2018-04-25 04:56:45 -05:00
|
|
|
const should = require('should'),
|
|
|
|
sinon = require('sinon'),
|
2018-10-06 15:13:52 -05:00
|
|
|
Promise = require('bluebird'),
|
2020-03-30 10:26:47 -05:00
|
|
|
common = require('../../../core/server/lib/common'),
|
|
|
|
models = require('../../../core/server/models'),
|
|
|
|
settingsCache = require('../../../core/server/services/settings/cache'),
|
2019-01-21 11:53:44 -05:00
|
|
|
testUtils = require('../../utils');
|
2018-04-25 04:56:45 -05:00
|
|
|
|
|
|
|
describe('Unit: models/invite', function () {
|
|
|
|
before(function () {
|
|
|
|
models.init();
|
2018-10-06 15:13:52 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
beforeEach(function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(settingsCache, 'get').withArgs('db_hash').returns('12345678');
|
2018-04-25 04:56:45 -05:00
|
|
|
});
|
|
|
|
|
2018-10-06 15:13:52 -05:00
|
|
|
afterEach(function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.restore();
|
2018-04-25 04:56:45 -05:00
|
|
|
});
|
|
|
|
|
2018-10-06 15:13:52 -05:00
|
|
|
describe('permissible', function () {
|
|
|
|
describe('action: add', function () {
|
|
|
|
let inviteModel;
|
|
|
|
let context;
|
|
|
|
let unsafeAttrs;
|
|
|
|
let roleModel;
|
|
|
|
let loadedPermissions;
|
|
|
|
|
|
|
|
before(function () {
|
|
|
|
inviteModel = {};
|
|
|
|
context = {};
|
|
|
|
unsafeAttrs = {role_id: 'role_id'};
|
2019-01-21 11:53:44 -05:00
|
|
|
roleModel = sinon.stub();
|
|
|
|
roleModel.get = sinon.stub();
|
2018-10-06 15:13:52 -05:00
|
|
|
loadedPermissions = {
|
|
|
|
user: {
|
|
|
|
roles: []
|
|
|
|
}
|
|
|
|
};
|
|
|
|
});
|
|
|
|
|
|
|
|
it('role does not exist', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(null);
|
2018-10-06 15:13:52 -05:00
|
|
|
|
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs)
|
|
|
|
.then(Promise.reject)
|
|
|
|
.catch((err) => {
|
|
|
|
(err instanceof common.errors.NotFoundError).should.eql(true);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite owner', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Owner');
|
|
|
|
|
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs)
|
|
|
|
.then(Promise.reject)
|
|
|
|
.catch((err) => {
|
|
|
|
(err instanceof common.errors.NoPermissionError).should.eql(true);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('as owner', function () {
|
|
|
|
beforeEach(function () {
|
|
|
|
loadedPermissions.user.roles = [{name: 'Owner'}];
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite administrator', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Administrator');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
|
2018-10-06 15:13:52 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
it('invite editor', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Editor');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
|
2018-10-06 15:13:52 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
it('invite author', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Author');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
|
2018-10-06 15:13:52 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
it('invite contributor', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Contributor');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
|
2018-10-06 15:13:52 -05:00
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('as administrator', function () {
|
|
|
|
beforeEach(function () {
|
|
|
|
loadedPermissions.user.roles = [{name: 'Administrator'}];
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite administrator', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Administrator');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
|
2018-10-06 15:13:52 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
it('invite editor', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Editor');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
|
2018-10-06 15:13:52 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
it('invite author', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Author');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
|
2018-10-06 15:13:52 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
it('invite contributor', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Contributor');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
|
2018-10-06 15:13:52 -05:00
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('as editor', function () {
|
|
|
|
beforeEach(function () {
|
|
|
|
loadedPermissions.user.roles = [{name: 'Editor'}];
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite administrator', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Administrator');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true)
|
2018-10-06 15:13:52 -05:00
|
|
|
.then(Promise.reject)
|
|
|
|
.catch((err) => {
|
|
|
|
(err instanceof common.errors.NoPermissionError).should.eql(true);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite editor', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Editor');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true)
|
2018-10-06 15:13:52 -05:00
|
|
|
.then(Promise.reject)
|
|
|
|
.catch((err) => {
|
|
|
|
(err instanceof common.errors.NoPermissionError).should.eql(true);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite author', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Author');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
|
2018-10-06 15:13:52 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
it('invite contributor', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Contributor');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
|
2018-10-06 15:13:52 -05:00
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('as author', function () {
|
|
|
|
beforeEach(function () {
|
|
|
|
loadedPermissions.user.roles = [{name: 'Author'}];
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite administrator', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Administrator');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
|
2018-10-06 15:13:52 -05:00
|
|
|
.then(Promise.reject)
|
|
|
|
.catch((err) => {
|
|
|
|
(err instanceof common.errors.NoPermissionError).should.eql(true);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite editor', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Editor');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
|
2018-10-06 15:13:52 -05:00
|
|
|
.then(Promise.reject)
|
|
|
|
.catch((err) => {
|
|
|
|
(err instanceof common.errors.NoPermissionError).should.eql(true);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite author', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Author');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
|
2018-10-06 15:13:52 -05:00
|
|
|
.then(Promise.reject)
|
|
|
|
.catch((err) => {
|
|
|
|
(err instanceof common.errors.NoPermissionError).should.eql(true);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite contributor', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Contributor');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
|
2018-10-06 15:13:52 -05:00
|
|
|
.then(Promise.reject)
|
|
|
|
.catch((err) => {
|
|
|
|
(err instanceof common.errors.NoPermissionError).should.eql(true);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('as contributor', function () {
|
|
|
|
beforeEach(function () {
|
|
|
|
loadedPermissions.user.roles = [{name: 'Contributor'}];
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite administrator', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Administrator');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
|
2018-10-06 15:13:52 -05:00
|
|
|
.then(Promise.reject)
|
|
|
|
.catch((err) => {
|
|
|
|
(err instanceof common.errors.NoPermissionError).should.eql(true);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite editor', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Editor');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
|
2018-10-06 15:13:52 -05:00
|
|
|
.then(Promise.reject)
|
|
|
|
.catch((err) => {
|
|
|
|
(err instanceof common.errors.NoPermissionError).should.eql(true);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite author', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Author');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
|
2018-10-06 15:13:52 -05:00
|
|
|
.then(Promise.reject)
|
|
|
|
.catch((err) => {
|
|
|
|
(err instanceof common.errors.NoPermissionError).should.eql(true);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
it('invite contributor', function () {
|
2019-01-21 11:53:44 -05:00
|
|
|
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
|
2018-10-06 15:13:52 -05:00
|
|
|
roleModel.get.withArgs('name').returns('Contributor');
|
|
|
|
|
2019-01-18 07:39:53 -05:00
|
|
|
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
|
2018-10-06 15:13:52 -05:00
|
|
|
.then(Promise.reject)
|
|
|
|
.catch((err) => {
|
|
|
|
(err instanceof common.errors.NoPermissionError).should.eql(true);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
2018-04-25 04:56:45 -05:00
|
|
|
});
|