forest_liana 7.6.13 → 7.6.14
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/forest_liana/resources_controller.rb +8 -8
- data/app/controllers/forest_liana/smart_actions_controller.rb +1 -1
- data/app/controllers/forest_liana/stats_controller.rb +1 -1
- data/app/services/forest_liana/permissions_checker.rb +7 -5
- data/app/services/forest_liana/token.rb +2 -1
- data/lib/forest_liana/version.rb +1 -1
- data/spec/requests/actions_controller_spec.rb +2 -1
- data/spec/requests/count_spec.rb +2 -1
- data/spec/requests/resources_spec.rb +2 -1
- data/spec/requests/stats_spec.rb +5 -4
- data/spec/services/forest_liana/permissions_checker_acl_disabled_spec.rb +28 -28
- data/spec/services/forest_liana/permissions_checker_acl_enabled_spec.rb +37 -37
- data/spec/services/forest_liana/permissions_checker_live_queries_spec.rb +53 -9
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4c0be19be3d243bda2e6ed0a9b926c6e1f1b24b7ab44187698d7fa08bdd8cfbb
|
4
|
+
data.tar.gz: cd4076fa6837e825d545ccc0995dfef7a2326c652ab659ff615f582069b59c12
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0c34125014fb5025c6d9bfbe4c1fc4076d876ca2a436671743c5c529ac8b8c9cbb9add104ad03f01142a31ae17c0a04f3c9e76b73b1eb4785dfe01d4cbb1d3c2
|
7
|
+
data.tar.gz: d189bf3ccd299236868d97c8fc32464c9c22f095c1c0a1c5f28c990b2690f63fe6f9c25f45c374b510849f3246dcd4e572b110194e0ca2ce0cc60e209d511133
|
@@ -16,14 +16,14 @@ module ForestLiana
|
|
16
16
|
def index
|
17
17
|
begin
|
18
18
|
if request.format == 'csv'
|
19
|
-
checker = ForestLiana::PermissionsChecker.new(@resource, 'exportEnabled', @rendering_id,
|
19
|
+
checker = ForestLiana::PermissionsChecker.new(@resource, 'exportEnabled', @rendering_id, user: forest_user)
|
20
20
|
return head :forbidden unless checker.is_authorized?
|
21
21
|
else
|
22
22
|
checker = ForestLiana::PermissionsChecker.new(
|
23
23
|
@resource,
|
24
24
|
'browseEnabled',
|
25
25
|
@rendering_id,
|
26
|
-
|
26
|
+
user: forest_user,
|
27
27
|
collection_list_parameters: get_collection_list_permission_info(forest_user, request)
|
28
28
|
)
|
29
29
|
return head :forbidden unless checker.is_authorized?
|
@@ -60,7 +60,7 @@ module ForestLiana
|
|
60
60
|
@resource,
|
61
61
|
'browseEnabled',
|
62
62
|
@rendering_id,
|
63
|
-
|
63
|
+
user: forest_user,
|
64
64
|
collection_list_parameters: get_collection_list_permission_info(forest_user, request)
|
65
65
|
)
|
66
66
|
return head :forbidden unless checker.is_authorized?
|
@@ -89,7 +89,7 @@ module ForestLiana
|
|
89
89
|
|
90
90
|
def show
|
91
91
|
begin
|
92
|
-
checker = ForestLiana::PermissionsChecker.new(@resource, 'readEnabled', @rendering_id,
|
92
|
+
checker = ForestLiana::PermissionsChecker.new(@resource, 'readEnabled', @rendering_id, user: forest_user)
|
93
93
|
return head :forbidden unless checker.is_authorized?
|
94
94
|
|
95
95
|
getter = ForestLiana::ResourceGetter.new(@resource, params, forest_user)
|
@@ -107,7 +107,7 @@ module ForestLiana
|
|
107
107
|
|
108
108
|
def create
|
109
109
|
begin
|
110
|
-
checker = ForestLiana::PermissionsChecker.new(@resource, 'addEnabled', @rendering_id,
|
110
|
+
checker = ForestLiana::PermissionsChecker.new(@resource, 'addEnabled', @rendering_id, user: forest_user)
|
111
111
|
return head :forbidden unless checker.is_authorized?
|
112
112
|
|
113
113
|
creator = ForestLiana::ResourceCreator.new(@resource, params)
|
@@ -131,7 +131,7 @@ module ForestLiana
|
|
131
131
|
|
132
132
|
def update
|
133
133
|
begin
|
134
|
-
checker = ForestLiana::PermissionsChecker.new(@resource, 'editEnabled', @rendering_id,
|
134
|
+
checker = ForestLiana::PermissionsChecker.new(@resource, 'editEnabled', @rendering_id, user: forest_user)
|
135
135
|
return head :forbidden unless checker.is_authorized?
|
136
136
|
|
137
137
|
updater = ForestLiana::ResourceUpdater.new(@resource, params, forest_user)
|
@@ -154,7 +154,7 @@ module ForestLiana
|
|
154
154
|
end
|
155
155
|
|
156
156
|
def destroy
|
157
|
-
checker = ForestLiana::PermissionsChecker.new(@resource, 'deleteEnabled', @rendering_id,
|
157
|
+
checker = ForestLiana::PermissionsChecker.new(@resource, 'deleteEnabled', @rendering_id, user: forest_user)
|
158
158
|
return head :forbidden unless checker.is_authorized?
|
159
159
|
|
160
160
|
collection_name = ForestLiana.name_for(@resource)
|
@@ -174,7 +174,7 @@ module ForestLiana
|
|
174
174
|
end
|
175
175
|
|
176
176
|
def destroy_bulk
|
177
|
-
checker = ForestLiana::PermissionsChecker.new(@resource, 'deleteEnabled', @rendering_id,
|
177
|
+
checker = ForestLiana::PermissionsChecker.new(@resource, 'deleteEnabled', @rendering_id, user: forest_user)
|
178
178
|
return head :forbidden unless checker.is_authorized?
|
179
179
|
|
180
180
|
ids = ForestLiana::ResourcesGetter.get_ids_from_request(params, forest_user)
|
@@ -63,7 +63,7 @@ module ForestLiana
|
|
63
63
|
find_resource(smart_action_request[:collection_name]),
|
64
64
|
'actions',
|
65
65
|
@rendering_id,
|
66
|
-
|
66
|
+
user: forest_user,
|
67
67
|
smart_action_request_info: get_smart_action_request_info
|
68
68
|
)
|
69
69
|
return head :forbidden unless checker.is_authorized?
|
@@ -6,12 +6,14 @@ module ForestLiana
|
|
6
6
|
|
7
7
|
@@expiration_in_seconds = (ENV['FOREST_PERMISSIONS_EXPIRATION_IN_SECONDS'] || 3600).to_i
|
8
8
|
|
9
|
-
|
9
|
+
ALLOWED_PERMISSION_LEVELS = %w[admin editor developer]
|
10
|
+
|
11
|
+
def initialize(resource, permission_name, rendering_id, user: nil, smart_action_request_info: nil, collection_list_parameters: Hash.new, query_request_info: nil)
|
10
12
|
@collection_name = resource.present? ? ForestLiana.name_for(resource) : nil
|
11
13
|
@permission_name = permission_name
|
12
14
|
@rendering_id = rendering_id
|
13
15
|
|
14
|
-
@
|
16
|
+
@user = user
|
15
17
|
@smart_action_request_info = smart_action_request_info
|
16
18
|
@collection_list_parameters = collection_list_parameters
|
17
19
|
@query_request_info = query_request_info
|
@@ -56,9 +58,9 @@ module ForestLiana
|
|
56
58
|
|
57
59
|
# NOTICE: check liveQueries permissions
|
58
60
|
if @permission_name === 'liveQueries'
|
59
|
-
return live_query_allowed?
|
61
|
+
return ALLOWED_PERMISSION_LEVELS.include?(@user['permission_level']) || live_query_allowed?
|
60
62
|
elsif @permission_name === 'statWithParameters'
|
61
|
-
return stat_with_parameters_allowed?
|
63
|
+
return ALLOWED_PERMISSION_LEVELS.include?(@user['permission_level']) || stat_with_parameters_allowed?
|
62
64
|
end
|
63
65
|
|
64
66
|
if permissions && permissions[@collection_name] &&
|
@@ -146,7 +148,7 @@ module ForestLiana
|
|
146
148
|
def is_user_allowed(permission_value)
|
147
149
|
return false if permission_value.nil?
|
148
150
|
return permission_value if permission_value.in? [true, false]
|
149
|
-
permission_value.include?(@
|
151
|
+
permission_value.include?(@user['id'].to_i)
|
150
152
|
end
|
151
153
|
|
152
154
|
def smart_action_allowed?(smart_actions_permissions)
|
@@ -22,7 +22,8 @@ module ForestLiana
|
|
22
22
|
role: user['role'],
|
23
23
|
tags: user['tags'],
|
24
24
|
rendering_id: rendering_id,
|
25
|
-
exp: expiration_in_seconds()
|
25
|
+
exp: expiration_in_seconds(),
|
26
|
+
permission_level: user['permission_level'],
|
26
27
|
}, ForestLiana.auth_secret, 'HS256')
|
27
28
|
end
|
28
29
|
end
|
data/lib/forest_liana/version.rb
CHANGED
@@ -25,7 +25,8 @@ describe 'Requesting Actions routes', :type => :request do
|
|
25
25
|
last_name: 'Kelso',
|
26
26
|
team: 'Operations',
|
27
27
|
rendering_id: rendering_id,
|
28
|
-
exp: Time.now.to_i + 2.weeks.to_i
|
28
|
+
exp: Time.now.to_i + 2.weeks.to_i,
|
29
|
+
permission_level: 'admin'
|
29
30
|
}, ForestLiana.auth_secret, 'HS256')
|
30
31
|
}
|
31
32
|
|
data/spec/requests/count_spec.rb
CHANGED
@@ -29,7 +29,8 @@ describe 'Requesting Owner', :type => :request do
|
|
29
29
|
last_name: 'Kelso',
|
30
30
|
team: 'Operations',
|
31
31
|
rendering_id: 16,
|
32
|
-
exp: Time.now.to_i + 2.weeks.to_i
|
32
|
+
exp: Time.now.to_i + 2.weeks.to_i,
|
33
|
+
permission_level: 'admin'
|
33
34
|
}, ForestLiana.auth_secret, 'HS256')
|
34
35
|
|
35
36
|
headers = {
|
@@ -28,7 +28,8 @@ describe 'Requesting Tree resources', :type => :request do
|
|
28
28
|
last_name: 'Kelso',
|
29
29
|
team: 'Operations',
|
30
30
|
rendering_id: 16,
|
31
|
-
exp: Time.now.to_i + 2.weeks.to_i
|
31
|
+
exp: Time.now.to_i + 2.weeks.to_i,
|
32
|
+
permission_level: 'admin'
|
32
33
|
}, ForestLiana.auth_secret, 'HS256')
|
33
34
|
|
34
35
|
headers = {
|
data/spec/requests/stats_spec.rb
CHANGED
@@ -10,7 +10,8 @@ describe "Stats", type: :request do
|
|
10
10
|
last_name: 'Kelso',
|
11
11
|
team: 'Operations',
|
12
12
|
rendering_id: 16,
|
13
|
-
exp: Time.now.to_i + 2.weeks.to_i
|
13
|
+
exp: Time.now.to_i + 2.weeks.to_i,
|
14
|
+
permission_level: 'admin'
|
14
15
|
}, ForestLiana.auth_secret, 'HS256')
|
15
16
|
|
16
17
|
headers = {
|
@@ -37,7 +38,7 @@ describe "Stats", type: :request do
|
|
37
38
|
allow(ForestLiana::IpWhitelist).to receive(:retrieve) { true }
|
38
39
|
allow(ForestLiana::IpWhitelist).to receive(:is_ip_whitelist_retrieved) { true }
|
39
40
|
allow(ForestLiana::IpWhitelist).to receive(:is_ip_valid) { true }
|
40
|
-
|
41
|
+
|
41
42
|
allow_any_instance_of(ForestLiana::PermissionsChecker).to receive(:is_authorized?) { true }
|
42
43
|
|
43
44
|
allow_any_instance_of(ForestLiana::ValueStatGetter).to receive(:perform) { true }
|
@@ -81,7 +82,7 @@ describe "Stats", type: :request do
|
|
81
82
|
expect(response.status).to eq(403)
|
82
83
|
end
|
83
84
|
end
|
84
|
-
|
85
|
+
|
85
86
|
describe 'POST /stats' do
|
86
87
|
params = { query: 'SELECT COUNT(*) AS value FROM products;' }
|
87
88
|
|
@@ -107,7 +108,7 @@ describe "Stats", type: :request do
|
|
107
108
|
|
108
109
|
it 'should respond 422 with unprocessable query' do
|
109
110
|
allow_any_instance_of(ForestLiana::QueryStatGetter).to receive(:perform) { raise ForestLiana::Errors::LiveQueryError.new }
|
110
|
-
|
111
|
+
|
111
112
|
post '/forest/stats', params: JSON.dump(params), headers: headers
|
112
113
|
expect(response.status).to eq(422)
|
113
114
|
end
|
@@ -4,7 +4,7 @@ module ForestLiana
|
|
4
4
|
described_class.empty_cache
|
5
5
|
end
|
6
6
|
|
7
|
-
let(:
|
7
|
+
let(:user) { { 'id' => '1' } }
|
8
8
|
let(:schema) {
|
9
9
|
[
|
10
10
|
ForestLiana::Model::Collection.new({
|
@@ -127,8 +127,8 @@ module ForestLiana
|
|
127
127
|
end
|
128
128
|
|
129
129
|
it 'should call the API twice' do
|
130
|
-
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id,
|
131
|
-
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id,
|
130
|
+
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id, user: user).is_authorized?
|
131
|
+
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id, user: user).is_authorized?
|
132
132
|
|
133
133
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).twice
|
134
134
|
end
|
@@ -136,8 +136,8 @@ module ForestLiana
|
|
136
136
|
|
137
137
|
context 'before expiration time' do
|
138
138
|
it 'should call the API only once' do
|
139
|
-
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id,
|
140
|
-
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id,
|
139
|
+
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id, user: user).is_authorized?
|
140
|
+
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id, user: user).is_authorized?
|
141
141
|
|
142
142
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).once
|
143
143
|
end
|
@@ -175,8 +175,8 @@ module ForestLiana
|
|
175
175
|
api_permissions_rendering_2['data']['custom']['collection']['export'] = false
|
176
176
|
api_permissions_rendering_2
|
177
177
|
}
|
178
|
-
let(:authorized_to_export_rendering_1) { described_class.new(fake_ressource, 'exportEnabled', 1,
|
179
|
-
let(:authorized_to_export_rendering_2) { described_class.new(fake_ressource, 'exportEnabled', 2,
|
178
|
+
let(:authorized_to_export_rendering_1) { described_class.new(fake_ressource, 'exportEnabled', 1, user: user).is_authorized? }
|
179
|
+
let(:authorized_to_export_rendering_2) { described_class.new(fake_ressource, 'exportEnabled', 2, user: user).is_authorized? }
|
180
180
|
|
181
181
|
before do
|
182
182
|
allow(ForestLiana::PermissionsGetter).to receive(:get_permissions_for_rendering)
|
@@ -241,7 +241,7 @@ module ForestLiana
|
|
241
241
|
context 'when checking browseEnabled' do
|
242
242
|
context 'when expiration value is set to its default' do
|
243
243
|
it 'should not call the API to refresh the renderings cache' do
|
244
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
244
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
245
245
|
|
246
246
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id).once
|
247
247
|
expect(ForestLiana::PermissionsGetter).not_to have_received(:get_permissions_for_rendering).with(rendering_id, rendering_specific_only: true)
|
@@ -256,7 +256,7 @@ module ForestLiana
|
|
256
256
|
end
|
257
257
|
|
258
258
|
it 'should call the API to refresh the renderings cache' do
|
259
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
259
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
260
260
|
|
261
261
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id).once
|
262
262
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id, rendering_specific_only: true).once
|
@@ -275,7 +275,7 @@ module ForestLiana
|
|
275
275
|
end
|
276
276
|
|
277
277
|
it 'should NOT call the API to refresh the renderings cache' do
|
278
|
-
described_class.new(fake_ressource, 'exportEnabled', rendering_id,
|
278
|
+
described_class.new(fake_ressource, 'exportEnabled', rendering_id, user: user).is_authorized?
|
279
279
|
|
280
280
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id).once
|
281
281
|
expect(ForestLiana::PermissionsGetter).not_to have_received(:get_permissions_for_rendering).with(rendering_id, rendering_specific_only: true)
|
@@ -287,8 +287,8 @@ module ForestLiana
|
|
287
287
|
context 'on the same rendering' do
|
288
288
|
context 'when renderings permission has NOT expired' do
|
289
289
|
it 'should NOT call the API to refresh the renderings permissions' do
|
290
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
291
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
290
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
291
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
292
292
|
|
293
293
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id).once
|
294
294
|
expect(ForestLiana::PermissionsGetter).not_to have_received(:get_permissions_for_rendering).with(rendering_id, rendering_specific_only: true)
|
@@ -303,8 +303,8 @@ module ForestLiana
|
|
303
303
|
end
|
304
304
|
|
305
305
|
it 'should call the API to refresh the renderings permissions' do
|
306
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
307
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
306
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
307
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
308
308
|
|
309
309
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id).twice
|
310
310
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id, rendering_specific_only: true).twice
|
@@ -335,8 +335,8 @@ module ForestLiana
|
|
335
335
|
end
|
336
336
|
|
337
337
|
it 'should not call the API to refresh the rederings permissions' do
|
338
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
339
|
-
described_class.new(fake_ressource, 'browseEnabled', other_rendering_id,
|
338
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
339
|
+
described_class.new(fake_ressource, 'browseEnabled', other_rendering_id, user: user).is_authorized?
|
340
340
|
|
341
341
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id).once
|
342
342
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(other_rendering_id).once
|
@@ -361,7 +361,7 @@ module ForestLiana
|
|
361
361
|
|
362
362
|
context 'when permissions does NOT have rolesACLActivated' do
|
363
363
|
describe 'exportEnabled permission' do
|
364
|
-
subject { described_class.new(fake_ressource, 'exportEnabled', default_rendering_id,
|
364
|
+
subject { described_class.new(fake_ressource, 'exportEnabled', default_rendering_id, user: user) }
|
365
365
|
|
366
366
|
context 'when user has the required permission' do
|
367
367
|
it 'should be authorized' do
|
@@ -380,7 +380,7 @@ module ForestLiana
|
|
380
380
|
|
381
381
|
describe 'browseEnabled permission' do
|
382
382
|
let(:collection_name) { 'custom' }
|
383
|
-
subject { described_class.new(fake_ressource, 'browseEnabled', default_rendering_id,
|
383
|
+
subject { described_class.new(fake_ressource, 'browseEnabled', default_rendering_id, user: user) }
|
384
384
|
let(:segments_permissions) { nil }
|
385
385
|
let(:default_api_permissions) {
|
386
386
|
{
|
@@ -463,14 +463,14 @@ module ForestLiana
|
|
463
463
|
"searchToEdit" => false
|
464
464
|
}
|
465
465
|
}
|
466
|
-
let(:collection_list_parameters) { { :
|
466
|
+
let(:collection_list_parameters) { { :user => ["id" => "1"], :filters => nil } }
|
467
467
|
|
468
468
|
subject {
|
469
469
|
described_class.new(
|
470
470
|
fake_ressource,
|
471
471
|
'browseEnabled',
|
472
472
|
default_rendering_id,
|
473
|
-
|
473
|
+
user: user,
|
474
474
|
collection_list_parameters: collection_list_parameters
|
475
475
|
)
|
476
476
|
}
|
@@ -483,7 +483,7 @@ module ForestLiana
|
|
483
483
|
|
484
484
|
context 'when user has no segments and param segmentQuery is there' do
|
485
485
|
let(:segmentQuery) { 'SELECT * FROM products;' }
|
486
|
-
let(:collection_list_parameters) { { :
|
486
|
+
let(:collection_list_parameters) { { :user => ["id" => "1"], :segmentQuery => segmentQuery } }
|
487
487
|
it 'should be authorized' do
|
488
488
|
expect(subject.is_authorized?).to be false
|
489
489
|
end
|
@@ -491,7 +491,7 @@ module ForestLiana
|
|
491
491
|
|
492
492
|
context 'when segments are defined' do
|
493
493
|
let(:segments_permissions) { ['SELECT * FROM products;', 'SELECT * FROM sellers;'] }
|
494
|
-
let(:collection_list_parameters) { { :
|
494
|
+
let(:collection_list_parameters) { { :user => ["id" => "1"], :segmentQuery => segmentQuery } }
|
495
495
|
|
496
496
|
context 'when segments are passing validation' do
|
497
497
|
let(:segmentQuery) { 'SELECT * FROM products;' }
|
@@ -550,7 +550,7 @@ module ForestLiana
|
|
550
550
|
end
|
551
551
|
|
552
552
|
describe 'readEnabled permission' do
|
553
|
-
subject { described_class.new(fake_ressource, 'readEnabled', default_rendering_id,
|
553
|
+
subject { described_class.new(fake_ressource, 'readEnabled', default_rendering_id, user: user) }
|
554
554
|
|
555
555
|
context 'when user has the required permission' do
|
556
556
|
it 'should be authorized' do
|
@@ -568,7 +568,7 @@ module ForestLiana
|
|
568
568
|
end
|
569
569
|
|
570
570
|
describe 'addEnabled permission' do
|
571
|
-
subject { described_class.new(fake_ressource, 'addEnabled', default_rendering_id,
|
571
|
+
subject { described_class.new(fake_ressource, 'addEnabled', default_rendering_id, user: user) }
|
572
572
|
|
573
573
|
context 'when user has the required permission' do
|
574
574
|
it 'should be authorized' do
|
@@ -586,7 +586,7 @@ module ForestLiana
|
|
586
586
|
end
|
587
587
|
|
588
588
|
describe 'editEnabled permission' do
|
589
|
-
subject { described_class.new(fake_ressource, 'editEnabled', default_rendering_id,
|
589
|
+
subject { described_class.new(fake_ressource, 'editEnabled', default_rendering_id, user: user) }
|
590
590
|
|
591
591
|
context 'when user has the required permission' do
|
592
592
|
it 'should be authorized' do
|
@@ -604,7 +604,7 @@ module ForestLiana
|
|
604
604
|
end
|
605
605
|
|
606
606
|
describe 'deleteEnabled permission' do
|
607
|
-
subject { described_class.new(fake_ressource, 'deleteEnabled', default_rendering_id,
|
607
|
+
subject { described_class.new(fake_ressource, 'deleteEnabled', default_rendering_id, user: user) }
|
608
608
|
|
609
609
|
context 'when user has the required permission' do
|
610
610
|
it 'should be authorized' do
|
@@ -628,7 +628,7 @@ module ForestLiana
|
|
628
628
|
fake_ressource,
|
629
629
|
'actions',
|
630
630
|
default_rendering_id,
|
631
|
-
|
631
|
+
user: user,
|
632
632
|
smart_action_request_info: smart_action_request_info
|
633
633
|
)
|
634
634
|
}
|
@@ -674,7 +674,7 @@ module ForestLiana
|
|
674
674
|
|
675
675
|
context 'when the action permissions contains a list of user ids' do
|
676
676
|
context 'when user id is NOT part of the authorized users' do
|
677
|
-
let(:
|
677
|
+
let(:user) { { 'id' => '2' } }
|
678
678
|
let(:smart_action_request_info) { { endpoint: 'forest/actions/TestRestricted', http_method: 'POST' } }
|
679
679
|
|
680
680
|
it 'user should NOT be authorized' do
|
@@ -4,7 +4,7 @@ module ForestLiana
|
|
4
4
|
described_class.empty_cache
|
5
5
|
end
|
6
6
|
|
7
|
-
let(:
|
7
|
+
let(:user) { { 'id' => '1' } }
|
8
8
|
let(:schema) {
|
9
9
|
[
|
10
10
|
ForestLiana::Model::Collection.new({
|
@@ -152,8 +152,8 @@ module ForestLiana
|
|
152
152
|
end
|
153
153
|
|
154
154
|
it 'should call the API twice' do
|
155
|
-
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id,
|
156
|
-
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id,
|
155
|
+
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id, user: user).is_authorized?
|
156
|
+
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id, user: user).is_authorized?
|
157
157
|
|
158
158
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).twice
|
159
159
|
end
|
@@ -161,8 +161,8 @@ module ForestLiana
|
|
161
161
|
|
162
162
|
context 'before expiration time' do
|
163
163
|
it 'should call the API only once' do
|
164
|
-
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id,
|
165
|
-
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id,
|
164
|
+
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id, user: user).is_authorized?
|
165
|
+
described_class.new(fake_ressource, 'exportEnabled', default_rendering_id, user: user).is_authorized?
|
166
166
|
|
167
167
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).once
|
168
168
|
end
|
@@ -209,8 +209,8 @@ module ForestLiana
|
|
209
209
|
}
|
210
210
|
|
211
211
|
context 'when the first call is authorized' do
|
212
|
-
let(:authorized_to_export_rendering_1) { described_class.new(fake_ressource, 'exportEnabled', 1,
|
213
|
-
let(:authorized_to_export_rendering_2) { described_class.new(fake_ressource, 'exportEnabled', 2,
|
212
|
+
let(:authorized_to_export_rendering_1) { described_class.new(fake_ressource, 'exportEnabled', 1, user: user).is_authorized? }
|
213
|
+
let(:authorized_to_export_rendering_2) { described_class.new(fake_ressource, 'exportEnabled', 2, user: user).is_authorized? }
|
214
214
|
|
215
215
|
# Even if the value are different, the permissions are cross rendering thus another call
|
216
216
|
# to the api wont be made until the permission expires
|
@@ -228,8 +228,8 @@ module ForestLiana
|
|
228
228
|
|
229
229
|
# If not authorized the cached version is not used
|
230
230
|
context 'when the first call is not authorized' do
|
231
|
-
let(:authorized_to_export_rendering_1) { described_class.new(fake_ressource, 'browseEnabled', 1,
|
232
|
-
let(:authorized_to_export_rendering_2) { described_class.new(fake_ressource, 'browseEnabled', 2,
|
231
|
+
let(:authorized_to_export_rendering_1) { described_class.new(fake_ressource, 'browseEnabled', 1, user: user).is_authorized? }
|
232
|
+
let(:authorized_to_export_rendering_2) { described_class.new(fake_ressource, 'browseEnabled', 2, user: user).is_authorized? }
|
233
233
|
|
234
234
|
it 'should return different value' do
|
235
235
|
expect(authorized_to_export_rendering_1).to eq false
|
@@ -293,7 +293,7 @@ module ForestLiana
|
|
293
293
|
context 'when checking browseEnabled' do
|
294
294
|
context 'when expiration value is set to its default' do
|
295
295
|
it 'should not call the API to refresh the renderings cache' do
|
296
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
296
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
297
297
|
|
298
298
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id).once
|
299
299
|
expect(ForestLiana::PermissionsGetter).not_to have_received(:get_permissions_for_rendering).with(rendering_id, rendering_specific_only: true)
|
@@ -308,7 +308,7 @@ module ForestLiana
|
|
308
308
|
end
|
309
309
|
|
310
310
|
it 'should call the API to refresh the renderings cache' do
|
311
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
311
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
312
312
|
|
313
313
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id).once
|
314
314
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id, rendering_specific_only: true).once
|
@@ -327,7 +327,7 @@ module ForestLiana
|
|
327
327
|
end
|
328
328
|
|
329
329
|
it 'should NOT call the API to refresh the rendering cache' do
|
330
|
-
described_class.new(fake_ressource, 'exportEnabled', rendering_id,
|
330
|
+
described_class.new(fake_ressource, 'exportEnabled', rendering_id, user: user).is_authorized?
|
331
331
|
|
332
332
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id).once
|
333
333
|
expect(ForestLiana::PermissionsGetter).not_to have_received(:get_permissions_for_rendering).with(rendering_id, rendering_specific_only: true)
|
@@ -339,8 +339,8 @@ module ForestLiana
|
|
339
339
|
context 'on the same rendering' do
|
340
340
|
context 'when rendering permission has NOT expired' do
|
341
341
|
it 'should NOT call the API to refresh the rendering permissions' do
|
342
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
343
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
342
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
343
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
344
344
|
|
345
345
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id).once
|
346
346
|
expect(ForestLiana::PermissionsGetter).not_to have_received(:get_permissions_for_rendering).with(rendering_id, rendering_specific_only: true)
|
@@ -355,8 +355,8 @@ module ForestLiana
|
|
355
355
|
end
|
356
356
|
|
357
357
|
it 'should call the API to refresh the rendering permissions' do
|
358
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
359
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
358
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
359
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
360
360
|
|
361
361
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id).twice
|
362
362
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id, rendering_specific_only: true).twice
|
@@ -388,8 +388,8 @@ module ForestLiana
|
|
388
388
|
end
|
389
389
|
|
390
390
|
it 'should call the API to refresh the rendering permissions' do
|
391
|
-
described_class.new(fake_ressource, 'browseEnabled', rendering_id,
|
392
|
-
described_class.new(fake_ressource, 'browseEnabled', other_rendering_id,
|
391
|
+
described_class.new(fake_ressource, 'browseEnabled', rendering_id, user: user).is_authorized?
|
392
|
+
described_class.new(fake_ressource, 'browseEnabled', other_rendering_id, user: user).is_authorized?
|
393
393
|
|
394
394
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(rendering_id).once
|
395
395
|
expect(ForestLiana::PermissionsGetter).to have_received(:get_permissions_for_rendering).with(other_rendering_id, rendering_specific_only: true).once
|
@@ -415,7 +415,7 @@ module ForestLiana
|
|
415
415
|
let(:collection_name) { 'all_rights_collection_boolean' }
|
416
416
|
|
417
417
|
describe 'exportEnabled permission' do
|
418
|
-
subject { described_class.new(fake_ressource, 'exportEnabled', default_rendering_id,
|
418
|
+
subject { described_class.new(fake_ressource, 'exportEnabled', default_rendering_id, user: user) }
|
419
419
|
|
420
420
|
context 'when user has the required permission' do
|
421
421
|
it 'should be authorized' do
|
@@ -433,13 +433,13 @@ module ForestLiana
|
|
433
433
|
end
|
434
434
|
|
435
435
|
describe 'browseEnbled permission' do
|
436
|
-
let(:collection_list_parameters) { { :
|
436
|
+
let(:collection_list_parameters) { { :user => ["id" => "1"], :filters => nil } }
|
437
437
|
subject {
|
438
438
|
described_class.new(
|
439
439
|
fake_ressource,
|
440
440
|
'browseEnabled',
|
441
441
|
default_rendering_id,
|
442
|
-
|
442
|
+
user: user,
|
443
443
|
collection_list_parameters: collection_list_parameters
|
444
444
|
)
|
445
445
|
}
|
@@ -460,7 +460,7 @@ module ForestLiana
|
|
460
460
|
|
461
461
|
context 'when user has no segments queries permissions and param segmentQuery is there' do
|
462
462
|
let(:segmentQuery) { 'SELECT * FROM products;' }
|
463
|
-
let(:collection_list_parameters) { { :
|
463
|
+
let(:collection_list_parameters) { { :user => ["id" => "1"], :segmentQuery => segmentQuery } }
|
464
464
|
it 'should be authorized' do
|
465
465
|
expect(subject.is_authorized?).to be false
|
466
466
|
end
|
@@ -477,7 +477,7 @@ module ForestLiana
|
|
477
477
|
}
|
478
478
|
}
|
479
479
|
}
|
480
|
-
let(:collection_list_parameters) { { :
|
480
|
+
let(:collection_list_parameters) { { :user => ["id" => "1"], :segmentQuery => segmentQuery } }
|
481
481
|
|
482
482
|
context 'when segments are passing validation' do
|
483
483
|
let(:segmentQuery) { 'SELECT * FROM products;' }
|
@@ -526,7 +526,7 @@ module ForestLiana
|
|
526
526
|
end
|
527
527
|
|
528
528
|
describe 'readEnabled permission' do
|
529
|
-
subject { described_class.new(fake_ressource, 'readEnabled', default_rendering_id,
|
529
|
+
subject { described_class.new(fake_ressource, 'readEnabled', default_rendering_id, user: user) }
|
530
530
|
|
531
531
|
context 'when user has the required permission' do
|
532
532
|
it 'should be authorized' do
|
@@ -544,7 +544,7 @@ module ForestLiana
|
|
544
544
|
end
|
545
545
|
|
546
546
|
describe 'addEnabled permission' do
|
547
|
-
subject { described_class.new(fake_ressource, 'addEnabled', default_rendering_id,
|
547
|
+
subject { described_class.new(fake_ressource, 'addEnabled', default_rendering_id, user: user) }
|
548
548
|
|
549
549
|
context 'when user has the required permission' do
|
550
550
|
it 'should be authorized' do
|
@@ -562,7 +562,7 @@ module ForestLiana
|
|
562
562
|
end
|
563
563
|
|
564
564
|
describe 'editEnabled permission' do
|
565
|
-
subject { described_class.new(fake_ressource, 'editEnabled', default_rendering_id,
|
565
|
+
subject { described_class.new(fake_ressource, 'editEnabled', default_rendering_id, user: user) }
|
566
566
|
|
567
567
|
context 'when user has the required permission' do
|
568
568
|
it 'should be authorized' do
|
@@ -580,7 +580,7 @@ module ForestLiana
|
|
580
580
|
end
|
581
581
|
|
582
582
|
describe 'deleteEnabled permission' do
|
583
|
-
subject { described_class.new(fake_ressource, 'deleteEnabled', default_rendering_id,
|
583
|
+
subject { described_class.new(fake_ressource, 'deleteEnabled', default_rendering_id, user: user) }
|
584
584
|
|
585
585
|
context 'when user has the required permission' do
|
586
586
|
it 'should be authorized' do
|
@@ -604,7 +604,7 @@ module ForestLiana
|
|
604
604
|
fake_ressource,
|
605
605
|
'actions',
|
606
606
|
default_rendering_id,
|
607
|
-
|
607
|
+
user: user,
|
608
608
|
smart_action_request_info: smart_action_request_info
|
609
609
|
)
|
610
610
|
}
|
@@ -653,7 +653,7 @@ module ForestLiana
|
|
653
653
|
let(:collection_name) { 'all_rights_collection_user_list' }
|
654
654
|
|
655
655
|
describe 'exportEnabled permission' do
|
656
|
-
subject { described_class.new(fake_ressource, 'exportEnabled', default_rendering_id,
|
656
|
+
subject { described_class.new(fake_ressource, 'exportEnabled', default_rendering_id, user: user) }
|
657
657
|
|
658
658
|
context 'when user has the required permission' do
|
659
659
|
it 'should be authorized' do
|
@@ -671,13 +671,13 @@ module ForestLiana
|
|
671
671
|
end
|
672
672
|
|
673
673
|
describe 'browseEnabled permission' do
|
674
|
-
let(:collection_list_parameters) { { :
|
674
|
+
let(:collection_list_parameters) { { :user => ["id" => "1"], :filters => nil } }
|
675
675
|
subject {
|
676
676
|
described_class.new(
|
677
677
|
fake_ressource,
|
678
678
|
'browseEnabled',
|
679
679
|
default_rendering_id,
|
680
|
-
|
680
|
+
user: user,
|
681
681
|
collection_list_parameters: collection_list_parameters
|
682
682
|
)
|
683
683
|
}
|
@@ -698,7 +698,7 @@ module ForestLiana
|
|
698
698
|
end
|
699
699
|
|
700
700
|
describe 'readEnabled permission' do
|
701
|
-
subject { described_class.new(fake_ressource, 'readEnabled', default_rendering_id,
|
701
|
+
subject { described_class.new(fake_ressource, 'readEnabled', default_rendering_id, user: user) }
|
702
702
|
|
703
703
|
context 'when user has the required permission' do
|
704
704
|
it 'should be authorized' do
|
@@ -716,7 +716,7 @@ module ForestLiana
|
|
716
716
|
end
|
717
717
|
|
718
718
|
describe 'addEnabled permission' do
|
719
|
-
subject { described_class.new(fake_ressource, 'addEnabled', default_rendering_id,
|
719
|
+
subject { described_class.new(fake_ressource, 'addEnabled', default_rendering_id, user: user) }
|
720
720
|
|
721
721
|
context 'when user has the required permission' do
|
722
722
|
it 'should be authorized' do
|
@@ -734,7 +734,7 @@ module ForestLiana
|
|
734
734
|
end
|
735
735
|
|
736
736
|
describe 'editEnabled permission' do
|
737
|
-
subject { described_class.new(fake_ressource, 'editEnabled', default_rendering_id,
|
737
|
+
subject { described_class.new(fake_ressource, 'editEnabled', default_rendering_id, user: user) }
|
738
738
|
|
739
739
|
context 'when user has the required permission' do
|
740
740
|
it 'should be authorized' do
|
@@ -752,7 +752,7 @@ module ForestLiana
|
|
752
752
|
end
|
753
753
|
|
754
754
|
describe 'deleteEnabled permission' do
|
755
|
-
subject { described_class.new(fake_ressource, 'deleteEnabled', default_rendering_id,
|
755
|
+
subject { described_class.new(fake_ressource, 'deleteEnabled', default_rendering_id, user: user) }
|
756
756
|
|
757
757
|
context 'when user has the required permission' do
|
758
758
|
it 'should be authorized' do
|
@@ -776,7 +776,7 @@ module ForestLiana
|
|
776
776
|
fake_ressource,
|
777
777
|
'actions',
|
778
778
|
default_rendering_id,
|
779
|
-
|
779
|
+
user: user,
|
780
780
|
smart_action_request_info: smart_action_request_info
|
781
781
|
)
|
782
782
|
}
|
@@ -822,7 +822,7 @@ module ForestLiana
|
|
822
822
|
|
823
823
|
# searchToEdit permission checker should not be called anymore once rolesAcl activated
|
824
824
|
describe 'searchToEdit permission' do
|
825
|
-
subject { described_class.new(fake_ressource, 'searchToEdit', default_rendering_id,
|
825
|
+
subject { described_class.new(fake_ressource, 'searchToEdit', default_rendering_id, user: user) }
|
826
826
|
|
827
827
|
context 'when user has all permissions' do
|
828
828
|
it 'should NOT be authorized' do
|
@@ -4,7 +4,6 @@ module ForestLiana
|
|
4
4
|
described_class.empty_cache
|
5
5
|
end
|
6
6
|
|
7
|
-
let(:user_id) { 1 }
|
8
7
|
let(:schema) {
|
9
8
|
[
|
10
9
|
ForestLiana::Model::Collection.new({
|
@@ -50,7 +49,7 @@ module ForestLiana
|
|
50
49
|
"stats" => {
|
51
50
|
"queries" => [
|
52
51
|
'SELECT COUNT(*) AS value FROM products;',
|
53
|
-
'SELECT COUNT(*) AS value FROM
|
52
|
+
'SELECT COUNT(*) AS value FROM somethings;'
|
54
53
|
],
|
55
54
|
"values" => [
|
56
55
|
{
|
@@ -79,35 +78,79 @@ module ForestLiana
|
|
79
78
|
end
|
80
79
|
|
81
80
|
context 'when permissions liveQueries' do
|
81
|
+
let(:user) { { 'id' => '1', 'permission_level' => 'basic' } }
|
82
82
|
context 'contains the query' do
|
83
|
+
subject { described_class.new(fake_ressource, 'liveQueries', default_rendering_id, user: user, query_request_info: 'SELECT COUNT(*) AS value FROM somethings;') }
|
84
|
+
|
85
|
+
it 'should be authorized' do
|
86
|
+
expect(subject.is_authorized?).to be true
|
87
|
+
end
|
88
|
+
end
|
89
|
+
|
90
|
+
context 'does not contains the query' do
|
91
|
+
subject { described_class.new(fake_ressource, 'liveQueries', default_rendering_id, user: user, query_request_info: 'SELECT * FROM products WHERE category = Gifts OR 1=1-- AND released = 1') }
|
92
|
+
it 'should NOT be authorized' do
|
93
|
+
expect(subject.is_authorized?).to be false
|
94
|
+
end
|
95
|
+
end
|
96
|
+
end
|
97
|
+
|
98
|
+
context 'exectute liveQueries when user' do
|
99
|
+
context 'has correct permission_level' do
|
100
|
+
let(:user) { { 'id' => '1', 'permission_level' => 'admin' } }
|
101
|
+
subject { described_class.new(fake_ressource, 'liveQueries', default_rendering_id, user: user, query_request_info: 'SELECT COUNT(*) AS value FROM somethings;') }
|
102
|
+
|
103
|
+
it 'should be authorized' do
|
104
|
+
expect(subject.is_authorized?).to be true
|
105
|
+
end
|
106
|
+
end
|
107
|
+
|
108
|
+
context 'does not have the correct permission_level' do
|
109
|
+
let(:user) { { 'id' => '1', 'permission_level' => 'basic' } }
|
110
|
+
subject { described_class.new(fake_ressource, 'liveQueries', default_rendering_id, user: user, query_request_info: 'SELECT * FROM products WHERE category = Gifts OR 1=1-- AND released = 1') }
|
111
|
+
it 'should NOT be authorized' do
|
112
|
+
expect(subject.is_authorized?).to be false
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
116
|
+
|
117
|
+
context 'when permissions statWithParameters' do
|
118
|
+
let(:user) { { 'id' => '1', 'permission_level' => 'basic' } }
|
119
|
+
context 'contains the stat with the same parameters' do
|
83
120
|
request_info = {
|
84
121
|
"type" => "Value",
|
85
122
|
"collection" => "Product",
|
86
123
|
"aggregate" => "Count"
|
87
124
|
};
|
88
|
-
subject { described_class.new(fake_ressource, '
|
125
|
+
subject { described_class.new(fake_ressource, 'statWithParameters', default_rendering_id, user: user, query_request_info: request_info) }
|
89
126
|
|
90
127
|
it 'should be authorized' do
|
91
128
|
expect(subject.is_authorized?).to be true
|
92
129
|
end
|
93
130
|
end
|
94
131
|
|
95
|
-
context 'does not contains the
|
96
|
-
|
132
|
+
context 'does not contains the stat with the same parameters' do
|
133
|
+
other_request_info = {
|
134
|
+
"type" => "Leaderboard",
|
135
|
+
"collection" => "Product",
|
136
|
+
"aggregate" => "Sum"
|
137
|
+
};
|
138
|
+
subject { described_class.new(fake_ressource, 'statWithParameters', default_rendering_id, user: user, query_request_info: other_request_info) }
|
97
139
|
it 'should NOT be authorized' do
|
98
140
|
expect(subject.is_authorized?).to be false
|
99
141
|
end
|
100
142
|
end
|
101
143
|
end
|
102
144
|
|
103
|
-
context 'when
|
104
|
-
context '
|
145
|
+
context 'execute statWithParameters when user' do
|
146
|
+
context 'has correct permission_level' do
|
147
|
+
let(:user) { { 'id' => '1', 'permission_level' => 'admin' } }
|
105
148
|
request_info = {
|
106
149
|
"type" => "Value",
|
107
150
|
"collection" => "Product",
|
108
151
|
"aggregate" => "Count"
|
109
152
|
};
|
110
|
-
subject { described_class.new(fake_ressource, 'statWithParameters', default_rendering_id,
|
153
|
+
subject { described_class.new(fake_ressource, 'statWithParameters', default_rendering_id, user: user, query_request_info: request_info) }
|
111
154
|
|
112
155
|
it 'should be authorized' do
|
113
156
|
expect(subject.is_authorized?).to be true
|
@@ -115,12 +158,13 @@ module ForestLiana
|
|
115
158
|
end
|
116
159
|
|
117
160
|
context 'does not contains the stat with the same parameters' do
|
161
|
+
let(:user) { { 'id' => '1', 'permission_level' => 'basic' } }
|
118
162
|
other_request_info = {
|
119
163
|
"type" => "Leaderboard",
|
120
164
|
"collection" => "Product",
|
121
165
|
"aggregate" => "Sum"
|
122
166
|
};
|
123
|
-
subject { described_class.new(fake_ressource, 'statWithParameters', default_rendering_id,
|
167
|
+
subject { described_class.new(fake_ressource, 'statWithParameters', default_rendering_id, user: user, query_request_info: other_request_info) }
|
124
168
|
it 'should NOT be authorized' do
|
125
169
|
expect(subject.is_authorized?).to be false
|
126
170
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: forest_liana
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 7.6.
|
4
|
+
version: 7.6.14
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sandro Munda
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-08
|
11
|
+
date: 2022-09-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|