PermissionSets Elixir Module (Hardcoded Permissions) closes #323 #324
2 changed files with 32 additions and 32 deletions
|
|
@ -146,7 +146,9 @@ defmodule Mv.Authorization.PermissionSets do
|
|||
# Member detail
|
||||
"/members/:id",
|
||||
# Custom field values overview
|
||||
"/custom_field_values"
|
||||
"/custom_field_values",
|
||||
# Custom field value detail
|
||||
"/custom_field_values/:id"
|
||||
]
|
||||
}
|
||||
end
|
||||
|
|
@ -184,6 +186,8 @@ defmodule Mv.Authorization.PermissionSets do
|
|||
# Edit member
|
||||
"/members/:id/edit",
|
||||
"/custom_field_values",
|
||||
# Custom field value detail
|
||||
"/custom_field_values/:id",
|
||||
"/custom_field_values/new",
|
||||
"/custom_field_values/:id/edit"
|
||||
]
|
||||
|
|
@ -230,6 +234,11 @@ defmodule Mv.Authorization.PermissionSets do
|
|||
}
|
||||
end
|
||||
|
||||
def get_permissions(invalid) do
|
||||
raise ArgumentError,
|
||||
"invalid permission set: #{inspect(invalid)}. Must be one of: #{inspect(all_permission_sets())}"
|
||||
end
|
||||
|
||||
@doc """
|
||||
Checks if a permission set name (string or atom) is valid.
|
||||
|
||||
|
|
@ -244,7 +253,7 @@ defmodule Mv.Authorization.PermissionSets do
|
|||
iex> PermissionSets.valid_permission_set?("invalid")
|
||||
false
|
||||
"""
|
||||
@spec valid_permission_set?(String.t() | atom()) :: boolean()
|
||||
@spec valid_permission_set?(any()) :: boolean()
|
||||
def valid_permission_set?(name) when is_binary(name) do
|
||||
case permission_set_name_to_atom(name) do
|
||||
{:ok, _atom} -> true
|
||||
|
|
|
|||
|
|
@ -19,40 +19,22 @@ defmodule Mv.Authorization.PermissionSetsTest do
|
|||
end
|
||||
|
||||
describe "get_permissions/1" do
|
||||
test "returns map with :resources and :pages keys for :own_data" do
|
||||
permissions = PermissionSets.get_permissions(:own_data)
|
||||
test "all permission sets return map with :resources and :pages keys" do
|
||||
for set <- PermissionSets.all_permission_sets() do
|
||||
permissions = PermissionSets.get_permissions(set)
|
||||
|
||||
assert Map.has_key?(permissions, :resources)
|
||||
assert Map.has_key?(permissions, :pages)
|
||||
assert is_list(permissions.resources)
|
||||
assert is_list(permissions.pages)
|
||||
end
|
||||
assert Map.has_key?(permissions, :resources),
|
||||
"#{set} missing :resources key"
|
||||
|
||||
test "returns map with :resources and :pages keys for :read_only" do
|
||||
permissions = PermissionSets.get_permissions(:read_only)
|
||||
assert Map.has_key?(permissions, :pages),
|
||||
"#{set} missing :pages key"
|
||||
|
||||
assert Map.has_key?(permissions, :resources)
|
||||
assert Map.has_key?(permissions, :pages)
|
||||
assert is_list(permissions.resources)
|
||||
assert is_list(permissions.pages)
|
||||
end
|
||||
assert is_list(permissions.resources),
|
||||
"#{set} :resources must be a list"
|
||||
|
||||
test "returns map with :resources and :pages keys for :normal_user" do
|
||||
permissions = PermissionSets.get_permissions(:normal_user)
|
||||
|
||||
assert Map.has_key?(permissions, :resources)
|
||||
assert Map.has_key?(permissions, :pages)
|
||||
assert is_list(permissions.resources)
|
||||
assert is_list(permissions.pages)
|
||||
end
|
||||
|
||||
test "returns map with :resources and :pages keys for :admin" do
|
||||
permissions = PermissionSets.get_permissions(:admin)
|
||||
|
||||
assert Map.has_key?(permissions, :resources)
|
||||
assert Map.has_key?(permissions, :pages)
|
||||
assert is_list(permissions.resources)
|
||||
assert is_list(permissions.pages)
|
||||
assert is_list(permissions.pages),
|
||||
"#{set} :pages must be a list"
|
||||
end
|
||||
end
|
||||
|
||||
test "each resource permission has required keys" do
|
||||
|
|
@ -251,6 +233,7 @@ defmodule Mv.Authorization.PermissionSetsTest do
|
|||
assert "/members" in permissions.pages
|
||||
assert "/members/:id" in permissions.pages
|
||||
assert "/custom_field_values" in permissions.pages
|
||||
assert "/custom_field_values/:id" in permissions.pages
|
||||
end
|
||||
end
|
||||
|
||||
|
|
@ -356,6 +339,7 @@ defmodule Mv.Authorization.PermissionSetsTest do
|
|||
assert "/members/:id" in permissions.pages
|
||||
assert "/members/:id/edit" in permissions.pages
|
||||
assert "/custom_field_values" in permissions.pages
|
||||
assert "/custom_field_values/:id" in permissions.pages
|
||||
assert "/custom_field_values/new" in permissions.pages
|
||||
assert "/custom_field_values/:id/edit" in permissions.pages
|
||||
end
|
||||
|
|
@ -541,6 +525,13 @@ defmodule Mv.Authorization.PermissionSetsTest do
|
|||
test "returns false for nil input" do
|
||||
assert PermissionSets.valid_permission_set?(nil) == false
|
||||
end
|
||||
|
||||
test "returns false for invalid types" do
|
||||
assert PermissionSets.valid_permission_set?(123) == false
|
||||
assert PermissionSets.valid_permission_set?([]) == false
|
||||
assert PermissionSets.valid_permission_set?(%{}) == false
|
||||
assert PermissionSets.valid_permission_set?("") == false
|
||||
end
|
||||
end
|
||||
|
||||
describe "permission_set_name_to_atom/1" do
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue