local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 72 Pull requests 3 Projects 4 Releases Packages 1 Activity Actions

PermissionSets Elixir Module (Hardcoded Permissions) closes #323 #324

Merged
moritz merged 6 commits from feature/323_permissionsets into main 2026-01-06 22:20:20 +01:00
Conversation 0 Commits 6 Files changed 5 +32 -32
2 changed files with 32 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 18ec4bfd16 - Show all commits

13
lib/mv/authorization/permission_sets.ex
View file

@ -146,7 +146,9 @@ defmodule Mv.Authorization.PermissionSets do
# Member detail # Member detail
"/members/:id", "/members/:id",
# Custom field values overview # Custom field values overview
"/custom_field_values" "/custom_field_values",
# Custom field value detail
"/custom_field_values/:id"
] ]
} }
end end
@ -184,6 +186,8 @@ defmodule Mv.Authorization.PermissionSets do
# Edit member # Edit member
"/members/:id/edit", "/members/:id/edit",
"/custom_field_values", "/custom_field_values",
# Custom field value detail
"/custom_field_values/:id",
"/custom_field_values/new", "/custom_field_values/new",
"/custom_field_values/:id/edit" "/custom_field_values/:id/edit"
] ]
@ -230,6 +234,11 @@ defmodule Mv.Authorization.PermissionSets do
} }
end end
def get_permissions(invalid) do
raise ArgumentError,
"invalid permission set: #{inspect(invalid)}. Must be one of: #{inspect(all_permission_sets())}"
end
@doc """ @doc """
Checks if a permission set name (string or atom) is valid. Checks if a permission set name (string or atom) is valid.
@ -244,7 +253,7 @@ defmodule Mv.Authorization.PermissionSets do
iex> PermissionSets.valid_permission_set?("invalid") iex> PermissionSets.valid_permission_set?("invalid")
false false
""" """
@spec valid_permission_set?(String.t() | atom()) :: boolean() @spec valid_permission_set?(any()) :: boolean()
def valid_permission_set?(name) when is_binary(name) do def valid_permission_set?(name) when is_binary(name) do
case permission_set_name_to_atom(name) do case permission_set_name_to_atom(name) do
{:ok, _atom} -> true {:ok, _atom} -> true

51
test/mv/authorization/permission_sets_test.exs
View file

@ -19,40 +19,22 @@ defmodule Mv.Authorization.PermissionSetsTest do
end end
describe "get_permissions/1" do describe "get_permissions/1" do
test "returns map with :resources and :pages keys for :own_data" do test "all permission sets return map with :resources and :pages keys" do
permissions = PermissionSets.get_permissions(:own_data) for set <- PermissionSets.all_permission_sets() do
permissions = PermissionSets.get_permissions(set)
assert Map.has_key?(permissions, :resources) assert Map.has_key?(permissions, :resources),
assert Map.has_key?(permissions, :pages) "#{set} missing :resources key"
assert is_list(permissions.resources)
assert is_list(permissions.pages)
end
test "returns map with :resources and :pages keys for :read_only" do assert Map.has_key?(permissions, :pages),
permissions = PermissionSets.get_permissions(:read_only) "#{set} missing :pages key"
assert Map.has_key?(permissions, :resources) assert is_list(permissions.resources),
assert Map.has_key?(permissions, :pages) "#{set} :resources must be a list"
assert is_list(permissions.resources)
assert is_list(permissions.pages)
end
test "returns map with :resources and :pages keys for :normal_user" do assert is_list(permissions.pages),
permissions = PermissionSets.get_permissions(:normal_user) "#{set} :pages must be a list"
end
assert Map.has_key?(permissions, :resources)
assert Map.has_key?(permissions, :pages)
assert is_list(permissions.resources)
assert is_list(permissions.pages)
end
test "returns map with :resources and :pages keys for :admin" do
permissions = PermissionSets.get_permissions(:admin)
assert Map.has_key?(permissions, :resources)
assert Map.has_key?(permissions, :pages)
assert is_list(permissions.resources)
assert is_list(permissions.pages)
end end
test "each resource permission has required keys" do test "each resource permission has required keys" do
@ -251,6 +233,7 @@ defmodule Mv.Authorization.PermissionSetsTest do
assert "/members" in permissions.pages assert "/members" in permissions.pages
assert "/members/:id" in permissions.pages assert "/members/:id" in permissions.pages
assert "/custom_field_values" in permissions.pages assert "/custom_field_values" in permissions.pages
assert "/custom_field_values/:id" in permissions.pages
end end
end end
@ -356,6 +339,7 @@ defmodule Mv.Authorization.PermissionSetsTest do
assert "/members/:id" in permissions.pages assert "/members/:id" in permissions.pages
assert "/members/:id/edit" in permissions.pages assert "/members/:id/edit" in permissions.pages
assert "/custom_field_values" in permissions.pages assert "/custom_field_values" in permissions.pages
assert "/custom_field_values/:id" in permissions.pages
assert "/custom_field_values/new" in permissions.pages assert "/custom_field_values/new" in permissions.pages
assert "/custom_field_values/:id/edit" in permissions.pages assert "/custom_field_values/:id/edit" in permissions.pages
end end
@ -541,6 +525,13 @@ defmodule Mv.Authorization.PermissionSetsTest do
test "returns false for nil input" do test "returns false for nil input" do
assert PermissionSets.valid_permission_set?(nil) == false assert PermissionSets.valid_permission_set?(nil) == false
end end
test "returns false for invalid types" do
assert PermissionSets.valid_permission_set?(123) == false
assert PermissionSets.valid_permission_set?([]) == false
assert PermissionSets.valid_permission_set?(%{}) == false
assert PermissionSets.valid_permission_set?("") == false
end
end end
describe "permission_set_name_to_atom/1" do describe "permission_set_name_to_atom/1" do