151 lines
4.8 KiB
Dart
151 lines
4.8 KiB
Dart
import 'package:angel_framework/angel_framework.dart';
|
|
import 'package:angel_security/angel_security.dart';
|
|
import 'package:angel_test/angel_test.dart';
|
|
import 'package:test/test.dart';
|
|
|
|
class User {
|
|
final List<String> roles;
|
|
|
|
User(this.roles);
|
|
}
|
|
|
|
main() {
|
|
Angel app;
|
|
TestClient client;
|
|
|
|
setUp(() async {
|
|
app = Angel();
|
|
|
|
app.fallback((req, res) async {
|
|
// In real life, you'd use auth to check user roles,
|
|
// but in this case, let's just set the user manually
|
|
var xRoles = req.headers['X-Roles'];
|
|
|
|
if (xRoles?.isNotEmpty == true) {
|
|
req.container.registerSingleton(User(xRoles));
|
|
}
|
|
|
|
return true;
|
|
});
|
|
|
|
app.chain([PermissionBuilder.wildcard().toPermission().toMiddleware()]).get(
|
|
'/', (req, res) => 'Hello, world!');
|
|
app.chain([Permission('foo').toMiddleware()]).get(
|
|
'/one', (req, res) => 'Hello, world!');
|
|
app.chain([Permission('two:foo').toMiddleware()]).get(
|
|
'/two', (req, res) => 'Hello, world!');
|
|
app.chain([Permission('two:*').toMiddleware()]).get(
|
|
'/two-star', (req, res) => 'Hello, world!');
|
|
app.chain([Permission('three:foo:bar').toMiddleware()]).get(
|
|
'/three', (req, res) => 'Hello, world!');
|
|
app.chain([Permission('three:*:bar').toMiddleware()]).get(
|
|
'/three-star', (req, res) => 'Hello, world!');
|
|
|
|
app.chain([
|
|
PermissionBuilder('super')
|
|
.add('specific')
|
|
.add('permission')
|
|
.allowAll()
|
|
.or(PermissionBuilder('admin'))
|
|
.toPermission()
|
|
.toMiddleware()
|
|
]).get('/or', (req, res) => 'Hello, world!');
|
|
|
|
client = await connectTo(app);
|
|
});
|
|
|
|
tearDown(() => client.close());
|
|
|
|
test('open permission', () async {
|
|
var response = await client.get('/', headers: {'X-Roles': 'foo'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(200));
|
|
expect(response, isJson('Hello, world!'));
|
|
});
|
|
|
|
group('restrict', () {
|
|
test('one', () async {
|
|
var response = await client.get('/one', headers: {'X-Roles': 'foo'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(200));
|
|
expect(response, isJson('Hello, world!'));
|
|
|
|
response = await client.get('/one', headers: {'X-Roles': 'bar'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(403));
|
|
});
|
|
|
|
test('two', () async {
|
|
var response = await client.get('/two', headers: {'X-Roles': 'two:foo'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(200));
|
|
expect(response, isJson('Hello, world!'));
|
|
|
|
response = await client.get('/two', headers: {'X-Roles': 'two:bar'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(403));
|
|
});
|
|
|
|
test('two with star', () async {
|
|
var response =
|
|
await client.get('/two-star', headers: {'X-Roles': 'two:foo'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(200));
|
|
expect(response, isJson('Hello, world!'));
|
|
|
|
response =
|
|
await client.get('/two-star', headers: {'X-Roles': 'three:foo'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(403));
|
|
});
|
|
|
|
test('three', () async {
|
|
var response =
|
|
await client.get('/three', headers: {'X-Roles': 'three:foo:bar'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(200));
|
|
expect(response, isJson('Hello, world!'));
|
|
|
|
response =
|
|
await client.get('/three', headers: {'X-Roles': 'three:foo:baz'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(403));
|
|
|
|
response =
|
|
await client.get('/three', headers: {'X-Roles': 'three:foz:bar'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(403));
|
|
});
|
|
|
|
test('three with star', () async {
|
|
var response = await client
|
|
.get('/three-star', headers: {'X-Roles': 'three:foo:bar'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(200));
|
|
expect(response, isJson('Hello, world!'));
|
|
|
|
response = await client
|
|
.get('/three-star', headers: {'X-Roles': 'three:foz:bar'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(200));
|
|
expect(response, isJson('Hello, world!'));
|
|
|
|
response = await client
|
|
.get('/three-star', headers: {'X-Roles': 'three:foo:baz'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(403));
|
|
});
|
|
});
|
|
|
|
test('or', () async {
|
|
var response = await client.get('/or', headers: {'X-Roles': 'admin'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(200));
|
|
expect(response, isJson('Hello, world!'));
|
|
|
|
response = await client
|
|
.get('/or', headers: {'X-Roles': 'not:specific:enough:i:guess'});
|
|
print('Response: ${response.body}');
|
|
expect(response, hasStatus(403));
|
|
});
|
|
}
|