Skip to content

Commit

Permalink
PR(TEST): Add the doc actor relationship tests
Browse files Browse the repository at this point in the history
  • Loading branch information
shahzadlone committed Sep 26, 2024
1 parent 53ed326 commit e58d459
Show file tree
Hide file tree
Showing 9 changed files with 4,867 additions and 0 deletions.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
@@ -0,0 +1,198 @@
// Copyright 2024 Democratized Data Foundation
//
// Use of this software is governed by the Business Source License
// included in the file licenses/BSL.txt.
//
// As of the Change Date specified in that file, in accordance with
// the Business Source License, use of this software will be governed
// by the Apache License, Version 2.0, included in the file
// licenses/APL.txt.

package test_acp_relationship_add_docactor

import (
"fmt"
"testing"

"github.com/sourcenetwork/immutable"

testUtils "github.com/sourcenetwork/defradb/tests/integration"
)

func TestACP_OwnerGivesUpdateWriteAccessToAnotherActorWithoutExplicitReadPerm_GQL_OtherActorCantUpdate(t *testing.T) {
expectedPolicyID := "0a243b1e61f990bccde41db7e81a915ffa1507c1403ae19727ce764d3b08846b"

test := testUtils.TestCase{

Description: "Test acp, owner gives write(update) access to another actor, without explicit read permission",

SupportedMutationTypes: immutable.Some([]testUtils.MutationType{
// GQL mutation will return no error when wrong identity is used so test that separately.
testUtils.GQLRequestMutationType,
}),

Actions: []any{
testUtils.AddPolicy{

Identity: immutable.Some(1),

Policy: `
name: Test Policy
description: A Policy
actor:
name: actor
resources:
users:
permissions:
read:
expr: owner + reader
write:
expr: owner + writer
nothing:
expr: dummy
relations:
owner:
types:
- actor
reader:
types:
- actor
writer:
types:
- actor
admin:
manages:
- reader
types:
- actor
dummy:
types:
- actor
`,

ExpectedPolicyID: expectedPolicyID,
},

testUtils.SchemaUpdate{
Schema: fmt.Sprintf(`
type Users @policy(
id: "%s",
resource: "users"
) {
name: String
age: Int
}
`,
expectedPolicyID,
),
},

testUtils.CreateDoc{
Identity: immutable.Some(1),

CollectionID: 0,

Doc: `
{
"name": "Shahzad",
"age": 28
}
`,
},

testUtils.Request{
Identity: immutable.Some(2), // This identity can not read yet.

Request: `
query {
Users {
_docID
name
age
}
}
`,

Results: map[string]any{
"Users": []map[string]any{}, // Can't see the documents yet
},
},

testUtils.UpdateDoc{
CollectionID: 0,

Identity: immutable.Some(2), // This identity can not update yet.

DocID: 0,

Doc: `
{
"name": "Shahzad Lone"
}
`,

SkipLocalUpdateEvent: true,
},

testUtils.AddDocActorRelationship{
RequestorIdentity: 1,

TargetIdentity: 2,

CollectionID: 0,

DocID: 0,

Relation: "writer",

ExpectedExistence: false,
},

testUtils.UpdateDoc{
CollectionID: 0,

Identity: immutable.Some(2), // This identity can still not update.

DocID: 0,

Doc: `
{
"name": "Shahzad Lone"
}
`,

SkipLocalUpdateEvent: true,
},

testUtils.Request{
Identity: immutable.Some(2), // This identity can still not read.

Request: `
query {
Users {
_docID
name
age
}
}
`,

Results: map[string]any{
"Users": []map[string]any{},
},
},
},
}

testUtils.ExecuteTestCase(t, test)
}
Loading

0 comments on commit e58d459

Please sign in to comment.