | ||
name: 'temperature', | ||
timeout: '30s', | ||
isPublished: true, | ||
rank: 10, | ||
}; | ||
let aspect; | ||
let subject; | ||
let otherValidToken; | ||
|
||
before((done) => { | ||
tu.toggleOverride('enforceWritePermission', true); | ||
tu.toggleOverride('enableRedisSampleStore', true); | ||
tu.createToken() | ||
.then(() => { | ||
done(); | ||
}) | ||
.catch(done); | ||
}); | ||
|
||
beforeEach((done) => { | ||
Aspect.create(asp) | ||
.then((a) => { | ||
aspect = a; | ||
return Subject.create(sub); | ||
}) | ||
.then((s) => { | ||
subject = s; | ||
}) | ||
.then(() => { | ||
return User.findOne({ where: { name: tu.userName } }); | ||
}) | ||
.then((usr) => { | ||
return aspect.addWriter(usr); | ||
}) | ||
.then(() => tu.createUser('myUNiqueUser')) | ||
.then((_usr) => tu.createTokenFromUserName(_usr.name)) | ||
.then((tkn) => { | ||
otherValidToken = tkn; | ||
return samstoinit.populate(); | ||
}) | ||
.then(() => done()) | ||
.catch(done); | ||
}); | ||
|
||
afterEach(rtu.forceDelete); | ||
after(() => tu.toggleOverride('enableRedisSampleStore', false)); | ||
after(() => tu.toggleOverride('enforceWritePermission', false)); | ||
|
||
after(tu.forceDeleteUser); | ||
|
||
|
||
it('upsert should fail when upserting a sample ' + | ||
'for an aspect without permission', (done) => { | ||
api.post(upsertPath) | ||
.set('Authorization', otherValidToken) | ||
.send({ | ||
name: `${subject.absolutePath}|${aspect.name}`, | ||
value: '2', | ||
}) | ||
.expect(constants.httpStatus.FORBIDDEN) | ||
.end((err /* , res*/) => { | ||
return err ? done(err) : done(); | ||
}); | ||
}); | ||
|
||
it('bulk upsert should return OK for operations with any' + | ||
' permission', (done) => { | ||
api.post(bulkUpsertPath) | ||
.set('Authorization', otherValidToken) | ||
.send([{ | ||
name: `${subject.absolutePath}|${aspect.name}`, | ||
value: '2', | ||
}]) | ||
.expect(constants.httpStatus.OK) | ||
.end((err /* , res*/) => { | ||
return err ? done(err) : done(); | ||
}); | ||
}); | ||
}); |