|
|
@@ -39,6 +39,12 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
|
|
|
return nil
|
|
|
})
|
|
|
|
|
|
+ // This tests four scenarios:
|
|
|
+ // 1. user is an org admin
|
|
|
+ // 2. user is an org editor AND has been granted admin permission for the dashboard
|
|
|
+ // 3. user is an org viewer AND has been granted edit permission for the dashboard
|
|
|
+ // 4. user is an org editor AND has no permissions for the dashboard
|
|
|
+
|
|
|
Convey("When user is org admin", func() {
|
|
|
loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/acl", "/api/dashboards/id/:dashboardsId/acl", m.ROLE_ADMIN, func(sc *scenarioContext) {
|
|
|
Convey("Should be able to access ACL", func() {
|
|
|
@@ -56,7 +62,7 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
|
|
|
})
|
|
|
})
|
|
|
|
|
|
- Convey("When user is editor and has admin permission in the ACL", func() {
|
|
|
+ Convey("When user is org editor and has admin permission in the ACL", func() {
|
|
|
loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/acl", "/api/dashboards/id/:dashboardId/acl", m.ROLE_EDITOR, func(sc *scenarioContext) {
|
|
|
mockResult = append(mockResult, &m.DashboardAclInfoDTO{Id: 6, OrgId: 1, DashboardId: 1, UserId: 1, Permission: m.PERMISSION_ADMIN})
|
|
|
|
|
|
@@ -147,11 +153,12 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
|
|
|
})
|
|
|
})
|
|
|
|
|
|
- Convey("When user is editor and has edit permission in the ACL", func() {
|
|
|
- loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/acl", "/api/dashboards/id/:dashboardId/acl", m.ROLE_EDITOR, func(sc *scenarioContext) {
|
|
|
+ Convey("When user is org viewer and has edit permission in the ACL", func() {
|
|
|
+ loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/acl", "/api/dashboards/id/:dashboardId/acl", m.ROLE_VIEWER, func(sc *scenarioContext) {
|
|
|
mockResult = append(mockResult, &m.DashboardAclInfoDTO{Id: 1, OrgId: 1, DashboardId: 1, UserId: 1, Permission: m.PERMISSION_EDIT})
|
|
|
|
|
|
- Convey("Should not be able to access ACL", func() {
|
|
|
+ // Getting the permissions is an Admin permission
|
|
|
+ Convey("Should not be able to get list of permissions from ACL", func() {
|
|
|
sc.handlerFunc = GetDashboardAclList
|
|
|
sc.fakeReqWithParams("GET", sc.url, map[string]string{}).exec()
|
|
|
|
|
|
@@ -159,7 +166,7 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
|
|
|
})
|
|
|
})
|
|
|
|
|
|
- loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/dashboards/id/1/acl/1", "/api/dashboards/id/:dashboardId/acl/:aclId", m.ROLE_EDITOR, func(sc *scenarioContext) {
|
|
|
+ loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/dashboards/id/1/acl/1", "/api/dashboards/id/:dashboardId/acl/:aclId", m.ROLE_VIEWER, func(sc *scenarioContext) {
|
|
|
mockResult = append(mockResult, &m.DashboardAclInfoDTO{Id: 1, OrgId: 1, DashboardId: 1, UserId: 1, Permission: m.PERMISSION_EDIT})
|
|
|
|
|
|
bus.AddHandler("test3", func(cmd *m.RemoveDashboardAclCommand) error {
|
|
|
@@ -175,7 +182,7 @@ func TestDashboardAclApiEndpoint(t *testing.T) {
|
|
|
})
|
|
|
})
|
|
|
|
|
|
- Convey("When user is editor and not in the ACL", func() {
|
|
|
+ Convey("When user is org editor and not in the ACL", func() {
|
|
|
loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/acl", "/api/dashboards/id/:dashboardsId/acl", m.ROLE_EDITOR, func(sc *scenarioContext) {
|
|
|
|
|
|
Convey("Should not be able to access ACL", func() {
|
Daniel Lee