Skip to content

Commit f097f7a

Browse files
YousefEDYousefED
committed
enable cascading access tests
1 parent 8792978 commit f097f7a

File tree

1 file changed

+31
-18
lines changed

1 file changed

+31
-18
lines changed

packages/server/src/supabase/test/supabase.cascadingaccess.test.ts

Lines changed: 31 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -28,28 +28,32 @@ Example:
2828
- Document A is also a child of Document D
2929
- User Alice has read/write access to Document C, and Document D
3030
- User Alice explicitly has no access to document B
31-
- In this case, Alice does not have access to document A, because even though it has access to document D it doesn't have access to document B. It doesn't have access to document B, because this has been explicitly denied, even though Alice has access to B's parent C
31+
- In this case, Alice does not have access to document A, because even though it has access to document D it doesn't have access to document B.
32+
It doesn't have access to document B, because this has been explicitly denied, even though Alice has access to B's parent C
3233
3334
*/
34-
it.skip("test first scenario", async () => {
35-
const docA = createDocument(alice.user!.id, "helloA", "write");
36-
const docB = createDocument(alice.user!.id, "helloB", "write");
37-
const docC = createDocument(alice.user!.id, "helloC", "write");
38-
const docD = createDocument(alice.user!.id, "helloD", "write");
35+
it("test first scenario", async () => {
36+
// insert documents
37+
const docA = createDocument(alice.user!.id, "helloA", "no-access");
38+
const docB = createDocument(alice.user!.id, "helloB", "no-access");
39+
const docC = createDocument(alice.user!.id, "helloC", "no-access");
40+
const docD = createDocument(alice.user!.id, "helloD", "no-access");
3941
const ret = await alice.supabase
4042
.from("documents")
4143
.insert([docA, docB, docC, docD])
4244
.select();
43-
console.log(ret.error);
45+
4446
expect(ret.error).toBeNull();
4547

48+
// insert relations
4649
const retRels = await alice.supabase.from("document_relations").insert([
4750
{ child_id: docA.id, parent_id: docB.id },
4851
{ child_id: docB.id, parent_id: docC.id },
4952
{ child_id: docA.id, parent_id: docD.id },
5053
]);
5154
expect(retRels.error).toBeNull();
5255

56+
// insert permissions
5357
const retPerms = await alice.supabase.from("document_permissions").insert([
5458
{
5559
document_id: docC.id,
@@ -70,13 +74,14 @@ Example:
7074

7175
expect(retPerms.error).toBeNull();
7276

77+
// validate access to C and D only
7378
const ret2 = await bob.supabase
7479
.from("documents")
75-
.select()
76-
.eq("id", docA.id);
80+
.select("id")
81+
.in("id", [docA.id, docB.id, docC.id, docD.id]);
7782

7883
expect(ret2.error).toBeNull();
79-
expect(ret2.data!.length).toBe(0);
84+
expect(ret2.data?.map((doc) => doc.id)).toEqual([docC.id, docD.id]);
8085
});
8186

8287
/*
@@ -90,24 +95,27 @@ Example:
9095
- In this case, Alice does have access to document A, because it has access to document D and to document B. It has access to document B because it's been granted explicitly, even though she does not have access to it's parent C
9196
*/
9297
it("test second scenario", async () => {
93-
const docA = createDocument(alice.user!.id, "helloA", "write");
94-
const docB = createDocument(alice.user!.id, "helloB", "write");
95-
const docC = createDocument(alice.user!.id, "helloC", "write");
96-
const docD = createDocument(alice.user!.id, "helloD", "write");
98+
// insert documents
99+
const docA = createDocument(alice.user!.id, "helloA", "no-access");
100+
const docB = createDocument(alice.user!.id, "helloB", "no-access");
101+
const docC = createDocument(alice.user!.id, "helloC", "no-access");
102+
const docD = createDocument(alice.user!.id, "helloD", "no-access");
103+
97104
const ret = await alice.supabase
98105
.from("documents")
99106
.insert([docA, docB, docC, docD])
100107
.select();
101-
console.log(ret.error);
102108
expect(ret.error).toBeNull();
103109

110+
// insert relations
104111
const retRels = await alice.supabase.from("document_relations").insert([
105112
{ child_id: docA.id, parent_id: docB.id },
106113
{ child_id: docB.id, parent_id: docC.id },
107114
{ child_id: docA.id, parent_id: docD.id },
108115
]);
109116
expect(retRels.error).toBeNull();
110117

118+
// insert permissions
111119
const retPerms = await alice.supabase.from("document_permissions").insert([
112120
{
113121
document_id: docC.id,
@@ -128,12 +136,17 @@ Example:
128136

129137
expect(retPerms.error).toBeNull();
130138

139+
// validate access to A, B and D
131140
const ret2 = await bob.supabase
132141
.from("documents")
133-
.select()
134-
.eq("id", docA.id);
142+
.select("id")
143+
.in("id", [docA.id, docB.id, docC.id, docD.id]);
135144

136145
expect(ret2.error).toBeNull();
137-
expect(ret2.data!.length).toBe(1);
146+
expect(ret2.data?.map((doc) => doc.id)).toEqual([
147+
docA.id,
148+
docB.id,
149+
docD.id,
150+
]);
138151
});
139152
});

0 commit comments

Comments
 (0)