Skip to content

Commit e63ecf3

Browse files
kjetilkkjetilk
committed
Add tests for wrong origin write
1 parent d64c11b commit e63ecf3

File tree

1 file changed

+31
-2
lines changed

1 file changed

+31
-2
lines changed

test/integration/acl-oidc-test.js

Lines changed: 31 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -255,7 +255,7 @@ describe('ACL with WebID+OIDC over HTTP', function () {
255255
})
256256
})
257257

258-
describe('Origin', function () {
258+
describe.only('Origin', function () {
259259
before(function () {
260260
rm('/accounts-acl/tim.localhost/origin/test-folder/.acl')
261261
})
@@ -271,7 +271,13 @@ describe('ACL with WebID+OIDC over HTTP', function () {
271271
' <http://www.w3.org/ns/auth/acl#accessTo> <./>;\n' +
272272
' <http://www.w3.org/ns/auth/acl#agentClass> <http://xmlns.com/foaf/0.1/Agent>;\n' +
273273
' <http://www.w3.org/ns/auth/acl#origin> <' + origin1 + '>;\n' +
274-
' <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read> .\n'
274+
' <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read> .\n' +
275+
'<#Somebody> a <http://www.w3.org/ns/auth/acl#Authorization>;\n' +
276+
' <http://www.w3.org/ns/auth/acl#accessTo> <./>;\n' +
277+
' <http://www.w3.org/ns/auth/acl#agent> <' + user2 + '>;\n' +
278+
' <http://www.w3.org/ns/auth/acl#default> <./>;\n' +
279+
' <http://www.w3.org/ns/auth/acl#origin> <' + origin1 + '>;\n' +
280+
' <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Write> .\n'
275281
request.put(options, function (error, response, body) {
276282
assert.equal(error, null)
277283
assert.equal(response.statusCode, 201)
@@ -354,9 +360,32 @@ describe('ACL with WebID+OIDC over HTTP', function () {
354360
done()
355361
})
356362
})
363+
it('user2 should be able to write to test directory with correct origin', function (done) {
364+
var options = createOptions('/origin/test-folder/test1.txt', 'user2', 'text/plain')
365+
options.headers.origin = origin1
366+
options.body = 'DAAAAAHUUUT'
367+
request.put(options, function (error, response, body) {
368+
assert.equal(error, null)
369+
assert.equal(response.statusCode, 201)
370+
done()
371+
})
372+
})
373+
it('user2 should not be able to write to test directory with wrong origin', function (done) {
374+
var options = createOptions('/origin/test-folder/test2.txt', 'user2', 'text/plain')
375+
options.headers.origin = origin2
376+
options.body = 'ARRRRGH'
377+
request.put(options, function (error, response, body) {
378+
assert.equal(error, null)
379+
assert.equal(response.statusCode, 403)
380+
assert.equal(response.statusMessage, 'Origin Unauthorized')
381+
done()
382+
})
383+
})
357384

358385
after(function () {
359386
rm('/accounts-acl/tim.localhost/origin/test-folder/.acl')
387+
rm('/accounts-acl/tim.localhost/origin/test-folder/test1.txt')
388+
rm('/accounts-acl/tim.localhost/origin/test-folder/test2.txt')
360389
})
361390
})
362391

0 commit comments

Comments
 (0)