TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-26 20:34:02 +03:00
Code Issues Projects Releases Wiki Activity
986a7526f5
Ghost/test/unit/models/invite_spec.js
Hannah Wolfe bd597db829
Moved settings/cache to shared/settings-cache 
- This is part of the quest to separate the frontend and server & get rid of all the places where there are cross-requires
- At the moment the settings cache is one big shared cache used by the frontend and server liberally
- This change doesn't really solve the fundamental problems, as we still depend on events, and requires from inside frontend
- However it allows us to control the misuse slightly better by getting rid of restricted requires and turning on that eslint ruleset
2021-06-30 15:49:10 +01:00

274 lines
12 KiB
JavaScript
Raw Blame History

const errors = require('@tryghost/errors');
const sinon = require('sinon');
const Promise = require('bluebird');
const models = require('../../../core/server/models');
const settingsCache = require('../../../core/shared/settings-cache');
describe('Unit: models/invite', function () {
before(function () {
models.init();
});
beforeEach(function () {
sinon.stub(settingsCache, 'get').withArgs('db_hash').returns('12345678');
});
afterEach(function () {
sinon.restore();
});
describe('permissible', function () {
describe('action: add', function () {
let inviteModel;
let context;
let unsafeAttrs;
let roleModel;
let loadedPermissions;
before(function () {
inviteModel = {};
context = {};
unsafeAttrs = {role_id: 'role_id'};
roleModel = sinon.stub();
roleModel.get = sinon.stub();
loadedPermissions = {
user: {
roles: []
}
};
});
it('role does not exist', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(null);
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs)
.then(Promise.reject)
.catch((err) => {
(err instanceof errors.NotFoundError).should.eql(true);
});
});
it('invite owner', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Owner');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs)
.then(Promise.reject)
.catch((err) => {
(err instanceof errors.NoPermissionError).should.eql(true);
});
});
describe('as owner', function () {
beforeEach(function () {
loadedPermissions.user.roles = [{name: 'Owner'}];
});
it('invite administrator', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Administrator');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
});
it('invite editor', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Editor');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
});
it('invite author', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Author');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
});
it('invite contributor', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Contributor');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
});
});
describe('as administrator', function () {
beforeEach(function () {
loadedPermissions.user.roles = [{name: 'Administrator'}];
});
it('invite administrator', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Administrator');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
});
it('invite editor', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Editor');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
});
it('invite author', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Author');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
});
it('invite contributor', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Contributor');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
});
});
describe('as editor', function () {
beforeEach(function () {
loadedPermissions.user.roles = [{name: 'Editor'}];
});
it('invite administrator', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Administrator');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true)
.then(Promise.reject)
.catch((err) => {
(err instanceof errors.NoPermissionError).should.eql(true);
});
});
it('invite editor', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Editor');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true)
.then(Promise.reject)
.catch((err) => {
(err instanceof errors.NoPermissionError).should.eql(true);
});
});
it('invite author', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Author');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
});
it('invite contributor', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Contributor');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, true, true, true);
});
});
describe('as author', function () {
beforeEach(function () {
loadedPermissions.user.roles = [{name: 'Author'}];
});
it('invite administrator', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Administrator');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
.then(Promise.reject)
.catch((err) => {
(err instanceof errors.NoPermissionError).should.eql(true);
});
});
it('invite editor', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Editor');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
.then(Promise.reject)
.catch((err) => {
(err instanceof errors.NoPermissionError).should.eql(true);
});
});
it('invite author', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Author');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
.then(Promise.reject)
.catch((err) => {
(err instanceof errors.NoPermissionError).should.eql(true);
});
});
it('invite contributor', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Contributor');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
.then(Promise.reject)
.catch((err) => {
(err instanceof errors.NoPermissionError).should.eql(true);
});
});
});
describe('as contributor', function () {
beforeEach(function () {
loadedPermissions.user.roles = [{name: 'Contributor'}];
});
it('invite administrator', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Administrator');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
.then(Promise.reject)
.catch((err) => {
(err instanceof errors.NoPermissionError).should.eql(true);
});
});
it('invite editor', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Editor');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
.then(Promise.reject)
.catch((err) => {
(err instanceof errors.NoPermissionError).should.eql(true);
});
});
it('invite author', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Author');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
.then(Promise.reject)
.catch((err) => {
(err instanceof errors.NoPermissionError).should.eql(true);
});
});
it('invite contributor', function () {
sinon.stub(models.Role, 'findOne').withArgs({id: 'role_id'}).resolves(roleModel);
roleModel.get.withArgs('name').returns('Contributor');
return models.Invite.permissible(inviteModel, 'add', context, unsafeAttrs, loadedPermissions, false, false, true)
.then(Promise.reject)
.catch((err) => {
(err instanceof errors.NoPermissionError).should.eql(true);
});
});
});
});
});
});
Reference in New Issue View Git Blame Copy Permalink