josh/automatisch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test(permissions): use manage permission in relevant tests

Browse Source
This commit is contained in:
Ali BARIN
2025-04-09 14:23:58 +00:00
parent e2542f39e1
commit 69b6c8f00e
31 changed files with 115 additions and 136 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
packages/backend/package.json
View File

@@ -112,5 +112,6 @@
"src/"
],
"ext": "js"
}
},
"packageManager": "yarn@1.22.22+sha512.a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e"
}

2
packages/backend/src/controllers/api/v1/admin/roles/update-role.ee.test.js
View File

@@ -74,7 +74,7 @@ describe('PATCH /api/v1/admin/roles/:roleId', () => {
it('should return the updated role with sanitized permissions', async () => {
const validPermission = {
action: 'create',
action: 'manage',
subject: 'Connection',
conditions: ['isCreator'],
};

2
packages/backend/src/controllers/api/v1/apps/create-connection.test.js
View File

@@ -22,7 +22,7 @@ describe('POST /api/v1/apps/:appKey/connections', () => {
});
await createPermission({
action: 'create',
action: 'manage',
subject: 'Connection',
roleId: role.id,
});

9
packages/backend/src/controllers/api/v1/connections/delete-connection.test.js
View File

@@ -15,14 +15,7 @@ describe('DELETE /api/v1/connections/:connectionId', () => {
currentUserRole = await currentUser.$relatedQuery('role');
await createPermission({
action: 'delete',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],

2
packages/backend/src/controllers/api/v1/connections/generate-auth-url.test.js
View File

@@ -14,7 +14,7 @@ describe('POST /api/v1/connections/:connectionId/auth-url', () => {
currentUser = await createUser();
await createPermission({
action: 'create',
action: 'manage',
subject: 'Connection',
roleId: currentUser.roleId,
conditions: ['isCreator'],

8
packages/backend/src/controllers/api/v1/connections/reset-connection.test.js
View File

@@ -32,7 +32,7 @@ describe('POST /api/v1/connections/:connectionId/reset', () => {
});
await createPermission({
action: 'create',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -68,7 +68,7 @@ describe('POST /api/v1/connections/:connectionId/reset', () => {
});
await createPermission({
action: 'create',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: [],
@@ -84,7 +84,7 @@ describe('POST /api/v1/connections/:connectionId/reset', () => {
const notExistingConnectionUUID = Crypto.randomUUID();
await createPermission({
action: 'create',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -98,7 +98,7 @@ describe('POST /api/v1/connections/:connectionId/reset', () => {
it('should return bad request response for invalid UUID', async () => {
await createPermission({
action: 'create',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],

8
packages/backend/src/controllers/api/v1/connections/test-connection.test.js
View File

@@ -32,7 +32,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -63,7 +63,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: [],
@@ -88,7 +88,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -109,7 +109,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],

8
packages/backend/src/controllers/api/v1/connections/update-connection.test.js
View File

@@ -34,7 +34,7 @@ describe('PATCH /api/v1/connections/:connectionId', () => {
const currentUserConnection = await createConnection(connectionData);
await createPermission({
action: 'update',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -72,7 +72,7 @@ describe('PATCH /api/v1/connections/:connectionId', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: [],
@@ -88,7 +88,7 @@ describe('PATCH /api/v1/connections/:connectionId', () => {
const notExistingConnectionUUID = Crypto.randomUUID();
await createPermission({
action: 'update',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -102,7 +102,7 @@ describe('PATCH /api/v1/connections/:connectionId', () => {
it('should return bad request response for invalid UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],

6
packages/backend/src/controllers/api/v1/connections/verify-connection.test.js
View File

@@ -26,7 +26,7 @@ describe('POST /api/v1/connections/:connectionId/verify', () => {
});
await createPermission({
action: 'create',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -54,7 +54,7 @@ describe('POST /api/v1/connections/:connectionId/verify', () => {
const notExistingConnectionUUID = Crypto.randomUUID();
await createPermission({
action: 'create',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -68,7 +68,7 @@ describe('POST /api/v1/connections/:connectionId/verify', () => {
it('should return bad request response for invalid UUID', async () => {
await createPermission({
action: 'create',
action: 'manage',
subject: 'Connection',
roleId: currentUserRole.id,
conditions: ['isCreator'],

4
packages/backend/src/controllers/api/v1/flows/create-flow.test.js
View File

@@ -20,7 +20,7 @@ describe('POST /api/v1/flows', () => {
it('should create an empty flow when no templateId is provided', async () => {
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -42,7 +42,7 @@ describe('POST /api/v1/flows', () => {
it('should create a flow from template when templateId is provided', async () => {
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],

10
packages/backend/src/controllers/api/v1/flows/create-step.test.js
View File

@@ -36,7 +36,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => {
await createPermission({
roleId: currentUser.roleId,
subject: 'Flow',
action: 'update',
action: 'manage',
conditions: ['isCreator'],
});
@@ -78,7 +78,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => {
await createPermission({
roleId: currentUser.roleId,
subject: 'Flow',
action: 'update',
action: 'manage',
conditions: [],
});
@@ -109,7 +109,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => {
await createPermission({
roleId: currentUser.roleId,
subject: 'Flow',
action: 'update',
action: 'manage',
conditions: ['isCreator'],
});
@@ -133,7 +133,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => {
await createPermission({
roleId: currentUser.roleId,
subject: 'Flow',
action: 'update',
action: 'manage',
conditions: ['isCreator'],
});
@@ -159,7 +159,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => {
await createPermission({
roleId: currentUser.roleId,
subject: 'Flow',
action: 'update',
action: 'manage',
conditions: ['isCreator'],
});

8
packages/backend/src/controllers/api/v1/flows/delete-flow.test.js
View File

@@ -28,7 +28,7 @@ describe('DELETE /api/v1/flows/:flowId', () => {
});
await createPermission({
action: 'delete',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -52,7 +52,7 @@ describe('DELETE /api/v1/flows/:flowId', () => {
});
await createPermission({
action: 'delete',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -73,7 +73,7 @@ describe('DELETE /api/v1/flows/:flowId', () => {
});
await createPermission({
action: 'delete',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -96,7 +96,7 @@ describe('DELETE /api/v1/flows/:flowId', () => {
});
await createPermission({
action: 'delete',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],

10
packages/backend/src/controllers/api/v1/flows/duplicate-flow.test.js
View File

@@ -48,7 +48,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => {
});
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -106,7 +106,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => {
});
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -143,7 +143,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => {
});
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -169,7 +169,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => {
});
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -190,7 +190,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => {
});
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],

10
packages/backend/src/controllers/api/v1/flows/export-flow.test.js
View File

@@ -56,7 +56,7 @@ describe('POST /api/v1/flows/:flowId/export', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -113,7 +113,7 @@ describe('POST /api/v1/flows/:flowId/export', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -141,7 +141,7 @@ describe('POST /api/v1/flows/:flowId/export', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -167,7 +167,7 @@ describe('POST /api/v1/flows/:flowId/export', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -188,7 +188,7 @@ describe('POST /api/v1/flows/:flowId/export', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],

10
packages/backend/src/controllers/api/v1/flows/import-flow.test.js
View File

@@ -48,7 +48,7 @@ describe('POST /api/v1/flows/import', () => {
});
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -124,7 +124,7 @@ describe('POST /api/v1/flows/import', () => {
});
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -206,7 +206,7 @@ describe('POST /api/v1/flows/import', () => {
});
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -279,7 +279,7 @@ describe('POST /api/v1/flows/import', () => {
});
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -330,7 +330,7 @@ describe('POST /api/v1/flows/import', () => {
const currentUserFlow = await createFlow({ userId: currentUser.id });
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],

14
packages/backend/src/controllers/api/v1/flows/update-flow-folder.test.js
View File

@@ -45,7 +45,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -77,7 +77,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
const anotherUserFlow = await createFlow({ userId: anotherUser.id });
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -96,7 +96,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
const anotherUserFolder = await createFolder({ userId: anotherUser.id });
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -111,7 +111,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
it('should return not found response for not existing flow UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -130,7 +130,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
const flow = await createFlow({ userId: currentUser.id });
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -147,7 +147,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
it('should return bad request response for invalid flow UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
});
@@ -160,7 +160,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
it('should return bad request response for invalid folder UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
});

10
packages/backend/src/controllers/api/v1/flows/update-flow-status.test.js
View File

@@ -51,7 +51,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => {
});
await createPermission({
action: 'publish',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -114,7 +114,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => {
});
await createPermission({
action: 'publish',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -152,7 +152,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => {
});
await createPermission({
action: 'publish',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -178,7 +178,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => {
});
await createPermission({
action: 'publish',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -199,7 +199,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => {
});
await createPermission({
action: 'publish',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],

10
packages/backend/src/controllers/api/v1/flows/update-flow.test.js
View File

@@ -29,7 +29,7 @@ describe('PATCH /api/v1/flows/:flowId', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -65,7 +65,7 @@ describe('PATCH /api/v1/flows/:flowId', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -98,7 +98,7 @@ describe('PATCH /api/v1/flows/:flowId', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -121,7 +121,7 @@ describe('PATCH /api/v1/flows/:flowId', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -144,7 +144,7 @@ describe('PATCH /api/v1/flows/:flowId', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],

2
packages/backend/src/controllers/api/v1/folders/create-folder.test.js
View File

@@ -18,7 +18,7 @@ describe('POST /api/v1/folders', () => {
it('should return created flow', async () => {
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],

6
packages/backend/src/controllers/api/v1/folders/delete-folder.test.js
View File

@@ -21,7 +21,7 @@ describe('DELETE /api/v1/folders/:folderId', () => {
const currentUserFolder = await createFolder({ userId: currentUser.id });
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
});
@@ -34,7 +34,7 @@ describe('DELETE /api/v1/folders/:folderId', () => {
it('should return not found response for not existing folder UUID', async () => {
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
});
@@ -49,7 +49,7 @@ describe('DELETE /api/v1/folders/:folderId', () => {
it('should return bad request response for invalid UUID', async () => {
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
});

8
packages/backend/src/controllers/api/v1/folders/update-folder.test.js
View File

@@ -22,7 +22,7 @@ describe('PATCH /api/v1/folders/:folderId', () => {
const currentUserFolder = await createFolder({ userId: currentUser.id });
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
});
@@ -47,7 +47,7 @@ describe('PATCH /api/v1/folders/:folderId', () => {
it('should return not found response for not existing folder UUID', async () => {
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
});
@@ -62,7 +62,7 @@ describe('PATCH /api/v1/folders/:folderId', () => {
it('should return bad request response for invalid UUID', async () => {
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
});
@@ -77,7 +77,7 @@ describe('PATCH /api/v1/folders/:folderId', () => {
const currentUserFolder = await createFolder({ userId: currentUser.id });
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
});

12
packages/backend/src/controllers/api/v1/steps/create-dynamic-data.test.js
View File

@@ -63,7 +63,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -102,7 +102,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -156,7 +156,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -177,7 +177,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
it('should return not found response for not existing step UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -200,7 +200,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
it('should return not found response for existing step UUID without app key', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -223,7 +223,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
it('should return bad request response for invalid UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],

10
packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.test.js
View File

@@ -37,7 +37,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -78,7 +78,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -102,7 +102,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
it('should return not found response for not existing step UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -125,7 +125,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
it('should return not found response for existing step UUID without app key', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -149,7 +149,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
it('should return bad request response for invalid UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],

8
packages/backend/src/controllers/api/v1/steps/delete-step.test.js
View File

@@ -41,7 +41,7 @@ describe('DELETE /api/v1/steps/:stepId', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -76,7 +76,7 @@ describe('DELETE /api/v1/steps/:stepId', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -90,7 +90,7 @@ describe('DELETE /api/v1/steps/:stepId', () => {
it('should return not found response for not existing step UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -113,7 +113,7 @@ describe('DELETE /api/v1/steps/:stepId', () => {
it('should return bad request response for invalid step UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],

8
packages/backend/src/controllers/api/v1/steps/get-previous-steps.test.js
View File

@@ -54,7 +54,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -108,7 +108,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -129,7 +129,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => {
it('should return not found response for not existing step UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -152,7 +152,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => {
it('should return bad request response for invalid UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],

8
packages/backend/src/controllers/api/v1/steps/test-step.test.js
View File

@@ -69,7 +69,7 @@ describe('POST /api/v1/steps/:stepId/test', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: ['isCreator'],
@@ -140,7 +140,7 @@ describe('POST /api/v1/steps/:stepId/test', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -165,7 +165,7 @@ describe('POST /api/v1/steps/:stepId/test', () => {
it('should return not found response for not existing step UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -188,7 +188,7 @@ describe('POST /api/v1/steps/:stepId/test', () => {
it('should return bad request response for invalid step UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],

10
packages/backend/src/controllers/api/v1/steps/update-step.test.js
View File

@@ -46,7 +46,7 @@ describe('PATCH /api/v1/steps/:stepId', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUser.roleId,
conditions: ['isCreator'],
@@ -96,7 +96,7 @@ describe('PATCH /api/v1/steps/:stepId', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUser.roleId,
conditions: [],
@@ -145,7 +145,7 @@ describe('PATCH /api/v1/steps/:stepId', () => {
});
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUser.roleId,
conditions: ['isCreator'],
@@ -169,7 +169,7 @@ describe('PATCH /api/v1/steps/:stepId', () => {
it('should return not found response for not existing step UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUser.roleId,
conditions: [],
@@ -192,7 +192,7 @@ describe('PATCH /api/v1/steps/:stepId', () => {
it('should return bad request response for invalid step UUID', async () => {
await createPermission({
action: 'update',
action: 'manage',
subject: 'Flow',
roleId: currentUser.roleId,
conditions: [],

4
packages/backend/src/controllers/api/v1/templates/get-templates.ee.test.js
View File

@@ -24,7 +24,7 @@ describe('GET /api/v1/templates', () => {
it('should return templates when templates are enabled and user has create flow permission', async () => {
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],
@@ -45,7 +45,7 @@ describe('GET /api/v1/templates', () => {
it('should return 403 when templates are disabled', async () => {
await createPermission({
action: 'create',
action: 'manage',
subject: 'Flow',
roleId: currentUserRole.id,
conditions: [],

20
packages/backend/src/models/permission.test.js
View File

@@ -14,10 +14,10 @@ describe('Permission model', () => {
it('filter should return only valid permissions based on permission catalog', () => {
const permissions = [
{ action: 'read', subject: 'Flow', conditions: ['isCreator'] },
{ action: 'delete', subject: 'Connection', conditions: [] },
{ action: 'publish', subject: 'Flow', conditions: ['isCreator'] },
{ action: 'update', subject: 'Execution', conditions: [] }, // Invalid subject
{ action: 'read', subject: 'Execution', conditions: ['invalid'] }, // Invalid condition
{ action: 'manage', subject: 'Connection', conditions: [] },
{ action: 'manage', subject: 'Flow', conditions: ['isCreator'] },
{ action: 'manage', subject: 'Execution', conditions: [] }, // Invalid subject
{ action: 'manage', subject: 'Execution', conditions: ['invalid'] }, // Invalid condition
{ action: 'invalid', subject: 'Execution', conditions: [] }, // Invalid action
];
@@ -25,15 +25,15 @@ describe('Permission model', () => {
expect(result).toStrictEqual([
{ action: 'read', subject: 'Flow', conditions: ['isCreator'] },
{ action: 'delete', subject: 'Connection', conditions: [] },
{ action: 'publish', subject: 'Flow', conditions: ['isCreator'] },
{ action: 'manage', subject: 'Connection', conditions: [] },
{ action: 'manage', subject: 'Flow', conditions: ['isCreator'] },
]);
});
describe('findAction', () => {
it('should return action from permission catalog', () => {
const action = Permission.findAction('create');
expect(action.key).toStrictEqual('create');
const action = Permission.findAction('manage');
expect(action.key).toStrictEqual('manage');
});
it('should return undefined for invalid actions', () => {
@@ -45,7 +45,7 @@ describe('Permission model', () => {
describe('isSubjectValid', () => {
it('should return true for valid subjects', () => {
const validAction = permissionCatalog.actions.find(
(action) => action.key === 'create'
(action) => action.key === 'manage'
);
const validSubject = Permission.isSubjectValid('Connection', validAction);
@@ -54,7 +54,7 @@ describe('Permission model', () => {
it('should return false for invalid subjects', () => {
const validAction = permissionCatalog.actions.find(
(action) => action.key === 'create'
(action) => action.key === 'manage'
);
const invalidSubject = Permission.isSubjectValid(

2
packages/backend/src/models/role.test.js
View File

@@ -166,7 +166,7 @@ describe('Role model', () => {
description: 'Updated description',
permissions: [
{
action: 'update',
action: 'manage',
subject: 'Flow',
conditions: [],
},

19
packages/backend/test/mocks/rest/api/v1/admin/permissions/get-permissions-catalog.ee.js
View File

@@ -1,31 +1,16 @@
const getPermissionsCatalogMock = async () => {
const data = {
actions: [
{
key: 'create',
label: 'Create',
subjects: ['Connection', 'Flow'],
},
{
key: 'read',
label: 'Read',
subjects: ['Connection', 'Execution', 'Flow'],
},
{
key: 'update',
label: 'Update',
key: 'manage',
label: 'Manage',
subjects: ['Connection', 'Flow'],
},
{
key: 'delete',
label: 'Delete',
subjects: ['Connection', 'Flow'],
},
{
key: 'publish',
label: 'Publish',
subjects: ['Flow'],
},
],
conditions: [
{