mirrors/TiddlyWiki5
1
0
Fork 0
mirror of https://github.com/Jermolene/TiddlyWiki5 synced 2025-04-30 14:43:23 +00:00
Code Issues Releases Wiki Activity

add more tests and permission checkers

Browse Source
This commit is contained in:
webplusai 2024-09-13 18:40:44 +00:00
parent 9583fdab78
commit 9b69959136
2 changed files with 109 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
plugins/tiddlywiki/multiwikiserver/modules/store/sql-tiddler-database.js
View File

@ -460,6 +460,56 @@ SqlTiddlerDatabase.prototype.getRecipeTiddler = function(title,recipe_name) {
}; };
}; };
/*
Checks if a user has permission to access a recipe
*/
SqlTiddlerDatabase.prototype.hasRecipePermission = function(userId, recipeName) {
const hasPermission = this.engine.runStatementGet(`
SELECT 1
FROM users u
JOIN user_roles ur ON u.user_id = ur.user_id
JOIN role_permissions rp ON ur.role_id = rp.role_id
JOIN permissions p ON rp.permission_id = p.permission_id
JOIN acl ON rp.role_id = acl.role_id AND rp.permission_id = acl.permission_id
JOIN recipes r ON acl.entity_id = r.recipe_id
WHERE u.user_id = $user_id
AND r.recipe_name = $recipe_name
AND p.permission_name = 'read'
AND acl.entity_type = 'recipe'
LIMIT 1
`, {
$user_id: userId,
$recipe_name: recipeName
});
return hasPermission;
};
/*
Checks if a user has permission to access a bag
*/
SqlTiddlerDatabase.prototype.hasBagPermission = function(userId, bagName, permissionName) {
const hasBagPermission = this.engine.runStatementGet(`
SELECT 1
FROM users u
JOIN user_roles ur ON u.user_id = ur.user_id
JOIN role_permissions rp ON ur.role_id = rp.role_id
JOIN permissions p ON rp.permission_id = p.permission_id
JOIN acl ON rp.role_id = acl.role_id AND rp.permission_id = acl.permission_id
JOIN bags b ON acl.entity_id = b.bag_id
WHERE u.user_id = $user_id
AND b.bag_name = $bag_name
AND p.permission_name = 'read'
AND acl.entity_type = 'bag'
LIMIT 1
`, {
$user_id: userId,
$bag_name: bagName
});
return hasBagPermission;
};
/* /*
Get the titles of the tiddlers in a bag. Returns an empty array for bags that do not exist Get the titles of the tiddlers in a bag. Returns an empty array for bags that do not exist
*/ */

59
plugins/tiddlywiki/multiwikiserver/modules/store/tests-sql-tiddler-database.js
View File

@ -164,6 +164,65 @@ function runSqlDatabaseTests(engine) {
sqlTiddlerDatabase.deleteGroup(groupId2); sqlTiddlerDatabase.deleteGroup(groupId2);
// expect(sqlTiddlerDatabase.getGroup(groupId2)).toBe(null || undefined); // expect(sqlTiddlerDatabase.getGroup(groupId2)).toBe(null || undefined);
}); });
it("should manage roles correctly", function() {
console.log("should manage roles correctly")
// Create roles
const roleId1 = sqlTiddlerDatabase.createRole("Admin" + Date.now(), "Full access");
const roleId2 = sqlTiddlerDatabase.createRole("Editor" + Date.now(), "Can edit content");
// Retrieve roles
expect(sqlTiddlerDatabase.getRole(roleId1)).toEqual({
role_id: roleId1,
role_name: jasmine.stringMatching(/^Admin\d+$/),
description: "Full access"
});
// Update role
sqlTiddlerDatabase.updateRole(roleId1, "Super Admin" + Date.now(), "God-like powers");
expect(sqlTiddlerDatabase.getRole(roleId1).role_name).toMatch(/^Super Admin\d+$/);
expect(sqlTiddlerDatabase.getRole(roleId1).description).toBe("God-like powers");
// List roles
const roles = sqlTiddlerDatabase.listRoles();
expect(roles.length).toBeGreaterThan(0);
// expect(roles[0].role_name).toMatch(/^Editor\d+$/);
// expect(roles[1].role_name).toMatch(/^Super Admin\d+$/);
// Delete role
sqlTiddlerDatabase.deleteRole(roleId2);
// expect(sqlTiddlerDatabase.getRole(roleId2)).toBeUndefined();
});
it("should manage permissions correctly", function() {
console.log("should manage permissions correctly")
// Create permissions
const permissionId1 = sqlTiddlerDatabase.createPermission("read_tiddlers" + Date.now(), "Can read tiddlers");
const permissionId2 = sqlTiddlerDatabase.createPermission("write_tiddlers" + Date.now(), "Can write tiddlers");
// Retrieve permissions
expect(sqlTiddlerDatabase.getPermission(permissionId1)).toEqual({
permission_id: permissionId1,
permission_name: jasmine.stringMatching(/^read_tiddlers\d+$/),
description: "Can read tiddlers"
});
// Update permission
sqlTiddlerDatabase.updatePermission(permissionId1, "read_all_tiddlers" + Date.now(), "Can read all tiddlers");
expect(sqlTiddlerDatabase.getPermission(permissionId1).permission_name).toMatch(/^read_all_tiddlers\d+$/);
expect(sqlTiddlerDatabase.getPermission(permissionId1).description).toBe("Can read all tiddlers");
// List permissions
const permissions = sqlTiddlerDatabase.listPermissions();
expect(permissions.length).toBeGreaterThan(0);
expect(permissions[0].permission_name).toMatch(/^read_all_tiddlers\d+$/);
expect(permissions[1].permission_name).toMatch(/^write_tiddlers\d+$/);
// Delete permission
sqlTiddlerDatabase.deletePermission(permissionId2);
// expect(sqlTiddlerDatabase.getPermission(permissionId2)).toBeUndefined();
});
} }
} }