agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-06-04 06:39:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3495 from overleaf/ae-prettier-2

Browse Source 
Upgrade Prettier to v2

GitOrigin-RevId: 85aa3fa1acb6332c4f58c46165a43d1a51471f33
This commit is contained in:
Alf Eaton
2021-04-14 14:17:21 +01:00
committed by Copybot
parent 930d7ba028
commit 1ebc8a79cb
582 changed files with 20382 additions and 20374 deletions
Download Patch File Download Diff File Expand all files Collapse all files
services/web/test/unit/src/Authorization/AuthorizationManagerTests.js
+146 -146
View File
@@ -19,8 +19,8 @@ const SandboxedModule = require('sandboxed-module')
const Errors = require('../../../../app/src/Features/Errors/Errors.js')
const { ObjectId } = require('mongodb')
describe('AuthorizationManager', function() {
beforeEach(function() {
describe('AuthorizationManager', function () {
beforeEach(function () {
this.AuthorizationManager = SandboxedModule.require(modulePath, {
requires: {
mongodb: { ObjectId },
@@ -44,8 +44,8 @@ describe('AuthorizationManager', function() {
return (this.callback = sinon.stub())
})
describe('isRestrictedUser', function() {
it('should produce the correct values', function() {
describe('isRestrictedUser', function () {
it('should produce the correct values', function () {
const notRestrictedScenarios = [
[null, 'readAndWrite', false],
['id', 'readAndWrite', true],
@@ -72,22 +72,22 @@ describe('AuthorizationManager', function() {
})
})
describe('getPrivilegeLevelForProject', function() {
beforeEach(function() {
describe('getPrivilegeLevelForProject', function () {
beforeEach(function () {
this.ProjectGetter.getProject = sinon.stub()
this.AuthorizationManager.isUserSiteAdmin = sinon.stub()
return (this.CollaboratorsGetter.getMemberIdPrivilegeLevel = sinon.stub())
})
describe('with a token-based project', function() {
beforeEach(function() {
describe('with a token-based project', function () {
beforeEach(function () {
return this.ProjectGetter.getProject
.withArgs(this.project_id, { publicAccesLevel: 1 })
.yields(null, { publicAccesLevel: 'tokenBased' })
})
describe('with a user_id with a privilege level', function() {
beforeEach(function() {
describe('with a user_id with a privilege level', function () {
beforeEach(function () {
this.AuthorizationManager.isUserSiteAdmin
.withArgs(this.user_id)
.yields(null, false)
@@ -102,15 +102,15 @@ describe('AuthorizationManager', function() {
)
})
it("should return the user's privilege level", function() {
it("should return the user's privilege level", function () {
return this.callback
.calledWith(null, 'readOnly', false, false)
.should.equal(true)
})
})
describe('with a user_id with no privilege level', function() {
beforeEach(function() {
describe('with a user_id with no privilege level', function () {
beforeEach(function () {
this.AuthorizationManager.isUserSiteAdmin
.withArgs(this.user_id)
.yields(null, false)
@@ -125,15 +125,15 @@ describe('AuthorizationManager', function() {
)
})
it('should return false', function() {
it('should return false', function () {
return this.callback
.calledWith(null, false, false, false)
.should.equal(true)
})
})
describe('with a user_id who is an admin', function() {
beforeEach(function() {
describe('with a user_id who is an admin', function () {
beforeEach(function () {
this.AuthorizationManager.isUserSiteAdmin
.withArgs(this.user_id)
.yields(null, true)
@@ -148,16 +148,16 @@ describe('AuthorizationManager', function() {
)
})
it('should return the user as an owner', function() {
it('should return the user as an owner', function () {
return this.callback
.calledWith(null, 'owner', false, true)
.should.equal(true)
})
})
describe('with no user (anonymous)', function() {
describe('when the token is not valid', function() {
beforeEach(function() {
describe('with no user (anonymous)', function () {
describe('when the token is not valid', function () {
beforeEach(function () {
this.TokenAccessHandler.validateTokenForAnonymousAccess = sinon
.stub()
.withArgs(this.project_id, this.token)
@@ -170,33 +170,33 @@ describe('AuthorizationManager', function() {
)
})
it('should not call CollaboratorsGetter.getMemberIdPrivilegeLevel', function() {
it('should not call CollaboratorsGetter.getMemberIdPrivilegeLevel', function () {
return this.CollaboratorsGetter.getMemberIdPrivilegeLevel.called.should.equal(
false
)
})
it('should not call AuthorizationManager.isUserSiteAdmin', function() {
it('should not call AuthorizationManager.isUserSiteAdmin', function () {
return this.AuthorizationManager.isUserSiteAdmin.called.should.equal(
false
)
})
it('should check if the token is valid', function() {
it('should check if the token is valid', function () {
return this.TokenAccessHandler.validateTokenForAnonymousAccess
.calledWith(this.project_id, this.token)
.should.equal(true)
})
it('should return false', function() {
it('should return false', function () {
return this.callback
.calledWith(null, false, false, false)
.should.equal(true)
})
})
describe('when the token is valid for read-and-write', function() {
beforeEach(function() {
describe('when the token is valid for read-and-write', function () {
beforeEach(function () {
this.TokenAccessHandler.validateTokenForAnonymousAccess = sinon
.stub()
.withArgs(this.project_id, this.token)
@@ -209,33 +209,33 @@ describe('AuthorizationManager', function() {
)
})
it('should not call CollaboratorsGetter.getMemberIdPrivilegeLevel', function() {
it('should not call CollaboratorsGetter.getMemberIdPrivilegeLevel', function () {
return this.CollaboratorsGetter.getMemberIdPrivilegeLevel.called.should.equal(
false
)
})
it('should not call AuthorizationManager.isUserSiteAdmin', function() {
it('should not call AuthorizationManager.isUserSiteAdmin', function () {
return this.AuthorizationManager.isUserSiteAdmin.called.should.equal(
false
)
})
it('should check if the token is valid', function() {
it('should check if the token is valid', function () {
return this.TokenAccessHandler.validateTokenForAnonymousAccess
.calledWith(this.project_id, this.token)
.should.equal(true)
})
it('should give read-write access', function() {
it('should give read-write access', function () {
return this.callback
.calledWith(null, 'readAndWrite', false)
.should.equal(true)
})
})
describe('when the token is valid for read-only', function() {
beforeEach(function() {
describe('when the token is valid for read-only', function () {
beforeEach(function () {
this.TokenAccessHandler.validateTokenForAnonymousAccess = sinon
.stub()
.withArgs(this.project_id, this.token)
@@ -248,25 +248,25 @@ describe('AuthorizationManager', function() {
)
})
it('should not call CollaboratorsGetter.getMemberIdPrivilegeLevel', function() {
it('should not call CollaboratorsGetter.getMemberIdPrivilegeLevel', function () {
return this.CollaboratorsGetter.getMemberIdPrivilegeLevel.called.should.equal(
false
)
})
it('should not call AuthorizationManager.isUserSiteAdmin', function() {
it('should not call AuthorizationManager.isUserSiteAdmin', function () {
return this.AuthorizationManager.isUserSiteAdmin.called.should.equal(
false
)
})
it('should check if the token is valid', function() {
it('should check if the token is valid', function () {
return this.TokenAccessHandler.validateTokenForAnonymousAccess
.calledWith(this.project_id, this.token)
.should.equal(true)
})
it('should give read-only access', function() {
it('should give read-only access', function () {
return this.callback
.calledWith(null, 'readOnly', false)
.should.equal(true)
@@ -275,15 +275,15 @@ describe('AuthorizationManager', function() {
})
})
describe('with a private project', function() {
beforeEach(function() {
describe('with a private project', function () {
beforeEach(function () {
return this.ProjectGetter.getProject
.withArgs(this.project_id, { publicAccesLevel: 1 })
.yields(null, { publicAccesLevel: 'private' })
})
describe('with a user_id with a privilege level', function() {
beforeEach(function() {
describe('with a user_id with a privilege level', function () {
beforeEach(function () {
this.AuthorizationManager.isUserSiteAdmin
.withArgs(this.user_id)
.yields(null, false)
@@ -298,15 +298,15 @@ describe('AuthorizationManager', function() {
)
})
it("should return the user's privilege level", function() {
it("should return the user's privilege level", function () {
return this.callback
.calledWith(null, 'readOnly', false, false)
.should.equal(true)
})
})
describe('with a user_id with no privilege level', function() {
beforeEach(function() {
describe('with a user_id with no privilege level', function () {
beforeEach(function () {
this.AuthorizationManager.isUserSiteAdmin
.withArgs(this.user_id)
.yields(null, false)
@@ -321,15 +321,15 @@ describe('AuthorizationManager', function() {
)
})
it('should return false', function() {
it('should return false', function () {
return this.callback
.calledWith(null, false, false, false)
.should.equal(true)
})
})
describe('with a user_id who is an admin', function() {
beforeEach(function() {
describe('with a user_id who is an admin', function () {
beforeEach(function () {
this.AuthorizationManager.isUserSiteAdmin
.withArgs(this.user_id)
.yields(null, true)
@@ -344,15 +344,15 @@ describe('AuthorizationManager', function() {
)
})
it('should return the user as an owner', function() {
it('should return the user as an owner', function () {
return this.callback
.calledWith(null, 'owner', false, true)
.should.equal(true)
})
})
describe('with no user (anonymous)', function() {
beforeEach(function() {
describe('with no user (anonymous)', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject(
null,
this.project_id,
@@ -361,19 +361,19 @@ describe('AuthorizationManager', function() {
)
})
it('should not call CollaboratorsGetter.getMemberIdPrivilegeLevel', function() {
it('should not call CollaboratorsGetter.getMemberIdPrivilegeLevel', function () {
return this.CollaboratorsGetter.getMemberIdPrivilegeLevel.called.should.equal(
false
)
})
it('should not call AuthorizationManager.isUserSiteAdmin', function() {
it('should not call AuthorizationManager.isUserSiteAdmin', function () {
return this.AuthorizationManager.isUserSiteAdmin.called.should.equal(
false
)
})
it('should return false', function() {
it('should return false', function () {
return this.callback
.calledWith(null, false, false, false)
.should.equal(true)
@@ -381,15 +381,15 @@ describe('AuthorizationManager', function() {
})
})
describe('with a public project', function() {
beforeEach(function() {
describe('with a public project', function () {
beforeEach(function () {
return this.ProjectGetter.getProject
.withArgs(this.project_id, { publicAccesLevel: 1 })
.yields(null, { publicAccesLevel: 'readAndWrite' })
})
describe('with a user_id with a privilege level', function() {
beforeEach(function() {
describe('with a user_id with a privilege level', function () {
beforeEach(function () {
this.AuthorizationManager.isUserSiteAdmin
.withArgs(this.user_id)
.yields(null, false)
@@ -404,15 +404,15 @@ describe('AuthorizationManager', function() {
)
})
it("should return the user's privilege level", function() {
it("should return the user's privilege level", function () {
return this.callback
.calledWith(null, 'readOnly', false)
.should.equal(true)
})
})
describe('with a user_id with no privilege level', function() {
beforeEach(function() {
describe('with a user_id with no privilege level', function () {
beforeEach(function () {
this.AuthorizationManager.isUserSiteAdmin
.withArgs(this.user_id)
.yields(null, false)
@@ -427,15 +427,15 @@ describe('AuthorizationManager', function() {
)
})
it('should return the public privilege level', function() {
it('should return the public privilege level', function () {
return this.callback
.calledWith(null, 'readAndWrite', true)
.should.equal(true)
})
})
describe('with a user_id who is an admin', function() {
beforeEach(function() {
describe('with a user_id who is an admin', function () {
beforeEach(function () {
this.AuthorizationManager.isUserSiteAdmin
.withArgs(this.user_id)
.yields(null, true)
@@ -450,15 +450,15 @@ describe('AuthorizationManager', function() {
)
})
it('should return the user as an owner', function() {
it('should return the user as an owner', function () {
return this.callback
.calledWith(null, 'owner', false)
.should.equal(true)
})
})
describe('with no user (anonymous)', function() {
beforeEach(function() {
describe('with no user (anonymous)', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject(
null,
this.project_id,
@@ -467,19 +467,19 @@ describe('AuthorizationManager', function() {
)
})
it('should not call CollaboratorsGetter.getMemberIdPrivilegeLevel', function() {
it('should not call CollaboratorsGetter.getMemberIdPrivilegeLevel', function () {
return this.CollaboratorsGetter.getMemberIdPrivilegeLevel.called.should.equal(
false
)
})
it('should not call AuthorizationManager.isUserSiteAdmin', function() {
it('should not call AuthorizationManager.isUserSiteAdmin', function () {
return this.AuthorizationManager.isUserSiteAdmin.called.should.equal(
false
)
})
it('should return the public privilege level', function() {
it('should return the public privilege level', function () {
return this.callback
.calledWith(null, 'readAndWrite', true)
.should.equal(true)
@@ -487,14 +487,14 @@ describe('AuthorizationManager', function() {
})
})
describe("when the project doesn't exist", function() {
beforeEach(function() {
describe("when the project doesn't exist", function () {
beforeEach(function () {
return this.ProjectGetter.getProject
.withArgs(this.project_id, { publicAccesLevel: 1 })
.yields(null, null)
})
it('should return a NotFoundError', function() {
it('should return a NotFoundError', function () {
return this.AuthorizationManager.getPrivilegeLevelForProject(
this.user_id,
this.project_id,
@@ -504,8 +504,8 @@ describe('AuthorizationManager', function() {
})
})
describe('when the project id is not valid', function() {
beforeEach(function() {
describe('when the project id is not valid', function () {
beforeEach(function () {
this.AuthorizationManager.isUserSiteAdmin
.withArgs(this.user_id)
.yields(null, false)
@@ -514,7 +514,7 @@ describe('AuthorizationManager', function() {
.yields(null, 'readOnly')
})
it('should return a error', function(done) {
it('should return a error', function (done) {
return this.AuthorizationManager.getPrivilegeLevelForProject(
undefined,
'not project id',
@@ -529,19 +529,19 @@ describe('AuthorizationManager', function() {
})
})
describe('canUserReadProject', function() {
beforeEach(function() {
describe('canUserReadProject', function () {
beforeEach(function () {
return (this.AuthorizationManager.getPrivilegeLevelForProject = sinon.stub())
})
describe('when user is owner', function() {
beforeEach(function() {
describe('when user is owner', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, 'owner', false)
})
it('should return true', function(done) {
it('should return true', function (done) {
return this.AuthorizationManager.canUserReadProject(
this.user_id,
this.project_id,
@@ -554,14 +554,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user has read-write access', function() {
beforeEach(function() {
describe('when user has read-write access', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, 'readAndWrite', false)
})
it('should return true', function(done) {
it('should return true', function (done) {
return this.AuthorizationManager.canUserReadProject(
this.user_id,
this.project_id,
@@ -574,14 +574,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user has read-only access', function() {
beforeEach(function() {
describe('when user has read-only access', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, 'readOnly', false)
})
it('should return true', function(done) {
it('should return true', function (done) {
return this.AuthorizationManager.canUserReadProject(
this.user_id,
this.project_id,
@@ -594,14 +594,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user has no access', function() {
beforeEach(function() {
describe('when user has no access', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, false, false)
})
it('should return false', function(done) {
it('should return false', function (done) {
return this.AuthorizationManager.canUserReadProject(
this.user_id,
this.project_id,
@@ -615,19 +615,19 @@ describe('AuthorizationManager', function() {
})
})
describe('canUserWriteProjectContent', function() {
beforeEach(function() {
describe('canUserWriteProjectContent', function () {
beforeEach(function () {
return (this.AuthorizationManager.getPrivilegeLevelForProject = sinon.stub())
})
describe('when user is owner', function() {
beforeEach(function() {
describe('when user is owner', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, 'owner', false)
})
it('should return true', function(done) {
it('should return true', function (done) {
return this.AuthorizationManager.canUserWriteProjectContent(
this.user_id,
this.project_id,
@@ -640,14 +640,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user has read-write access', function() {
beforeEach(function() {
describe('when user has read-write access', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, 'readAndWrite', false)
})
it('should return true', function(done) {
it('should return true', function (done) {
return this.AuthorizationManager.canUserWriteProjectContent(
this.user_id,
this.project_id,
@@ -660,14 +660,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user has read-only access', function() {
beforeEach(function() {
describe('when user has read-only access', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, 'readOnly', false)
})
it('should return false', function(done) {
it('should return false', function (done) {
return this.AuthorizationManager.canUserWriteProjectContent(
this.user_id,
this.project_id,
@@ -680,14 +680,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user has no access', function() {
beforeEach(function() {
describe('when user has no access', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, false, false)
})
it('should return false', function(done) {
it('should return false', function (done) {
return this.AuthorizationManager.canUserWriteProjectContent(
this.user_id,
this.project_id,
@@ -701,19 +701,19 @@ describe('AuthorizationManager', function() {
})
})
describe('canUserWriteProjectSettings', function() {
beforeEach(function() {
describe('canUserWriteProjectSettings', function () {
beforeEach(function () {
return (this.AuthorizationManager.getPrivilegeLevelForProject = sinon.stub())
})
describe('when user is owner', function() {
beforeEach(function() {
describe('when user is owner', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, 'owner', false)
})
it('should return true', function(done) {
it('should return true', function (done) {
return this.AuthorizationManager.canUserWriteProjectSettings(
this.user_id,
this.project_id,
@@ -726,14 +726,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user has read-write access as a collaborator', function() {
beforeEach(function() {
describe('when user has read-write access as a collaborator', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, 'readAndWrite', false)
})
it('should return true', function(done) {
it('should return true', function (done) {
return this.AuthorizationManager.canUserWriteProjectSettings(
this.user_id,
this.project_id,
@@ -746,14 +746,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user has read-write access as the public', function() {
beforeEach(function() {
describe('when user has read-write access as the public', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, 'readAndWrite', true)
})
it('should return false', function(done) {
it('should return false', function (done) {
return this.AuthorizationManager.canUserWriteProjectSettings(
this.user_id,
this.project_id,
@@ -766,14 +766,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user has read-only access', function() {
beforeEach(function() {
describe('when user has read-only access', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, 'readOnly', false)
})
it('should return false', function(done) {
it('should return false', function (done) {
return this.AuthorizationManager.canUserWriteProjectSettings(
this.user_id,
this.project_id,
@@ -786,14 +786,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user has no access', function() {
beforeEach(function() {
describe('when user has no access', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, false, false)
})
it('should return false', function(done) {
it('should return false', function (done) {
return this.AuthorizationManager.canUserWriteProjectSettings(
this.user_id,
this.project_id,
@@ -807,19 +807,19 @@ describe('AuthorizationManager', function() {
})
})
describe('canUserAdminProject', function() {
beforeEach(function() {
describe('canUserAdminProject', function () {
beforeEach(function () {
return (this.AuthorizationManager.getPrivilegeLevelForProject = sinon.stub())
})
describe('when user is owner', function() {
beforeEach(function() {
describe('when user is owner', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, 'owner', false)
})
it('should return true', function(done) {
it('should return true', function (done) {
return this.AuthorizationManager.canUserAdminProject(
this.user_id,
this.project_id,
@@ -832,14 +832,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user has read-write access', function() {
beforeEach(function() {
describe('when user has read-write access', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, 'readAndWrite', false)
})
it('should return false', function(done) {
it('should return false', function (done) {
return this.AuthorizationManager.canUserAdminProject(
this.user_id,
this.project_id,
@@ -852,14 +852,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user has read-only access', function() {
beforeEach(function() {
describe('when user has read-only access', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, 'readOnly', false)
})
it('should return false', function(done) {
it('should return false', function (done) {
return this.AuthorizationManager.canUserAdminProject(
this.user_id,
this.project_id,
@@ -872,14 +872,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user has no access', function() {
beforeEach(function() {
describe('when user has no access', function () {
beforeEach(function () {
return this.AuthorizationManager.getPrivilegeLevelForProject
.withArgs(this.user_id, this.project_id, this.token)
.yields(null, false, false)
})
it('should return false', function(done) {
it('should return false', function (done) {
return this.AuthorizationManager.canUserAdminProject(
this.user_id,
this.project_id,
@@ -893,19 +893,19 @@ describe('AuthorizationManager', function() {
})
})
describe('isUserSiteAdmin', function() {
beforeEach(function() {
describe('isUserSiteAdmin', function () {
beforeEach(function () {
return (this.User.findOne = sinon.stub())
})
describe('when user is admin', function() {
beforeEach(function() {
describe('when user is admin', function () {
beforeEach(function () {
return this.User.findOne
.withArgs({ _id: this.user_id }, { isAdmin: 1 })
.yields(null, { isAdmin: true })
})
it('should return true', function(done) {
it('should return true', function (done) {
return this.AuthorizationManager.isUserSiteAdmin(
this.user_id,
(error, isAdmin) => {
@@ -916,14 +916,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user is not admin', function() {
beforeEach(function() {
describe('when user is not admin', function () {
beforeEach(function () {
return this.User.findOne
.withArgs({ _id: this.user_id }, { isAdmin: 1 })
.yields(null, { isAdmin: false })
})
it('should return false', function(done) {
it('should return false', function (done) {
return this.AuthorizationManager.isUserSiteAdmin(
this.user_id,
(error, isAdmin) => {
@@ -934,14 +934,14 @@ describe('AuthorizationManager', function() {
})
})
describe('when user is not found', function() {
beforeEach(function() {
describe('when user is not found', function () {
beforeEach(function () {
return this.User.findOne
.withArgs({ _id: this.user_id }, { isAdmin: 1 })
.yields(null, null)
})
it('should return false', function(done) {
it('should return false', function (done) {
return this.AuthorizationManager.isUserSiteAdmin(
this.user_id,
(error, isAdmin) => {
@@ -952,8 +952,8 @@ describe('AuthorizationManager', function() {
})
})
describe('when no user is passed', function() {
it('should return false', function(done) {
describe('when no user is passed', function () {
it('should return false', function (done) {
return this.AuthorizationManager.isUserSiteAdmin(
null,
(error, isAdmin) => {
services/web/test/unit/src/Authorization/AuthorizationMiddlewareTests.js
+93 -96
View File
@@ -6,8 +6,8 @@ const Errors = require('../../../../app/src/Features/Errors/Errors.js')
const MODULE_PATH =
'../../../../app/src/Features/Authorization/AuthorizationMiddleware.js'
describe('AuthorizationMiddleware', function() {
beforeEach(function() {
describe('AuthorizationMiddleware', function () {
beforeEach(function () {
this.userId = 'user-id-123'
this.project_id = 'project-id-123'
this.token = 'some-token'
@@ -23,10 +23,7 @@ describe('AuthorizationMiddleware', function() {
getRequestToken: sinon.stub().returns(this.token)
}
this.ObjectId = {
isValid: sinon
.stub()
.withArgs(this.project_id)
.returns(true)
isValid: sinon.stub().withArgs(this.project_id).returns(true)
}
this.AuthorizationManager = {}
this.AuthorizationMiddleware = SandboxedModule.require(MODULE_PATH, {
@@ -46,12 +43,12 @@ describe('AuthorizationMiddleware', function() {
this.next = sinon.stub()
})
describe('_getUserId', function() {
beforeEach(function() {
describe('_getUserId', function () {
beforeEach(function () {
this.req = {}
})
it('should get the user from session', function(done) {
it('should get the user from session', function (done) {
this.AuthenticationController.getLoggedInUserId = sinon
.stub()
.returns('1234')
@@ -62,7 +59,7 @@ describe('AuthorizationMiddleware', function() {
})
})
it('should get oauth_user from request', function(done) {
it('should get oauth_user from request', function (done) {
this.AuthenticationController.getLoggedInUserId = sinon
.stub()
.returns(null)
@@ -74,7 +71,7 @@ describe('AuthorizationMiddleware', function() {
})
})
it('should fall back to null', function(done) {
it('should fall back to null', function (done) {
this.AuthenticationController.getLoggedInUserId = sinon
.stub()
.returns(null)
@@ -94,19 +91,19 @@ describe('AuthorizationMiddleware', function() {
}
Object.entries(METHODS_TO_TEST).forEach(
([middlewareMethod, managerMethod]) => {
describe(middlewareMethod, function() {
beforeEach(function() {
describe(middlewareMethod, function () {
beforeEach(function () {
this.req.params = { project_id: this.project_id }
this.AuthorizationManager[managerMethod] = sinon.stub()
this.AuthorizationMiddleware.redirectToRestricted = sinon.stub()
})
describe('with missing project_id', function() {
beforeEach(function() {
describe('with missing project_id', function () {
beforeEach(function () {
this.req.params = {}
})
it('should return an error to next', function() {
it('should return an error to next', function () {
this.AuthorizationMiddleware[middlewareMethod](
this.req,
this.res,
@@ -118,19 +115,19 @@ describe('AuthorizationMiddleware', function() {
})
})
describe('with logged in user', function() {
beforeEach(function() {
describe('with logged in user', function () {
beforeEach(function () {
this.AuthenticationController.getLoggedInUserId.returns(this.userId)
})
describe('when user has permission', function() {
beforeEach(function() {
describe('when user has permission', function () {
beforeEach(function () {
this.AuthorizationManager[managerMethod]
.withArgs(this.userId, this.project_id, this.token)
.yields(null, true)
})
it('should return next', function() {
it('should return next', function () {
this.AuthorizationMiddleware[middlewareMethod](
this.req,
this.res,
@@ -140,14 +137,14 @@ describe('AuthorizationMiddleware', function() {
})
})
describe("when user doesn't have permission", function() {
beforeEach(function() {
describe("when user doesn't have permission", function () {
beforeEach(function () {
this.AuthorizationManager[managerMethod]
.withArgs(this.userId, this.project_id, this.token)
.yields(null, false)
})
it('should raise a 403', function() {
it('should raise a 403', function () {
this.AuthorizationMiddleware[middlewareMethod](
this.req,
this.res,
@@ -161,16 +158,16 @@ describe('AuthorizationMiddleware', function() {
})
})
describe('with anonymous user', function() {
describe('when user has permission', function() {
beforeEach(function() {
describe('with anonymous user', function () {
describe('when user has permission', function () {
beforeEach(function () {
this.AuthenticationController.getLoggedInUserId.returns(null)
this.AuthorizationManager[managerMethod]
.withArgs(null, this.project_id, this.token)
.yields(null, true)
})
it('should return next', function() {
it('should return next', function () {
this.AuthorizationMiddleware[middlewareMethod](
this.req,
this.res,
@@ -180,15 +177,15 @@ describe('AuthorizationMiddleware', function() {
})
})
describe("when user doesn't have permission", function() {
beforeEach(function() {
describe("when user doesn't have permission", function () {
beforeEach(function () {
this.AuthenticationController.getLoggedInUserId.returns(null)
this.AuthorizationManager[managerMethod]
.withArgs(null, this.project_id, this.token)
.yields(null, false)
})
it('should redirect to redirectToRestricted', function() {
it('should redirect to redirectToRestricted', function () {
this.AuthorizationMiddleware[middlewareMethod](
this.req,
this.res,
@@ -202,13 +199,13 @@ describe('AuthorizationMiddleware', function() {
})
})
describe('with malformed project id', function() {
beforeEach(function() {
describe('with malformed project id', function () {
beforeEach(function () {
this.req.params = { project_id: 'blah' }
this.ObjectId.isValid = sinon.stub().returns(false)
})
it('should return a not found error', function(done) {
it('should return a not found error', function (done) {
this.AuthorizationMiddleware[middlewareMethod](
this.req,
this.res,
@@ -223,19 +220,19 @@ describe('AuthorizationMiddleware', function() {
}
)
describe('ensureUserCanAdminProject', function() {
beforeEach(function() {
describe('ensureUserCanAdminProject', function () {
beforeEach(function () {
this.req.params = { project_id: this.project_id }
this.AuthorizationManager.canUserAdminProject = sinon.stub()
this.AuthorizationMiddleware.redirectToRestricted = sinon.stub()
})
describe('with missing project_id', function() {
beforeEach(function() {
describe('with missing project_id', function () {
beforeEach(function () {
this.req.params = {}
})
it('should return an error to next', function() {
it('should return an error to next', function () {
this.AuthorizationMiddleware.ensureUserCanAdminProject(
this.req,
this.res,
@@ -245,19 +242,19 @@ describe('AuthorizationMiddleware', function() {
})
})
describe('with logged in user', function() {
beforeEach(function() {
describe('with logged in user', function () {
beforeEach(function () {
this.AuthenticationController.getLoggedInUserId.returns(this.userId)
})
describe('when user has permission', function() {
beforeEach(function() {
describe('when user has permission', function () {
beforeEach(function () {
this.AuthorizationManager.canUserAdminProject
.withArgs(this.userId, this.project_id, this.token)
.yields(null, true)
})
it('should return next', function() {
it('should return next', function () {
this.AuthorizationMiddleware.ensureUserCanAdminProject(
this.req,
this.res,
@@ -267,14 +264,14 @@ describe('AuthorizationMiddleware', function() {
})
})
describe("when user doesn't have permission", function() {
beforeEach(function() {
describe("when user doesn't have permission", function () {
beforeEach(function () {
this.AuthorizationManager.canUserAdminProject
.withArgs(this.userId, this.project_id, this.token)
.yields(null, false)
})
it('should invoke HTTP forbidden error handler', function(done) {
it('should invoke HTTP forbidden error handler', function (done) {
this.HttpErrorHandler.forbidden = sinon.spy(() => done())
this.AuthorizationMiddleware.ensureUserCanAdminProject(
this.req,
@@ -284,16 +281,16 @@ describe('AuthorizationMiddleware', function() {
})
})
describe('with anonymous user', function() {
describe('when user has permission', function() {
beforeEach(function() {
describe('with anonymous user', function () {
describe('when user has permission', function () {
beforeEach(function () {
this.AuthenticationController.getLoggedInUserId.returns(null)
this.AuthorizationManager.canUserAdminProject
.withArgs(null, this.project_id, this.token)
.yields(null, true)
})
it('should return next', function() {
it('should return next', function () {
this.AuthorizationMiddleware.ensureUserCanAdminProject(
this.req,
this.res,
@@ -303,15 +300,15 @@ describe('AuthorizationMiddleware', function() {
})
})
describe("when user doesn't have permission", function() {
beforeEach(function() {
describe("when user doesn't have permission", function () {
beforeEach(function () {
this.AuthenticationController.getLoggedInUserId.returns(null)
this.AuthorizationManager.canUserAdminProject
.withArgs(null, this.project_id, this.token)
.yields(null, false)
})
it('should invoke HTTP forbidden error handler', function(done) {
it('should invoke HTTP forbidden error handler', function (done) {
this.HttpErrorHandler.forbidden = sinon.spy(() => done())
this.AuthorizationMiddleware.ensureUserCanAdminProject(
this.req,
@@ -321,13 +318,13 @@ describe('AuthorizationMiddleware', function() {
})
})
describe('with malformed project id', function() {
beforeEach(function() {
describe('with malformed project id', function () {
beforeEach(function () {
this.req.params = { project_id: 'blah' }
this.ObjectId.isValid = sinon.stub().returns(false)
})
it('should return a not found error', function(done) {
it('should return a not found error', function (done) {
this.AuthorizationMiddleware.ensureUserCanAdminProject(
this.req,
this.res,
@@ -340,25 +337,25 @@ describe('AuthorizationMiddleware', function() {
})
})
describe('ensureUserIsSiteAdmin', function() {
beforeEach(function() {
describe('ensureUserIsSiteAdmin', function () {
beforeEach(function () {
this.AuthorizationManager.isUserSiteAdmin = sinon.stub()
this.AuthorizationMiddleware.redirectToRestricted = sinon.stub()
})
describe('with logged in user', function() {
beforeEach(function() {
describe('with logged in user', function () {
beforeEach(function () {
this.AuthenticationController.getLoggedInUserId.returns(this.userId)
})
describe('when user has permission', function() {
beforeEach(function() {
describe('when user has permission', function () {
beforeEach(function () {
this.AuthorizationManager.isUserSiteAdmin
.withArgs(this.userId)
.yields(null, true)
})
it('should return next', function() {
it('should return next', function () {
this.AuthorizationMiddleware.ensureUserIsSiteAdmin(
this.req,
this.res,
@@ -368,14 +365,14 @@ describe('AuthorizationMiddleware', function() {
})
})
describe("when user doesn't have permission", function() {
beforeEach(function() {
describe("when user doesn't have permission", function () {
beforeEach(function () {
this.AuthorizationManager.isUserSiteAdmin
.withArgs(this.userId)
.yields(null, false)
})
it('should redirect to redirectToRestricted', function() {
it('should redirect to redirectToRestricted', function () {
this.AuthorizationMiddleware.ensureUserIsSiteAdmin(
this.req,
this.res,
@@ -389,16 +386,16 @@ describe('AuthorizationMiddleware', function() {
})
})
describe('with anonymous user', function() {
describe('when user has permission', function() {
beforeEach(function() {
describe('with anonymous user', function () {
describe('when user has permission', function () {
beforeEach(function () {
this.AuthenticationController.getLoggedInUserId.returns(null)
this.AuthorizationManager.isUserSiteAdmin
.withArgs(null)
.yields(null, true)
})
it('should return next', function() {
it('should return next', function () {
this.AuthorizationMiddleware.ensureUserIsSiteAdmin(
this.req,
this.res,
@@ -408,15 +405,15 @@ describe('AuthorizationMiddleware', function() {
})
})
describe("when user doesn't have permission", function() {
beforeEach(function() {
describe("when user doesn't have permission", function () {
beforeEach(function () {
this.AuthenticationController.getLoggedInUserId.returns(null)
this.AuthorizationManager.isUserSiteAdmin
.withArgs(null)
.yields(null, false)
})
it('should redirect to redirectToRestricted', function() {
it('should redirect to redirectToRestricted', function () {
this.AuthorizationMiddleware.ensureUserIsSiteAdmin(
this.req,
this.res,
@@ -431,14 +428,14 @@ describe('AuthorizationMiddleware', function() {
})
})
describe('blockRestrictedUserFromProject', function() {
beforeEach(function() {
describe('blockRestrictedUserFromProject', function () {
beforeEach(function () {
this.AuthorizationMiddleware._getUserAndProjectId = sinon
.stub()
.callsArgWith(1, null, this.userId, this.project_id)
})
it('should issue a 401 response for a restricted user', function(done) {
it('should issue a 401 response for a restricted user', function (done) {
this.AuthorizationManager.isRestrictedUserForProject = sinon
.stub()
.callsArgWith(3, null, true)
@@ -459,7 +456,7 @@ describe('AuthorizationMiddleware', function() {
)
})
it('should pass through for a regular user', function(done) {
it('should pass through for a regular user', function (done) {
this.AuthorizationManager.isRestrictedUserForProject = sinon
.stub()
.callsArgWith(3, null, false)
@@ -480,20 +477,20 @@ describe('AuthorizationMiddleware', function() {
})
})
describe('ensureUserCanReadMultipleProjects', function() {
beforeEach(function() {
describe('ensureUserCanReadMultipleProjects', function () {
beforeEach(function () {
this.AuthorizationManager.canUserReadProject = sinon.stub()
this.AuthorizationMiddleware.redirectToRestricted = sinon.stub()
this.req.query = { project_ids: 'project1,project2' }
})
describe('with logged in user', function() {
beforeEach(function() {
describe('with logged in user', function () {
beforeEach(function () {
this.AuthenticationController.getLoggedInUserId.returns(this.userId)
})
describe('when user has permission to access all projects', function() {
beforeEach(function() {
describe('when user has permission to access all projects', function () {
beforeEach(function () {
this.AuthorizationManager.canUserReadProject
.withArgs(this.userId, 'project1', this.token)
.yields(null, true)
@@ -502,7 +499,7 @@ describe('AuthorizationMiddleware', function() {
.yields(null, true)
})
it('should return next', function() {
it('should return next', function () {
this.AuthorizationMiddleware.ensureUserCanReadMultipleProjects(
this.req,
this.res,
@@ -512,8 +509,8 @@ describe('AuthorizationMiddleware', function() {
})
})
describe("when user doesn't have permission to access one of the projects", function() {
beforeEach(function() {
describe("when user doesn't have permission to access one of the projects", function () {
beforeEach(function () {
this.AuthorizationManager.canUserReadProject
.withArgs(this.userId, 'project1', this.token)
.yields(null, true)
@@ -522,7 +519,7 @@ describe('AuthorizationMiddleware', function() {
.yields(null, false)
})
it('should redirect to redirectToRestricted', function() {
it('should redirect to redirectToRestricted', function () {
this.AuthorizationMiddleware.ensureUserCanReadMultipleProjects(
this.req,
this.res,
@@ -536,10 +533,10 @@ describe('AuthorizationMiddleware', function() {
})
})
describe('with anonymous user', function() {
describe('when user has permission', function() {
describe('when user has permission to access all projects', function() {
beforeEach(function() {
describe('with anonymous user', function () {
describe('when user has permission', function () {
describe('when user has permission to access all projects', function () {
beforeEach(function () {
this.AuthenticationController.getLoggedInUserId.returns(null)
this.AuthorizationManager.canUserReadProject
.withArgs(null, 'project1', this.token)
@@ -549,7 +546,7 @@ describe('AuthorizationMiddleware', function() {
.yields(null, true)
})
it('should return next', function() {
it('should return next', function () {
this.AuthorizationMiddleware.ensureUserCanReadMultipleProjects(
this.req,
this.res,
@@ -559,8 +556,8 @@ describe('AuthorizationMiddleware', function() {
})
})
describe("when user doesn't have permission to access one of the projects", function() {
beforeEach(function() {
describe("when user doesn't have permission to access one of the projects", function () {
beforeEach(function () {
this.AuthenticationController.getLoggedInUserId.returns(null)
this.AuthorizationManager.canUserReadProject
.withArgs(null, 'project1', this.token)
@@ -570,7 +567,7 @@ describe('AuthorizationMiddleware', function() {
.yields(null, false)
})
it('should redirect to redirectToRestricted', function() {
it('should redirect to redirectToRestricted', function () {
this.AuthorizationMiddleware.ensureUserCanReadMultipleProjects(
this.req,
this.res,