0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
ghost/apps/admin-x-settings/test/unit/api/customThemeSettings.ts
Ronald Langeveld a9ad08cf89
Fixed API Query permissions in User Settings (#18680)
refs
https://www.notion.so/ghost/Cannot-fetch-invites-error-shown-for-authors-edc00af822d844e7add114fd834fc8fc

- the problem is that certain users don't have permissions to make
certain API calls.
- This adds a new hook that validates the current user against
permissions before a query can be made.

---

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 9d9cc07</samp>

Added a `usePermission` hook and a `permissions` option for custom API
queries to implement role-based permissions in the admin settings app.
2023-10-18 17:04:59 +07:00

29 lines
1.1 KiB
TypeScript

import * as assert from 'assert/strict';
import {CustomThemeSetting} from '../../../src/api/customThemeSettings';
import {isCustomThemeSettingVisible} from '../../../src/utils/isCustomThemeSettingsVisible';
describe('isCustomThemeSettingVisible', function () {
it('returns whether or not a custom theme setting is visible', function () {
const settings: CustomThemeSetting[] = [
{
id: 'abc123',
key: 'foo',
type: 'boolean',
value: false,
default: true
},
{
id: 'def456',
key: 'bar',
type: 'text',
value: 'qux',
default: 'qux',
visibility: 'foo:true'
}
];
const settingsKeyValueObj = settings.reduce((obj, {key, value}) => ({...obj, [key]: value}), {});
assert.equal(isCustomThemeSettingVisible(settings[0], settingsKeyValueObj), true);
assert.equal(isCustomThemeSettingVisible(settings[1], settingsKeyValueObj), false);
});
});