Add object-level permissions tests

This commit is contained in:
Thomas Goyne 2018-03-01 11:54:56 -08:00
parent ac7f7d9c4e
commit 0047ffba13
3 changed files with 95 additions and 2 deletions

View File

@ -35,7 +35,6 @@
#include "js_sync.hpp"
#include "sync/sync_config.hpp"
#include "sync/sync_manager.hpp"
#include "sync/partial_sync.hpp"
#endif
#include "shared_realm.hpp"

View File

@ -37,7 +37,8 @@ module.exports = {
}
else if (type === 'object') {
for (const key of Object.keys(val1)) {
this.assertEqual(val1[key], val2[key], errorMessage, depth + 1);
const message = errorMessage ? `${errorMessage}: ${key}` : key;
this.assertEqual(val1[key], val2[key], message, depth + 1);
}
}
else if (type === 'list') {

View File

@ -57,6 +57,34 @@ function repeatUntil(fn, predicate) {
return check;
}
function subscribe(results) {
const subscription = results.subscribe()
return new Promise((resolve, reject) => {
subscription.addListener((subscription, state) => {
if (state == Realm.Sync.SubscriptionState.Complete) {
resolve();
}
else if (state == Realm.Sync.SubscriptionState.Error) {
reject();
}
});
setTimeout(() => reject("listener never called"), 5000);
});
}
function waitForUpload(realm) {
let session = realm.syncSession;
return new Promise(resolve => {
let callback = (transferred, total) => {
if (transferred === total) {
session.removeProgressNotification(callback);
resolve(realm);
}
}
session.addProgressNotification('upload', 'forCurrentlyOutstandingWork', callback);
});
}
module.exports = {
testApplyAndGetGrantedPermissions() {
return createUsersWithTestRealms(1)
@ -118,5 +146,70 @@ module.exports = {
}
});
},
testObjectPermissions() {
let config = (user, url) => {
return {
schema: [
Realm.Permissions.Permission,
Realm.Permissions.User,
Realm.Permissions.Role,
{
name: 'Object',
properties: {
value: 'int',
permissions: '__Permission[]'
}
}
],
sync: {user, url, partial: true}
};
};
let owner, otherUser
return Realm.Sync.User.register('http://localhost:9080', uuid(), 'password')
.then(user => {
owner = user;
new Realm({sync: {user, url: 'realm://localhost:9080/~/test'}}).close();
return Realm.Sync.User.register('http://localhost:9080', uuid(), 'password')
})
.then(user => {
otherUser = user;
return owner.applyPermissions({userId: otherUser.identity}, `/${owner.identity}/test`, 'read')
})
.then(() => {
let realm = new Realm(config(owner, 'realm://localhost:9080/~/test'));
realm.write(() => {
let user = realm.create(Realm.Permissions.User, {id: otherUser.identity})
let role = realm.create(Realm.Permissions.Role, {name: 'reader'})
role.members.push(user)
let obj1 = realm.create('Object', {value: 1})
let obj2 = realm.create('Object', {value: 2})
obj2.permissions.push(realm.create(Realm.Permissions.Permission,
{role: role, canRead: true, canUpdate: false}))
});
return waitForUpload(realm).then(() => realm.close());
})
.then(() => Realm.open(config(otherUser, `realm://localhost:9080/${owner.identity}/test`)))
.then((realm) => subscribe(realm.objects('Object')).then(() => realm))
.then((realm) => {
// Should have full access to the Realm as a whole
TestCase.assertSimilar('object', realm.privileges(),
{read: true, update: true, modifySchema: true, setPermissions: true});
TestCase.assertSimilar('object', realm.privileges('Object'),
{read: true, update: true, create: true, subscribe: true, setPermissions: true});
// Verify that checking via constructor works too
TestCase.assertSimilar('object', realm.privileges(Realm.Permissions.User),
{read: true, update: true, create: true, subscribe: true, setPermissions: true});
// Should only be able to see the second object
let results = realm.objects('Object')
TestCase.assertEqual(results.length, 1);
TestCase.assertEqual(results[0].value, 2);
TestCase.assertSimilar('object', realm.privileges(results[0]),
{read: true, update: false, delete: false, setPermissions: false});
realm.close();
});
}
}