RubyGems - forest_liana - Versions diffs - 7.8.0 → 8.0.0.beta.2 - Mend

forest_liana 7.8.0 → 8.0.0.beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (45) hide show

data/spec/services/forest_liana/permissions_checker_live_queries_spec.rb DELETED Viewed

@@ -1,175 +0,0 @@
-module ForestLiana
-  describe PermissionsChecker do
-    before(:each) do
-      described_class.empty_cache
-    end
-    let(:schema) {
-      [
-        ForestLiana::Model::Collection.new({
-          name: 'all_rights_collection_boolean',
-          fields: [],
-          actions: [
-            ForestLiana::Model::Action.new({
-              name: 'Test',
-              endpoint: 'forest/actions/Test',
-              http_method: 'POST'
-            })
-          ]
-        })
-      ]
-    }
-    let(:default_rendering_id) { 1 }
-    let(:segments_permissions) { { default_rendering_id => { 'segments' => nil } } }
-    let(:default_api_permissions) {
-      {
-        "data" => {
-          'collections' => {
-            "all_rights_collection_boolean" => {
-              "collection" => {
-                "browseEnabled" => true,
-                "readEnabled" => true,
-                "editEnabled" => true,
-                "addEnabled" => true,
-                "deleteEnabled" => true,
-                "exportEnabled" => true
-              },
-              "actions" => {
-                "Test" => {
-                  "triggerEnabled" => true
-                },
-              }
-            },
-          },
-          'renderings' => segments_permissions
-        },
-        "meta" => {
-          "rolesACLActivated" => true
-        },
-        "stats" => {
-          "queries" => [
-          'SELECT COUNT(*) AS value FROM products;',
-          'SELECT COUNT(*) AS value FROM somethings;'
-          ],
-          "values" => [
-            {
-              "type" => "Value",
-              "collection" => "Product",
-              "aggregate" => "Count"
-            }
-          ],
-        },
-      }
-    }
-    before do
-      allow(ForestLiana).to receive(:apimap).and_return(schema)
-    end
-    describe '#is_authorized?' do
-      # Resource is only used to retrieve the collection name as it's stub it does not
-      # need to be defined
-      let(:fake_ressource) { nil }
-      let(:default_rendering_id) { nil }
-      let(:api_permissions) { default_api_permissions }
-      before do
-        allow(ForestLiana::PermissionsGetter).to receive(:get_permissions_for_rendering).and_return(api_permissions)
-      end
-      context 'when permissions liveQueries' do
-        let(:user) { { 'id' => '1', 'permission_level' => 'basic' } }
-        context 'contains the query' do
-          subject { described_class.new(fake_ressource, 'liveQueries', default_rendering_id, user: user, query_request_info: 'SELECT COUNT(*) AS value FROM somethings;') }
-          it 'should be authorized' do
-            expect(subject.is_authorized?).to be true
-          end
-        end
-        context 'does not contains the query' do
-          subject { described_class.new(fake_ressource, 'liveQueries', default_rendering_id, user: user, query_request_info: 'SELECT * FROM products WHERE category = Gifts OR 1=1-- AND released = 1') }
-          it 'should NOT be authorized' do
-            expect(subject.is_authorized?).to be false
-          end
-        end
-      end
-      context 'exectute liveQueries when user' do
-        context 'has correct permission_level' do
-          let(:user) { { 'id' => '1', 'permission_level' => 'admin' } }
-          subject { described_class.new(fake_ressource, 'liveQueries', default_rendering_id, user: user, query_request_info: 'SELECT COUNT(*) AS value FROM somethings;') }
-          it 'should be authorized' do
-            expect(subject.is_authorized?).to be true
-          end
-        end
-        context 'does not have the correct permission_level' do
-          let(:user) { { 'id' => '1', 'permission_level' => 'basic' } }
-          subject { described_class.new(fake_ressource, 'liveQueries', default_rendering_id, user: user, query_request_info: 'SELECT * FROM products WHERE category = Gifts OR 1=1-- AND released = 1') }
-          it 'should NOT be authorized' do
-            expect(subject.is_authorized?).to be false
-          end
-        end
-      end
-      context 'when permissions statWithParameters' do
-        let(:user) { { 'id' => '1', 'permission_level' => 'basic' } }
-        context 'contains the stat with the same parameters' do
-          request_info = {
-            "type" => "Value",
-            "collection" => "Product",
-            "aggregate" => "Count"
-          };
-          subject { described_class.new(fake_ressource, 'statWithParameters', default_rendering_id, user: user, query_request_info: request_info) }
-          it 'should be authorized' do
-            expect(subject.is_authorized?).to be true
-          end
-        end
-        context 'does not contains the stat with the same parameters' do
-          other_request_info = {
-            "type" => "Leaderboard",
-            "collection" => "Product",
-            "aggregate" => "Sum"
-          };
-          subject { described_class.new(fake_ressource, 'statWithParameters', default_rendering_id, user: user, query_request_info: other_request_info) }
-          it 'should NOT be authorized' do
-            expect(subject.is_authorized?).to be false
-          end
-        end
-      end
-      context 'execute statWithParameters when user' do
-        context 'has correct permission_level' do
-          let(:user) { { 'id' => '1', 'permission_level' => 'admin' } }
-          request_info = {
-            "type" => "Value",
-            "collection" => "Product",
-            "aggregate" => "Count"
-          };
-          subject { described_class.new(fake_ressource, 'statWithParameters', default_rendering_id, user: user, query_request_info: request_info) }
-          it 'should be authorized' do
-            expect(subject.is_authorized?).to be true
-          end
-        end
-        context 'does not contains the stat with the same parameters' do
-          let(:user) { { 'id' => '1', 'permission_level' => 'basic' } }
-          other_request_info = {
-            "type" => "Leaderboard",
-            "collection" => "Product",
-            "aggregate" => "Sum"
-          };
-          subject { described_class.new(fake_ressource, 'statWithParameters', default_rendering_id, user: user, query_request_info: other_request_info) }
-          it 'should NOT be authorized' do
-            expect(subject.is_authorized?).to be false
-          end
-        end
-      end
-    end
-  end
-end

data/spec/services/forest_liana/permissions_formatter_spec.rb DELETED Viewed

@@ -1,222 +0,0 @@
-module ForestLiana
-  describe PermissionsFormatter do
-    describe '#convert_to_new_format' do
-      let(:rendering_id) { 1 }
-      let(:old_format_collection_permissions) {
-        {
-          'list'=>true,
-          'show'=>false,
-          'create'=>true,
-          'update'=>false,
-          'delete'=>true,
-          'export'=>false,
-          'searchToEdit'=>false
-        }
-      }
-      let(:old_format_action_permissions) { { 'allowed' => true, 'users' => nil } }
-      let(:old_format_segments_permissions) { nil }
-      let(:old_format_permissions) {
-        {
-          'collection_1' => {
-            'collection' => old_format_collection_permissions,
-            'actions' => {
-              'action_1' => old_format_action_permissions
-            },
-            'segments' => old_format_segments_permissions
-          }
-        }
-      }
-      let(:converted_permission) { described_class.convert_to_new_format(old_format_permissions, rendering_id) }
-      describe 'collection permissions' do
-        subject { converted_permission['collections']['collection_1']['collection'] }
-        let(:expected_new_collection_permissions_format) {
-          {
-            'browseEnabled'=>true,
-            'readEnabled'=>false,
-            'addEnabled'=>true,
-            'editEnabled'=>false,
-            'deleteEnabled'=>true,
-            'exportEnabled'=>false
-          }
-        }
-        it 'should convert the old format to the new one' do
-          expect(subject).to eq expected_new_collection_permissions_format
-        end
-        describe 'with searchToEdit true and list false' do
-          let(:old_format_collection_permissions) {
-            {
-              'list'=>false,
-              'show'=>false,
-              'create'=>false,
-              'update'=>false,
-              'delete'=>false,
-              'export'=>false,
-              'searchToEdit'=>true
-            }
-          }
-          let(:expected_new_collection_permissions_format) {
-            {
-              'browseEnabled'=>true,
-              'readEnabled'=>false,
-              'addEnabled'=>false,
-              'editEnabled'=>false,
-              'deleteEnabled'=>false,
-              'exportEnabled'=>false
-            }
-          }
-          it 'should convert the old format to the new one with browseEnabled at true' do
-            expect(subject).to eq expected_new_collection_permissions_format
-          end
-        end
-        describe 'with searchToEdit false and list true' do
-          let(:old_format_collection_permissions) {
-            {
-              'list'=>true,
-              'show'=>false,
-              'create'=>false,
-              'update'=>false,
-              'delete'=>false,
-              'export'=>false,
-              'searchToEdit'=>false
-            }
-          }
-          let(:expected_new_collection_permissions_format) {
-            {
-              'browseEnabled'=>true,
-              'readEnabled'=>false,
-              'addEnabled'=>false,
-              'editEnabled'=>false,
-              'deleteEnabled'=>false,
-              'exportEnabled'=>false
-            }
-          }
-          it 'should convert the old format to the new one with browseEnabled at true' do
-            expect(subject).to eq expected_new_collection_permissions_format
-          end
-        end
-        describe 'with searchToEdit false and list false' do
-          let(:old_format_collection_permissions) {
-            {
-              'list'=>false,
-              'show'=>false,
-              'create'=>false,
-              'update'=>false,
-              'delete'=>false,
-              'export'=>false,
-              'searchToEdit'=>false
-            }
-          }
-          let(:expected_new_collection_permissions_format) {
-            {
-              'browseEnabled'=>false,
-              'readEnabled'=>false,
-              'addEnabled'=>false,
-              'editEnabled'=>false,
-              'deleteEnabled'=>false,
-              'exportEnabled'=>false
-            }
-          }
-          it 'should convert the old format to the new one with browseEnabled at false' do
-            expect(subject).to eq expected_new_collection_permissions_format
-          end
-        end
-      end
-      describe 'action permissions' do
-        subject { converted_permission['collections']['collection_1']['actions']['action_1'] }
-        context 'when allowed is true' do
-          context 'when users is nil' do
-            let(:old_format_action_permissions) { { 'allowed' => true, 'users' => nil } }
-            let(:expected_new_action_permissions_format) { { 'triggerEnabled' => true } }
-            it 'expected action permission triggerEnabled field should be true' do
-              expect(subject).to eq expected_new_action_permissions_format
-            end
-          end
-          context 'when users is an empty array' do
-            let(:old_format_action_permissions) { { 'allowed' => true, 'users' => [] } }
-            let(:expected_new_action_permissions_format) { { 'triggerEnabled' => [] } }
-            it 'expected action permission triggerEnabled field should be an empty array' do
-              expect(subject).to eq expected_new_action_permissions_format
-            end
-          end
-          context 'when users is NOT an empty array' do
-            let(:old_format_action_permissions) { { 'allowed' => true, 'users' => [2, 3] } }
-            let(:expected_new_action_permissions_format) { { 'triggerEnabled' => [2, 3] } }
-            it 'expected action permission triggerEnabled field should be equal to the users array' do
-              expect(subject).to eq expected_new_action_permissions_format
-            end
-          end
-        end
-        context 'when allowed is false' do
-          context 'when users is nil' do
-            let(:old_format_action_permissions) { { 'allowed' => false, 'users' => nil } }
-            let(:expected_new_action_permissions_format) { { 'triggerEnabled' => false } }
-            it 'expected action permission triggerEnabled field should be false' do
-              expect(subject).to eq expected_new_action_permissions_format
-            end
-          end
-          context 'when users is an empty array' do
-            let(:old_format_action_permissions) { { 'allowed' => false, 'users' => [] } }
-            let(:expected_new_action_permissions_format) { { 'triggerEnabled' => false } }
-            it 'expected action permission triggerEnabled field should be false' do
-              expect(subject).to eq expected_new_action_permissions_format
-            end
-          end
-          context 'when users is NOT an empty array' do
-            let(:old_format_action_permissions) { { 'allowed' => false, 'users' => [2, 3] } }
-            let(:expected_new_action_permissions_format) { { 'triggerEnabled' => false } }
-            it 'expected action permission triggerEnabled field should be false' do
-              expect(subject).to eq expected_new_action_permissions_format
-            end
-          end
-        end
-      end
-      describe 'segments permissions' do
-        subject { converted_permission['renderings'][rendering_id]['collection_1']['segments'] }
-        let(:expected_new_format_permissions) { old_format_segments_permissions }
-        context 'when segments permissions are set' do
-          let(:old_format_segments_permissions) { ['segmentQuery1', 'segmentQuery2'] }
-          it 'expected segments permissions should be set' do
-            expect(subject).to eq expected_new_format_permissions
-          end
-        end
-        context 'when segments permissions are nil' do
-          let(:old_format_segments_permissions) { nil }
-          it 'expected segments permissions should be nil' do
-            expect(subject).to eq expected_new_format_permissions
-          end
-        end
-      end
-    end
-  end
-end

data/spec/services/forest_liana/permissions_getter_spec.rb DELETED Viewed

@@ -1,83 +0,0 @@
-module ForestLiana
-  describe PermissionsGetter do
-    describe '#get_permissions_api_route' do
-      it 'should respond with the v3 permissions route' do
-        expect(described_class.get_permissions_api_route).to eq '/liana/v3/permissions'
-      end
-    end
-    describe '#get_permissions_for_rendering' do
-      let(:rendering_id) { 34 }
-      let(:liana_permissions_url) { 'https://api.forestadmin.com/liana/v3/permissions' }
-      let(:liana_permissions_api_call_response) { instance_double(HTTParty::Response) }
-      let(:expected_request_parameters) {
-        {
-          :headers => {
-            "Content-Type" => "application/json",
-            "forest-secret-key" => "env_secret_test"
-          },
-          :query => expected_query_parameters,
-          :verify => false
-        }
-      }
-      before do
-        allow(HTTParty).to receive(:get).and_return(liana_permissions_api_call_response)
-        allow(liana_permissions_api_call_response).to receive(:response).and_return(liana_permissions_api_call_response_content)
-        allow(liana_permissions_api_call_response_content).to receive(:body).and_return(liana_permissions_api_call_response_content_body)
-      end
-      describe 'when the API returns a success' do
-        let(:liana_permissions_api_call_response_content) { Net::HTTPOK.new({}, 200, liana_permissions_api_call_response_content_body) }
-        let(:liana_permissions_api_call_response_content_body) { '{"test": true}' }
-        let(:expected_parsed_result) { { "test" => true } }
-        describe 'when NOT calling for rendering specific only' do
-          let(:expected_query_parameters) { { "renderingId" => rendering_id } }
-          it 'should call the API with correct URL' do
-            described_class.get_permissions_for_rendering(rendering_id)
-            expect(HTTParty).to have_received(:get).with(liana_permissions_url, expected_request_parameters)
-          end
-          it 'should return the expected JSON body' do
-            expect(described_class.get_permissions_for_rendering(rendering_id)).to eq expected_parsed_result
-          end
-        end
-        describe 'when calling for rendering specific only' do
-          let(:expected_query_parameters) { { "renderingId" => rendering_id, 'renderingSpecificOnly' => true } }
-          it 'should call the API with correct URL and parameters' do
-            described_class.get_permissions_for_rendering(rendering_id, rendering_specific_only: true)
-            expect(HTTParty).to have_received(:get).with(liana_permissions_url, expected_request_parameters)
-          end
-          it 'should return the expected JSON body' do
-            expect(described_class.get_permissions_for_rendering(rendering_id, rendering_specific_only: true)).to eq expected_parsed_result
-          end
-        end
-      end
-      describe 'when the API returns a not found error' do
-        let(:liana_permissions_api_call_response_content) { Net::HTTPNotFound.new({}, 404, liana_permissions_api_call_response_content_body) }
-        let(:liana_permissions_api_call_response_content_body) { 'Not Found' }
-        before do
-          allow(FOREST_LOGGER).to receive(:error)
-        end
-        it 'should return nil' do
-          expect(described_class.get_permissions_for_rendering(rendering_id)).to eq nil
-        end
-        it 'should log the not found error' do
-          described_class.get_permissions_for_rendering(rendering_id)
-          expect(FOREST_LOGGER).to have_received(:error).with('Cannot retrieve the permissions from the Forest server.')
-          expect(FOREST_LOGGER).to have_received(:error).with('Which was caused by:')
-          expect(FOREST_LOGGER).to have_received(:error).with(' Forest API returned an HTTP error 404')
-        end
-      end
-    end
-  end
-end