ben
/
coze-studio
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
coze-studio/frontend/packages/common/auth/__tests__/project/calc-permission.test.ts

394 lines
14 KiB
TypeScript
Raw Blame History

/*
* Copyright 2025 coze-dev Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import { describe, it, expect } from 'vitest';
import { SpaceRoleType, SpaceType } from '@coze-arch/idl/developer_api';
import {
ProjectRoleType,
EProjectPermission,
} from '../../src/project/constants';
import { calcPermission } from '../../src/project/calc-permission';
describe('Project Calc Permission', () => {
describe('个人空间权限', () => {
it('应该为个人空间返回正确的权限', () => {
const params = {
projectRoles: [],
spaceRoles: [],
spaceType: SpaceType.Personal,
};
// Personal space should have viewing permission
expect(calcPermission(EProjectPermission.View, params)).toBe(true);
// Personal space should have permission to edit information
expect(calcPermission(EProjectPermission.EDIT_INFO, params)).toBe(true);
// Personal space should have deletion permission
expect(calcPermission(EProjectPermission.DELETE, params)).toBe(true);
// Personal space should have publishing permission
expect(calcPermission(EProjectPermission.PUBLISH, params)).toBe(true);
// Personal space should have permission to create resources
expect(calcPermission(EProjectPermission.CREATE_RESOURCE, params)).toBe(
true,
);
// Personal space should have permission to copy resources
expect(calcPermission(EProjectPermission.COPY_RESOURCE, params)).toBe(
true,
);
// Personal space should have permission to copy items
expect(calcPermission(EProjectPermission.COPY, params)).toBe(true);
// Personal space should have test run plug-in permissions
expect(calcPermission(EProjectPermission.TEST_RUN_PLUGIN, params)).toBe(
true,
);
// Personal space should have test run workflow permissions
expect(calcPermission(EProjectPermission.TEST_RUN_WORKFLOW, params)).toBe(
true,
);
});
it('应该为个人空间返回正确的无效权限', () => {
const params = {
projectRoles: [],
spaceRoles: [],
spaceType: SpaceType.Personal,
};
// Personal Spaces should not have Add Collaborators permissions
expect(calcPermission(EProjectPermission.ADD_COLLABORATOR, params)).toBe(
false,
);
// Personal space should not have permission to delete collaborators
expect(
calcPermission(EProjectPermission.DELETE_COLLABORATOR, params),
).toBe(false);
});
});
describe('团队空间项目角色权限', () => {
it('应该为项目所有者角色返回正确的权限', () => {
const params = {
projectRoles: [ProjectRoleType.Owner],
spaceRoles: [],
spaceType: SpaceType.Team,
};
// The project owner should have viewing rights
expect(calcPermission(EProjectPermission.View, params)).toBe(true);
// The project owner should have permission to edit the information
expect(calcPermission(EProjectPermission.EDIT_INFO, params)).toBe(true);
// The project owner should have delete permissions
expect(calcPermission(EProjectPermission.DELETE, params)).toBe(true);
// The project owner should have publishing rights
expect(calcPermission(EProjectPermission.PUBLISH, params)).toBe(true);
// The project owner should have the Create Resource permission
expect(calcPermission(EProjectPermission.CREATE_RESOURCE, params)).toBe(
true,
);
// The project owner should have permission to copy the resource
expect(calcPermission(EProjectPermission.COPY_RESOURCE, params)).toBe(
true,
);
// The project owner should have permission to copy the project
expect(calcPermission(EProjectPermission.COPY, params)).toBe(true);
// The project owner should have test run plug-in permissions
expect(calcPermission(EProjectPermission.TEST_RUN_PLUGIN, params)).toBe(
true,
);
// The project owner should have test run workflow permissions
expect(calcPermission(EProjectPermission.TEST_RUN_WORKFLOW, params)).toBe(
true,
);
// The project owner should have permission to add collaborators
expect(calcPermission(EProjectPermission.ADD_COLLABORATOR, params)).toBe(
true,
);
// The project owner should have the Delete Collaborator permission
expect(
calcPermission(EProjectPermission.DELETE_COLLABORATOR, params),
).toBe(true);
});
it('应该为项目编辑者角色返回正确的权限', () => {
const params = {
projectRoles: [ProjectRoleType.Editor],
spaceRoles: [],
spaceType: SpaceType.Team,
};
// Project editors should have viewing rights
expect(calcPermission(EProjectPermission.View, params)).toBe(true);
// Project editors should have permission to edit information
expect(calcPermission(EProjectPermission.EDIT_INFO, params)).toBe(true);
// Project editors should have the Create Resource permission
expect(calcPermission(EProjectPermission.CREATE_RESOURCE, params)).toBe(
true,
);
// Project editors should have permission to copy resources
expect(calcPermission(EProjectPermission.COPY_RESOURCE, params)).toBe(
true,
);
// The project editor should have permission to copy the project
expect(calcPermission(EProjectPermission.COPY, params)).toBe(true);
// Project editors should have test run plug-in permissions
expect(calcPermission(EProjectPermission.TEST_RUN_PLUGIN, params)).toBe(
true,
);
// The project editor should have test run workflow permissions
expect(calcPermission(EProjectPermission.TEST_RUN_WORKFLOW, params)).toBe(
true,
);
// Project editors should have Add Collaborators permission
expect(calcPermission(EProjectPermission.ADD_COLLABORATOR, params)).toBe(
true,
);
// Project editors should not have delete permissions
expect(calcPermission(EProjectPermission.DELETE, params)).toBe(false);
// Project editors should not have permission to publish
expect(calcPermission(EProjectPermission.PUBLISH, params)).toBe(false);
// Project editors should not have permission to delete collaborators
expect(
calcPermission(EProjectPermission.DELETE_COLLABORATOR, params),
).toBe(false);
});
});
describe('团队空间角色权限', () => {
it('应该为空间成员角色返回正确的权限', () => {
const params = {
projectRoles: [],
spaceRoles: [SpaceRoleType.Member],
spaceType: SpaceType.Team,
};
// Space members should have viewing rights
expect(calcPermission(EProjectPermission.View, params)).toBe(true);
// Space members should have permission to copy items
expect(calcPermission(EProjectPermission.COPY, params)).toBe(true);
// Space members should have test run workflow permissions
expect(calcPermission(EProjectPermission.TEST_RUN_WORKFLOW, params)).toBe(
true,
);
// Space members should not have permission to edit information
expect(calcPermission(EProjectPermission.EDIT_INFO, params)).toBe(false);
// Space members should not have delete permissions
expect(calcPermission(EProjectPermission.DELETE, params)).toBe(false);
// Space members should not have publishing privileges
expect(calcPermission(EProjectPermission.PUBLISH, params)).toBe(false);
// Space members should not have permission to create resources
expect(calcPermission(EProjectPermission.CREATE_RESOURCE, params)).toBe(
false,
);
// Space members should not have permission to copy resources
expect(calcPermission(EProjectPermission.COPY_RESOURCE, params)).toBe(
false,
);
// Space members should not have test run plug-in permissions
expect(calcPermission(EProjectPermission.TEST_RUN_PLUGIN, params)).toBe(
false,
);
// Space members should not have Add Collaborator permissions
expect(calcPermission(EProjectPermission.ADD_COLLABORATOR, params)).toBe(
false,
);
// Space members should not have permission to delete collaborators
expect(
calcPermission(EProjectPermission.DELETE_COLLABORATOR, params),
).toBe(false);
});
it('应该为空间所有者角色返回正确的权限', () => {
const params = {
projectRoles: [],
spaceRoles: [SpaceRoleType.Owner],
spaceType: SpaceType.Team,
};
// Space owners should have viewing rights
expect(calcPermission(EProjectPermission.View, params)).toBe(true);
// The space owner should have permission to copy items
expect(calcPermission(EProjectPermission.COPY, params)).toBe(true);
// Space owners should have test run workflow permissions
expect(calcPermission(EProjectPermission.TEST_RUN_WORKFLOW, params)).toBe(
true,
);
});
it('应该为空间管理员角色返回正确的权限', () => {
const params = {
projectRoles: [],
spaceRoles: [SpaceRoleType.Admin],
spaceType: SpaceType.Team,
};
// The space administrator should have viewing rights
expect(calcPermission(EProjectPermission.View, params)).toBe(true);
// The space administrator should have permission to copy items
expect(calcPermission(EProjectPermission.COPY, params)).toBe(true);
// The space administrator should have test run workflow permissions
expect(calcPermission(EProjectPermission.TEST_RUN_WORKFLOW, params)).toBe(
true,
);
});
it('应该为默认角色返回正确的权限', () => {
const params = {
projectRoles: [],
spaceRoles: [SpaceRoleType.Default],
spaceType: SpaceType.Team,
};
// The default role should not have any permissions
expect(calcPermission(EProjectPermission.View, params)).toBe(false);
expect(calcPermission(EProjectPermission.EDIT_INFO, params)).toBe(false);
expect(calcPermission(EProjectPermission.DELETE, params)).toBe(false);
expect(calcPermission(EProjectPermission.PUBLISH, params)).toBe(false);
expect(calcPermission(EProjectPermission.CREATE_RESOURCE, params)).toBe(
false,
);
expect(calcPermission(EProjectPermission.COPY_RESOURCE, params)).toBe(
false,
);
expect(calcPermission(EProjectPermission.COPY, params)).toBe(false);
expect(calcPermission(EProjectPermission.TEST_RUN_PLUGIN, params)).toBe(
false,
);
expect(calcPermission(EProjectPermission.TEST_RUN_WORKFLOW, params)).toBe(
false,
);
expect(calcPermission(EProjectPermission.ADD_COLLABORATOR, params)).toBe(
false,
);
expect(
calcPermission(EProjectPermission.DELETE_COLLABORATOR, params),
).toBe(false);
});
});
describe('混合角色权限', () => {
it('应该在同时拥有项目角色和空间角色时返回正确的权限', () => {
const params = {
projectRoles: [ProjectRoleType.Editor],
spaceRoles: [SpaceRoleType.Member],
spaceType: SpaceType.Team,
};
// Should have all the permissions of the project editor
expect(calcPermission(EProjectPermission.View, params)).toBe(true);
expect(calcPermission(EProjectPermission.EDIT_INFO, params)).toBe(true);
expect(calcPermission(EProjectPermission.CREATE_RESOURCE, params)).toBe(
true,
);
expect(calcPermission(EProjectPermission.COPY_RESOURCE, params)).toBe(
true,
);
expect(calcPermission(EProjectPermission.COPY, params)).toBe(true);
expect(calcPermission(EProjectPermission.TEST_RUN_PLUGIN, params)).toBe(
true,
);
expect(calcPermission(EProjectPermission.TEST_RUN_WORKFLOW, params)).toBe(
true,
);
expect(calcPermission(EProjectPermission.ADD_COLLABORATOR, params)).toBe(
true,
);
// There should be no permissions that the project editor does not have
expect(calcPermission(EProjectPermission.DELETE, params)).toBe(false);
expect(calcPermission(EProjectPermission.PUBLISH, params)).toBe(false);
expect(
calcPermission(EProjectPermission.DELETE_COLLABORATOR, params),
).toBe(false);
});
it('应该在没有有效角色时返回 false', () => {
const params = {
projectRoles: [],
spaceRoles: [],
spaceType: SpaceType.Team,
};
// No role should have no permissions
expect(calcPermission(EProjectPermission.View, params)).toBe(false);
expect(calcPermission(EProjectPermission.EDIT_INFO, params)).toBe(false);
expect(calcPermission(EProjectPermission.DELETE, params)).toBe(false);
expect(calcPermission(EProjectPermission.PUBLISH, params)).toBe(false);
expect(calcPermission(EProjectPermission.CREATE_RESOURCE, params)).toBe(
false,
);
expect(calcPermission(EProjectPermission.COPY_RESOURCE, params)).toBe(
false,
);
expect(calcPermission(EProjectPermission.COPY, params)).toBe(false);
expect(calcPermission(EProjectPermission.TEST_RUN_PLUGIN, params)).toBe(
false,
);
expect(calcPermission(EProjectPermission.TEST_RUN_WORKFLOW, params)).toBe(
false,
);
expect(calcPermission(EProjectPermission.ADD_COLLABORATOR, params)).toBe(
false,
);
expect(
calcPermission(EProjectPermission.DELETE_COLLABORATOR, params),
).toBe(false);
});
});
});
Reference in New Issue View Git Blame Copy Permalink