2020-06-09 21:03:28 +00:00
|
|
|
/* eslint-disable ember/avoid-leaking-state-in-ember-objects */
|
2020-01-27 23:19:03 +00:00
|
|
|
import { module, test } from 'qunit';
|
|
|
|
import { setupTest } from 'ember-qunit';
|
|
|
|
import Service from '@ember/service';
|
2020-01-28 01:32:29 +00:00
|
|
|
import setupAbility from 'nomad-ui/tests/helpers/setup-ability';
|
2020-01-27 23:19:03 +00:00
|
|
|
|
|
|
|
module('Unit | Ability | client', function(hooks) {
|
|
|
|
setupTest(hooks);
|
2020-01-28 01:32:29 +00:00
|
|
|
setupAbility('client')(hooks);
|
2020-01-27 23:19:03 +00:00
|
|
|
|
2020-01-31 00:34:35 +00:00
|
|
|
test('it permits client write when ACLs are disabled', function(assert) {
|
|
|
|
const mockToken = Service.extend({
|
|
|
|
aclEnabled: false,
|
|
|
|
});
|
|
|
|
this.owner.register('service:token', mockToken);
|
|
|
|
|
|
|
|
assert.ok(this.ability.canWrite);
|
|
|
|
});
|
|
|
|
|
2020-01-27 23:19:03 +00:00
|
|
|
test('it permits client write for management tokens', function(assert) {
|
|
|
|
const mockToken = Service.extend({
|
2020-01-31 00:34:35 +00:00
|
|
|
aclEnabled: true,
|
2020-01-27 23:19:03 +00:00
|
|
|
selfToken: { type: 'management' },
|
|
|
|
});
|
|
|
|
this.owner.register('service:token', mockToken);
|
|
|
|
|
|
|
|
assert.ok(this.ability.canWrite);
|
|
|
|
});
|
|
|
|
|
|
|
|
test('it permits client write for tokens with a policy that has node-write', function(assert) {
|
|
|
|
const mockToken = Service.extend({
|
2020-01-31 00:34:35 +00:00
|
|
|
aclEnabled: true,
|
2020-01-27 23:19:03 +00:00
|
|
|
selfToken: { type: 'client' },
|
|
|
|
selfTokenPolicies: [
|
|
|
|
{
|
|
|
|
rulesJSON: {
|
|
|
|
Node: {
|
|
|
|
Policy: 'write',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
],
|
|
|
|
});
|
|
|
|
this.owner.register('service:token', mockToken);
|
|
|
|
|
|
|
|
assert.ok(this.ability.canWrite);
|
|
|
|
});
|
|
|
|
|
|
|
|
test('it permits client write for tokens with a policy that allows write and another policy that disallows it', function(assert) {
|
|
|
|
const mockToken = Service.extend({
|
2020-01-31 00:34:35 +00:00
|
|
|
aclEnabled: true,
|
2020-01-27 23:19:03 +00:00
|
|
|
selfToken: { type: 'client' },
|
|
|
|
selfTokenPolicies: [
|
|
|
|
{
|
|
|
|
rulesJSON: {
|
|
|
|
Node: {
|
|
|
|
Policy: 'write',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
rulesJSON: {
|
|
|
|
Node: {
|
|
|
|
Policy: 'read',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
],
|
|
|
|
});
|
|
|
|
this.owner.register('service:token', mockToken);
|
|
|
|
|
|
|
|
assert.ok(this.ability.canWrite);
|
|
|
|
});
|
|
|
|
|
|
|
|
test('it blocks client write for tokens with a policy that does not allow node-write', function(assert) {
|
|
|
|
const mockToken = Service.extend({
|
2020-01-31 00:34:35 +00:00
|
|
|
aclEnabled: true,
|
2020-01-27 23:19:03 +00:00
|
|
|
selfToken: { type: 'client' },
|
|
|
|
selfTokenPolicies: [
|
|
|
|
{
|
|
|
|
rulesJSON: {
|
|
|
|
Node: {
|
|
|
|
Policy: 'read',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
],
|
|
|
|
});
|
|
|
|
this.owner.register('service:token', mockToken);
|
|
|
|
|
|
|
|
assert.notOk(this.ability.canWrite);
|
|
|
|
});
|
|
|
|
});
|