switcherapi · petruki · Jul 8, 2023 · Jul 8, 2023
diff --git a/src/models/permission.js b/src/models/permission.js
@@ -75,6 +75,9 @@ const permissionSchema = new mongoose.Schema({
         type: String,
         enum: Object.values(KeyTypes)
     },
+    environments: [{
+        type: String
+    }],
     values: [{
         type: String
     }]

diff --git a/src/routers/permission.js b/src/routers/permission.js
@@ -22,8 +22,9 @@ async function updatePermission(req, res) {
 router.post('/permission/create/:team', auth, [
     check('team').isMongoId(),
     body('action').not().isEmpty(),
-    body('router').not().isEmpty()
-], validate, async (req, res) => {
+    body('router').not().isEmpty(),
+    body('environments').isArray().optional(),
+], validate, verifyInputUpdateParameters(['action', 'router', 'environments']), async (req, res) => {
     try {
         const permission = await Services.createPermission(req.body, req.params.team, req.admin);
         res.status(201).send(permission);

diff --git a/tests/permission.test.js b/tests/permission.test.js
@@ -28,13 +28,23 @@ describe('Insertion tests', () => {
             }).expect(201);
 
         // DB validation - document created
-        const permission = await Permission.findById(response.body._id).lean();
+        const permission = await Permission.findById(response.body._id).lean().exec();
         expect(permission).not.toBeNull();
 
         // Response validation
         expect(response.body.action).toBe(ActionTypes.READ);
     });
 
+    test('PERMISSION_SUITE - Should NOT create a new Permission - Invalid parameter (route instead of router)', async () => {
+        await request(app)
+            .post('/permission/create/' + team1Id)
+            .set('Authorization', `Bearer ${adminMasterAccountToken}`)
+            .send({
+                action: ActionTypes.READ,
+                route: RouterTypes.GROUP
+            }).expect(422);
+    });
+
     test('PERMISSION_SUITE - Should NOT create a new Permission - Missing required parameter', async () => {
         await request(app)
             .post('/permission/create/' + team1Id)
@@ -55,6 +65,41 @@ describe('Insertion tests', () => {
     });
 });
 
+describe('Insertion tests - by Environment', () => {
+    beforeAll(setupDatabase);
+
+    test('PERMISSION_SUITE - Should create a new Permission - Development only', async () => {
+        const response = await request(app)
+            .post('/permission/create/' + team1Id)
+            .set('Authorization', `Bearer ${adminMasterAccountToken}`)
+            .send({
+                action: ActionTypes.READ,
+                router: RouterTypes.GROUP,
+                environments: ['development']
+            }).expect(201);
+
+        // DB validation - document created
+        const permission = await Permission.findById(response.body._id).lean().exec();
+        expect(permission).not.toBeNull();
+        expect(permission.environments.includes('development')).toEqual(true);
+
+        // Response validation
+        expect(response.body.action).toBe(ActionTypes.READ);
+        expect(response.body.environments.includes('development')).toEqual(true);
+    });
+
+    test('PERMISSION_SUITE - Should NOT create a new Permission - Environment is not an Array', async () => {
+        await request(app)
+            .post('/permission/create/' + team1Id)
+            .set('Authorization', `Bearer ${adminMasterAccountToken}`)
+            .send({
+                action: ActionTypes.READ,
+                router: RouterTypes.GROUP,
+                environments: 'development'
+            }).expect(422);
+    });
+});
+
 describe('Reading tests', () => {
 
     let permissionId;
@@ -175,7 +220,7 @@ describe('Updating tests', () => {
             }).expect(200);
 
         // DB validation - document updated
-        const permission = await Permission.findById(permission1Id).lean();
+        const permission = await Permission.findById(permission1Id).lean().exec();
         expect(permission.active).toBe(false);
     });
 
@@ -220,7 +265,7 @@ describe('Deletion tests', () => {
             }).expect(201);
 
         // DB validation
-        let team = await Team.findById(team1Id);
+        let team = await Team.findById(team1Id).exec();
         expect(team.permissions.includes(response.body._id)).toEqual(true);
 
         response = await request(app)
@@ -229,10 +274,10 @@ describe('Deletion tests', () => {
             .send().expect(200);
 
         // DB validation - document deleted
-        team = await Team.findById(team1Id);
+        team = await Team.findById(team1Id).exec();
         expect(team.permissions.includes(response.body._id)).toEqual(false);
 
-        let permission = await Permission.findById(response.body._id).lean();
+        let permission = await Permission.findById(response.body._id).lean().exec();
         expect(permission).toBeNull();
     });
 
@@ -263,7 +308,7 @@ describe('Updating permission values tests', () => {
             }).expect(200);
 
         // DB validation
-        const permission = await Permission.findById(permission1Id).lean();
+        const permission = await Permission.findById(permission1Id).lean().exec();
         expect(permission.values[0]).toEqual('NEW VALUE');
     });
 
@@ -276,7 +321,7 @@ describe('Updating permission values tests', () => {
             }).expect(200);
 
         // DB validation
-        let permission = await Permission.findById(permission1Id);
+        let permission = await Permission.findById(permission1Id).exec();
         expect(permission.values.includes('NEW VALUE 1')).toEqual(true);
         expect(permission.values.includes('OLD VALUE')).toEqual(true);
 
@@ -287,7 +332,7 @@ describe('Updating permission values tests', () => {
                 values: ['NEW VALUE']
             }).expect(200);
 
-        permission = await Permission.findById(permission1Id);
+        permission = await Permission.findById(permission1Id).exec();
         expect(permission.values.includes('NEW VALUE')).toEqual(true);
         expect(permission.values.includes('OLD VALUE')).toEqual(false);
     });
@@ -405,7 +450,7 @@ describe('Updating permission values tests', () => {
             }).expect(200);
 
         // DB validation
-        const permission = await Permission.findById(permission1Id).lean();
+        const permission = await Permission.findById(permission1Id).lean().exec();
         expect(permission.values.length).toBe(0);
     });
 });