@tellescope/sdk 1.242.9 → 1.242.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (29) hide show
  1. package/lib/cjs/tests/api_tests/custom_aggregation.test.d.ts.map +1 -1
  2. package/lib/cjs/tests/api_tests/custom_aggregation.test.js +109 -7
  3. package/lib/cjs/tests/api_tests/custom_aggregation.test.js.map +1 -1
  4. package/lib/cjs/tests/api_tests/no_access_permission_checks.test.d.ts +20 -0
  5. package/lib/cjs/tests/api_tests/no_access_permission_checks.test.d.ts.map +1 -0
  6. package/lib/cjs/tests/api_tests/no_access_permission_checks.test.js +481 -0
  7. package/lib/cjs/tests/api_tests/no_access_permission_checks.test.js.map +1 -0
  8. package/lib/cjs/tests/tests.d.ts.map +1 -1
  9. package/lib/cjs/tests/tests.js +116 -112
  10. package/lib/cjs/tests/tests.js.map +1 -1
  11. package/lib/esm/sdk.d.ts +2 -2
  12. package/lib/esm/session.d.ts +0 -1
  13. package/lib/esm/session.d.ts.map +1 -1
  14. package/lib/esm/tests/api_tests/custom_aggregation.test.d.ts.map +1 -1
  15. package/lib/esm/tests/api_tests/custom_aggregation.test.js +110 -8
  16. package/lib/esm/tests/api_tests/custom_aggregation.test.js.map +1 -1
  17. package/lib/esm/tests/api_tests/no_access_permission_checks.test.d.ts +20 -0
  18. package/lib/esm/tests/api_tests/no_access_permission_checks.test.d.ts.map +1 -0
  19. package/lib/esm/tests/api_tests/no_access_permission_checks.test.js +477 -0
  20. package/lib/esm/tests/api_tests/no_access_permission_checks.test.js.map +1 -0
  21. package/lib/esm/tests/tests.d.ts.map +1 -1
  22. package/lib/esm/tests/tests.js +116 -112
  23. package/lib/esm/tests/tests.js.map +1 -1
  24. package/lib/tsconfig.tsbuildinfo +1 -1
  25. package/package.json +10 -10
  26. package/src/tests/api_tests/custom_aggregation.test.ts +74 -0
  27. package/src/tests/api_tests/no_access_permission_checks.test.ts +365 -0
  28. package/src/tests/tests.ts +3 -1
  29. package/test_generated.pdf +0 -0
@@ -1 +1 @@
1
- {"version":3,"file":"custom_aggregation.test.d.ts","sourceRoot":"","sources":["../../../../src/tests/api_tests/custom_aggregation.test.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AAUnC,eAAO,MAAM,wBAAwB;SAAwC,OAAO;iBAAe,OAAO;mBAyGzG,CAAA"}
1
+ {"version":3,"file":"custom_aggregation.test.d.ts","sourceRoot":"","sources":["../../../../src/tests/api_tests/custom_aggregation.test.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AAanC,eAAO,MAAM,wBAAwB;SAAwC,OAAO;iBAAe,OAAO;mBAgLzG,CAAA"}
@@ -1,4 +1,15 @@
1
1
  "use strict";
2
+ var __assign = (this && this.__assign) || function () {
3
+ __assign = Object.assign || function(t) {
4
+ for (var s, i = 1, n = arguments.length; i < n; i++) {
5
+ s = arguments[i];
6
+ for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
7
+ t[p] = s[p];
8
+ }
9
+ return t;
10
+ };
11
+ return __assign.apply(this, arguments);
12
+ };
2
13
  var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
14
  function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
15
  return new (P || (P = Promise))(function (resolve, reject) {
@@ -41,12 +52,14 @@ require('source-map-support').install();
41
52
  var sdk_1 = require("../../sdk");
42
53
  var testing_1 = require("@tellescope/testing");
43
54
  var setup_1 = require("../setup");
55
+ var constants_1 = require("@tellescope/constants");
44
56
  var host = process.env.API_URL || 'http://localhost:8080';
57
+ var _a = [process.env.NON_ADMIN_EMAIL, process.env.NON_ADMIN_PASSWORD], nonAdminEmail = _a[0], nonAdminPassword = _a[1];
45
58
  // Main test function that can be called independently
46
59
  var custom_aggregation_tests = function (_a) {
47
60
  var sdk = _a.sdk, sdkNonAdmin = _a.sdkNonAdmin;
48
61
  return __awaiter(void 0, void 0, void 0, function () {
49
- var testEnduser;
62
+ var testEnduser, noEngagementAccessRole, rbap, originalRoles;
50
63
  return __generator(this, function (_b) {
51
64
  switch (_b.label) {
52
65
  case 0:
@@ -70,7 +83,7 @@ var custom_aggregation_tests = function (_a) {
70
83
  _b.sent();
71
84
  _b.label = 3;
72
85
  case 3:
73
- _b.trys.push([3, , 9, 11]);
86
+ _b.trys.push([3, , 22, 24]);
74
87
  // Test 1: Basic aggregation works
75
88
  return [4 /*yield*/, (0, testing_1.async_test)("Custom aggregation - basic query works", function () { return sdk.api.analytics_frames.custom_aggregation({
76
89
  modelName: 'endusers',
@@ -148,20 +161,109 @@ var custom_aggregation_tests = function (_a) {
148
161
  var user = group.data[0];
149
162
  // Even in grouped results, hashedPassword should not be present
150
163
  return group.count === 1 && user.hashedPassword === undefined;
151
- } })];
164
+ } })
165
+ // ===== Role-Based Access Permission Tests =====
166
+ ];
152
167
  case 8:
153
168
  // Test 5: Aggregation with grouping doesn't leak hashedPassword
154
169
  _b.sent();
170
+ // ===== Role-Based Access Permission Tests =====
171
+ (0, testing_1.log_header)("Custom Aggregation - Role-Based Access Tests");
172
+ noEngagementAccessRole = 'no-engagement-access-test';
173
+ return [4 /*yield*/, sdk.api.role_based_access_permissions.createOne({
174
+ role: noEngagementAccessRole,
175
+ permissions: __assign(__assign({}, constants_1.PROVIDER_PERMISSIONS), {
176
+ // Override endusers to have full read access so we can test aggregation
177
+ endusers: {
178
+ create: 'All',
179
+ read: 'All',
180
+ update: 'All',
181
+ delete: 'All',
182
+ }, engagement_events: {
183
+ create: null,
184
+ read: null,
185
+ update: null,
186
+ delete: null,
187
+ } }),
188
+ })
189
+ // Save original role to restore later
190
+ ];
191
+ case 9:
192
+ rbap = _b.sent();
193
+ originalRoles = sdkNonAdmin.userInfo.roles;
194
+ _b.label = 10;
195
+ case 10:
196
+ _b.trys.push([10, , 16, 21]);
197
+ // Assign the restricted role to non-admin user
198
+ return [4 /*yield*/, sdk.api.users.updateOne(sdkNonAdmin.userInfo.id, { roles: [noEngagementAccessRole] }, { replaceObjectFields: true })];
199
+ case 11:
200
+ // Assign the restricted role to non-admin user
201
+ _b.sent();
202
+ return [4 /*yield*/, (0, testing_1.wait)(undefined, 1500)]; // wait for role change to propagate
203
+ case 12:
204
+ _b.sent(); // wait for role change to propagate
205
+ return [4 /*yield*/, sdkNonAdmin.authenticate(nonAdminEmail, nonAdminPassword)
206
+ // Test 6: Non-admin can still aggregate models they have access to (endusers)
207
+ ];
208
+ case 13:
209
+ _b.sent();
210
+ // Test 6: Non-admin can still aggregate models they have access to (endusers)
211
+ return [4 /*yield*/, (0, testing_1.async_test)("Custom aggregation - non-admin can access permitted models", function () { return sdkNonAdmin.api.analytics_frames.custom_aggregation({
212
+ modelName: 'endusers',
213
+ aggregation: [
214
+ { $match: { fname: 'CustomAgg' } },
215
+ { $count: 'total' }
216
+ ]
217
+ }); }, { onResult: function (r) { var _a; return ((_a = r.result[0]) === null || _a === void 0 ? void 0 : _a.total) === 1; } })
218
+ // Test 7: Non-admin is blocked from aggregating models with No Access
219
+ ];
220
+ case 14:
221
+ // Test 6: Non-admin can still aggregate models they have access to (endusers)
222
+ _b.sent();
223
+ // Test 7: Non-admin is blocked from aggregating models with No Access
224
+ return [4 /*yield*/, (0, testing_1.async_test)("Custom aggregation - non-admin blocked from No Access models", function () { return sdkNonAdmin.api.analytics_frames.custom_aggregation({
225
+ modelName: 'engagement_events',
226
+ aggregation: [
227
+ { $match: {} },
228
+ { $count: 'total' }
229
+ ]
230
+ }); }, { shouldError: true, onError: function (e) { return e.message === "You do not have access to this resource"; } })];
231
+ case 15:
232
+ // Test 7: Non-admin is blocked from aggregating models with No Access
233
+ _b.sent();
234
+ console.log("✅ All custom aggregation role-based access tests passed");
235
+ return [3 /*break*/, 21];
236
+ case 16:
237
+ // Restore original role
238
+ return [4 /*yield*/, sdk.api.users.updateOne(sdkNonAdmin.userInfo.id, { roles: originalRoles }, { replaceObjectFields: true })];
239
+ case 17:
240
+ // Restore original role
241
+ _b.sent();
242
+ return [4 /*yield*/, (0, testing_1.wait)(undefined, 1000)];
243
+ case 18:
244
+ _b.sent();
245
+ return [4 /*yield*/, sdkNonAdmin.authenticate(nonAdminEmail, nonAdminPassword)
246
+ // Cleanup role
247
+ ];
248
+ case 19:
249
+ _b.sent();
250
+ // Cleanup role
251
+ return [4 /*yield*/, sdk.api.role_based_access_permissions.deleteOne(rbap.id)];
252
+ case 20:
253
+ // Cleanup role
254
+ _b.sent();
255
+ return [7 /*endfinally*/];
256
+ case 21:
155
257
  console.log("✅ All custom aggregation tests passed");
156
- return [3 /*break*/, 11];
157
- case 9:
258
+ return [3 /*break*/, 24];
259
+ case 22:
158
260
  // Cleanup
159
261
  return [4 /*yield*/, sdk.api.endusers.deleteOne(testEnduser.id)];
160
- case 10:
262
+ case 23:
161
263
  // Cleanup
162
264
  _b.sent();
163
265
  return [7 /*endfinally*/];
164
- case 11: return [2 /*return*/];
266
+ case 24: return [2 /*return*/];
165
267
  }
166
268
  });
167
269
  });
@@ -1 +1 @@
1
- {"version":3,"file":"custom_aggregation.test.js","sourceRoot":"","sources":["../../../../src/tests/api_tests/custom_aggregation.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,CAAC,oBAAoB,CAAC,CAAC,OAAO,EAAE,CAAC;AAExC,iCAAmC;AACnC,+CAG4B;AAC5B,kCAAsC;AAEtC,IAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,uBAAgC,CAAA;AAEpE,sDAAsD;AAC/C,IAAM,wBAAwB,GAAG,UAAO,EAA6D;QAA3D,GAAG,SAAA,EAAE,WAAW,iBAAA;;;;;;oBAC/D,IAAA,oBAAU,EAAC,0BAA0B,CAAC,CAAA;oBAGlB,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC;4BACnD,KAAK,EAAE,WAAW;4BAClB,KAAK,EAAE,UAAU;4BACjB,KAAK,EAAE,6BAA6B;yBACrC,CAAC;wBAEF,sEAAsE;sBAFpE;;oBAJI,WAAW,GAAG,SAIlB;oBAEF,sEAAsE;oBACtE,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC;4BAClC,EAAE,EAAE,WAAW,CAAC,EAAE;4BAClB,QAAQ,EAAE,kBAAkB;yBAC7B,CAAC,EAAA;;oBAJF,sEAAsE;oBACtE,SAGE,CAAA;;;;oBAGA,kCAAkC;oBAClC,qBAAM,IAAA,oBAAU,EACd,wCAAwC,EACxC,cAAM,OAAA,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;4BAChD,SAAS,EAAE,UAAU;4BACrB,WAAW,EAAE;gCACX,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;gCAClC,EAAE,MAAM,EAAE,OAAO,EAAE;6BACpB;yBACF,CAAC,EANI,CAMJ,EACF,EAAE,QAAQ,EAAE,UAAA,CAAC,YAAI,OAAA,CAAA,MAAA,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,0CAAE,KAAK,MAAK,CAAC,CAAA,EAAA,EAAE,CAC5C;wBAED,2CAA2C;sBAF1C;;oBAXD,kCAAkC;oBAClC,SAUC,CAAA;oBAED,2CAA2C;oBAC3C,qBAAM,IAAA,oBAAU,EACd,6CAA6C,EAC7C,cAAM,OAAA,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;4BAChD,SAAS,EAAE,UAAU;4BACrB,WAAW,EAAE;gCACX,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;gCAClC,EAAE,QAAQ,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;6BAC/C;yBACF,CAAC,EANI,CAMJ,EACF,EAAE,QAAQ,EAAE,UAAA,CAAC;gCACX,IAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;gCACxB,OAAO,IAAI,CAAC,KAAK,KAAK,WAAW;uCAC5B,IAAI,CAAC,KAAK,KAAK,UAAU;uCACzB,IAAI,CAAC,KAAK,KAAK,6BAA6B,CAAA;4BACnD,CAAC,EAAC,CACH;wBAED,kEAAkE;sBAFjE;;oBAhBD,2CAA2C;oBAC3C,SAeC,CAAA;oBAED,kEAAkE;oBAClE,qBAAM,IAAA,oBAAU,EACd,oEAAoE,EACpE,cAAM,OAAA,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;4BAChD,SAAS,EAAE,UAAU;4BACrB,WAAW,EAAE;gCACX,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;gCAClC,EAAE,QAAQ,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,cAAc,EAAE,CAAC,EAAE,EAAE,CAAC,8BAA8B;6BAC7E;yBACF,CAAC,EANI,CAMJ,EACF,EAAE,QAAQ,EAAE,UAAA,CAAC;gCACX,IAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;gCACxB,2CAA2C;gCAC3C,OAAO,IAAI,CAAC,KAAK,KAAK,WAAW,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,CAAA;4BACxE,CAAC,EAAC,CACH;wBAED,mEAAmE;sBAFlE;;oBAfD,kEAAkE;oBAClE,SAcC,CAAA;oBAED,mEAAmE;oBACnE,qBAAM,IAAA,oBAAU,EACd,8DAA8D,EAC9D,cAAM,OAAA,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;4BAChD,SAAS,EAAE,UAAU;4BACrB,WAAW,EAAE;gCACX,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;gCAClC,EAAE,MAAM,EAAE,CAAC,EAAE;6BACd;yBACF,CAAC,EANI,CAMJ,EACF,EAAE,QAAQ,EAAE,UAAA,CAAC;gCACX,IAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;gCACxB,iDAAiD;gCACjD,OAAO,IAAI,CAAC,KAAK,KAAK,WAAW,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,CAAA;4BACxE,CAAC,EAAC,CACH;wBAED,gEAAgE;sBAF/D;;oBAfD,mEAAmE;oBACnE,SAcC,CAAA;oBAED,gEAAgE;oBAChE,qBAAM,IAAA,oBAAU,EACd,iEAAiE,EACjE,cAAM,OAAA,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;4BAChD,SAAS,EAAE,UAAU;4BACrB,WAAW,EAAE;gCACX,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;gCAClC,EAAE,MAAM,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE,EAAE;6BAC7E;yBACF,CAAC,EANI,CAMJ,EACF,EAAE,QAAQ,EAAE,UAAA,CAAC;gCACX,IAAM,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;gCACzB,IAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;gCAC1B,gEAAgE;gCAChE,OAAO,KAAK,CAAC,KAAK,KAAK,CAAC,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,CAAA;4BAC/D,CAAC,EAAC,CACH,EAAA;;oBAhBD,gEAAgE;oBAChE,SAeC,CAAA;oBAED,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAA;;;gBAEpD,UAAU;gBACV,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,EAAA;;oBADhD,UAAU;oBACV,SAAgD,CAAA;;;;;;CAEnD,CAAA;AAzGY,QAAA,wBAAwB,4BAyGpC;AAED,6CAA6C;AAC7C,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE;IAC3B,OAAO,CAAC,GAAG,CAAC,sCAAqB,IAAI,CAAE,CAAC,CAAA;IACxC,IAAM,KAAG,GAAG,IAAI,aAAO,CAAC,EAAE,IAAI,MAAA,EAAE,CAAC,CAAA;IACjC,IAAM,aAAW,GAAG,IAAI,aAAO,CAAC,EAAE,IAAI,MAAA,EAAE,CAAC,CAAA;IAEzC,IAAM,QAAQ,GAAG;;;wBACf,qBAAM,IAAA,mBAAW,EAAC,KAAG,EAAE,aAAW,CAAC,EAAA;;oBAAnC,SAAmC,CAAA;oBACnC,qBAAM,IAAA,gCAAwB,EAAC,EAAE,GAAG,OAAA,EAAE,WAAW,eAAA,EAAE,CAAC,EAAA;;oBAApD,SAAoD,CAAA;;;;SACrD,CAAA;IAED,QAAQ,EAAE;SACP,IAAI,CAAC;QACJ,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAA;QACrE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC;SACD,KAAK,CAAC,UAAC,KAAK;QACX,OAAO,CAAC,KAAK,CAAC,yCAAyC,EAAE,KAAK,CAAC,CAAA;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC,CAAA;CACL"}
1
+ {"version":3,"file":"custom_aggregation.test.js","sourceRoot":"","sources":["../../../../src/tests/api_tests/custom_aggregation.test.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,CAAC,oBAAoB,CAAC,CAAC,OAAO,EAAE,CAAC;AAExC,iCAAmC;AACnC,+CAI4B;AAC5B,kCAAsC;AACtC,mDAA4D;AAE5D,IAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,uBAAgC,CAAA;AAC9D,IAAA,KAAoC,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,EAAhG,aAAa,QAAA,EAAE,gBAAgB,QAAiE,CAAA;AAEvG,sDAAsD;AAC/C,IAAM,wBAAwB,GAAG,UAAO,EAA6D;QAA3D,GAAG,SAAA,EAAE,WAAW,iBAAA;;;;;;oBAC/D,IAAA,oBAAU,EAAC,0BAA0B,CAAC,CAAA;oBAGlB,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC;4BACnD,KAAK,EAAE,WAAW;4BAClB,KAAK,EAAE,UAAU;4BACjB,KAAK,EAAE,6BAA6B;yBACrC,CAAC;wBAEF,sEAAsE;sBAFpE;;oBAJI,WAAW,GAAG,SAIlB;oBAEF,sEAAsE;oBACtE,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC;4BAClC,EAAE,EAAE,WAAW,CAAC,EAAE;4BAClB,QAAQ,EAAE,kBAAkB;yBAC7B,CAAC,EAAA;;oBAJF,sEAAsE;oBACtE,SAGE,CAAA;;;;oBAGA,kCAAkC;oBAClC,qBAAM,IAAA,oBAAU,EACd,wCAAwC,EACxC,cAAM,OAAA,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;4BAChD,SAAS,EAAE,UAAU;4BACrB,WAAW,EAAE;gCACX,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;gCAClC,EAAE,MAAM,EAAE,OAAO,EAAE;6BACpB;yBACF,CAAC,EANI,CAMJ,EACF,EAAE,QAAQ,EAAE,UAAA,CAAC,YAAI,OAAA,CAAA,MAAA,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,0CAAE,KAAK,MAAK,CAAC,CAAA,EAAA,EAAE,CAC5C;wBAED,2CAA2C;sBAF1C;;oBAXD,kCAAkC;oBAClC,SAUC,CAAA;oBAED,2CAA2C;oBAC3C,qBAAM,IAAA,oBAAU,EACd,6CAA6C,EAC7C,cAAM,OAAA,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;4BAChD,SAAS,EAAE,UAAU;4BACrB,WAAW,EAAE;gCACX,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;gCAClC,EAAE,QAAQ,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;6BAC/C;yBACF,CAAC,EANI,CAMJ,EACF,EAAE,QAAQ,EAAE,UAAA,CAAC;gCACX,IAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;gCACxB,OAAO,IAAI,CAAC,KAAK,KAAK,WAAW;uCAC5B,IAAI,CAAC,KAAK,KAAK,UAAU;uCACzB,IAAI,CAAC,KAAK,KAAK,6BAA6B,CAAA;4BACnD,CAAC,EAAC,CACH;wBAED,kEAAkE;sBAFjE;;oBAhBD,2CAA2C;oBAC3C,SAeC,CAAA;oBAED,kEAAkE;oBAClE,qBAAM,IAAA,oBAAU,EACd,oEAAoE,EACpE,cAAM,OAAA,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;4BAChD,SAAS,EAAE,UAAU;4BACrB,WAAW,EAAE;gCACX,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;gCAClC,EAAE,QAAQ,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,cAAc,EAAE,CAAC,EAAE,EAAE,CAAC,8BAA8B;6BAC7E;yBACF,CAAC,EANI,CAMJ,EACF,EAAE,QAAQ,EAAE,UAAA,CAAC;gCACX,IAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;gCACxB,2CAA2C;gCAC3C,OAAO,IAAI,CAAC,KAAK,KAAK,WAAW,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,CAAA;4BACxE,CAAC,EAAC,CACH;wBAED,mEAAmE;sBAFlE;;oBAfD,kEAAkE;oBAClE,SAcC,CAAA;oBAED,mEAAmE;oBACnE,qBAAM,IAAA,oBAAU,EACd,8DAA8D,EAC9D,cAAM,OAAA,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;4BAChD,SAAS,EAAE,UAAU;4BACrB,WAAW,EAAE;gCACX,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;gCAClC,EAAE,MAAM,EAAE,CAAC,EAAE;6BACd;yBACF,CAAC,EANI,CAMJ,EACF,EAAE,QAAQ,EAAE,UAAA,CAAC;gCACX,IAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;gCACxB,iDAAiD;gCACjD,OAAO,IAAI,CAAC,KAAK,KAAK,WAAW,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,CAAA;4BACxE,CAAC,EAAC,CACH;wBAED,gEAAgE;sBAF/D;;oBAfD,mEAAmE;oBACnE,SAcC,CAAA;oBAED,gEAAgE;oBAChE,qBAAM,IAAA,oBAAU,EACd,iEAAiE,EACjE,cAAM,OAAA,GAAG,CAAC,GAAG,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;4BAChD,SAAS,EAAE,UAAU;4BACrB,WAAW,EAAE;gCACX,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;gCAClC,EAAE,MAAM,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE,EAAE;6BAC7E;yBACF,CAAC,EANI,CAMJ,EACF,EAAE,QAAQ,EAAE,UAAA,CAAC;gCACX,IAAM,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;gCACzB,IAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;gCAC1B,gEAAgE;gCAChE,OAAO,KAAK,CAAC,KAAK,KAAK,CAAC,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,CAAA;4BAC/D,CAAC,EAAC,CACH;wBAED,iDAAiD;sBAFhD;;oBAhBD,gEAAgE;oBAChE,SAeC,CAAA;oBAED,iDAAiD;oBACjD,IAAA,oBAAU,EAAC,8CAA8C,CAAC,CAAA;oBAGpD,sBAAsB,GAAG,2BAA2B,CAAA;oBAC7C,qBAAM,GAAG,CAAC,GAAG,CAAC,6BAA6B,CAAC,SAAS,CAAC;4BACjE,IAAI,EAAE,sBAAsB;4BAC5B,WAAW,wBACN,gCAAoB;gCACvB,wEAAwE;gCACxE,QAAQ,EAAE;oCACR,MAAM,EAAE,KAAK;oCACb,IAAI,EAAE,KAAK;oCACX,MAAM,EAAE,KAAK;oCACb,MAAM,EAAE,KAAK;iCACd,EACD,iBAAiB,EAAE;oCACjB,MAAM,EAAE,IAAI;oCACZ,IAAI,EAAE,IAAI;oCACV,MAAM,EAAE,IAAI;oCACZ,MAAM,EAAE,IAAI;iCACb,GACF;yBACF,CAAC;wBAEF,sCAAsC;sBAFpC;;oBAlBI,IAAI,GAAG,SAkBX;oBAGI,aAAa,GAAG,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAA;;;;oBAG9C,+CAA+C;oBAC/C,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,sBAAsB,CAAC,EAAE,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,EAAA;;oBAD1H,+CAA+C;oBAC/C,SAA0H,CAAA;oBAC1H,qBAAM,IAAA,cAAI,EAAC,SAAS,EAAE,IAAI,CAAC,EAAA,CAAC,oCAAoC;;oBAAhE,SAA2B,CAAA,CAAC,oCAAoC;oBAChE,qBAAM,WAAW,CAAC,YAAY,CAAC,aAAc,EAAE,gBAAiB,CAAC;wBAEjE,8EAA8E;sBAFb;;oBAAjE,SAAiE,CAAA;oBAEjE,8EAA8E;oBAC9E,qBAAM,IAAA,oBAAU,EACd,4DAA4D,EAC5D,cAAM,OAAA,WAAW,CAAC,GAAG,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;4BACxD,SAAS,EAAE,UAAU;4BACrB,WAAW,EAAE;gCACX,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;gCAClC,EAAE,MAAM,EAAE,OAAO,EAAE;6BACpB;yBACF,CAAC,EANI,CAMJ,EACF,EAAE,QAAQ,EAAE,UAAA,CAAC,YAAI,OAAA,CAAA,MAAA,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,0CAAE,KAAK,MAAK,CAAC,CAAA,EAAA,EAAE,CAC5C;wBAED,sEAAsE;sBAFrE;;oBAXD,8EAA8E;oBAC9E,SAUC,CAAA;oBAED,sEAAsE;oBACtE,qBAAM,IAAA,oBAAU,EACd,8DAA8D,EAC9D,cAAM,OAAA,WAAW,CAAC,GAAG,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;4BACxD,SAAS,EAAE,mBAAmB;4BAC9B,WAAW,EAAE;gCACX,EAAE,MAAM,EAAE,EAAE,EAAE;gCACd,EAAE,MAAM,EAAE,OAAO,EAAE;6BACpB;yBACF,CAAC,EANI,CAMJ,EACF,EAAE,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE,UAAC,CAAM,IAAK,OAAA,CAAC,CAAC,OAAO,KAAK,yCAAyC,EAAvD,CAAuD,EAAE,CACpG,EAAA;;oBAXD,sEAAsE;oBACtE,SAUC,CAAA;oBAED,OAAO,CAAC,GAAG,CAAC,yDAAyD,CAAC,CAAA;;;gBAEtE,wBAAwB;gBACxB,qBAAM,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,aAAa,EAAE,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,CAAC,EAAA;;oBAD/G,wBAAwB;oBACxB,SAA+G,CAAA;oBAC/G,qBAAM,IAAA,cAAI,EAAC,SAAS,EAAE,IAAI,CAAC,EAAA;;oBAA3B,SAA2B,CAAA;oBAC3B,qBAAM,WAAW,CAAC,YAAY,CAAC,aAAc,EAAE,gBAAiB,CAAC;wBAEjE,eAAe;sBAFkD;;oBAAjE,SAAiE,CAAA;oBAEjE,eAAe;oBACf,qBAAM,GAAG,CAAC,GAAG,CAAC,6BAA6B,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,EAAA;;oBAD9D,eAAe;oBACf,SAA8D,CAAA;;;oBAGhE,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAA;;;gBAEpD,UAAU;gBACV,qBAAM,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC,EAAA;;oBADhD,UAAU;oBACV,SAAgD,CAAA;;;;;;CAEnD,CAAA;AAhLY,QAAA,wBAAwB,4BAgLpC;AAED,6CAA6C;AAC7C,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE;IAC3B,OAAO,CAAC,GAAG,CAAC,sCAAqB,IAAI,CAAE,CAAC,CAAA;IACxC,IAAM,KAAG,GAAG,IAAI,aAAO,CAAC,EAAE,IAAI,MAAA,EAAE,CAAC,CAAA;IACjC,IAAM,aAAW,GAAG,IAAI,aAAO,CAAC,EAAE,IAAI,MAAA,EAAE,CAAC,CAAA;IAEzC,IAAM,QAAQ,GAAG;;;wBACf,qBAAM,IAAA,mBAAW,EAAC,KAAG,EAAE,aAAW,CAAC,EAAA;;oBAAnC,SAAmC,CAAA;oBACnC,qBAAM,IAAA,gCAAwB,EAAC,EAAE,GAAG,OAAA,EAAE,WAAW,eAAA,EAAE,CAAC,EAAA;;oBAApD,SAAoD,CAAA;;;;SACrD,CAAA;IAED,QAAQ,EAAE;SACP,IAAI,CAAC;QACJ,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAA;QACrE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC;SACD,KAAK,CAAC,UAAC,KAAK;QACX,OAAO,CAAC,KAAK,CAAC,yCAAyC,EAAE,KAAK,CAAC,CAAA;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC,CAAA;CACL"}
@@ -0,0 +1,20 @@
1
+ import { Session } from "../../sdk";
2
+ /**
3
+ * Security tests for endpoints with noAccessPermissions: true
4
+ *
5
+ * These tests verify that endpoints which bypass the standard middleware access check
6
+ * still properly enforce NO_ACCESS restrictions in their handlers.
7
+ *
8
+ * Test approach:
9
+ * 1. Create a role with NO_ACCESS (null) for a specific model
10
+ * 2. Assign that role to a non-admin user
11
+ * 3. Attempt to call the endpoint
12
+ * 4. Verify whether access is properly denied
13
+ *
14
+ * If a test shows data is returned when it shouldn't be, that endpoint needs a fix.
15
+ */
16
+ export declare const no_access_permission_checks_tests: ({ sdk, sdkNonAdmin }: {
17
+ sdk: Session;
18
+ sdkNonAdmin: Session;
19
+ }) => Promise<void>;
20
+ //# sourceMappingURL=no_access_permission_checks.test.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"no_access_permission_checks.test.d.ts","sourceRoot":"","sources":["../../../../src/tests/api_tests/no_access_permission_checks.test.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AAYnC;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,iCAAiC;SAAwC,OAAO;iBAAe,OAAO;mBA0TlH,CAAA"}