agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-05-24 01:29:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #16194 from overleaf/bg-group-sso-fix-default-permission-check

Browse Source 
fix default permission check for group sso

GitOrigin-RevId: b78c3dd26d852822f06c44c2aef79daea36fc2bd
This commit is contained in:
Brian Gough
2023-12-13 09:09:26 +00:00
committed by Copybot
parent dfcdf8f266
commit ec923c2144
2 changed files with 34 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
services/web/app/src/Features/Authorization/PermissionsManager.js
View File

@@ -272,8 +272,8 @@ function hasPermission(groupPolicy, capability) {
const results = getEnforcedPolicyNames(groupPolicy).map(userPolicyName =>
getCapabilityValueFromPolicy(userPolicyName, capability)
)
// if there are no results, return the default permission
if (results.length === 0) {
// if there are no results, or none of the policies apply, return the default permission
if (results.length === 0 || results.every(result => result === undefined)) {
return getDefaultPermission(capability)
}
// only allow the permission if all the results are true, otherwise deny it

44
services/web/test/unit/src/Authorization/PermissionsManagerTests.js
View File

@@ -86,12 +86,22 @@ describe('PermissionsManager', function () {
const groupPolicy = {
policy: true,
}
const capability = 'capability3'
const result = this.PermissionsManager.hasPermission(
groupPolicy,
capability
)
expect(result).to.be.false
{
const capability = 'capability3'
const result = this.PermissionsManager.hasPermission(
groupPolicy,
capability
)
expect(result).to.be.true
}
{
const capability = 'capability4'
const result = this.PermissionsManager.hasPermission(
groupPolicy,
capability
)
expect(result).to.be.false
}
})
it('should return the default permission if the policy is not enforced', function () {
@@ -192,12 +202,22 @@ describe('PermissionsManager', function () {
const groupPolicy = {
policy: true,
}
const capability = 'capability3'
const result = this.PermissionsManager.hasPermission(
groupPolicy,
capability
)
expect(result).to.be.false
{
const capability = 'capability3'
const result = this.PermissionsManager.hasPermission(
groupPolicy,
capability
)
expect(result).to.be.true
}
{
const capability = 'capability4'
const result = this.PermissionsManager.hasPermission(
groupPolicy,
capability
)
expect(result).to.be.false
}
})
})
})