jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

migrate permissions and admin flag to user.role

Browse Source
This commit is contained in:
Girish Ramakrishnan
2020-02-21 12:17:06 -08:00
parent a8f1b0241e
commit 0e156b9376
27 changed files with 245 additions and 254 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
src/routes/test/users-test.js
View File

@@ -168,7 +168,7 @@ describe('Users API', function () {
expect(res.body.username).to.equal(USERNAME_0.toLowerCase());
expect(res.body.email).to.equal(EMAIL_0.toLowerCase());
expect(res.body.groupIds).to.eql([]);
expect(res.body.admin).to.be(true);
expect(res.body.role).to.be(users.ROLE_OWNER);
done();
});
@@ -209,7 +209,7 @@ describe('Users API', function () {
expect(res.body.username).to.equal(USERNAME_0.toLowerCase());
expect(res.body.email).to.equal(EMAIL_0.toLowerCase());
expect(res.body.groupIds).to.eql([]);
expect(res.body.admin).to.be(true);
expect(res.body.role).to.be(users.ROLE_OWNER);
done();
});
@@ -250,7 +250,7 @@ describe('Users API', function () {
expect(res.body.username).to.equal(USERNAME_0.toLowerCase());
expect(res.body.email).to.equal(EMAIL_0.toLowerCase());
expect(res.body.groupIds).to.eql([]);
expect(res.body.admin).to.be(true);
expect(res.body.role).to.be(users.ROLE_OWNER);
expect(res.body.displayName).to.be.a('string');
expect(res.body.password).to.not.be.ok();
expect(res.body.salt).to.not.be.ok();
@@ -486,7 +486,7 @@ describe('Users API', function () {
it('set second user as admin succeeds', function (done) {
superagent.post(SERVER_URL + '/api/v1/users/' + user_1.id)
.query({ access_token: token })
.send({ admin: true })
.send({ role: users.ROLE_ADMIN })
.end(function (err, res) {
expect(res.statusCode).to.equal(204);
@@ -494,17 +494,27 @@ describe('Users API', function () {
.query({ access_token: token })
.end(function (err, res) {
expect(res.statusCode).to.equal(200);
expect(res.body.admin).to.be(true);
expect(res.body.role).to.be(users.ROLE_ADMIN);
done();
});
});
});
it('remove self as admin fails', function (done) {
it('make self as admin fails', function (done) {
superagent.post(SERVER_URL + '/api/v1/users/' + user_0.id)
.query({ access_token: token })
.send({ admin: false })
.send({ role: users.ROLE_ADMIN })
.end(function (err, res) {
expect(res.statusCode).to.equal(409);
done();
});
});
it('make self as normal user fails', function (done) {
superagent.post(SERVER_URL + '/api/v1/users/' + user_0.id)
.query({ access_token: token })
.send({ role: users.ROLE_USER })
.end(function (err, res) {
expect(res.statusCode).to.equal(409);
done();
@@ -514,7 +524,7 @@ describe('Users API', function () {
it('remove second user as admin succeeds', function (done) {
superagent.post(SERVER_URL + '/api/v1/users/' + user_1.id)
.query({ access_token: token })
.send({ admin: false })
.send({ role: users.ROLE_USER })
.end(function (err, res) {
expect(res.statusCode).to.equal(204);
done();
@@ -797,11 +807,11 @@ describe('Users API', function () {
});
describe('permissions', function () {
describe('role - user manager', function () {
it('can make second user a usermanager', function (done) {
superagent.post(SERVER_URL + '/api/v1/users/' + user_1.id)
.query({ access_token: token })
.send({ permissions: [ 'manage_users' ] })
.send({ role: users.ROLE_USER_MANAGER })
.end(function (err, res) {
expect(res.statusCode).to.equal(204);
done();
@@ -850,7 +860,7 @@ describe('Users API', function () {
it('cannot change admin bit of another', function (done) {
superagent.post(SERVER_URL + '/api/v1/users/' + user_2.id)
.query({ access_token: token_1 })
.send({ admin: true })
.send({ role: users.ROLE_ADMIN })
.end(function (err, result) {
expect(result.statusCode).to.equal(403);
done();
@@ -860,9 +870,9 @@ describe('Users API', function () {
it('cannot change admin bit of self', function (done) {
superagent.post(SERVER_URL + '/api/v1/users/' + user_1.id)
.query({ access_token: token_1 })
.send({ admin: true })
.send({ role: users.ROLE_ADMIN })
.end(function (err, result) {
expect(result.statusCode).to.equal(403);
expect(result.statusCode).to.equal(409);
done();
});
});