npm - not-node - Versions diffs - 6.5.6 → 6.5.8 - Mend

not-node 6.5.6 → 6.5.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/package.json +1 -1
package/src/generic/field._data.js +1 -1
package/src/generic/field.js +3 -3
package/src/identity/index.js +12 -8
package/src/manifest/manifest.filter.js +94 -72
package/src/manifest/route.js +15 -7
package/test/fakes.js +21 -0
package/test/notManifest.js +12 -10
package/test/notManifestFilter.js +109 -118
package/test/notRoute.js +13 -10

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "not-node",
-	"version": "6.5.6",
+	"version": "6.5.8",
 	"description": "node complimentary part for client side notFramework.",
 	"main": "index.js",
 	"scripts": {

package/src/generic/field._data.js CHANGED Viewed

@@ -22,7 +22,7 @@ const initGenericDataForm = ({
         });
         const App = getApp();
         App.getModule(MODULE_NAME).setFormConstructor(formName, cls);
-        App.getModule(MODULE_NAME).setForm(formName, new cls(App));
+        App.getModule(MODULE_NAME).setForm(formName, new cls({ app: App }));
         return true;
     } catch (e) {
         getApp().logger.error(e);

package/src/generic/field.js CHANGED Viewed

@@ -2,13 +2,13 @@ const getApp = require("../getApp");
 const genericDataField = require("./field._data");
 const Form = require("../form/form");
-const initGenericDataField = (
+const initGenericDataField = ({
     MODULE_NAME,
     MODEL_NAME,
     actionName = "_data",
     validators = [],
-    afterExtract = async (input /*, req = null*/) => input
-) => {
+    afterExtract = async (input /*, req = null*/) => input,
+}) => {
     //not-module//modelName._data
     const fieldGenericPath = Form.createPath(
         MODULE_NAME,

package/src/identity/index.js CHANGED Viewed

@@ -12,13 +12,7 @@ module.exports = class notAppIdentity {
         return this.#identity;
     }
-    /**
-     *  Collects various authentification and authorization data from request object
-     *  @param {import('../types').notNodeExpressRequest}  req       ExpressRequest
-     *  @return {import('../types').notAppIdentityData}  various authentification data for actor { root:boolean, auth: boolean, role: [string], uid: ObjectId, sid: string, ip:string }
-     */
-    static extractAuthData(req) {
-        const identity = this.#identity.of(req);
+    static identityToAuthData(identity, req) {
         return {
             root: identity.isRoot(),
             admin: identity.isAdmin(),
@@ -27,11 +21,21 @@ module.exports = class notAppIdentity {
             primaryRole: identity.getPrimaryRole(),
             uid: identity.getUserId(),
             sid: identity.getSessionId(),
-            ip: getIP(req),
+            ip: req ? getIP(req) : undefined,
             provider: identity.constructor.name,
         };
     }
+    /**
+     *  Collects various authentification and authorization data from request object
+     *  @param {import('../types').notNodeExpressRequest}  req       ExpressRequest
+     *  @return {import('../types').notAppIdentityData}  various authentification data for actor { root:boolean, auth: boolean, role: [string], uid: ObjectId, sid: string, ip:string }
+     */
+    static extractAuthData(req) {
+        const identity = this.#identity.of(req);
+        return this.identityToAuthData(identity, req);
+    }
     /**
      *
      * @param    {import('../types').notNodeExpressRequest}     req

package/src/manifest/manifest.filter.js CHANGED Viewed

@@ -45,17 +45,17 @@ module.exports = class notManifestFilter {
             if (!route.actions[actionName]) {
                 continue;
             }
-            let actionSet = route.actions[actionName];
-            notManifestFilter.filterRouteAction(
-                actionName,
-                actionSet,
+            const resultActionData = notManifestFilter.filterRouteAction(
+                route.actions[actionName],
                 auth,
                 role,
                 root,
-                result,
                 modelName,
                 moduleName
             );
+            if (resultActionData) {
+                result.actions[actionName] = resultActionData;
+            }
         }
         return result;
     }
@@ -64,22 +64,18 @@ module.exports = class notManifestFilter {
      *
      *
      * @static
-     * @param {string}                              actionName
      * @param {import('../types').notActionData}    actionSet
      * @param {boolean}                             auth
      * @param {Array<string>}                       role
      * @param {boolean}                             root
-     * @param {any}                                 result
      * @param {string}                              [modelName=""]
      * @param {string}                              [moduleName=""]
      */
     static filterRouteAction(
-        actionName,
         actionSet,
         auth,
         role,
         root,
-        result,
         modelName = "",
         moduleName = ""
     ) {
@@ -88,31 +84,8 @@ module.exports = class notManifestFilter {
                 if (
                     Auth.checkCredentials(actionSet.rules[i], auth, role, root)
                 ) {
-                    result.actions[actionName] =
-                        notManifestFilter.clearActionFromRules(
-                            actionSet,
-                            actionSet.rules[i],
-                            {
-                                auth,
-                                role,
-                                root,
-                                modelName,
-                                moduleName,
-                                actionSignature:
-                                    notManifestFilter.detectActionSignature(
-                                        actionSet
-                                    ),
-                            }
-                        );
-                    break;
-                }
-            }
-        } else {
-            if (Auth.checkCredentials(actionSet, auth, role, root)) {
-                result.actions[actionName] =
-                    notManifestFilter.clearActionFromRules(
+                    return notManifestFilter.clearActionFromRules(
                         actionSet,
-                        undefined,
                         {
                             auth,
                             role,
@@ -123,10 +96,29 @@ module.exports = class notManifestFilter {
                                 notManifestFilter.detectActionSignature(
                                     actionSet
                                 ),
-                        }
+                        },
+                        actionSet.rules[i]
                     );
+                }
+            }
+        } else {
+            if (Auth.checkCredentials(actionSet, auth, role, root)) {
+                return notManifestFilter.clearActionFromRules(
+                    actionSet,
+                    {
+                        auth,
+                        role,
+                        root,
+                        modelName,
+                        moduleName,
+                        actionSignature:
+                            notManifestFilter.detectActionSignature(actionSet),
+                    },
+                    undefined
+                );
             }
         }
+        return undefined;
     }
     /**
@@ -143,7 +135,7 @@ module.exports = class notManifestFilter {
      **/
     static filter(manifest, auth, role, root, moduleName = "") {
-        var result = {};
+        const result = {};
         for (let routeName in manifest) {
             let routeMan = notManifestFilter.filterRoute(
                 manifest[routeName],
@@ -223,14 +215,11 @@ module.exports = class notManifestFilter {
             switch (action?.method?.toLocaleLowerCase()) {
                 case "get":
                     return Auth.ACTION_SIGNATURES.READ;
                 case "post":
                 case "patch":
                     return Auth.ACTION_SIGNATURES.UPDATE;
                 case "put":
                     return Auth.ACTION_SIGNATURES.CREATE;
                 case "delete":
                     return Auth.ACTION_SIGNATURES.DELETE;
@@ -274,10 +263,50 @@ module.exports = class notManifestFilter {
         return returnSet;
     }
+    static filterFieldsPropOfActionRule(
+        actionRule,
+        { modelSchema, modelName, ruleSet, actionSignature, role, auth, root }
+    ) {
+        const fields = notManifestFilter.ruleSetHasFieldsDirective(ruleSet)
+            ? [...ruleSet.fields]
+            : DEFAULT_FIELDS_SET;
+        actionRule.fields = notFieldsFilter.filter(fields, modelSchema, {
+            action: actionSignature,
+            roles: role,
+            auth,
+            root,
+            modelName,
+        });
+        //remove fields property if list is empty
+        if (actionRule.fields.length == 0) {
+            delete actionRule.fields;
+        }
+    }
+    static filterReturnPropOfActionRule(
+        actionRule,
+        { modelSchema, modelName, ruleSet, actionSignature, role, auth, root }
+    ) {
+        if (ruleSet && ruleSet.return) {
+            actionRule.return = notManifestFilter.filterReturnSet(
+                ruleSet.return,
+                modelSchema,
+                {
+                    auth,
+                    role,
+                    root,
+                    modelName,
+                    actionSignature,
+                }
+            );
+        }
+    }
     /**
      *  Clear action definition from rules of access
      *  @param      {object}                action   action data
-     *  @param      {object}                [ruleSet] specific set of rules for this action
      *  @param      {object}                mods specific set of rules for this action
      *  @param      {boolean}               mods.auth
      *  @param      {boolean}               mods.root
@@ -285,11 +314,11 @@ module.exports = class notManifestFilter {
      *  @param      {string}                mods.modelName
      *  @param      {string}                mods.moduleName
      *  @param      {string|undefined}      mods.actionSignature    create/read/update/delete
+     *  @param      {object}                [ruleSet] specific set of rules for this action
      *  @return     {object}               clean action data
      **/
     static clearActionFromRules(
         action,
-        ruleSet = null,
         {
             auth = false,
             role = [Auth.DEFAULT_USER_ROLE_FOR_GUEST],
@@ -304,46 +333,39 @@ module.exports = class notManifestFilter {
             modelName: "",
             moduleName: "",
             actionSignature: undefined,
-        }
+        },
+        ruleSet = null
     ) {
-        let copy = merge({}, action);
-        notManifestFilter.clearFromDirtyFields(copy);
+        //full copy
+        const actionRule = merge({}, action);
+        //removes server side or secret information (full list of access rules)
+        notManifestFilter.clearFromDirtyFields(actionRule);
+        //retrives model schema
+        const fullModelName = this.composeFullModelName(moduleName, modelName);
+        const modelSchema = this.loadSchema(fullModelName);
         //copy fields list from rule to action if it exists
         //fields list is used to restrict fields of data that could be accessed via
         //this action
-        const fullModelName = this.composeFullModelName(moduleName, modelName);
-        const modelSchema = this.loadSchema(fullModelName);
-        const fields = notManifestFilter.ruleSetHasFieldsDirective(ruleSet)
-            ? [...ruleSet.fields]
-            : DEFAULT_FIELDS_SET;
-        copy.fields = notFieldsFilter.filter(fields, modelSchema, {
-            action: actionSignature,
-            roles: role,
+        this.filterFieldsPropOfActionRule(actionRule, {
+            modelName,
+            modelSchema,
+            ruleSet,
+            actionSignature,
+            role,
             auth,
             root,
+        });
+        //
+        this.filterReturnPropOfActionRule(actionRule, {
             modelName,
+            modelSchema,
+            ruleSet,
+            actionSignature,
+            role,
+            auth,
+            root,
         });
-        //remove fields property if list is empty
-        if (copy.fields.length == 0) {
-            delete copy.fields;
-        }
-        if (ruleSet && ruleSet.return) {
-            copy.return = notManifestFilter.filterReturnSet(
-                ruleSet.return,
-                modelSchema,
-                {
-                    auth,
-                    role,
-                    root,
-                    modelName,
-                    moduleName,
-                    actionSignature,
-                }
-            );
-        }
-        return copy;
+        return actionRule;
     }
     /**

package/src/manifest/route.js CHANGED Viewed

@@ -80,10 +80,9 @@ class notRoute {
      *	@param	{import('../types').notNodeExpressRequest}	req 	Express Request Object
      *	@return	{import('../types').notRouteRule | null}	rule or null
      */
-    selectRule(req) {
-        const user = notAppIdentity.extractAuthData(req);
+    selectRule(identity) {
         if (this.actionData) {
-            return notRoute.actionAvailableByRule(this.actionData, user);
+            return notRoute.actionAvailableByRule(this.actionData, identity);
         }
         return null;
     }
@@ -107,7 +106,15 @@ class notRoute {
      * @return {import('../types').notRouteData}
      * @memberof notRoute
      */
-    createRequestRouteData(actionName, rule) {
+    createRequestRouteData(actionName, rule, identity) {
+        const actionRule = notManifestFilter.filterRouteAction(
+            this.actionData,
+            identity.auth,
+            identity.role,
+            identity.root,
+            this.routeName,
+            this.moduleName
+        );
         return {
             actionName,
             modelName: this.routeName,
@@ -116,7 +123,7 @@ class notRoute {
                 this.routeName
             )}`,
             rule: copyObj(rule),
-            actionData: copyObj(this.actionData),
+            actionData: actionRule,
             actionSignature: notManifestFilter.detectActionSignature(
                 this.actionData
             ),
@@ -132,7 +139,8 @@ class notRoute {
      **/
     exec(req, res, next) {
         try {
-            let rule = this.selectRule(req);
+            const identity = notAppIdentity.extractAuthData(req);
+            const rule = this.selectRule(identity);
             if (!rule) {
                 return next(
                     new HttpError(
@@ -166,7 +174,7 @@ class notRoute {
             const modRoute = mod.getRoute(this.routeName);
             this.setRequestRouteData(
                 req,
-                this.createRequestRouteData(actionName, rule)
+                this.createRequestRouteData(actionName, rule, identity)
             );
             if (this.routeIsRunnable(modRoute, actionName)) {
                 return this.executeRoute(modRoute, actionName, {

package/test/fakes.js CHANGED Viewed

@@ -10,6 +10,27 @@ module.exports = {
             }
         };
     },
+    fakeAuthData: ({
+        root = false,
+        admin = false,
+        auth = false,
+        role = [DEFAULT_USER_ROLE_FOR_GUEST],
+        primaryRole = DEFAULT_USER_ROLE_FOR_GUEST,
+        uid = undefined,
+        sid = undefined,
+        ip = undefined,
+    }) => {
+        return {
+            root,
+            admin,
+            auth,
+            role,
+            primaryRole,
+            uid,
+            sid,
+            ip,
+        };
+    },
     fakeIdentity: (
         id = {
             root: false,

package/test/notManifest.js CHANGED Viewed

@@ -1,5 +1,6 @@
 const expect = require("chai").expect,
     notManifest = require("../src/manifest/manifest"),
+    notManifestFilter = require("../src/manifest/manifest.filter"),
     manifest = new notManifest();
 const rawRoutesManifest = {
@@ -25,31 +26,32 @@ const rawRoutesManifest = {
                 method: "get",
                 rules: [
                     {
-                        auth: false,
+                        root: true,
+                        actionName: "listForAdmin",
                     },
                     {
                         auth: true,
                         actionPrefix: "user",
                     },
                     {
-                        root: true,
-                        actionName: "listForAdmin",
+                        auth: false,
                     },
                 ],
             },
             listAll: {
                 method: "get",
                 rules: [
-                    {
-                        auth: true,
-                        role: ["manager"],
-                        actionName: "managerListAll",
-                    },
                     {
                         root: true,
                         actionPrefix: "__",
                         actionName: "listForAdmin",
                     },
+                    {
+                        auth: true,
+                        role: ["manager"],
+                        actionName: "managerListAll",
+                    },
                 ],
             },
         },
@@ -70,10 +72,10 @@ const rawRoutesManifest = {
                 method: "get",
                 rules: [
                     {
-                        auth: true,
+                        root: true,
                     },
                     {
-                        root: true,
+                        auth: true,
                     },
                 ],
             },

package/test/notManifestFilter.js CHANGED Viewed

@@ -1,4 +1,5 @@
 const { notFieldsFilter } = require("..");
 const {
     DEFAULT_USER_ROLE_FOR_GUEST,
     ACTION_SIGNATURES,
@@ -31,31 +32,31 @@ const rawRoutesManifest = {
                 method: "get",
                 rules: [
                     {
-                        auth: false,
+                        root: true,
+                        actionName: "listForAdmin",
                     },
                     {
                         auth: true,
                         actionPrefix: "user",
                     },
                     {
-                        root: true,
-                        actionName: "listForAdmin",
+                        auth: false,
                     },
                 ],
             },
             listAll: {
                 method: "get",
                 rules: [
-                    {
-                        auth: true,
-                        role: ["manager"],
-                        actionName: "managerListAll",
-                    },
                     {
                         root: true,
                         actionPrefix: "__",
                         actionName: "listForAdmin",
                     },
+                    {
+                        auth: true,
+                        role: ["manager"],
+                        actionName: "managerListAll",
+                    },
                 ],
             },
         },
@@ -76,10 +77,10 @@ const rawRoutesManifest = {
                 method: "get",
                 rules: [
                     {
-                        auth: true,
+                        root: true,
                     },
                     {
-                        root: true,
+                        auth: true,
                     },
                 ],
             },
@@ -96,27 +97,73 @@ const rawRoutesManifest = {
 describe("notManifestFilter", function () {
     describe("clearActionFromRules", function () {
+        const spGuestC = Object.freeze({
+            [ACTION_SIGNATURES.CREATE]: ["root", "admin", "@*"],
+            [ACTION_SIGNATURES.READ]: ["root", "admin"],
+            [ACTION_SIGNATURES.UPDATE]: ["root", "admin"],
+            [ACTION_SIGNATURES.DELETE]: ["root", "admin"],
+        });
+        const spSystem = Object.freeze({
+            [ACTION_SIGNATURES.CREATE]: ["@system"],
+            [ACTION_SIGNATURES.READ]: ["@system"],
+            [ACTION_SIGNATURES.UPDATE]: ["@system"],
+            [ACTION_SIGNATURES.DELETE]: ["@system"],
+        });
         it("with rules", function () {
+            notManifestFilter.schemaLoader = (schemaName) => {
+                console.log("schema getter", schemaName);
+                switch (schemaName) {
+                    case "Jelly":
+                        return {
+                            name: {
+                                type: String,
+                                safe: spGuestC,
+                            },
+                            email: {
+                                type: String,
+                                safe: spGuestC,
+                            },
+                            __version: {
+                                type: String,
+                                safe: spSystem,
+                            },
+                        };
+                    case "Post":
+                        return [];
+                }
+                return undefined;
+            };
             const input = {
                 modelName: "jelly",
                 rules: [
                     {
-                        auth: true,
-                        fields: ["name"],
+                        root: true,
                     },
                     {
-                        root: true,
-                        fields: ["name", "email"],
+                        auth: true,
                     },
                 ],
             };
-            const result = notManifestFilter.clearActionFromRules(input, {
-                root: true,
-                fields: ["name", "email"],
-            });
+            const result = notManifestFilter.clearActionFromRules(
+                //raw actionData
+                input,
+                //current user statem model name, action  name and action signature - minimum if you want to filter
+                {
+                    root: true,
+                    role: ["root"],
+                    modelName: "Jelly",
+                    actionSignature: ACTION_SIGNATURES.READ,
+                },
+                {
+                    //what earlier were selected as best suited rule
+                    root: true,
+                }
+            );
             expect(result).to.deep.equal({
                 modelName: "jelly",
-                fields: ["name", "email"],
+                fields: ["name", "email"], //if fields ommited, it replaced by ["@safe"], __version is not safe to everyone but system invoked operations
             });
         });
@@ -491,7 +538,6 @@ describe("notManifestFilter", function () {
         });
         it("filterRouteAction @safe for READ", () => {
-            const actionName = "get";
             const actionData = {
                 actionSignature: ACTION_SIGNATURES.READ,
                 method: "get",
@@ -505,32 +551,23 @@ describe("notManifestFilter", function () {
             const auth = false;
             const root = false;
             const roles = [DEFAULT_USER_ROLE_FOR_GUEST];
-            const routeMan = {
-                actions: {},
-            };
             const targetResult = {
-                actions: {
-                    get: {
-                        method: "get",
-                        fields: ["name", "username", "country"],
-                    },
-                },
+                method: "get",
+                fields: ["name", "username", "country"],
             };
-            notManifestFilter.filterRouteAction(
-                actionName,
+            const result = notManifestFilter.filterRouteAction(
                 actionData,
                 auth,
                 roles,
                 root,
-                routeMan,
                 modelName,
                 moduleName
             );
-            expect(routeMan).to.be.deep.equal(targetResult);
+            expect(result).to.be.deep.equal(targetResult);
         });
         it("filterRouteAction @* for READ", () => {
-            const actionName = "get";
             const actionData = {
                 actionSignature: ACTION_SIGNATURES.READ,
                 method: "get",
@@ -544,44 +581,34 @@ describe("notManifestFilter", function () {
             const auth = false;
             const root = false;
             const roles = [DEFAULT_USER_ROLE_FOR_GUEST];
-            const routeMan = {
-                actions: {},
-            };
             const targetResult = {
-                actions: {
-                    get: {
-                        method: "get",
-                        fields: [
-                            "_id",
-                            "userID",
-                            "role",
-                            "name",
-                            "salt",
-                            "telephone",
-                            "username",
-                            "confirm",
-                            "code",
-                            "country",
-                            "email",
-                        ],
-                    },
-                },
+                method: "get",
+                fields: [
+                    "_id",
+                    "userID",
+                    "role",
+                    "name",
+                    "salt",
+                    "telephone",
+                    "username",
+                    "confirm",
+                    "code",
+                    "country",
+                    "email",
+                ],
             };
-            notManifestFilter.filterRouteAction(
-                actionName,
+            const result = notManifestFilter.filterRouteAction(
                 actionData,
                 auth,
                 roles,
                 root,
-                routeMan,
                 modelName,
                 moduleName
             );
-            expect(routeMan).to.be.deep.equal(targetResult);
+            expect(result).to.be.deep.equal(targetResult);
         });
         it("filterRouteAction @*,-@safe for READ", () => {
-            const actionName = "get";
             const actionData = {
                 actionSignature: ACTION_SIGNATURES.READ,
                 method: "get",
@@ -595,41 +622,32 @@ describe("notManifestFilter", function () {
             const auth = false;
             const root = false;
             const roles = [DEFAULT_USER_ROLE_FOR_GUEST];
-            const routeMan = {
-                actions: {},
-            };
             const targetResult = {
-                actions: {
-                    get: {
-                        method: "get",
-                        fields: [
-                            "_id",
-                            "userID",
-                            "role",
-                            "salt",
-                            "telephone",
-                            "confirm",
-                            "code",
-                            "email",
-                        ],
-                    },
-                },
+                method: "get",
+                fields: [
+                    "_id",
+                    "userID",
+                    "role",
+                    "salt",
+                    "telephone",
+                    "confirm",
+                    "code",
+                    "email",
+                ],
             };
-            notManifestFilter.filterRouteAction(
-                actionName,
+            const result = notManifestFilter.filterRouteAction(
                 actionData,
                 auth,
                 roles,
                 root,
-                routeMan,
                 modelName,
                 moduleName
             );
-            expect(routeMan).to.be.deep.equal(targetResult);
+            expect(result).to.be.deep.equal(targetResult);
         });
         it("filterRouteAction @* for UPDATE as guest", () => {
-            const actionName = "update";
             const actionData = {
                 actionSignature: ACTION_SIGNATURES.UPDATE,
                 method: "post",
@@ -643,27 +661,18 @@ describe("notManifestFilter", function () {
             const auth = false;
             const root = false;
             const roles = [DEFAULT_USER_ROLE_FOR_GUEST];
-            const routeMan = {
-                actions: {},
-            };
-            const targetResult = {
-                actions: {},
-            };
-            notManifestFilter.filterRouteAction(
-                actionName,
+            const result = notManifestFilter.filterRouteAction(
                 actionData,
                 auth,
                 roles,
                 root,
-                routeMan,
                 modelName,
                 moduleName
             );
-            expect(routeMan).to.be.deep.equal(targetResult);
+            expect(result).to.be.undefined;
         });
         it("filterRouteAction @safe for CREATE as guest", () => {
-            const actionName = "create";
             const actionData = {
                 actionSignature: ACTION_SIGNATURES.CREATE,
                 method: "put",
@@ -677,27 +686,18 @@ describe("notManifestFilter", function () {
             const auth = false;
             const root = false;
             const roles = [DEFAULT_USER_ROLE_FOR_GUEST];
-            const routeMan = {
-                actions: {},
-            };
-            const targetResult = {
-                actions: {},
-            };
-            notManifestFilter.filterRouteAction(
-                actionName,
+            const result = notManifestFilter.filterRouteAction(
                 actionData,
                 auth,
                 roles,
                 root,
-                routeMan,
                 modelName,
                 moduleName
             );
-            expect(routeMan).to.be.deep.equal(targetResult);
+            expect(result).to.be.undefined;
         });
         it("filterRouteAction @listFields for READ", () => {
-            const actionName = "list";
             notFieldsFilter.addSet("listFields", ["@ID", "@safe"]);
             const actionData = {
                 actionSignature: ACTION_SIGNATURES.READ,
@@ -712,28 +712,19 @@ describe("notManifestFilter", function () {
             const auth = false;
             const root = false;
             const roles = [DEFAULT_USER_ROLE_FOR_GUEST];
-            const routeMan = {
-                actions: {},
-            };
             const targetResult = {
-                actions: {
-                    list: {
-                        method: "get",
-                        fields: ["userID", "name", "username", "country"],
-                    },
-                },
+                method: "get",
+                fields: ["userID", "name", "username", "country"],
             };
-            notManifestFilter.filterRouteAction(
-                actionName,
+            const result = notManifestFilter.filterRouteAction(
                 actionData,
                 auth,
                 roles,
                 root,
-                routeMan,
                 modelName,
                 moduleName
             );
-            expect(routeMan).to.be.deep.equal(targetResult);
+            expect(result).to.be.deep.equal(targetResult);
         });
     });
 });

package/test/notRoute.js CHANGED Viewed

@@ -27,21 +27,23 @@ describe("notRoute", function () {
     describe("selectRule", function () {
         it("User(auth) request, post.list action", function () {
-            notAppIdentity.identity = require("./fakes").fakeIdentity({
+            const authData = require("./fakes").fakeAuthData({
                 auth: true,
+                role: ["user"],
+                primaryRole: "user",
             });
             let req = {},
                 actionData = {
                     method: "get",
                     rules: [
                         {
-                            auth: false,
+                            root: true,
                         },
                         {
                             auth: true,
                         },
                         {
-                            root: true,
+                            auth: false,
                         },
                     ],
                 },
@@ -52,12 +54,12 @@ describe("notRoute", function () {
                     "list",
                     actionData
                 );
-            expect(routerAction.selectRule(req)).to.deep.equal({
+            expect(routerAction.selectRule(authData)).to.deep.equal({
                 auth: true,
             });
         });
         it("User(!auth) request, post.list action", function () {
-            notAppIdentity.identity = require("./fakes").fakeIdentity({
+            const authData = require("./fakes").fakeAuthData({
                 auth: false,
             });
             let req = {},
@@ -82,7 +84,7 @@ describe("notRoute", function () {
                     "list",
                     actionData
                 );
-            expect(routerAction.selectRule(req)).to.deep.equal({
+            expect(routerAction.selectRule(authData)).to.deep.equal({
                 auth: false,
             });
         });
@@ -112,9 +114,10 @@ describe("notRoute", function () {
         });
         it("User(auth, manager) request, post.listAll action", function () {
-            notAppIdentity.identity = require("./fakes").fakeIdentity({
+            const authData = require("./fakes").fakeAuthData({
                 auth: true,
                 role: ["manager"],
+                primaryRole: "admin",
             });
             let req = {},
                 actionData = {
@@ -136,14 +139,14 @@ describe("notRoute", function () {
                     "listAll",
                     actionData
                 );
-            expect(routerAction.selectRule(req)).to.deep.equal({
+            expect(routerAction.selectRule(authData)).to.deep.equal({
                 auth: true,
                 role: ["manager"],
             });
         });
         it("Admin request, post.listAll action", function () {
-            notAppIdentity.identity = require("./fakes").fakeIdentity({
+            const authData = require("./fakes").fakeAuthData({
                 auth: true,
                 root: true,
                 primaryRole: DEFAULT_USER_ROLE_FOR_ROOT,
@@ -169,7 +172,7 @@ describe("notRoute", function () {
                     "listAll",
                     actionData
                 );
-            expect(routerAction.selectRule(req)).to.deep.equal({
+            expect(routerAction.selectRule(authData)).to.deep.equal({
                 root: true,
             });
         });