mirror of
https://github.com/Unleash/unleash.git
synced 2024-12-22 19:07:54 +01:00
0c78980502
* wip: environment for permissions * fix: add migration for roles * fix: connect environment with access service * feat: add tests * chore: Implement scaffolding for new rbac * fix: add fake store * feat: Add api endpoints for roles and permissions list * feat: Add ability to provide permissions when creating a role and rename environmentName to name in the list permissions datastructure * fix: Make project roles resolve correctly against new environments permissions structure * fix: Patch migration to also populate permission names * fix: Make permissions actually work with new environments * fix: Add back to get permissions working for editor role * fix: Removed ability to set role type through api during creation - it's now always custom * feat: Return permissions on get role endpoint * feat: Add in support for updating roles * fix: Get a bunch of tests working and delete a few that make no sense anymore * chore: A few small cleanups - remove logging and restore default on dev server config * chore: Refactor role/access stores into more logical domains * feat: Add in validation for roles * feat: Patch db migration to handle old stucture * fix: migration for project roles * fix: patch a few broken tests * fix: add permissions to editor * fix: update test name * fix: update user permission mapping * fix: create new user * fix: update root role test * fix: update tests * feat: Validation now works when updating a role * fix: Add in very barebones down migration for rbac so that tests work * fix: Improve responses from role resolution - getting a non existant role will throw a NotFound error * fix: remove unused permissions * fix: add test for connecting roles and deleting project * fix: add test for adding a project member with a custom role * fix: add test for changing user role * fix: add guard for deleting role if the role is in use * fix: alter migration * chore: Minor code cleanups * chore: Small code cleanups * chore: More minor cleanups of code * chore: Trim some dead code to make the linter happy * feat: Schema validation for roles * fix: setup permission for variant * fix: remove unused import * feat: Add cascading delete for role_permissions when deleting a role * feat: add configuration option for disabling legacy api * chore: update frontend to beta version * 4.6.0-beta.0 * fix: export default project constant * fix: update snapshot * fix: module pattern ../../lib * fix: move DEFAULT_PROJECT to types * fix: remove debug logging * fix: remove debug log state * fix: Change permission descriptions * fix: roles should have unique name * fix: root roles should be connected to the default project * fix: typo in role-schema.ts * fix: Role permission empty string for non environment type * feat: new permission for moving project * fix: add event for changeProject * fix: Removing a user from a project will now check to see if that project has an owner, rather than checking if any project has an owner * fix: add tests for move project * fix: Add in missing create/delete tag permissions * fix: Removed duplicate impl caused by multiple good samaritans putting it back in! * fix: Trim out add tag permissions, for now at least * chore: Trim out new add and delete tag permissions - we're going with update feature instead * chore: update frontend * 4.6.0-beta.1 * feat: Prevent editing of built in roles * fix: Patch an issue where permissions for variants/environments didn't match the front end * fix: lint Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com>
84 lines
2.0 KiB
TypeScript
84 lines
2.0 KiB
TypeScript
import { roleSchema } from './role-schema';
|
|
|
|
test('role schema rejects a role without a name', async () => {
|
|
expect.assertions(1);
|
|
const role = {
|
|
permissions: [],
|
|
};
|
|
|
|
try {
|
|
await roleSchema.validateAsync(role);
|
|
} catch (error) {
|
|
expect(error.details[0].message).toBe('"name" is required');
|
|
}
|
|
});
|
|
|
|
test('role schema allows a role with an empty description', async () => {
|
|
const role = {
|
|
name: 'Brønsted',
|
|
description: '',
|
|
};
|
|
|
|
const value = await roleSchema.validateAsync(role);
|
|
expect(value.description).toEqual('');
|
|
});
|
|
|
|
test('role schema rejects a role with a broken permission list', async () => {
|
|
expect.assertions(1);
|
|
const role = {
|
|
name: 'Mendeleev',
|
|
permissions: [
|
|
{
|
|
aPropertyThatIsAproposToNothing: true,
|
|
},
|
|
],
|
|
};
|
|
|
|
try {
|
|
await roleSchema.validateAsync(role);
|
|
} catch (error) {
|
|
expect(error.details[0].message).toBe(
|
|
'"permissions[0].id" is required',
|
|
);
|
|
}
|
|
});
|
|
|
|
test('role schema allows a role with an empty permission list', async () => {
|
|
const role = {
|
|
name: 'Avogadro',
|
|
permissions: [],
|
|
};
|
|
|
|
const value = await roleSchema.validateAsync(role);
|
|
expect(value.permissions).toEqual([]);
|
|
});
|
|
|
|
test('role schema allows a role with a null list', async () => {
|
|
const role = {
|
|
name: 'Curie',
|
|
permissions: null,
|
|
};
|
|
|
|
const value = await roleSchema.validateAsync(role);
|
|
expect(value.permissions).toEqual(null);
|
|
});
|
|
|
|
test('role schema allows an undefined with a null list', async () => {
|
|
const role = {
|
|
name: 'Fischer',
|
|
};
|
|
|
|
const value = await roleSchema.validateAsync(role);
|
|
expect(value.permissions).toEqual(undefined);
|
|
});
|
|
|
|
test('role schema strips roleType if present', async () => {
|
|
const role = {
|
|
name: 'Grignard',
|
|
roleType: 'Organic Chemistry',
|
|
};
|
|
|
|
const value = await roleSchema.validateAsync(role);
|
|
expect(value.roleType).toEqual(undefined);
|
|
});
|