not-node 5.1.44 → 6.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/.eslintrc.json +32 -38
  2. package/index.js +6 -0
  3. package/package.json +12 -11
  4. package/src/app.js +2 -2
  5. package/src/auth/index.js +0 -2
  6. package/src/auth/routes.js +25 -61
  7. package/src/auth/rules.js +8 -7
  8. package/src/common.js +19 -0
  9. package/src/identity/exceptions.js +17 -0
  10. package/src/identity/identity.js +61 -0
  11. package/src/identity/index.js +35 -0
  12. package/src/identity/providers/session.js +137 -0
  13. package/src/identity/providers/token.js +255 -0
  14. package/src/manifest/result.filter.js +268 -0
  15. package/src/manifest/route.js +6 -36
  16. package/static2.js +24 -0
  17. package/test/auth/identity.js +0 -0
  18. package/test/auth/routes.js +1 -1
  19. package/test/auth.js +427 -229
  20. package/test/env.js +20 -20
  21. package/test/fields.js +3 -2
  22. package/test/identity/identity.js +1 -0
  23. package/test/identity/index.js +12 -0
  24. package/test/identity/providers/session.js +227 -0
  25. package/test/identity/providers/token.js +244 -0
  26. package/test/identity.js +5 -0
  27. package/test/init/app.js +359 -365
  28. package/test/init/bodyparser.js +37 -39
  29. package/test/init/compression.js +29 -31
  30. package/test/init/cors.js +38 -39
  31. package/test/init/db.js +60 -64
  32. package/test/init/env.js +109 -114
  33. package/test/init/express.js +50 -47
  34. package/test/init/fileupload.js +30 -32
  35. package/test/init/http.js +258 -240
  36. package/test/init/informer.js +20 -24
  37. package/test/init/methodoverride.js +29 -31
  38. package/test/init/middleware.js +56 -58
  39. package/test/init/modules.js +19 -19
  40. package/test/init/monitoring.js +22 -22
  41. package/test/init/routes.js +185 -171
  42. package/test/init/security.js +77 -103
  43. package/test/init/sessions/mongoose.js +56 -57
  44. package/test/init/sessions/redis.js +59 -61
  45. package/test/init/sessions.js +84 -79
  46. package/test/init/static.js +108 -113
  47. package/test/init/template.js +46 -41
  48. package/test/notInit.js +217 -217
  49. package/test/notManifest.js +232 -191
  50. package/test/notRoute.js +1022 -799
  51. package/test/result.filter.js +422 -0
  52. package/src/auth/session.js +0 -151
  53. package/test/auth/session.js +0 -266
package/test/auth.js CHANGED
@@ -1,230 +1,428 @@
1
- require('not-log')(false);
2
-
3
- const expect = require('chai').expect,
4
- auth = require('../src/auth'),
5
- HttpError = require('../src/error').Http;
6
-
7
- describe('Auth', function() {
8
-
9
- describe('intersect_safe', function() {
10
- it('a - array, b - array', function() {
11
- var res = auth.intersect_safe(['safe1', 'safe', 'unsafebutpresented'], ['unsafe','safe', 'safeguard']);
12
- expect(res).to.deep.equal(['safe']);
13
- });
14
-
15
- it('a - array, b - array with more length', function() {
16
- var res = auth.intersect_safe(['safe1', 'safe', 'unsafebutpresented'], ['unsafe','safeasdfjsdjkf','safe', 'safeguard']);
17
- expect(res).to.deep.equal(['safe']);
18
- });
19
-
20
- it('a - null, b - null', function() {
21
- var res = auth.intersect_safe(null, null);
22
- expect(res).to.deep.equal([]);
23
- });
24
-
25
- it('intersection of a and b equals empty', function() {
26
- var res = auth.intersect_safe(['safe1'], ['safe2']);
27
- expect(res).to.deep.equal([]);
28
- });
29
-
30
- it('intersection of a = b', function() {
31
- var res = auth.intersect_safe(['safe'], ['safe']);
32
- expect(res).to.deep.equal(['safe']);
33
- });
34
- });
35
-
36
-
37
- describe('compareRoles', function() {
38
- it('user - guest, action - root', function() {
39
- var res = auth.compareRoles('guest', 'root');
40
- expect(res).to.deep.equal(false);
41
- });
42
-
43
- it('user - guest, action - guest', function() {
44
- var res = auth.compareRoles('guest', 'guest');
45
- expect(res).to.deep.equal(true);
46
- });
47
-
48
- it('user - guest, action - [root, admin]', function() {
49
- var res = auth.compareRoles('guest', ['root', 'admin']);
50
- expect(res).to.deep.equal(false);
51
- });
52
-
53
- it('user - guest, action - [root, admin, guest], strict - false', function() {
54
- var res = auth.compareRoles('guest', ['root', 'admin', 'guest'], false);
55
- expect(res).to.deep.equal(true);
56
- });
57
-
58
- it('user - guest, action - [root, admin, guest], strict - true', function() {
59
- var res = auth.compareRoles('guest', ['root', 'admin', 'guest']);
60
- expect(res).to.deep.equal(false);
61
- });
62
-
63
- it('user - [user, notActivated], action - notActivated', function() {
64
- var res = auth.compareRoles(['user', 'notActivated'], 'notActivated');
65
- expect(res).to.deep.equal(true);
66
- });
67
-
68
- it('user - [user, notActivated, jailed], action - [root, manager]', function() {
69
- var res = auth.compareRoles(['user', 'notActivated', 'jailed'], ['root', 'manager']);
70
- expect(res).to.deep.equal(false);
71
- });
72
-
73
- });
74
-
75
-
76
- describe('checkCredentials', function() {
77
- const rule = {
78
- admin: true,
79
- role: 'root',
80
- auth: true
81
- };
82
- it('rule (admin, root, authentificated), auth - true, role - root, admin - true ', function() {
83
- const res = auth.checkCredentials(rule, true, 'root', true);
84
- expect(res).to.deep.equal(true);
85
- });
86
-
87
- it('rule (admin, root, authentificated), auth - true, role - root, admin - false ', function() {
88
- const res = auth.checkCredentials(rule, true, 'root', false);
89
- expect(res).to.deep.equal(false);
90
- });
91
-
92
- it('rule - empty, auth - true, role - root, admin - false ', function() {
93
- const res = auth.checkCredentials({}, true, 'root', false);
94
- expect(res).to.deep.equal(true);
95
- });
96
-
97
- it('rule - null, auth - true, role - root, admin - false ', function() {
98
- const res = auth.checkCredentials(null, true, 'root', false);
99
- expect(res).to.deep.equal(false);
100
- });
101
-
102
-
103
- it('rule - (auth), auth - true, role - root, admin - false ', function() {
104
- const res = auth.checkCredentials({auth: true}, true, 'root', false);
105
- expect(res).to.deep.equal(true);
106
- });
107
-
108
- it('rule - (role: \'notActivated\'), auth - true, role - root, admin - false ', function() {
109
- const res = auth.checkCredentials({role: 'notActivated'}, true, 'root', false);
110
- expect(res).to.deep.equal(false);
111
- });
112
-
113
- it('rule - (role: \'user\', auth), auth - true, role - user, admin - false ', function() {
114
- const res = auth.checkCredentials({role: 'user', auth: true}, true, 'user', false);
115
- expect(res).to.deep.equal(true);
116
- });
117
-
118
- it('rule - (role: \'user\', !auth), auth - false, role - user, admin - false ', function() {
119
- const res = auth.checkCredentials({role: 'user', auth: false}, false, 'user', false);
120
- expect(res).to.deep.equal(true);
121
- });
122
-
123
- it('rule - (role: \'user\'), auth - false, role - user, admin - false ', function() {
124
- const res = auth.checkCredentials({role: 'user'}, false, 'user', false);
125
- expect(res).to.deep.equal(true);
126
- });
127
-
128
- it('rule - (auth), auth - true, role - user, admin - false ', function() {
129
- const res = auth.checkCredentials({auth: true}, true, 'user', false);
130
- expect(res).to.deep.equal(true);
131
- });
132
-
133
- it('rule - (!auth), auth - false, role - user, admin - false ', function() {
134
- const res = auth.checkCredentials({auth: false}, false, 'user', false);
135
- expect(res).to.deep.equal(true);
136
- });
137
-
138
- it('rule - (auth), auth - false, role - user, admin - false ', function() {
139
- const res = auth.checkCredentials({auth: true}, false, 'user', false);
140
- expect(res).to.deep.equal(false);
141
- });
142
-
143
- it('rule - (!auth), auth - false, role - user, admin - true ', function() {
144
- const res = auth.checkCredentials({auth: false}, false, 'user', true);
145
- expect(res).to.deep.equal(true);
146
- });
147
-
148
- it('rule - (admin), auth - false, role - user, admin - true ', function() {
149
- const res = auth.checkCredentials({admin: true}, false, 'user', true);
150
- expect(res).to.deep.equal(true);
151
- });
152
-
153
- it('rule - (!auth, \'notActivated\', false), auth - false, role - notActivated, admin - false ', function() {
154
- const res = auth.checkCredentials({auth: false, role: 'notActivated'}, false, 'notActivated', false);
155
- expect(res).to.deep.equal(true);
156
- });
157
-
158
- it('rule - (!auth, \'notActivated\', undefined), auth - false, role - false, admin - false ', function() {
159
- const res = auth.checkCredentials({auth: false, role: 'notActivated'}, false, false, false);
160
- expect(res).to.deep.equal(false);
161
- });
162
-
163
- it('rule - (admin), auth - false, role - false, admin - true ', function() {
164
- const res = auth.checkCredentials({admin: true}, false, false, true);
165
- expect(res).to.deep.equal(true);
166
- });
167
- });
168
-
169
- describe('checkSupremacy', function() {
170
-
171
- it('Both undefined, order undefined', function() {
172
- let resultFunction = ()=>{ auth.checkSupremacy(undefined, 'undefined', undefined);}
173
- expect(resultFunction).to.throw();
174
- resultFunction = ()=>{ auth.checkSupremacy('undefined', undefined, undefined);}
175
- expect(resultFunction).to.throw();
176
- resultFunction = ()=>{ auth.checkSupremacy('undefined', 'undefined', undefined);}
177
- expect(resultFunction).to.throw();
178
- });
179
-
180
- it('Both undefined, order defined but not Array', function() {
181
- let resultFunction = ()=>{ auth.checkSupremacy('undefined', 'undefined', 12);}
182
- expect(resultFunction).to.throw();
183
- });
184
-
185
- it('Both undefined, order defined Array with wrong types of element', function() {
186
- let resultFunction = ()=>{ auth.checkSupremacy('undefined', 'undefined', [12]);}
187
- expect(resultFunction).to.throw();
188
- });
189
-
190
- it('Both undefined, order defined Array with wrong types of element', function() {
191
- let resultFunction = ()=>{ auth.checkSupremacy('undefined', 'undefined', [null]);}
192
- expect(resultFunction).to.throw();
193
- });
194
-
195
- it('Both undefined, order defined Array with wrong types of element', function() {
196
- let resultFunction = ()=>{ auth.checkSupremacy('undefined', 'undefined', [null]);}
197
- expect(resultFunction).to.throw();
198
- });
199
-
200
- it('Both defined, order list dont contains roles of sets', function() {
201
- expect(auth.checkSupremacy('undefined', 'undefined', ['root'])).to.be.equal(false);
202
- });
203
-
204
- it('Various situations with valid input', function() {
205
- expect(auth.checkSupremacy('undefined', 'undefined', ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(false);
206
- expect(auth.checkSupremacy('root', ['root'], ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(false);
207
- expect(auth.checkSupremacy('undefined', 'root', ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(false);
208
- expect(auth.checkSupremacy('undefined', 'guest', ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(false);
209
- expect(auth.checkSupremacy('root', ['undefined', 'manager'], ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(true);
210
- expect(auth.checkSupremacy('client', 'root', ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(false);
211
- expect(auth.checkSupremacy('client', 'client', ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(false);
212
- expect(auth.checkSupremacy('guest', 'guest', ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(false);
213
- expect(auth.checkSupremacy('guest', 'root', ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(false);
214
- expect(auth.checkSupremacy('client', ['root', 'guest'], ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(false);
215
- expect(auth.checkSupremacy('client', 'guest', ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(true);
216
- expect(auth.checkSupremacy(['admin', 'manager'], 'guest', ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(true);
217
- expect(auth.checkSupremacy(['client', 'manager'], 'client', ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(false);
218
- expect(auth.checkSupremacy(['admin'], 'root', ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(false);
219
- expect(auth.checkSupremacy('manager', 'client', ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(false);
220
- expect(auth.checkSupremacy('admin', 'client', ['root', 'admin', 'client', 'user', 'guest'])).to.be.equal(true);
221
- });
222
- });
223
-
224
- require('./auth/routes.js')({Auth: auth, HttpError, expect});
225
- require('./auth/roles.js')({Auth: auth, HttpError, expect});
226
- require('./auth/rules.js')({Auth: auth, HttpError, expect});
227
- require('./auth/session.js')({Auth: auth, HttpError, expect});
228
- require('./auth/obsolete.js')({Auth: auth, HttpError, expect});
229
- require('./auth/fields.js')({Auth: auth, HttpError, expect});
1
+ require("not-log")(false);
2
+
3
+ const expect = require("chai").expect,
4
+ auth = require("../src/auth"),
5
+ HttpError = require("../src/error").Http;
6
+
7
+ describe("Auth", function () {
8
+ describe("intersect_safe", function () {
9
+ it("a - array, b - array", function () {
10
+ var res = auth.intersect_safe(
11
+ ["safe1", "safe", "unsafebutpresented"],
12
+ ["unsafe", "safe", "safeguard"]
13
+ );
14
+ expect(res).to.deep.equal(["safe"]);
15
+ });
16
+
17
+ it("a - array, b - array with more length", function () {
18
+ var res = auth.intersect_safe(
19
+ ["safe1", "safe", "unsafebutpresented"],
20
+ ["unsafe", "safeasdfjsdjkf", "safe", "safeguard"]
21
+ );
22
+ expect(res).to.deep.equal(["safe"]);
23
+ });
24
+
25
+ it("a - null, b - null", function () {
26
+ var res = auth.intersect_safe(null, null);
27
+ expect(res).to.deep.equal([]);
28
+ });
29
+
30
+ it("intersection of a and b equals empty", function () {
31
+ var res = auth.intersect_safe(["safe1"], ["safe2"]);
32
+ expect(res).to.deep.equal([]);
33
+ });
34
+
35
+ it("intersection of a = b", function () {
36
+ var res = auth.intersect_safe(["safe"], ["safe"]);
37
+ expect(res).to.deep.equal(["safe"]);
38
+ });
39
+ });
40
+
41
+ describe("compareRoles", function () {
42
+ it("user - guest, action - root", function () {
43
+ var res = auth.compareRoles("guest", "root");
44
+ expect(res).to.deep.equal(false);
45
+ });
46
+
47
+ it("user - guest, action - guest", function () {
48
+ var res = auth.compareRoles("guest", "guest");
49
+ expect(res).to.deep.equal(true);
50
+ });
51
+
52
+ it("user - guest, action - [root, admin]", function () {
53
+ var res = auth.compareRoles("guest", ["root", "admin"]);
54
+ expect(res).to.deep.equal(false);
55
+ });
56
+
57
+ it("user - guest, action - [root, admin, guest], strict - false", function () {
58
+ var res = auth.compareRoles(
59
+ "guest",
60
+ ["root", "admin", "guest"],
61
+ false
62
+ );
63
+ expect(res).to.deep.equal(true);
64
+ });
65
+
66
+ it("user - guest, action - [root, admin, guest], strict - true", function () {
67
+ var res = auth.compareRoles("guest", ["root", "admin", "guest"]);
68
+ expect(res).to.deep.equal(false);
69
+ });
70
+
71
+ it("user - [user, notActivated], action - notActivated", function () {
72
+ var res = auth.compareRoles(
73
+ ["user", "notActivated"],
74
+ "notActivated"
75
+ );
76
+ expect(res).to.deep.equal(true);
77
+ });
78
+
79
+ it("user - [user, notActivated, jailed], action - [root, manager]", function () {
80
+ var res = auth.compareRoles(
81
+ ["user", "notActivated", "jailed"],
82
+ ["root", "manager"]
83
+ );
84
+ expect(res).to.deep.equal(false);
85
+ });
86
+ });
87
+
88
+ describe("checkCredentials", function () {
89
+ const rule = {
90
+ admin: true,
91
+ role: "root",
92
+ auth: true,
93
+ };
94
+ it("rule (admin, root, authentificated), auth - true, role - root, admin - true ", function () {
95
+ const res = auth.checkCredentials(rule, true, "root", true);
96
+ expect(res).to.deep.equal(true);
97
+ });
98
+
99
+ it("rule (admin, root, authentificated), auth - true, role - root, admin - false ", function () {
100
+ const res = auth.checkCredentials(rule, true, "root", false);
101
+ expect(res).to.deep.equal(false);
102
+ });
103
+
104
+ it("rule - empty, auth - true, role - root, admin - false ", function () {
105
+ const res = auth.checkCredentials({}, true, "root", false);
106
+ expect(res).to.deep.equal(true);
107
+ });
108
+
109
+ it("rule - null, auth - true, role - root, admin - false ", function () {
110
+ const res = auth.checkCredentials(null, true, "root", false);
111
+ expect(res).to.deep.equal(false);
112
+ });
113
+
114
+ it("rule - (auth), auth - true, role - root, admin - false ", function () {
115
+ const res = auth.checkCredentials(
116
+ { auth: true },
117
+ true,
118
+ "root",
119
+ false
120
+ );
121
+ expect(res).to.deep.equal(true);
122
+ });
123
+
124
+ it("rule - (role: 'notActivated'), auth - true, role - root, admin - false ", function () {
125
+ const res = auth.checkCredentials(
126
+ { role: "notActivated" },
127
+ true,
128
+ "root",
129
+ false
130
+ );
131
+ expect(res).to.deep.equal(false);
132
+ });
133
+
134
+ it("rule - (role: 'user', auth), auth - true, role - user, admin - false ", function () {
135
+ const res = auth.checkCredentials(
136
+ { role: "user", auth: true },
137
+ true,
138
+ "user",
139
+ false
140
+ );
141
+ expect(res).to.deep.equal(true);
142
+ });
143
+
144
+ it("rule - (role: 'user', !auth), auth - false, role - user, admin - false ", function () {
145
+ const res = auth.checkCredentials(
146
+ { role: "user", auth: false },
147
+ false,
148
+ "user",
149
+ false
150
+ );
151
+ expect(res).to.deep.equal(true);
152
+ });
153
+
154
+ it("rule - (role: 'user'), auth - false, role - user, admin - false ", function () {
155
+ const res = auth.checkCredentials(
156
+ { role: "user" },
157
+ false,
158
+ "user",
159
+ false
160
+ );
161
+ expect(res).to.deep.equal(true);
162
+ });
163
+
164
+ it("rule - (auth), auth - true, role - user, admin - false ", function () {
165
+ const res = auth.checkCredentials(
166
+ { auth: true },
167
+ true,
168
+ "user",
169
+ false
170
+ );
171
+ expect(res).to.deep.equal(true);
172
+ });
173
+
174
+ it("rule - (!auth), auth - false, role - user, admin - false ", function () {
175
+ const res = auth.checkCredentials(
176
+ { auth: false },
177
+ false,
178
+ "user",
179
+ false
180
+ );
181
+ expect(res).to.deep.equal(true);
182
+ });
183
+
184
+ it("rule - (auth), auth - false, role - user, admin - false ", function () {
185
+ const res = auth.checkCredentials(
186
+ { auth: true },
187
+ false,
188
+ "user",
189
+ false
190
+ );
191
+ expect(res).to.deep.equal(false);
192
+ });
193
+
194
+ it("rule - (!auth), auth - false, role - user, admin - true ", function () {
195
+ const res = auth.checkCredentials(
196
+ { auth: false },
197
+ false,
198
+ "user",
199
+ true
200
+ );
201
+ expect(res).to.deep.equal(true);
202
+ });
203
+
204
+ it("rule - (admin), auth - false, role - user, admin - true ", function () {
205
+ const res = auth.checkCredentials(
206
+ { admin: true },
207
+ false,
208
+ "user",
209
+ true
210
+ );
211
+ expect(res).to.deep.equal(true);
212
+ });
213
+
214
+ it("rule - (!auth, 'notActivated', false), auth - false, role - notActivated, admin - false ", function () {
215
+ const res = auth.checkCredentials(
216
+ { auth: false, role: "notActivated" },
217
+ false,
218
+ "notActivated",
219
+ false
220
+ );
221
+ expect(res).to.deep.equal(true);
222
+ });
223
+
224
+ it("rule - (!auth, 'notActivated', undefined), auth - false, role - false, admin - false ", function () {
225
+ const res = auth.checkCredentials(
226
+ { auth: false, role: "notActivated" },
227
+ false,
228
+ false,
229
+ false
230
+ );
231
+ expect(res).to.deep.equal(false);
232
+ });
233
+
234
+ it("rule - (admin), auth - false, role - false, admin - true ", function () {
235
+ const res = auth.checkCredentials(
236
+ { admin: true },
237
+ false,
238
+ false,
239
+ true
240
+ );
241
+ expect(res).to.deep.equal(true);
242
+ });
243
+ });
244
+
245
+ describe("checkSupremacy", function () {
246
+ it("Both undefined, order undefined", function () {
247
+ let resultFunction = () => {
248
+ auth.checkSupremacy(undefined, "undefined", undefined);
249
+ };
250
+ expect(resultFunction).to.throw();
251
+ resultFunction = () => {
252
+ auth.checkSupremacy("undefined", undefined, undefined);
253
+ };
254
+ expect(resultFunction).to.throw();
255
+ resultFunction = () => {
256
+ auth.checkSupremacy("undefined", "undefined", undefined);
257
+ };
258
+ expect(resultFunction).to.throw();
259
+ });
260
+
261
+ it("Both undefined, order defined but not Array", function () {
262
+ let resultFunction = () => {
263
+ auth.checkSupremacy("undefined", "undefined", 12);
264
+ };
265
+ expect(resultFunction).to.throw();
266
+ });
267
+
268
+ it("Both undefined, order defined Array with wrong types of element", function () {
269
+ let resultFunction = () => {
270
+ auth.checkSupremacy("undefined", "undefined", [null]);
271
+ };
272
+ expect(resultFunction).to.throw();
273
+ });
274
+
275
+ it("Both defined, order list dont contains roles of sets", function () {
276
+ expect(
277
+ auth.checkSupremacy("undefined", "undefined", ["root"])
278
+ ).to.be.equal(false);
279
+ });
280
+
281
+ it("Various situations with valid input", function () {
282
+ expect(
283
+ auth.checkSupremacy("undefined", "undefined", [
284
+ "root",
285
+ "admin",
286
+ "client",
287
+ "user",
288
+ "guest",
289
+ ])
290
+ ).to.be.equal(false);
291
+ expect(
292
+ auth.checkSupremacy(
293
+ "root",
294
+ ["root"],
295
+ ["root", "admin", "client", "user", "guest"]
296
+ )
297
+ ).to.be.equal(false);
298
+ expect(
299
+ auth.checkSupremacy("undefined", "root", [
300
+ "root",
301
+ "admin",
302
+ "client",
303
+ "user",
304
+ "guest",
305
+ ])
306
+ ).to.be.equal(false);
307
+ expect(
308
+ auth.checkSupremacy("undefined", "guest", [
309
+ "root",
310
+ "admin",
311
+ "client",
312
+ "user",
313
+ "guest",
314
+ ])
315
+ ).to.be.equal(false);
316
+ expect(
317
+ auth.checkSupremacy(
318
+ "root",
319
+ ["undefined", "manager"],
320
+ ["root", "admin", "client", "user", "guest"]
321
+ )
322
+ ).to.be.equal(true);
323
+ expect(
324
+ auth.checkSupremacy("client", "root", [
325
+ "root",
326
+ "admin",
327
+ "client",
328
+ "user",
329
+ "guest",
330
+ ])
331
+ ).to.be.equal(false);
332
+ expect(
333
+ auth.checkSupremacy("client", "client", [
334
+ "root",
335
+ "admin",
336
+ "client",
337
+ "user",
338
+ "guest",
339
+ ])
340
+ ).to.be.equal(false);
341
+ expect(
342
+ auth.checkSupremacy("guest", "guest", [
343
+ "root",
344
+ "admin",
345
+ "client",
346
+ "user",
347
+ "guest",
348
+ ])
349
+ ).to.be.equal(false);
350
+ expect(
351
+ auth.checkSupremacy("guest", "root", [
352
+ "root",
353
+ "admin",
354
+ "client",
355
+ "user",
356
+ "guest",
357
+ ])
358
+ ).to.be.equal(false);
359
+ expect(
360
+ auth.checkSupremacy(
361
+ "client",
362
+ ["root", "guest"],
363
+ ["root", "admin", "client", "user", "guest"]
364
+ )
365
+ ).to.be.equal(false);
366
+ expect(
367
+ auth.checkSupremacy("client", "guest", [
368
+ "root",
369
+ "admin",
370
+ "client",
371
+ "user",
372
+ "guest",
373
+ ])
374
+ ).to.be.equal(true);
375
+ expect(
376
+ auth.checkSupremacy(["admin", "manager"], "guest", [
377
+ "root",
378
+ "admin",
379
+ "client",
380
+ "user",
381
+ "guest",
382
+ ])
383
+ ).to.be.equal(true);
384
+ expect(
385
+ auth.checkSupremacy(["client", "manager"], "client", [
386
+ "root",
387
+ "admin",
388
+ "client",
389
+ "user",
390
+ "guest",
391
+ ])
392
+ ).to.be.equal(false);
393
+ expect(
394
+ auth.checkSupremacy(["admin"], "root", [
395
+ "root",
396
+ "admin",
397
+ "client",
398
+ "user",
399
+ "guest",
400
+ ])
401
+ ).to.be.equal(false);
402
+ expect(
403
+ auth.checkSupremacy("manager", "client", [
404
+ "root",
405
+ "admin",
406
+ "client",
407
+ "user",
408
+ "guest",
409
+ ])
410
+ ).to.be.equal(false);
411
+ expect(
412
+ auth.checkSupremacy("admin", "client", [
413
+ "root",
414
+ "admin",
415
+ "client",
416
+ "user",
417
+ "guest",
418
+ ])
419
+ ).to.be.equal(true);
420
+ });
421
+ });
422
+
423
+ require("./auth/routes.js")({ Auth: auth, HttpError, expect });
424
+ require("./auth/roles.js")({ Auth: auth, HttpError, expect });
425
+ require("./auth/rules.js")({ Auth: auth, HttpError, expect });
426
+ require("./auth/obsolete.js")({ Auth: auth, HttpError, expect });
427
+ require("./auth/fields.js")({ Auth: auth, HttpError, expect });
230
428
  });