jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Revert role support

Browse Source
This commit is contained in:
Girish Ramakrishnan
2018-07-26 10:20:19 -07:00
parent 477abf53f3
commit b4d5def56d
16 changed files with 46 additions and 275 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/test/accesscontrol-test.js
-10
View File
@@ -77,14 +77,4 @@ describe('access control', function () {
expect(accesscontrol.hasScopes([ 'apps:write' ], [ 'apps:read' ])).to.be.an(Error);
});
});
describe('validateRoles', function () {
it('succeeds for valid roles', function () {
expect(accesscontrol.validateRoles([ accesscontrol.ROLE_OWNER ])).to.be(null);
});
it('fails for invalid roles', function () {
expect(accesscontrol.validateRoles([ 'janitor' ])).to.be.an(Error);
});
});
});
src/test/apps-test.js
+2 -2
View File
@@ -155,8 +155,8 @@ describe('Apps', function () {
userdb.add.bind(null, ADMIN_0.id, ADMIN_0),
userdb.add.bind(null, USER_0.id, USER_0),
userdb.add.bind(null, USER_1.id, USER_1),
groupdb.add.bind(null, GROUP_0.id, GROUP_0.name, [ /* roles */ ]),
groupdb.add.bind(null, GROUP_1.id, GROUP_1.name, [ /* roles */ ]),
groupdb.add.bind(null, GROUP_0.id, GROUP_0.name),
groupdb.add.bind(null, GROUP_1.id, GROUP_1.name),
groups.addMember.bind(null, constants.ADMIN_GROUP_ID, ADMIN_0.id),
groups.addMember.bind(null, GROUP_0.id, USER_1.id),
appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.domain, APP_0.ownerId, APP_0.portBindings, APP_0),
src/test/database-test.js
+2 -13
View File
@@ -1465,7 +1465,7 @@ describe('database', function () {
async.series([
database.initialize,
database._clear,
groupdb.add.bind(null, constants.ADMIN_GROUP_ID, constants.ADMIN_GROUP_NAME, [ /* roles */]),
groupdb.add.bind(null, constants.ADMIN_GROUP_ID, constants.ADMIN_GROUP_NAME),
userdb.add.bind(null, USER_0.id, USER_0),
userdb.add.bind(null, USER_1.id, USER_1),
userdb.add.bind(null, USER_2.id, USER_2)
@@ -1475,7 +1475,7 @@ describe('database', function () {
var GROUP_ID_1 = 'foundersid';
it('can create a group', function (done) {
groupdb.add(GROUP_ID_1, 'founders', [ /* roles */ ], function (error) {
groupdb.add(GROUP_ID_1, 'founders', function (error) {
expect(error).to.be(null);
done();
});
@@ -1579,17 +1579,6 @@ describe('database', function () {
done();
});
});
it('can update roles of the group', function (done) {
groupdb.update(GROUP_ID_1, { roles: [ 'manage_app' ] }, function (error) {
expect(error).to.be(null);
groupdb.get(GROUP_ID_1, function (error, result) {
expect(result.roles).to.eql([ 'manage_app' ]);
done();
});
});
});
});
describe('importFromFile', function () {
src/test/groups-test.js
+12 -60
View File
@@ -81,42 +81,42 @@ describe('Groups', function () {
after(cleanup);
it('cannot create group - too small', function (done) {
groups.create('', [ ], function (error) {
groups.create('', function (error) {
expect(error.reason).to.be(GroupsError.BAD_FIELD);
done();
});
});
it('cannot create group - too big', function (done) {
groups.create(new Array(256).join('a'), [ ], function (error) {
groups.create(new Array(256).join('a'), function (error) {
expect(error.reason).to.be(GroupsError.BAD_FIELD);
done();
});
});
it('cannot create group - bad name', function (done) {
groups.create('bad:name', [ ], function (error) {
groups.create('bad:name', function (error) {
expect(error.reason).to.be(GroupsError.BAD_FIELD);
done();
});
});
it('cannot create group - reserved', function (done) {
groups.create('users', [ ], function (error) {
groups.create('users', function (error) {
expect(error.reason).to.be(GroupsError.BAD_FIELD);
done();
});
});
it('cannot create group - invalid', function (done) {
groups.create('cloudron+admin', [ ], function (error) {
groups.create('cloudron+admin', function (error) {
expect(error.reason).to.be(GroupsError.BAD_FIELD);
done();
});
});
it('can create valid group', function (done) {
groups.create(GROUP0_NAME, [ ], function (error, result) {
groups.create(GROUP0_NAME, function (error, result) {
expect(error).to.be(null);
group0Object = result;
done();
@@ -125,14 +125,14 @@ describe('Groups', function () {
it('cannot create existing group with mixed case', function (done) {
var name = GROUP0_NAME[0].toUpperCase() + GROUP0_NAME.substr(1);
groups.create(name, [ ], function (error) {
groups.create(name, function (error) {
expect(error.reason).to.be(GroupsError.ALREADY_EXISTS);
done();
});
});
it('cannot add existing group', function (done) {
groups.create(GROUP0_NAME, [ ], function (error) {
groups.create(GROUP0_NAME, function (error) {
expect(error.reason).to.be(GroupsError.ALREADY_EXISTS);
done();
});
@@ -180,7 +180,7 @@ describe('Group membership', function () {
async.series([
setup,
function (next) {
groups.create(GROUP0_NAME, [ /* roles */ ], function (error, result) {
groups.create(GROUP0_NAME, function (error, result) {
if (error) return next(error);
group0Object = result;
next();
@@ -297,7 +297,7 @@ describe('Group membership', function () {
});
it('can remove group with member', function (done) {
groups.create(GROUP0_NAME, [ /* roles */ ], function (error, result) {
groups.create(GROUP0_NAME, function (error, result) {
expect(error).to.eql(null);
group0Object = result;
@@ -318,14 +318,14 @@ describe('Set user groups', function () {
async.series([
setup,
function (next) {
groups.create(GROUP0_NAME, [ ], function (error, result) {
groups.create(GROUP0_NAME, function (error, result) {
if (error) return next(error);
group0Object = result;
next();
});
},
function (next) {
groups.create(GROUP1_NAME, [ ], function (error, result) {
groups.create(GROUP1_NAME, function (error, result) {
if (error) return next(error);
group1Object = result;
next();
@@ -380,51 +380,3 @@ describe('Admin group', function () {
});
});
});
describe('Roles', function () {
before(function (done) {
async.series([
setup,
userdb.add.bind(null, USER_0.id, USER_0),
function (next) {
groups.create(GROUP0_NAME, [ /* roles */ ], function (error, result) {
if (error) return next(error);
group0Object = result;
groups.setMembership(USER_0.id, [ group0Object.id ], next);
});
},
], done);
});
after(cleanup);
it('can set roles', function (done) {
groups.update(group0Object.id, { roles: [ accesscontrol.ROLE_OWNER ] }, function (error) {
expect(error).to.be(null);
done();
});
});
it('can get roles of a group', function (done) {
groups.get(group0Object.id, function (error, result) {
expect(error).to.be(null);
expect(result.roles).to.eql([ accesscontrol.ROLE_OWNER ]);
done();
});
});
it('can get roles of a user', function (done) {
groups.getGroups(USER_0.id, function (error, results) {
expect(results.length).to.be(1);
expect(results[0].roles).to.eql([ 'owner' ]);
done();
});
});
it('cannot set invalid role', function (done) {
groups.update(group0Object.id, { roles: [ accesscontrol.ROLE_OWNER, 'janitor' ] }, function (error) {
expect(error).to.be.ok();
done();
});
});
});
src/test/ldap-test.js
+1 -1
View File
@@ -132,7 +132,7 @@ function setup(done) {
});
},
function (callback) {
groups.create(GROUP_NAME, [ /* roles */ ], function (error, result) {
groups.create(GROUP_NAME, function (error, result) {
if (error) return callback(error);
GROUP_ID = result.id;
src/test/users-test.js
+1 -1
View File
@@ -647,7 +647,7 @@ describe('User', function () {
createOwner(function (error) {
expect(error).to.not.be.ok();
groups.create(NON_ADMIN_GROUP, [ /* roles */ ], function (error, result) {
groups.create(NON_ADMIN_GROUP, function (error, result) {
expect(error).to.be(null);
groupObject = result;