Home Explore Help
Sign In
SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git
1
0
Fork 0
Files
Tree: 7a3b81f976
Branches Tags
zammad
/
app
/
frontend
/
shared
/
utils
/
__tests__
/
hasPermission.spec.ts

hasPermission.spec.ts 3.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899 
  1. // Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
    2. 

  2. 

  3. import hasPermission from '../hasPermission.ts'
    4. 

  4. 

  5. describe('hasPermission', () => {
    6. 

  6.   it('no access when permissions are required, but no permission are present', () => {
    7. 

  7.     expect(hasPermission('ticket.agent', [])).toBe(false)
    8. 

  8.   })
    9. 

  9. 

  10.   it('access granted when permissions are required and needed permission exists', () => {
    11. 

  11.     expect(hasPermission('ticket.agent', ['ticket.agent'])).toBe(true)
    12. 

  12.   })
    13. 

  13. 

  14.   it('access granted when only parent permission exists', () => {
    15. 

  15.     expect(hasPermission('ticket.agent', ['ticket'])).toBe(true)
    16. 

  16.   })
    17. 

  17. 

  18.   it('access granted when multiple permissions exists', () => {
    19. 

  19.     expect(
    20. 

  20.       hasPermission('ticket.agent', ['ticket.customer', 'ticket.agent']),
    21. 

  21.     ).toBe(true)
    22. 

  22.   })
    23. 

  23. 

  24.   it('access granted when multiple required permissions exists', () => {
    25. 

  25.     expect(
    26. 

  26.       hasPermission(['ticket.agent', 'ticket.customer'], ['ticket.agent']),
    27. 

  27.     ).toBe(true)
    28. 

  28.   })
    29. 

  29. 

  30.   describe('with wildcard usage', () => {
    31. 

  31.     it('access granted if any permission gives access', () => {
    32. 

  32.       expect(hasPermission('*', [])).toBe(true)
    33. 

  33.     })
    34. 

  34. 

  35.     it('no access for any sub permission, without a sub permission', () => {
    36. 

  36.       expect(hasPermission('admin.*', [])).toBe(false)
    37. 

  37.     })
    38. 

  38. 

  39.     it('access granted when a sub permission exists', () => {
    40. 

  40.       expect(hasPermission('ticket.*', ['ticket.agent'])).toBe(true)
    41. 

  41.     })
    42. 

  42. 

  43.     it('access granted when only parent permission exists', () => {
    44. 

  44.       expect(hasPermission('ticket.*', ['ticket'])).toBe(true)
    45. 

  45.     })
    46. 

  46. 

  47.     it('no access when only similar parent permission exists', () => {
    48. 

  48.       expect(hasPermission('ticket.*', ['ticketing'])).toBe(false)
    49. 

  49.     })
    50. 

  50. 

  51.     it('access granted with wildcard in a deeper level and when only parent permission exists', () => {
    52. 

  52.       expect(hasPermission('ticket.agent.*', ['ticket'])).toBe(true)
    53. 

  53.     })
    54. 

  54. 

  55.     it('access granted with wildcard in the middle of a requird permission', () => {
    56. 

  56.       expect(hasPermission('ticket.*.test', ['ticket.agent.test'])).toBe(true)
    57. 

  57.     })
    58. 

  58. 

  59.     it('access granted with a complex structure and wildcard usage', () => {
    60. 

  60.       expect(
    61. 

  61.         hasPermission('ticket.*.test.*.view', ['ticket.agent.test.foo.view']),
    62. 

  62.       ).toBe(true)
    63. 

  63.     })
    64. 

  64. 

  65.     it('no access with a complex structure and wildcard usage', () => {
    66. 

  66.       expect(
    67. 

  67.         hasPermission('ticket.*.test.*.view', ['ticket.agent.asd.foo.view']),
    68. 

  68.       ).toBe(false)
    69. 

  69.     })
    70. 

  70.   })
    71. 

  71. 

  72.   describe('with a "AND" combination', () => {
    73. 

  73.     it('access granted when both combinated permission exists', () => {
    74. 

  74.       expect(
    75. 

  75.         hasPermission('ticket.agent+ticket.customer', [
    76. 

  76.           'ticket.customer',
    77. 

  77.           'ticket.agent',
    78. 

  78.         ]),
    79. 

  79.       ).toBe(true)
    80. 

  80.     })
    81. 

  81. 

  82.     it('no access when not both combinated permission exists', () => {
    83. 

  83.       expect(
    84. 

  84.         hasPermission('ticket.agent+ticket.customer', [
    85. 

  85.           'ticket.customer',
    86. 

  86.           'admin',
    87. 

  87.         ]),
    88. 

  88.       ).toBe(false)
    89. 

  89.     })
    90. 

  90.   })
    91. 

  91. 

  92.   describe('with a "AND" combination together with a wildcard', () => {
    93. 

  93.     it('access granted when both combinated permission exists', () => {
    94. 

  94.       expect(
    95. 

  95.         hasPermission('ticket.*+admin.chat', ['ticket.customer', 'admin.chat']),
    96. 

  96.       ).toBe(true)
    97. 

  97.     })
    98. 

  98.   })
    99. 

  99. })
    100.