mirror of
https://github.com/yu-i-i/overleaf-cep.git
synced 2026-05-29 20:11:32 +02:00
2d66b9751a
Remove references to `reviewer-role` feature flag in the backend GitOrigin-RevId: 4d2088e4c2815d3221817a182a0a66b5a60b3532
67 lines
2.3 KiB
JavaScript
67 lines
2.3 KiB
JavaScript
const SandboxedModule = require('sandboxed-module')
|
|
const sinon = require('sinon')
|
|
const { expect } = require('chai')
|
|
const modulePath = '../../../../app/src/Features/Helpers/AuthorizationHelper'
|
|
|
|
describe('AuthorizationHelper', function () {
|
|
beforeEach(function () {
|
|
this.AuthorizationHelper = SandboxedModule.require(modulePath, {
|
|
requires: {
|
|
'./AdminAuthorizationHelper': (this.AdminAuthorizationHelper = {
|
|
hasAdminAccess: sinon.stub().returns(false),
|
|
}),
|
|
'../../models/User': {
|
|
UserSchema: {
|
|
obj: {
|
|
staffAccess: {
|
|
publisherMetrics: {},
|
|
publisherManagement: {},
|
|
institutionMetrics: {},
|
|
institutionManagement: {},
|
|
groupMetrics: {},
|
|
groupManagement: {},
|
|
adminMetrics: {},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
'../Project/ProjectGetter': (this.ProjectGetter = { promises: {} }),
|
|
'../SplitTests/SplitTestHandler': (this.SplitTestHandler = {
|
|
promises: {},
|
|
}),
|
|
},
|
|
})
|
|
})
|
|
|
|
describe('hasAnyStaffAccess', function () {
|
|
it('with empty user', function () {
|
|
const user = {}
|
|
expect(this.AuthorizationHelper.hasAnyStaffAccess(user)).to.be.false
|
|
})
|
|
|
|
it('with no access user', function () {
|
|
const user = { isAdmin: false, staffAccess: { adminMetrics: false } }
|
|
expect(this.AuthorizationHelper.hasAnyStaffAccess(user)).to.be.false
|
|
})
|
|
|
|
it('with admin user', function () {
|
|
const user = { isAdmin: true }
|
|
this.AdminAuthorizationHelper.hasAdminAccess.returns(true)
|
|
expect(this.AuthorizationHelper.hasAnyStaffAccess(user)).to.be.false
|
|
})
|
|
|
|
it('with staff user', function () {
|
|
const user = { staffAccess: { adminMetrics: true, somethingElse: false } }
|
|
this.AdminAuthorizationHelper.hasAdminAccess.returns(true)
|
|
expect(this.AuthorizationHelper.hasAnyStaffAccess(user)).to.be.true
|
|
})
|
|
|
|
it('with non-staff user with extra attributes', function () {
|
|
// make sure that staffAccess attributes not declared on the model don't
|
|
// give user access
|
|
const user = { staffAccess: { adminMetrics: false, somethingElse: true } }
|
|
expect(this.AuthorizationHelper.hasAnyStaffAccess(user)).to.be.false
|
|
})
|
|
})
|
|
})
|