@blazedpath/commons 0.3.1 → 0.4.0

package/blz-security/__test__/Security.yaml

@@ -0,0 +1,128 @@
+
+permissions:
+  - name: menu
+    rules:
+      - path: /menu-security/*
+        enable: false
+  - name: views
+    rules:
+      - path: /widgets-containers
+        actions: '**'
+        enable: false
+      - path: /grid-columns
+        actions: emailColumn, ipColumn
+        enable: false 
+      - path: /roles
+        actions: '**'
+        enable: false  
+      - path: /api/service/roles
+        enable: false
+      - path: /api/service/roles/*
+        enable: false
+      - path: /api/service/role
+        enable: false    
+      - path: /api/service/role/*
+        enable: false    
+  - name: roleView
+    rules:
+      - path: /roles
+        actions: View
+        enable: true  
+      - path: /api/service/roles
+        actions: GET
+        enable: true
+      - path: /api/service/role/*
+        actions: GET
+        enable: true
+  - name: roleEdit
+    extends: [roleView]
+    rules:
+      - path: /roles
+        actions: '**'
+        enable: true  
+      - path: /api/service/roles/merged
+        actions: POST
+        enable: true          
+      - path: /api/service/role/*
+        actions: DELETE, PATCH
+        enable: true              
+ # Guest
+  - name: guestMenu
+    extends: [menu]
+    rules:
+      - path: /menu-security/guest
+  - name: guestView
+    extends: [views]
+    rules:
+      - path: /widgets-containers
+        actions: viewGuest
+  - name: guestActions
+    rules:
+      - path: /actions
+        actions: '**'
+        enable: false
+  - name: guestAccounts
+    rules:      
+      - path: /account/*
+        enable: false
+      - path: /api/service/account
+        enable: false
+      - path: /api/service/account/*
+        enable: false                       
+  # User              
+  - name: userMenu
+    extends: [menu]
+    rules:
+      - path: /menu-security/user
+  - name: userView
+    extends: [views]
+    rules:
+      - path: /widgets-containers
+        actions: viewUser
+      - path: /grid-columns
+        actions: emailColumn
+  - name: userActions
+    rules:    
+      - path: /actions
+        actions: '**, edit:** , remove, view:**, hidden' 
+        enable: false
+      - path: /actions
+        actions: 'add, remove:**, edit, id'
+      - path: /actions-dots
+        actions: id
+  - name: userAccounts
+    rules:      
+      - path: /account/*
+      - path: /account/22
+        enable: false
+      - path: /api/service/account      
+      - path: /api/service/account/*
+        enable: false
+      - path: /api/service/account/21   
+  # Admin              
+  - name: adminMenu
+    extends: [menu]
+    rules:
+      - path: /menu-security/*
+  - name: adminView
+    extends: [views]
+    rules:
+      - path: /grid-columns
+        actions: ipColumn
+  - name: adminActions
+    rules:    
+      - path: /actions
+        actions: '**, edit:** , remove, view:**, hidden'
+  - name: adminAccounts
+    rules:      
+      - path: /account/22
+      - path: /api/service/account/22
+roles:
+  - name: Guest
+    permissions: [guestAccounts, guestMenu, guestView, guestActions ]
+  - name: User
+    extends: [Guest]
+    permissions: [ userAccounts, userMenu, userView, userActions, roleView]
+  - name: Admin
+    extends: [User]
+    permissions: [ adminAccounts,adminMenu, adminView, adminActions, roleEdit ]

package/blz-security/__test__/autorization.test.js

@@ -0,0 +1,105 @@
+/* eslint-disable no-undef */
+const { h3lp } = require('h3lp')
+const Yaml = require('js-yaml')
+const path = require('path')
+const AuthorizationService = require('../authorizationService')
+const _ = require('underscore')
+const logger = require('pino')()
+
+let authorizationService = null
+let config = null
+
+describe('Permission Service', () => {
+  beforeAll(async () => {
+    authorizationService = new AuthorizationService(_,logger)
+    const content = await h3lp.fs.read(path.join(__dirname, '/Security.yaml'))
+    const list = await Yaml.loadAll(content)
+    config = authorizationService.importSecurityConfig(list[0])
+  })
+
+  test('Permissions by Guest', () => {
+    const permissions = config.roles.find(p => p.name === 'Guest').permissions.join(',')
+    expect('guestAccounts,guestMenu,guestView,guestActions').toStrictEqual(permissions)
+  })
+  test('Permissions by User', () => {
+    const permissions = config.roles.find(p => p.name === 'User').permissions.join(',')
+    expect('userAccounts,userMenu,userView,userActions,roleView,guestAccounts,guestMenu,guestView,guestActions').toStrictEqual(permissions)
+  })
+  test('Permissions by Admin', () => {
+    const permissions = config.roles.find(p => p.name === 'Admin').permissions.join(',')
+    expect('adminAccounts,adminMenu,adminView,adminActions,roleEdit,userAccounts,userMenu,userView,userActions,roleView,guestAccounts,guestMenu,guestView,guestActions').toStrictEqual(permissions)
+  })
+  test('authorized by Guest', () => {
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/account', '*', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/21', '*', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/22', '*', ['Guest']))
+
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/menu-security/guest', '', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/menu-security/user', '', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/menu-security/admin', '', ['Guest']))
+  })
+  test('authorized by User', () => {
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account', '*', ['User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/21', '*', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/22', '*', ['User']))
+
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/menu-security/guest', '', ['User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/menu-security/user', '', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/menu-security/admin', '', ['User']))
+  })
+  test('authorized by Admin', () => {
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account', '*', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/21', '*', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/22', '*', ['Admin']))
+
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/menu-security/guest', '', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/menu-security/user', '', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/menu-security/admin', '', ['Admin']))
+  })
+  test('authorized by Guest and User', () => {
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account', '*', ['Guest', 'User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/21', '*', ['Guest', 'User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/22', '*', ['Guest', 'User']))
+  })
+  test('authorized by User and Admin', () => {
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account', '*', ['User', 'Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/21', '*', ['User', 'Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/account/22', '*', ['User', 'Admin']))
+  })
+  test('Role access to Guest', () => {
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', '', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'View', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Add', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Edit', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Remove', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/roles', 'GET', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/roles/merged', 'POST', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'GET', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'DELETE', ['Guest']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'PATCH', ['Guest']))
+  })
+  test('Role access to User', () => {
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', '', ['User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', 'View', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Add', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Edit', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Remove', ['User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/roles', 'GET', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/roles/merged', 'POST', ['User']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'GET', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'DELETE', ['User']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'PATCH', ['User']))
+  })
+  test('Role access to Admin', () => {
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', '', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', 'View', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Add', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Edit', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/roles', 'Remove', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/roles', 'GET', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/roles/merged', 'POST', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'GET', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'DELETE', ['Admin']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/service/role/1', 'PATCH', ['Admin']))
+  })
+})

package/blz-security/__test__/autorizationKpn.test.js

@@ -0,0 +1,42 @@
+/* eslint-disable no-undef */
+const { h3lp } = require('h3lp')
+const Yaml = require('js-yaml')
+const path = require('path')
+const AuthorizationService = require('../authorizationService')
+const _ = require('underscore')
+const logger = require('pino')()
+
+let authorizationService = null
+let config = null
+
+describe('Permission Service', () => {
+  beforeAll(async () => {
+    authorizationService = new AuthorizationService(_,logger)
+    const content = await h3lp.fs.read(path.join(__dirname, '/AuthorizationKpn.yaml'))
+    const list = await Yaml.loadAll(content)
+    config = authorizationService.importSecurityConfig(list[0])
+  })
+
+  test('Permissions by Configuration.Admin', () => {
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-credit/undefined', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-credit/', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-debit/undefined', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-debit/', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-credit/undefined', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-credit/', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-debit/undefined', null, ['Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-debit/', null, ['Configuration.Admin'], ['agent']))
+  })
+  
+  test('Permissions by Collections.Admin, Collections.Finance, Configuration.Admin', () => {
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-credit/undefined', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-credit/', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-debit/undefined', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-manual-debit/', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-credit/undefined', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-credit/', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-debit/undefined', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/ep-out-manual-debit/', null, ['Collections.Admin','Collections.Finance','Configuration.Admin'], ['agent']))
+  })
+ 
+})

package/blz-security/__test__/orderManagement.test.js

@@ -0,0 +1,26 @@
+/* eslint-disable no-undef */
+const { h3lp } = require('h3lp')
+const Yaml = require('js-yaml')
+const path = require('path')
+const AuthorizationService = require('../authorizationService')
+const _ = require('underscore')
+const logger = require('pino')()
+
+let authorizationService = null
+
+describe('Permission Service', () => {
+  beforeAll(async () => {
+    authorizationService = new AuthorizationService(_,logger)
+    const content = await h3lp.fs.read(path.join(__dirname, '/OrderManagement.yaml'))
+    const list = await Yaml.loadAll(content)
+    config = authorizationService.importSecurityConfig(list[0])
+  })
+
+  test('Paths with query parameters', () => {
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/ext-common-business/businessDomains', 'GET', ['OMUserMenu']))
+    expect(false).toStrictEqual(authorizationService.checkAuthorize('/api/ext-common-business/businessDomains?offset=0&limit=1', 'GET', ['OMUserMenu']))
+
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/ext-common-business/businessDomains', 'delete', ['OMUserMenu']))
+    expect(true).toStrictEqual(authorizationService.checkAuthorize('/api/ext-common-business/businessDomains?offset=0&limit=1', 'DELETE', ['OMUserMenu']))
+  })
+})

package/blz-security/__test__/secureUrl.test.js

@@ -0,0 +1,79 @@
+/* eslint-disable no-undef */
+const SecureUrlService = require('../secureUrlService')
+const logger = require('pino')()
+let secureUrlService = null
+
+describe('SecureUrlService', () => {
+  beforeAll(async () => {
+    secureUrlService = new SecureUrlService(logger)
+  })
+
+  test('Front path', () => {
+    const session_key = 'N2ZkZGY4NmItYzVmYi00ZDFkLWI0OGEtMTY1MmM4YmI0ZThm'
+    const path = 'https://case-management-portal-beesion-dev.apps.ocp01.iplan.com.ar/#/tkt-incident/sw-2783/manage'
+    const token = secureUrlService.createToken(path, session_key)
+    expect(() => secureUrlService.validate(path, token, session_key, 15000)).not.toThrow();
+    expect(secureUrlService.validate(path, token, session_key, 15000)).toBeUndefined();
+  })
+
+  test('Front path with params', () => {
+    const session_key = 'N2ZkZGY4NmItYzVmYi00ZDFkLWI0OGEtMTY1MmM4YmI0ZThm'
+    const path = 'https://case-management-portal-beesion-dev.apps.ocp01.iplan.com.ar/#/tkt-incident/sw-2783/manage?param1=1&param2=a'
+    const token = secureUrlService.createToken(path, session_key)
+    expect(() => secureUrlService.validate(path, token, session_key, 15000)).not.toThrow();
+    expect(secureUrlService.validate(path, token, session_key, 15000)).toBeUndefined();
+  })
+
+  test('Api path', () => {
+    const session_key = 'N2ZkZGY4NmItYzVmYi00ZDFkLWI0OGEtMTY1MmM4YmI0ZThm'
+    const path = '/api/case-adapter/bpm'
+    const token = secureUrlService.createToken(path, session_key)
+    expect(() => secureUrlService.validate(path, token, session_key, 15000)).not.toThrow();
+    expect(secureUrlService.validate(path, token, session_key, 15000)).toBeUndefined();
+  })
+
+  test('Path with special characters with token expired', () => {
+    const session_key = '2cd68756-0099-48b4-9f42-57b3553f60c7'
+    const path = '/api/ms-business/party/%7BpartyId%7D'
+    const token = secureUrlService.createToken(path, session_key)
+    try {
+      secureUrlService.validate(path, token, session_key, -1);
+      fail('Expected SecureUrlService.validate to throw an error');
+    } catch (error) {
+      expect(error.message).toBe('The token has expired.');
+      expect(error.name).toBe('SecureUrlError');
+      expect(error.code).toBe(410); // o el campo que uses para el código
+    }
+  })
+
+  test('Path with special characters', () => {
+    const session_key = '2cd68756-0099-48b4-9f42-57b3553f60c7'
+    const path = '/api/ms-business/party/%7BpartyId%7D'
+    const token = secureUrlService.createToken(path, session_key)
+    expect(() => secureUrlService.validate(path, token, session_key, 15000)).not.toThrow();
+    expect(secureUrlService.validate(path, token, session_key, 15000)).toBeUndefined();
+  })
+
+  test('Path with special characters and session key in base64 with token expired', () => {
+    const session_key = 'N2ZkZGY4NmItYzVmYi00ZDFkLWI0OGEtMTY1MmM4YmI0ZThm'
+    const path = '/api/case-adapter/bpm/%7BinstanceId%7D/save-and-continue'
+    const token = secureUrlService.createToken(path, session_key)
+    try {      
+      secureUrlService.validate(path, token, session_key, -1);
+      fail('Expected SecureUrlService.validate to throw an error');
+    } catch (error) {
+      expect(error.message).toBe('The token has expired.');
+      expect(error.name).toBe('SecureUrlError');
+      expect(error.code).toBe(410); // o el campo que uses para el código
+    }
+  })
+
+  test('Path with special characters and session key in base64', () => {
+    const session_key = 'N2ZkZGY4NmItYzVmYi00ZDFkLWI0OGEtMTY1MmM4YmI0ZThm'
+    const path = '/api/case-adapter/bpm/%7BinstanceId%7D/save-and-continue'
+    const token = secureUrlService.createToken(path, session_key)
+    expect(() => secureUrlService.validate(path, token, session_key, 15000)).not.toThrow();
+    expect(secureUrlService.validate(path, token, session_key, 15000)).toBeUndefined();
+  })
+  
+})

package/blz-security/__test__/solveMergeRule.test.js

@@ -0,0 +1,109 @@
+/* eslint-disable no-undef */
+const AuthorizationService = require('../authorizationService')
+const _ = require('underscore')
+const logger = require('pino')()
+
+const authorizationService = new AuthorizationService(_,logger)
+const typesPreviousRules = [
+  { path: '/api/ms-financing-setting/fnc-types', actions: 'GET', enable: true },
+  { path: '/api/ms-financing-setting/fnc-types', actions: 'POST', enable: false }
+]
+const actionPreviousRules = [
+  { path: '/api/ms-financing-setting/fnc-action', actions: '*', enable: false }
+]
+const catalogPreviousRules = [
+  { path: '/api/ms-financing-setting/fnc-catalog', actions: '*', enable: true }
+]
+
+describe('Types use case', () => {
+  test('Set disable previous disable', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(typesPreviousRules, { path: '/api/ms-financing-setting/fnc-types', actions: 'POST', enable: false }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-types","actions":"GET","enable":true},{"path":"/api/ms-financing-setting/fnc-types","actions":"POST","enable":false}]').toStrictEqual(result)
+  })
+  test('Set enable previous disable', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(typesPreviousRules, { path: '/api/ms-financing-setting/fnc-types', actions: 'POST', enable: true }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-types","actions":"GET,POST","enable":true}]').toStrictEqual(result)
+  })
+  test('Add enable', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(typesPreviousRules, { path: '/api/ms-financing-setting/fnc-types', actions: 'PUT', enable: true }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-types","actions":"GET,PUT","enable":true},{"path":"/api/ms-financing-setting/fnc-types","actions":"POST","enable":false}]').toStrictEqual(result)
+  })
+  test('disable two actions, one set disable previously and other not exists', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(typesPreviousRules, { path: '/api/ms-financing-setting/fnc-types', actions: 'POST,DELETE', enable: false }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-types","actions":"GET","enable":true},{"path":"/api/ms-financing-setting/fnc-types","actions":"POST,DELETE","enable":false}]').toStrictEqual(result)
+  })
+  test('Enable two actions, one set disable previously and other not exists', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(typesPreviousRules, { path: '/api/ms-financing-setting/fnc-types', actions: 'POST,DELETE', enable: true }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-types","actions":"GET,POST,DELETE","enable":true}]').toStrictEqual(result)
+  })
+  test('Add enable all rule', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(typesPreviousRules, { path: '/api/ms-financing-setting/fnc-types', actions: '*', enable: true }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-types","actions":"*","enable":true}]').toStrictEqual(result)
+  })
+  test('Add disable all rule', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(typesPreviousRules, { path: '/api/ms-financing-setting/fnc-types', actions: '*', enable: false }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-types","actions":"GET","enable":true},{"path":"/api/ms-financing-setting/fnc-types","actions":"*","enable":false}]').toStrictEqual(result)
+  })
+})
+
+describe('Action use case', () => {
+  test('Set disable previous disable', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(actionPreviousRules, { path: '/api/ms-financing-setting/fnc-action', actions: 'POST', enable: false }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-action","actions":"*","enable":false}]').toStrictEqual(result)
+  })
+  test('Set enable previous disable', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(actionPreviousRules, { path: '/api/ms-financing-setting/fnc-action', actions: 'POST', enable: true }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-action","actions":"*","enable":false},{"path":"/api/ms-financing-setting/fnc-action","actions":"POST","enable":true}]').toStrictEqual(result)
+  })
+  test('Add enable', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(actionPreviousRules, { path: '/api/ms-financing-setting/fnc-action', actions: 'PUT', enable: true }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-action","actions":"*","enable":false},{"path":"/api/ms-financing-setting/fnc-action","actions":"PUT","enable":true}]').toStrictEqual(result)
+  })
+  test('disable two actions, one set disable previously and other not exists', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(actionPreviousRules, { path: '/api/ms-financing-setting/fnc-action', actions: 'POST,DELETE', enable: false }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-action","actions":"*","enable":false}]').toStrictEqual(result)
+  })
+  test('Enable two actions, one set disable previously and other not exists', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(actionPreviousRules, { path: '/api/ms-financing-setting/fnc-action', actions: 'POST,DELETE', enable: true }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-action","actions":"*","enable":false},{"path":"/api/ms-financing-setting/fnc-action","actions":"POST,DELETE","enable":true}]').toStrictEqual(result)
+  })
+  test('Add enable all rule', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(actionPreviousRules, { path: '/api/ms-financing-setting/fnc-action', actions: '*', enable: true }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-action","actions":"*","enable":true}]').toStrictEqual(result)
+  })
+  test('Add disable all rule', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(actionPreviousRules, { path: '/api/ms-financing-setting/fnc-action', actions: '*', enable: false }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-action","actions":"*","enable":false}]').toStrictEqual(result)
+  })
+})
+
+describe('Catalog use case', () => {
+  test('Set disable previous disable', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(catalogPreviousRules, { path: '/api/ms-financing-setting/fnc-catalog', actions: 'POST', enable: false }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-catalog","actions":"*","enable":true}]').toStrictEqual(result)
+  })
+  test('Set enable previous disable', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(catalogPreviousRules, { path: '/api/ms-financing-setting/fnc-catalog', actions: 'POST', enable: true }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-catalog","actions":"*","enable":true}]').toStrictEqual(result)
+  })
+  test('Add enable', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(catalogPreviousRules, { path: '/api/ms-financing-setting/fnc-catalog', actions: 'PUT', enable: true }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-catalog","actions":"*","enable":true}]').toStrictEqual(result)
+  })
+  test('disable two actions, one set disable previously and other not exists', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(catalogPreviousRules, { path: '/api/ms-financing-setting/fnc-catalog', actions: 'POST,DELETE', enable: false }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-catalog","actions":"*","enable":true}]').toStrictEqual(result)
+  })
+  test('Enable two actions, one set disable previously and other not exists', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(catalogPreviousRules, { path: '/api/ms-financing-setting/fnc-catalog', actions: 'POST,DELETE', enable: true }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-catalog","actions":"*","enable":true}]').toStrictEqual(result)
+  })
+  test('Add enable all rule', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(catalogPreviousRules, { path: '/api/ms-financing-setting/fnc-catalog', actions: '*', enable: true }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-catalog","actions":"*","enable":true}]').toStrictEqual(result)
+  })
+  test('Add disable all rule', () => {
+    const result = JSON.stringify(authorizationService._solveMergeRule(catalogPreviousRules, { path: '/api/ms-financing-setting/fnc-catalog', actions: '*', enable: false }))
+    expect('[{"path":"/api/ms-financing-setting/fnc-catalog","actions":"*","enable":true}]').toStrictEqual(result)
+  })
+})