privileges tests

8 years ago · 324e5be7bd
parent a3b4c83e8b
commit 324e5be7bd
3 changed files with 168 additions and 94 deletions
--- a/src/privileges/categories.js
+++ b/src/privileges/categories.js
@ -155,6 +155,8 @@ module.exports = function (privileges) {

 	privileges.categories.get = function (cid, uid, callback) {
 		var privs = ['topics:create', 'topics:read', 'read'];
+		async.waterfall([
+			function (next) {
 				async.parallel({
 					privileges: function (next) {
 						helpers.isUserAllowedTo(privs, uid, cid, next);
@ -165,10 +167,9 @@ module.exports = function (privileges) {
 					isModerator: function (next) {
 						user.isModerator(uid, cid, next);
 					},
-		}, function (err, results) {
-			if (err) {
-				return callback(err);
-			}
+				}, next);
+			},
+			function (results, next) {
 				var privData = _.object(privs, results.privileges);
 				var isAdminOrMod = results.isAdministrator || results.isModerator;

@ -181,8 +182,9 @@ module.exports = function (privileges) {
 					editable: isAdminOrMod,
 					view_deleted: isAdminOrMod,
 					isAdminOrMod: isAdminOrMod,
-			}, callback);
-		});
+				}, next);
+			},
+		], callback);
 	};

 	privileges.categories.isAdminOrMod = function (cid, uid, callback) {
@ -213,15 +215,14 @@ module.exports = function (privileges) {
 			return callback(null, false);
 		}

-		categories.getCategoryField(cid, 'disabled', function (err, disabled) {
-			if (err) {
-				return callback(err);
-			}
-
+		async.waterfall([
+			function (next) {
+				categories.getCategoryField(cid, 'disabled', next);
+			},
+			function (disabled, next) {
 				if (parseInt(disabled, 10) === 1) {
 					return callback(null, false);
 				}
-
 				helpers.some([
 					function (next) {
 						helpers.isUserAllowedTo(privilege, uid, [cid], function (err, results) {
@ -234,8 +235,9 @@ module.exports = function (privileges) {
 					function (next) {
 						user.isAdministrator(uid, next);
 					},
+				], next);
+			},
 		], callback);
-		});
 	};

 	privileges.categories.filterCids = function (privilege, cids, uid, callback) {
@ -247,18 +249,19 @@ module.exports = function (privileges) {
 			return array.indexOf(cid) === index;
 		});

-		privileges.categories.getBase(privilege, cids, uid, function (err, results) {
-			if (err) {
-				return callback(err);
-			}
-
+		async.waterfall([
+			function (next) {
+				privileges.categories.getBase(privilege, cids, uid, next);
+			},
+			function (results, next) {
 				cids = cids.filter(function (cid, index) {
 					return !results.categories[index].disabled &&
 						(results.allowedTo[index] || results.isAdmin || results.isModerators[index]);
 				});

-			callback(null, cids.filter(Boolean));
-		});
+				next(null, cids.filter(Boolean));
+			},
+		], callback);
 	};

 	privileges.categories.getBase = function (privilege, cids, uid, callback) {
@ -287,6 +290,8 @@ module.exports = function (privileges) {
 			return array.indexOf(uid) === index;
 		});

+		async.waterfall([
+			function (next) {
 				async.parallel({
 					allowedTo: function (next) {
 						helpers.isUsersAllowedTo(privilege, uids, cid, next);
@ -297,16 +302,15 @@ module.exports = function (privileges) {
 					isAdmin: function (next) {
 						user.isAdministrator(uids, next);
 					},
-		}, function (err, results) {
-			if (err) {
-				return callback(err);
-			}
-
+				}, next);
+			},
+			function (results, next) {
 				uids = uids.filter(function (uid, index) {
 					return results.allowedTo[index] || results.isModerators[index] || results.isAdmin[index];
 				});
-			callback(null, uids);
-		});
+				next(null, uids);
+			},
+		], callback);
 	};

 	privileges.categories.give = function (privileges, cid, groupName, callback) {
@ -324,6 +328,8 @@ module.exports = function (privileges) {
 	}

 	privileges.categories.canMoveAllTopics = function (currentCid, targetCid, uid, callback) {
+		async.waterfall([
+			function (next) {
 				async.parallel({
 					isAdministrator: function (next) {
 						user.isAdministrator(uid, next);
@ -334,13 +340,12 @@ module.exports = function (privileges) {
 					moderatorOfTarget: function (next) {
 						user.isModerator(uid, targetCid, next);
 					},
-		}, function (err, results) {
-			if (err) {
-				return callback(err);
-			}
-
-			callback(null, results.isAdministrator || (results.moderatorOfCurrent && results.moderatorOfTarget));
-		});
+				}, next);
+			},
+			function (results, next) {
+				next(null, results.isAdministrator || (results.moderatorOfCurrent && results.moderatorOfTarget));
+			},
+		], callback);
 	};

 	privileges.categories.userPrivileges = function (cid, uid, callback) {
--- a/test/categories.js
+++ b/test/categories.js
@ -390,6 +390,7 @@ describe('Categories', function () {
 		it('should get all categories', function (done) {
 			socketCategories.getAll({ uid: adminUid }, {}, function (err, data) {
 				assert.ifError(err);
+				assert(data);
 				done();
 			});
 		});
@ -615,6 +616,72 @@ describe('Categories', function () {
 	});


+	describe('privileges', function () {
+		var privileges = require('../src/privileges');
+
+		it('should return empty array if uids is empty array', function (done) {
+			privileges.categories.filterUids('find', categoryObj.cid, [], function (err, uids) {
+				assert.ifError(err);
+				assert.equal(uids.length, 0);
+				done();
+			});
+		});
+
+		it('should filter uids by privilege', function (done) {
+			privileges.categories.filterUids('find', categoryObj.cid, [1, 2, 3, 4], function (err, uids) {
+				assert.ifError(err);
+				assert.deepEqual(uids, [1, 2]);
+				done();
+			});
+		});
+
+		it('should load user privileges', function (done) {
+			privileges.categories.userPrivileges(categoryObj.cid, 1, function (err, data) {
+				assert.ifError(err);
+				assert.deepEqual(data, {
+					find: false,
+					mods: false,
+					'posts:delete': false,
+					read: false,
+					'topics:reply': false,
+					'topics:read': false,
+					'topics:create': false,
+					'topics:delete': false,
+					'posts:edit': false,
+				});
+
+				done();
+			});
+		});
+
+		it('should load group privileges', function (done) {
+			privileges.categories.groupPrivileges(categoryObj.cid, 'registered-users', function (err, data) {
+				assert.ifError(err);
+				assert.deepEqual(data, {
+					'groups:find': true,
+					'groups:posts:edit': true,
+					'groups:topics:delete': false,
+					'groups:topics:create': true,
+					'groups:topics:reply': true,
+					'groups:posts:delete': true,
+					'groups:read': true,
+					'groups:topics:read': true,
+				});
+
+				done();
+			});
+		});
+
+		it('should return false if cid is falsy', function (done) {
+			privileges.categories.isUserAllowedTo('find', null, adminUid, function (err, isAllowed) {
+				assert.ifError(err);
+				assert.equal(isAllowed, false);
+				done();
+			});
+		});
+	});
+
+
 	after(function (done) {
 		db.emptydb(done);
 	});
--- a/test/controllers-admin.js
+++ b/test/controllers-admin.js
@ -21,6 +21,7 @@ describe('Admin Controllers', function () {
 	var jar;

 	before(function (done) {
+		groups.resetCache();
 		async.series({
 			category: function (next) {
 				categories.create({
@ -43,9 +44,10 @@ describe('Admin Controllers', function () {
 			cid = results.category.cid;

 			topics.post({ uid: adminUid, title: 'test topic title', content: 'test topic content', cid: results.category.cid }, function (err, result) {
+				assert.ifError(err);
 				tid = result.topicData.tid;
 				pid = result.postData.pid;
-				done(err);
+				done();
 			});
 		});
 	});