|
95 | 95 | (s/context) |
96 | 96 | (e/coll-catalog-item-id "PROV1" (e/coll-id ["Public Collection"]))) |
97 | 97 |
|
98 | | - ;; Create tokens for testing different access scenarios |
99 | 98 | authorized-token (e/login (s/context) "authorized-user" [authorized-group-id])] |
100 | 99 |
|
101 | 100 | ;; Delete second restricted collection collection, testing CMR-10362 solution |
|
120 | 119 |
|
121 | 120 | (testing "Authorized user should see suggestions for all collections" |
122 | 121 | (let [authorized-results (extract-autocomplete-entries |
123 | | - (search/get-autocomplete-json "q=ORG" |
124 | | - {:headers {:authorization authorized-token}}))] |
| 122 | + (search/get-autocomplete-json |
| 123 | + "q=ORG" |
| 124 | + {:headers {:authorization authorized-token}}))] |
125 | 125 | ;; Should find all organizations in the results except the deleted collection's organization |
126 | 126 | (is (= #{"RESTRICTED-ORG" "PUBLIC-ORG" "RESTRICTED-ORG3"} |
127 | 127 | (->> authorized-results |
128 | 128 | (map :value) |
129 | 129 | set))))) |
130 | 130 |
|
131 | | - ;; Ungrant the authorized group |
| 131 | + ;; Delete all catalog item permissions, making all collections inaccessible |
132 | 132 | (e/ungrant-by-search (s/context) {:identity-type "catalog_item"}) |
133 | 133 |
|
134 | 134 | ;; Re-index the collections and suggestions |
|
181 | 181 | set))) |
182 | 182 |
|
183 | 183 | ;; Because :contains-public-collections is true, unauthorized users should still see the restricted organization |
184 | | - ;; that is now public, the other restricted organizations and the public organization should not be visible |
| 184 | + ;; that is now public even without permmissions specific to registered users or this users group, |
| 185 | + ;; the other restricted organizations and the public organization should not be visible |
185 | 186 | (is (= #{"RESTRICTED-ORG"} |
186 | 187 | (->> unauthorized-results |
187 | 188 | (map :value) |
|
0 commit comments