jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

migrate permissions and admin flag to user.role

Browse Source
This commit is contained in:
Girish Ramakrishnan
2020-02-21 12:17:06 -08:00
parent a8f1b0241e
commit 0e156b9376
27 changed files with 245 additions and 254 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/test/apps-test.js
+8 -11
View File
@@ -32,9 +32,8 @@ describe('Apps', function () {
resetToken: hat(256),
displayName: '',
groupIds: [],
admin: true,
source: '',
permissions: null
role: 'owner',
source: ''
};
var USER_0 = {
@@ -49,9 +48,8 @@ describe('Apps', function () {
resetToken: hat(256),
displayName: '',
groupIds: [],
admin: false,
source: '',
permissions: null
role: 'user',
source: ''
};
var USER_1 = {
@@ -66,9 +64,8 @@ describe('Apps', function () {
resetToken: hat(256),
displayName: '',
groupIds: [ 'somegroup' ],
admin: false,
source: '',
permissions: null
role: 'user',
source: ''
};
var GROUP_0 = {
@@ -278,8 +275,8 @@ describe('Apps', function () {
});
describe('hasAccessTo', function () {
const someuser = { id: 'someuser', groupIds: [], admin: false };
const adminuser = { id: 'adminuser', groupIds: [ 'groupie' ], admin: true };
const someuser = { id: 'someuser', groupIds: [], role: 'user' };
const adminuser = { id: 'adminuser', groupIds: [ 'groupie' ], role: 'admin' };
it('returns true for unrestricted access', function (done) {
apps.hasAccessTo({ accessRestriction: null }, someuser, function (error, access) {
src/test/apptask-test.js
+2 -3
View File
@@ -75,9 +75,8 @@ var ADMIN = {
modifiedAt: 'now',
resetToken: '',
displayName: '',
admin: true,
source: '',
permissions: null
role: 'owner',
source: ''
};
var APP = {
src/test/database-test.js
+17 -12
View File
@@ -38,10 +38,9 @@ var USER_0 = {
displayName: '',
twoFactorAuthenticationEnabled: false,
twoFactorAuthenticationSecret: '',
admin: false,
role: 'user',
active: true,
source: '',
permissions: null
source: ''
};
var USER_1 = {
@@ -57,10 +56,9 @@ var USER_1 = {
displayName: 'Herbert 1',
twoFactorAuthenticationEnabled: false,
twoFactorAuthenticationSecret: '',
admin: false,
role: 'user',
active: true,
source: '',
permissions: null
source: ''
};
var USER_2 = {
@@ -76,10 +74,9 @@ var USER_2 = {
displayName: 'Herbert 2',
twoFactorAuthenticationEnabled: false,
twoFactorAuthenticationSecret: '',
admin: false,
role: 'user',
active: true,
source: '',
permissions: null
source: ''
};
const DOMAIN_0 = {
@@ -606,9 +603,9 @@ describe('database', function () {
});
it('can get all admins', function (done) {
userdb.getAllAdmins(function (error, all) {
expect(error).to.not.be.ok();
expect(all.length).to.equal(0);
userdb.getByRole('owner', function (error, all) {
expect(error).to.be.ok();
expect(error.reason).to.be(BoxError.NOT_FOUND);
done();
});
});
@@ -621,6 +618,14 @@ describe('database', function () {
});
});
it('can get all users', function (done) {
userdb.getByRole('user', function (error, all) {
expect(error).to.not.be.ok();
expect(all.length).to.equal(3);
done();
});
});
it('can update the user', function (done) {
userdb.update(USER_0.id, { email: 'some@thing.com', displayName: 'Heiter' }, function (error) {
expect(error).to.not.be.ok();
src/test/groups-test.js
+2 -2
View File
@@ -33,7 +33,7 @@ var USER_0 = {
password: 'secret',
email: 'safe@me.com',
fallbackEmail: 'safefallback@me.com',
admin: false,
role: 'user',
salt: 'morton',
createdAt: 'sometime back',
modifiedAt: 'now',
@@ -49,7 +49,7 @@ var USER_1 = { // this user has not signed up yet
password: '',
email: 'safe2@me.com',
fallbackEmail: 'safe2fallback@me.com',
admin: false,
role: 'user',
salt: 'morton',
createdAt: 'sometime back',
modifiedAt: 'now',
src/test/ldap-test.js
+5 -5
View File
@@ -36,7 +36,7 @@ var USER_0 = {
password: 'Username0pass?1234',
email: 'user0@' + DOMAIN_0.domain.toUpperCase(),
displayName: 'User 0',
permissions: null
role: 'owner'
};
var USER_0_ALIAS = 'Asterix';
@@ -47,14 +47,14 @@ var USER_1 = {
password: 'Username1pass?12345',
email: 'USER1@' + DOMAIN_0.domain,
displayName: 'User 1',
permissions: null
role: 'user'
};
var USER_2 = {
username: 'Username2',
password: 'Username2pass?12345',
email: 'USER2@' + DOMAIN_0.domain,
displayName: 'User 2',
permissions: null
role: 'user'
};
var GROUP_ID, GROUP_NAME = 'developers';
@@ -114,7 +114,7 @@ function setup(done) {
mailboxdb.addMailbox.bind(null, APP_0.location + '.app', APP_0.domain, APP_0.id),
function (callback) {
users.create(USER_1.username, USER_1.password, USER_1.email, USER_0.displayName, { invitor: USER_0 }, AUDIT_SOURCE, function (error, result) {
users.create(USER_1.username, USER_1.password, USER_1.email, USER_0.displayName, { }, AUDIT_SOURCE, function (error, result) {
if (error) return callback(error);
USER_1.id = result.id;
@@ -123,7 +123,7 @@ function setup(done) {
});
},
function (callback) {
users.create(USER_2.username, USER_2.password, USER_2.email, USER_0.displayName, { invitor: USER_0 }, AUDIT_SOURCE, function (error, result) {
users.create(USER_2.username, USER_2.password, USER_2.email, USER_0.displayName, { }, AUDIT_SOURCE, function (error, result) {
if (error) return callback(error);
USER_2.id = result.id;
src/test/notifications-test.js
+1 -1
View File
@@ -22,7 +22,7 @@ var USER_0 = {
email: 'user0@email.com',
fallbackEmail: 'user0fallback@email.com',
displayName: 'User 0',
permissions: null
role: 'owner'
};
var EVENT_0 = {
src/test/users-test.js
+23 -22
View File
@@ -20,7 +20,7 @@ var async = require('async'),
mailer = require('../mailer.js'),
settings = require('../settings.js'),
userdb = require('../userdb.js'),
users = require('../users.js'),
users = require('../users.js'),
_ = require('underscore');
var USERNAME = 'noBody';
@@ -61,7 +61,7 @@ function createOwner(done) {
userObject = result;
done();
done(null, userObject);
});
}
@@ -730,10 +730,14 @@ describe('User', function () {
});
describe('admin change mail triggers', function () {
let auditSource;
before(function (done) {
createOwner(function (error) {
createOwner(function (error, owner) {
expect(error).to.not.be.ok();
auditSource = _.extend({}, AUDIT_SOURCE, { userId: owner.id });
groups.create(NON_ADMIN_GROUP, done);
});
});
@@ -744,22 +748,20 @@ describe('User', function () {
username: 'seconduser',
password: 'ASDFkljsf#$^%2354',
email: 'some@thi.ng',
admin: false
role: users.ROLE_ADMIN
};
it('make second user admin does not send mail to action performer', function (done) {
var invitor = { username: USERNAME, email: EMAIL };
users.create(user1.username, user1.password, user1.email, DISPLAY_NAME, { invitor: invitor }, AUDIT_SOURCE, function (error, result) {
users.create(user1.username, user1.password, user1.email, DISPLAY_NAME, { }, auditSource, function (error, result) {
expect(error).to.not.be.ok();
expect(result).to.be.ok();
user1.id = result.id;
users.update(user1, { admin: true }, AUDIT_SOURCE, function (error) {
users.update(user1, { role: users.ROLE_ADMIN }, AUDIT_SOURCE, function (error) {
expect(error).to.not.be.ok();
user1.admin = true;
user1.role = users.ROLE_ADMIN;
// no emails should be sent out anymore, since the user performing the action does not get a notification anymore
checkMails(0, done);
});
@@ -767,29 +769,29 @@ describe('User', function () {
});
it('succeeds to remove admin flag does not send mail to action performer', function (done) {
users.update(user1, { admin: false }, AUDIT_SOURCE, function (error) {
users.update(user1, { role: users.ROLE_USER }, auditSource, function (error) {
expect(error).to.eql(null);
user1.admin = false;
user1.role = users.ROLE_USER;
// no emails should be sent out anymore, since the user performing the action does not get a notification anymore
checkMails(0, done);
});
});
it('make second user admin does send mail to other admins', function (done) {
users.update(user1, { admin: true }, { ip: '1.2.3.4', userId: 'someuserid' }, function (error) {
users.update(user1, { role: users.ROLE_ADMIN }, { ip: '1.2.3.4', userId: 'someuserid' }, function (error) {
expect(error).to.not.be.ok();
user1.admin = true;
user1.role = users.ROLE_ADMIN;
checkMails(1, done);
});
});
it('succeeds to remove admin flag does send mail to other admins', function (done) {
users.update(user1, { admin: false }, { ip: '1.2.3.4', userId: 'someuserid' }, function (error) {
users.update(user1, { role: users.ROLE_USER }, { ip: '1.2.3.4', userId: 'someuserid' }, function (error) {
expect(error).to.eql(null);
user1.admin = false;
user1.role = users.ROLE_USER;
checkMails(1, done);
});
});
@@ -800,7 +802,7 @@ describe('User', function () {
after(cleanupUsers);
it('succeeds for one admins', function (done) {
users.getAllAdmins(function (error, admins) {
users.getAdmins(function (error, admins) {
expect(error).to.eql(null);
expect(admins.length).to.equal(1);
expect(admins[0].username).to.equal(USERNAME.toLowerCase());
@@ -813,20 +815,19 @@ describe('User', function () {
username: 'seconduser',
password: 'Adfasdkjf#$%43',
email: 'some@thi.ng',
admin: false
role: users.ROLE_ADMIN
};
var invitor = { username: USERNAME, email: EMAIL };
users.create(user1.username, user1.password, user1.email, DISPLAY_NAME, { invitor: invitor }, AUDIT_SOURCE, function (error, result) {
expect(error).to.eql(null);
users.create(user1.username, user1.password, user1.email, DISPLAY_NAME, { role: users.ROLE_ADMIN }, AUDIT_SOURCE, function (error, result) {
expect(error).to.not.be.ok();
expect(result).to.be.ok();
user1.id = result.id;
users.update(user1, { admin: true }, AUDIT_SOURCE, function (error) {
users.update(user1, { role: users.ROLE_ADMIN }, AUDIT_SOURCE, function (error) {
expect(error).to.eql(null);
users.getAllAdmins(function (error, admins) {
users.getAdmins(function (error, admins) {
expect(error).to.eql(null);
expect(admins.length).to.equal(2);
expect(admins[0].username).to.equal(USERNAME.toLowerCase());