/** * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; under version 2 * of the License (non-upgradable). * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * * Copyright (c) 2018 (original work) Open Assessment Technologies SA; */ /** * Test the module {@link layout/permissions} * @author Bertrand Chevrier */ define(['layout/permissions'], function(permissionsManager) { 'use strict'; QUnit.module('API'); QUnit.test('module export', function(assert) { assert.expect(1); assert.ok(typeof permissionsManager === 'object', 'The module exports an object'); }); QUnit.cases.init([ {title: 'setSupportedRights'}, {title: 'getRights'}, {title: 'isSupported'}, {title: 'getPermissions'}, {title: 'hasPermission'}, {title: 'clear'}, {title: 'isContextAllowed'}, {title: 'getResourceAccessMode'} ]) .test('Instance API', function(data, assert) { assert.expect(1); assert.ok(typeof permissionsManager[data.title] === 'function', 'The permissionsManager exposes the method ' + data.title); }); QUnit.module('rights'); QUnit.test('supported', function(assert) { assert.expect(10); assert.deepEqual(permissionsManager.getRights(), [], 'No supported rights by default'); assert.ok(!permissionsManager.isSupported('r')); assert.ok(!permissionsManager.isSupported('w')); assert.ok(!permissionsManager.isSupported('x')); assert.ok(!permissionsManager.isSupported('y')); permissionsManager.setSupportedRights(['r', 'w', 'x']); assert.deepEqual(permissionsManager.getRights(), ['r', 'w', 'x'], 'New supported rights'); assert.ok(permissionsManager.isSupported('r')); assert.ok(permissionsManager.isSupported('w')); assert.ok(permissionsManager.isSupported('x')); assert.ok(!permissionsManager.isSupported('y')); }); QUnit.module('Permissions', { beforeEach: function setup(assert) { permissionsManager.setSupportedRights(['READ', 'WRITE', 'GRANT']); }, afterEach: function teardown(assert) { permissionsManager.setSupportedRights([]); } }); QUnit.test('add and get one resource permissions', function(assert) { var uri = 'http://foo.bar/a'; assert.expect(4); assert.equal(typeof permissionsManager.getPermissions(uri), 'undefined', 'No permissions set for the resource'); permissionsManager.addPermissions(uri, ['READ', 'WRITE']); assert.deepEqual(permissionsManager.getPermissions(uri), ['READ', 'WRITE'], 'Permissions are set for the resource'); permissionsManager.addPermissions(uri, []); assert.deepEqual(permissionsManager.getPermissions(uri), [], 'No permissions set for the resource anymore'); permissionsManager.addPermissions(uri, ['GRANT', 'FOO']); assert.deepEqual(permissionsManager.getPermissions(uri), ['GRANT'], 'Valid permissions only are kept'); }); QUnit.test('add and get multiple permissions', function(assert) { var permissions = { 'http://foo.bar/b': ['READ', 'WRITE', 'GRANT'], 'http://foo.bar/c': ['READ'], 'http://foo.bar/d': ['FOO', 'BAR', 'WRITE'], 'http://foo.bar/e': [] }; assert.expect(8); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/b'), 'undefined', 'No permissions set for the resource'); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/c'), 'undefined', 'No permissions set for the resource'); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/d'), 'undefined', 'No permissions set for the resource'); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/e'), 'undefined', 'No permissions set for the resource'); permissionsManager.addPermissions(permissions); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/b'), ['READ', 'WRITE', 'GRANT'], 'Permissions set for the resource'); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/c'), ['READ'], 'Permissions set for the resource'); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/d'), ['WRITE'], 'Permissions set for the resource'); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/e'), [], 'Permissions set for the resource'); }); QUnit.test('clear permissions', function(assert) { var permissions = { 'http://foo.bar/f': ['READ', 'WRITE', 'GRANT'], 'http://foo.bar/g': ['READ'] }; assert.expect(6); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/f'), 'undefined', 'No permissions set for the resource'); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/g'), 'undefined', 'No permissions set for the resource'); permissionsManager.addPermissions(permissions); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/f'), ['READ', 'WRITE', 'GRANT'], 'Permissions set for the resource'); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/g'), ['READ'], 'Permissions set for the resource'); permissionsManager.clear(); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/f'), 'undefined', 'No permissions set for the resource'); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/g'), 'undefined', 'No permissions set for the resource'); }); QUnit.test('has permissions', function(assert) { var permissions = { 'http://foo.bar/i': ['READ', 'WRITE', 'GRANT'], 'http://foo.bar/j': ['READ', 'WRITE'], 'http://foo.bar/k': ['READ'], 'http://foo.bar/l': [] }; assert.expect(23); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/i'), 'undefined', 'No permissions set for the resource'); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/j'), 'undefined', 'No permissions set for the resource'); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/k'), 'undefined', 'No permissions set for the resource'); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/l'), 'undefined', 'No permissions set for the resource'); permissionsManager.addPermissions(permissions); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/i'), ['READ', 'WRITE', 'GRANT'], 'Permissions set for the resource'); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/j'), ['READ', 'WRITE'], 'Permissions set for the resource'); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/k'), ['READ'], 'Permissions set for the resource'); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/l'), [], 'Permissions set for the resource'); assert.ok(permissionsManager.hasPermission('http://foo.bar/i', 'READ')); assert.ok(permissionsManager.hasPermission('http://foo.bar/i', 'WRITE')); assert.ok(permissionsManager.hasPermission('http://foo.bar/i', 'GRANT')); assert.ok(permissionsManager.hasPermission('http://foo.bar/j', 'READ')); assert.ok(permissionsManager.hasPermission('http://foo.bar/j', 'WRITE')); assert.ok(!permissionsManager.hasPermission('http://foo.bar/j', 'GRANT')); assert.ok(permissionsManager.hasPermission('http://foo.bar/k', 'READ')); assert.ok(!permissionsManager.hasPermission('http://foo.bar/k', 'WRITE')); assert.ok(!permissionsManager.hasPermission('http://foo.bar/k', 'GRANT')); assert.ok(!permissionsManager.hasPermission('http://foo.bar/l', 'READ')); assert.ok(!permissionsManager.hasPermission('http://foo.bar/l', 'WRITE')); assert.ok(!permissionsManager.hasPermission('http://foo.bar/l', 'GRANT')); assert.ok(!permissionsManager.hasPermission('http://foo.bar/z', 'READ')); assert.ok(!permissionsManager.hasPermission('http://foo.bar/z', 'WRITE')); assert.ok(!permissionsManager.hasPermission('http://foo.bar/z', 'GRANT')); }); QUnit.module('Action and context', { beforeEach: function setup(assert) { permissionsManager.setSupportedRights(['READ', 'WRITE', 'GRANT']); }, afterEach: function teardown(assert) { permissionsManager.setSupportedRights([]); } }); QUnit.cases.init([{ title: 'allowed for a read action', requiredRights: {id: 'READ'}, context: { id: 'http://foo.bar/o' }, allowed: true }, { title: 'denied for a read action', requiredRights: {id: 'READ'}, context: { id: 'http://foo.bar/p' }, allowed: false }, { title: 'denied for a missing parameter', requiredRights: {id: 'READ'}, context: { uri: 'http://foo.bar/p' }, allowed: false }, { title: 'denied for a wrong parameter', requiredRights: {id: 'READ'}, context: { uri: 'http://foo.bar/z' }, allowed: false }, { title: 'denied for an empty context', requiredRights: {id: 'READ'}, context: null, allowed: false }, { title: 'allowed for a READ/WRITE action', requiredRights: {id: 'READ', classUri: 'WRITE'}, context: { id: 'http://foo.bar/m', classUri: 'http://foo.bar/n' }, allowed: true }, { title: 'denied for a READ/WRITE action', requiredRights: {id: 'READ', classUri: 'WRITE'}, context: { id: 'http://foo.bar/m', classUri: 'http://foo.bar/o' }, allowed: false }, { title: 'allowed for empty rights', requiredRights: { }, context: { id: 'http://foo.bar/m', classUri: 'http://foo.bar/n' }, allowed: true }]).test('is context ', function(data, assert) { var permissions = { 'http://foo.bar/m': ['READ', 'WRITE', 'GRANT'], 'http://foo.bar/n': ['READ', 'WRITE'], 'http://foo.bar/o': ['READ'], 'http://foo.bar/p': [] }; assert.expect(9); permissionsManager.clear(); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/m'), 'undefined', 'No permissions set for the resource'); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/n'), 'undefined', 'No permissions set for the resource'); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/o'), 'undefined', 'No permissions set for the resource'); assert.equal(typeof permissionsManager.getPermissions('http://foo.bar/p'), 'undefined', 'No permissions set for the resource'); permissionsManager.addPermissions(permissions); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/m'), ['READ', 'WRITE', 'GRANT'], 'Permissions set for the resource'); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/n'), ['READ', 'WRITE'], 'Permissions set for the resource'); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/o'), ['READ'], 'Permissions set for the resource'); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/p'), [], 'Permissions set for the resource'); assert.equal(permissionsManager.isContextAllowed(data.requiredRights, data.context), data.allowed); }); QUnit.module('Resource', { beforeEach: function setup(assert) { permissionsManager.setSupportedRights([]); }, afterEach: function teardown(assert) { permissionsManager.setSupportedRights([]); } }); QUnit.cases.init([{ title: 'allowed with no rights', supportedRights: [], resourceRights: [], expected: 'allowed' }, { title: 'allowed when all rights matches', supportedRights: ['READ', 'WRITE', 'GRANT'], resourceRights: ['READ', 'WRITE', 'GRANT'], expected: 'allowed' }, { title: 'partial when read only', supportedRights: ['READ', 'WRITE', 'GRANT'], resourceRights: ['READ'], expected: 'partial' }, { title: 'denied when none', supportedRights: ['READ', 'WRITE', 'GRANT'], resourceRights: [], expected: 'denied' }]).test('has mode ', function(data, assert) { var permissions = { 'http://foo.bar/q': data.resourceRights }; assert.expect(3); permissionsManager.setSupportedRights(data.supportedRights); permissionsManager.addPermissions(permissions); assert.deepEqual(permissionsManager.getRights(), data.supportedRights, 'List of supported rights configured'); assert.deepEqual(permissionsManager.getPermissions('http://foo.bar/q'), data.resourceRights, 'Permissions set for the resource'); assert.equal(permissionsManager.getResourceAccessMode('http://foo.bar/q'), data.expected); }); });