cojson 0.18.28 → 0.18.30

package/src/tests/group.inheritance.test.ts

@@ -1040,6 +1040,39 @@ describe("extend with role mapping", () => {
     expect(childGroupOnNode2.roleOf(node3.accountID)).toEqual("reader");
   });
 
+  test("mapping to manager should add the ability to add members", async () => {
+    const { node1, node2, node3 } = await createThreeConnectedNodes(
+      "server",
+      "server",
+      "server",
+    );
+
+    const group = node1.node.createGroup();
+    group.addMember(
+      await loadCoValueOrFail(node1.node, node2.accountID),
+      "reader",
+    );
+
+    const childGroup = node1.node.createGroup();
+    childGroup.extend(group, "manager");
+
+    expect(childGroup.roleOf(node2.accountID)).toEqual("manager");
+
+    await childGroup.core.waitForSync();
+
+    const childGroupOnNode2 = await loadCoValueOrFail(
+      node2.node,
+      childGroup.id,
+    );
+
+    childGroupOnNode2.addMember(
+      await loadCoValueOrFail(node2.node, node3.accountID),
+      "reader",
+    );
+
+    expect(childGroupOnNode2.roleOf(node3.accountID)).toEqual("reader");
+  });
+
   test("mapping to reader should remove the ability to add members", async () => {
     const { node1, node2, node3 } = await createThreeConnectedNodes(
       "server",

package/src/tests/group.invite.test.ts

@@ -8,13 +8,72 @@ import {
   setupTestNode,
   waitFor,
 } from "./testUtils.js";
+import { AccountRole } from "../permissions.js";
 
 beforeEach(async () => {
   SyncMessagesLog.clear();
   setupTestNode({ isSyncServer: true });
 });
 
+// [fromRole, toRole, canCreateInvite]
+const CAN_CREATE_INVITE_MATRIX: [AccountRole, AccountRole, boolean][] = [
+  ["admin", "admin", true],
+  ["admin", "manager", true],
+  ["admin", "writer", true],
+  ["admin", "reader", true],
+  ["admin", "writeOnly", true],
+
+  ["manager", "admin", false],
+  ["manager", "manager", false],
+  ["manager", "writer", true],
+  ["manager", "reader", true],
+  ["manager", "writeOnly", true],
+
+  ["writer", "admin", false],
+  ["writer", "manager", false],
+  ["writer", "writer", false],
+  ["writer", "reader", false],
+  ["writer", "writeOnly", false],
+
+  ["reader", "admin", false],
+  ["reader", "manager", false],
+  ["reader", "writer", false],
+  ["reader", "reader", false],
+  ["reader", "writeOnly", false],
+
+  ["writeOnly", "admin", false],
+  ["writeOnly", "manager", false],
+  ["writeOnly", "writer", false],
+  ["writeOnly", "reader", false],
+  ["writeOnly", "writeOnly", false],
+];
+
 describe("Group invites", () => {
+  for (const [fromRole, toRole, canCreateInvite] of CAN_CREATE_INVITE_MATRIX) {
+    test(`${fromRole} should ${canCreateInvite ? "be able" : "not be able"} to create an invite for ${toRole}`, async () => {
+      const admin = await setupTestAccount({
+        connected: true,
+      });
+
+      const group = admin.node.createGroup();
+
+      const adminOnAdminNode = await loadCoValueOrFail(
+        admin.node,
+        admin.accountID,
+      );
+
+      group.addMember(adminOnAdminNode, fromRole);
+
+      if (canCreateInvite) {
+        expect(group.createInvite(toRole)).toBeDefined();
+      } else {
+        expect(() => {
+          group.createInvite(toRole);
+        }).toThrow(`Failed to set role ${toRole}Invite to`);
+      }
+    });
+  }
+
   test("should be able to accept a reader invite", async () => {
     const admin = await setupTestAccount({
       connected: true,
@@ -193,6 +252,64 @@ describe("Group invites", () => {
     });
   });
 
+  test("should be able to accept a manager invite", async () => {
+    const admin = await setupTestAccount({
+      connected: true,
+    });
+
+    const newMember = await setupTestAccount({
+      connected: true,
+    });
+
+    const group = admin.node.createGroup();
+
+    const person = group.createMap({
+      name: "John Doe",
+    });
+
+    const inviteSecret = group.createInvite("manager");
+
+    const personOnNewMemberNode = await loadCoValueOrFail(
+      newMember.node,
+      person.id,
+    );
+    expect(personOnNewMemberNode.get("name")).toEqual(undefined);
+
+    await newMember.node.acceptInvite(group.id, inviteSecret);
+
+    await waitFor(() => {
+      expect(
+        expectMap(personOnNewMemberNode.core.getCurrentContent()).get("name"),
+      ).toEqual("John Doe");
+    });
+
+    const groupOnNewMemberNode = await loadCoValueOrFail(
+      newMember.node,
+      group.id,
+    );
+
+    expect(groupOnNewMemberNode.roleOf(newMember.accountID)).toEqual("manager");
+
+    // Verify admin access by adding another member
+    const reader = await setupTestAccount({
+      connected: true,
+    });
+
+    const readerOnNewMemberNode = await loadCoValueOrFail(
+      newMember.node,
+      reader.accountID,
+    );
+    groupOnNewMemberNode.addMember(readerOnNewMemberNode, "reader");
+
+    const personOnReaderNode = await loadCoValueOrFail(reader.node, person.id);
+
+    await waitFor(() => {
+      expect(
+        expectMap(personOnReaderNode.core.getCurrentContent()).get("name"),
+      ).toEqual("John Doe");
+    });
+  });
+
   test("should not be able to accept an invite twice", async () => {
     const admin = await setupTestAccount({
       connected: true,

package/src/tests/group.removeMember.test.ts

@@ -8,6 +8,7 @@ import {
   setupTestNode,
   waitFor,
 } from "./testUtils.js";
+import { expectGroup } from "../typeUtils/expectGroup.js";
 
 setCoValueLoadingRetryDelay(10);
 
@@ -78,9 +79,15 @@ describe("Group.removeMember", () => {
     expect(mapOnAliceNode.get("test")).toEqual("test");
   });
 
-  for (const member of ["writer", "reader", "writeOnly", "admin"] as const) {
+  for (const member of [
+    "writer",
+    "reader",
+    "writeOnly",
+    "manager",
+    "admin",
+  ] as const) {
     test(`${member} member should be able to revoke themselves`, async () => {
-      const admin = await setupTestAccount({
+      const superAdmin = await setupTestAccount({
         connected: true,
       });
 
@@ -88,9 +95,9 @@ describe("Group.removeMember", () => {
         connected: true,
       });
 
-      const group = admin.node.createGroup();
+      const group = superAdmin.node.createGroup();
       group.addMember(
-        await loadCoValueOrFail(admin.node, client.accountID),
+        await loadCoValueOrFail(superAdmin.node, client.accountID),
         member,
       );
 
@@ -116,6 +123,10 @@ describe("Group.removeMember", () => {
         connected: true,
       });
 
+      const manager = await setupTestAccount({
+        connected: true,
+      });
+
       const writer = await setupTestAccount({
         connected: true,
       });
@@ -133,6 +144,10 @@ describe("Group.removeMember", () => {
       });
 
       const group = admin.node.createGroup();
+      group.addMember(
+        await loadCoValueOrFail(admin.node, manager.accountID),
+        "manager",
+      );
       group.addMember(
         await loadCoValueOrFail(admin.node, writer.accountID),
         "writer",
@@ -152,23 +167,50 @@ describe("Group.removeMember", () => {
 
       const loadedGroup = await loadCoValueOrFail(client.node, group.id);
 
+      // expect(async () => {
       loadedGroup.removeMember(
         await loadCoValueOrFail(client.node, reader.accountID),
       );
+      // }).rejects.toThrow(
+      //   `Failed to revoke role to ${reader.accountID} (role of current account is ${member})`,
+      // );
+
+      // expect(async () => {
       loadedGroup.removeMember(
         await loadCoValueOrFail(client.node, writeOnly.accountID),
       );
+      // }).rejects.toThrow(
+      //   `Failed to revoke role to ${writeOnly.accountID} (role of current account is ${member})`,
+      // );
+
+      // expect(async () => {
       loadedGroup.removeMember(
         await loadCoValueOrFail(client.node, writer.accountID),
       );
+      // }).rejects.toThrow(
+      //   `Failed to revoke role to ${writer.accountID} (role of current account is ${member})`,
+      // );
+
+      // expect(async () => {
       loadedGroup.removeMember(
         await loadCoValueOrFail(client.node, admin.accountID),
       );
+      // }).rejects.toThrow(
+      //   `Failed to revoke role to ${admin.accountID} (role of current account is ${member})`,
+      // );
 
+      // expect(async () => {
+      loadedGroup.removeMember(
+        await loadCoValueOrFail(client.node, manager.accountID),
+      );
+      // }).rejects.toThrow(
+      //   `Failed to revoke role to ${manager.accountID} (role of current account is ${member})`,
+      // );
       expect(loadedGroup.roleOf(reader.accountID)).toEqual("reader");
       expect(loadedGroup.roleOf(writer.accountID)).toEqual("writer");
       expect(loadedGroup.roleOf(writeOnly.accountID)).toEqual("writeOnly");
       expect(loadedGroup.roleOf(admin.accountID)).toEqual("admin");
+      expect(loadedGroup.roleOf(manager.accountID)).toEqual("manager");
 
       await loadedGroup.core.waitForSync();
 
@@ -184,6 +226,9 @@ describe("Group.removeMember", () => {
       expect((await loadCoValueOrFail(admin.node, group.id)).myRole()).toEqual(
         "admin",
       );
+      expect(
+        (await loadCoValueOrFail(manager.node, group.id)).myRole(),
+      ).toEqual("manager");
     });
   }
 
@@ -203,11 +248,17 @@ describe("Group.removeMember", () => {
     );
 
     const loadedGroup = await loadCoValueOrFail(client.node, group.id);
-
-    loadedGroup.removeMember(
-      await loadCoValueOrFail(client.node, admin.accountID),
+    const adminOnClientNode = await loadCoValueOrFail(
+      client.node,
+      admin.accountID,
     );
 
+    // expect(() => {
+    loadedGroup.removeMember(adminOnClientNode);
+    // }).toThrow(
+    //   `Failed to revoke role to ${admin.accountID} (role of current account is admin)`,
+    // );
+
     expect(loadedGroup.roleOf(admin.accountID)).toEqual("admin");
 
     await loadedGroup.core.waitForSync();
@@ -217,6 +268,38 @@ describe("Group.removeMember", () => {
     );
   });
 
+  test(`managers can remove other managers`, async () => {
+    const admin = await setupTestAccount({
+      connected: true,
+    });
+
+    const client = await setupTestAccount({
+      connected: true,
+    });
+
+    const group = admin.node.createGroup();
+    // downgrade admin to manager
+    group.addMember(
+      await loadCoValueOrFail(admin.node, admin.accountID),
+      "manager",
+    );
+    group.addMember(
+      await loadCoValueOrFail(admin.node, client.accountID),
+      "manager",
+    );
+
+    const loadedGroup = await loadCoValueOrFail(client.node, group.id);
+
+    const adminOnClientNode = await loadCoValueOrFail(
+      client.node,
+      admin.accountID,
+    );
+
+    loadedGroup.removeMember(adminOnClientNode);
+
+    expect(loadedGroup.roleOf(admin.accountID)).toEqual(undefined);
+  });
+
   test("removing a member when inheriting a group where the user lacks read rights", async () => {
     const admin = await setupTestAccount({
       connected: true,
@@ -318,7 +401,7 @@ describe("Group.removeMember", () => {
 
     const group = admin.node.createGroup();
 
-    const childGroup = bob.node.createGroup();
+    let childGroup = bob.node.createGroup();
     group.addMember(bobOnAdminNode, "reader");
     group.addMember(aliceOnAdminNode, "reader");
 
@@ -331,9 +414,12 @@ describe("Group.removeMember", () => {
     group.removeMember(aliceOnAdminNode);
 
     // Rotating the child group keys is async when the child group is not loaded
-    await admin.node.getCoValue(childGroup.id).waitForAvailableOrUnavailable();
     await admin.node.syncManager.waitForAllCoValuesSync();
 
+    // Reload the group the trigger the loading checks
+    childGroup.core.resetParsedTransactions();
+    childGroup = expectGroup(childGroup.core.getCurrentContent());
+
     const map = childGroup.createMap();
     map.set("test", "Not readable by alice");
 

package/src/tests/group.roleOf.test.ts

@@ -8,6 +8,7 @@ import {
   randomAgentAndSessionID,
   waitFor,
 } from "./testUtils";
+import { expectMap } from "../coValue";
 
 describe("roleOf", () => {
   test("returns direct role assignments", () => {
@@ -326,7 +327,11 @@ describe("roleOf", () => {
       mapOnNode2.set("test", "Updated after the downgrade");
 
       expect(mapOnNode2.get("test")).toEqual("Written from everyone");
-      expect(mapOnNode2.get("fromAdmin")).toEqual("Written from admin");
+
+      await waitFor(async () => {
+        const updatedMap = expectMap(mapOnNode2.core.getCurrentContent());
+        expect(updatedMap.get("fromAdmin")).toEqual("Written from admin");
+      });
     });
 
     test("switching from everyone writeOnly to writer", async () => {
@@ -347,7 +352,7 @@ describe("roleOf", () => {
 
       expect(groupOnNode2.myRole()).toEqual("writeOnly");
 
-      const mapOnNode2 = await loadCoValueOrFail(node2.node, map.id);
+      let mapOnNode2 = await loadCoValueOrFail(node2.node, map.id);
 
       expect(mapOnNode2.get("test")).toEqual(undefined);
 
@@ -360,12 +365,19 @@ describe("roleOf", () => {
 
       group.addMember("everyone", "writer");
 
-      await group.core.waitForSync();
+      await waitFor(async () => {
+        expect(groupOnNode2.core.knownState()).toEqual(group.core.knownState());
+      });
 
       mapOnNode2.set("test", "Updated after the upgrade");
 
       expect(mapOnNode2.get("test")).toEqual("Updated after the upgrade");
-      expect(mapOnNode2.get("fromAdmin")).toEqual("Written from admin");
+
+      await waitFor(async () => {
+        const updatedMap = expectMap(mapOnNode2.core.getCurrentContent());
+        // Get the new content after the invalidation caused by group update
+        expect(updatedMap.get("fromAdmin")).toEqual("Written from admin");
+      });
     });
 
     test("adding a reader member after writeOnly", async () => {