135 lines
4.3 KiB
JavaScript
135 lines
4.3 KiB
JavaScript
const SandboxedModule = require('sandboxed-module')
|
|
const sinon = require('sinon')
|
|
const { expect } = require('chai')
|
|
const modulePath = '../../../../app/src/Features/Helpers/AuthorizationHelper'
|
|
|
|
describe('AuthorizationHelper', function () {
|
|
beforeEach(function () {
|
|
this.AuthorizationHelper = SandboxedModule.require(modulePath, {
|
|
requires: {
|
|
'./AdminAuthorizationHelper': (this.AdminAuthorizationHelper = {
|
|
hasAdminAccess: sinon.stub().returns(false),
|
|
}),
|
|
'../../models/User': {
|
|
UserSchema: {
|
|
obj: {
|
|
staffAccess: {
|
|
publisherMetrics: {},
|
|
publisherManagement: {},
|
|
institutionMetrics: {},
|
|
institutionManagement: {},
|
|
groupMetrics: {},
|
|
groupManagement: {},
|
|
adminMetrics: {},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
'../Project/ProjectGetter': (this.ProjectGetter = { promises: {} }),
|
|
'../SplitTests/SplitTestHandler': (this.SplitTestHandler = {
|
|
promises: {},
|
|
}),
|
|
},
|
|
})
|
|
})
|
|
|
|
describe('hasAnyStaffAccess', function () {
|
|
it('with empty user', function () {
|
|
const user = {}
|
|
expect(this.AuthorizationHelper.hasAnyStaffAccess(user)).to.be.false
|
|
})
|
|
|
|
it('with no access user', function () {
|
|
const user = { isAdmin: false, staffAccess: { adminMetrics: false } }
|
|
expect(this.AuthorizationHelper.hasAnyStaffAccess(user)).to.be.false
|
|
})
|
|
|
|
it('with admin user', function () {
|
|
const user = { isAdmin: true }
|
|
this.AdminAuthorizationHelper.hasAdminAccess.returns(true)
|
|
expect(this.AuthorizationHelper.hasAnyStaffAccess(user)).to.be.false
|
|
})
|
|
|
|
it('with staff user', function () {
|
|
const user = { staffAccess: { adminMetrics: true, somethingElse: false } }
|
|
this.AdminAuthorizationHelper.hasAdminAccess.returns(true)
|
|
expect(this.AuthorizationHelper.hasAnyStaffAccess(user)).to.be.true
|
|
})
|
|
|
|
it('with non-staff user with extra attributes', function () {
|
|
// make sure that staffAccess attributes not declared on the model don't
|
|
// give user access
|
|
const user = { staffAccess: { adminMetrics: false, somethingElse: true } }
|
|
expect(this.AuthorizationHelper.hasAnyStaffAccess(user)).to.be.false
|
|
})
|
|
})
|
|
|
|
describe('isReviewerRoleEnabled', function () {
|
|
it('with no reviewers and no split test', async function () {
|
|
this.ProjectGetter.promises.getProject = sinon.stub().resolves({
|
|
reviewer_refs: {},
|
|
owner_ref: 'ownerId',
|
|
})
|
|
this.SplitTestHandler.promises.getAssignmentForUser = sinon
|
|
.stub()
|
|
.resolves({
|
|
variant: 'disabled',
|
|
})
|
|
expect(
|
|
await this.AuthorizationHelper.promises.isReviewerRoleEnabled(
|
|
'projectId'
|
|
)
|
|
).to.be.false
|
|
})
|
|
|
|
it('with no reviewers and enabled split test', async function () {
|
|
this.ProjectGetter.promises.getProject = sinon.stub().resolves({
|
|
reviewer_refs: {},
|
|
owner_ref: 'userId',
|
|
})
|
|
this.SplitTestHandler.promises.getAssignmentForUser = sinon
|
|
.stub()
|
|
.resolves({
|
|
variant: 'enabled',
|
|
})
|
|
expect(
|
|
await this.AuthorizationHelper.promises.isReviewerRoleEnabled(
|
|
'projectId'
|
|
)
|
|
).to.be.true
|
|
})
|
|
|
|
it('with reviewers and disabled split test', async function () {
|
|
this.ProjectGetter.promises.getProject = sinon.stub().resolves({
|
|
reviewer_refs: [{ $oid: 'userId' }],
|
|
})
|
|
this.SplitTestHandler.promises.getAssignmentForUser = sinon
|
|
.stub()
|
|
.resolves({
|
|
variant: 'default',
|
|
})
|
|
expect(
|
|
await this.AuthorizationHelper.promises.isReviewerRoleEnabled(
|
|
'projectId'
|
|
)
|
|
).to.be.true
|
|
})
|
|
|
|
it('with reviewers and enabled split test', async function () {
|
|
this.ProjectGetter.promises.getProject = sinon.stub().resolves({
|
|
reviewer_refs: [{ $oid: 'userId' }],
|
|
})
|
|
this.SplitTestHandler.promises.getAssignmentForUser = sinon
|
|
.stub()
|
|
.resolves({
|
|
variant: 'enabled',
|
|
})
|
|
expect(
|
|
await this.AuthorizationHelper.promises.isReviewerRoleEnabled(
|
|
'projectId'
|
|
)
|
|
).to.be.true
|
|
})
|
|
})
|
|
})
|