github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/ui/tests/unit/abilities/client-test.js (about) 1 /* eslint-disable ember/avoid-leaking-state-in-ember-objects */ 2 import { module, test } from 'qunit'; 3 import { setupTest } from 'ember-qunit'; 4 import Service from '@ember/service'; 5 import setupAbility from 'nomad-ui/tests/helpers/setup-ability'; 6 7 module('Unit | Ability | client', function (hooks) { 8 setupTest(hooks); 9 setupAbility('client')(hooks); 10 11 test('it permits client read and write when ACLs are disabled', function (assert) { 12 const mockToken = Service.extend({ 13 aclEnabled: false, 14 }); 15 this.owner.register('service:token', mockToken); 16 17 assert.ok(this.ability.canRead); 18 assert.ok(this.ability.canWrite); 19 }); 20 21 test('it permits client read and write for management tokens', function (assert) { 22 const mockToken = Service.extend({ 23 aclEnabled: true, 24 selfToken: { type: 'management' }, 25 }); 26 this.owner.register('service:token', mockToken); 27 28 assert.ok(this.ability.canRead); 29 assert.ok(this.ability.canWrite); 30 }); 31 32 test('it permits client read and write for tokens with a policy that has node-write', function (assert) { 33 const mockToken = Service.extend({ 34 aclEnabled: true, 35 selfToken: { type: 'client' }, 36 selfTokenPolicies: [ 37 { 38 rulesJSON: { 39 Node: { 40 Policy: 'write', 41 }, 42 }, 43 }, 44 ], 45 }); 46 this.owner.register('service:token', mockToken); 47 48 assert.ok(this.ability.canRead); 49 assert.ok(this.ability.canWrite); 50 }); 51 52 test('it permits client read and write for tokens with a policy that allows write and another policy that disallows it', function (assert) { 53 const mockToken = Service.extend({ 54 aclEnabled: true, 55 selfToken: { type: 'client' }, 56 selfTokenPolicies: [ 57 { 58 rulesJSON: { 59 Node: { 60 Policy: 'write', 61 }, 62 }, 63 }, 64 { 65 rulesJSON: { 66 Node: { 67 Policy: 'read', 68 }, 69 }, 70 }, 71 ], 72 }); 73 this.owner.register('service:token', mockToken); 74 75 assert.ok(this.ability.canRead); 76 assert.ok(this.ability.canWrite); 77 }); 78 79 test('it permits client read and blocks client write for tokens with a policy that does not allow node-write', function (assert) { 80 const mockToken = Service.extend({ 81 aclEnabled: true, 82 selfToken: { type: 'client' }, 83 selfTokenPolicies: [ 84 { 85 rulesJSON: { 86 Node: { 87 Policy: 'read', 88 }, 89 }, 90 }, 91 ], 92 }); 93 this.owner.register('service:token', mockToken); 94 95 assert.ok(this.ability.canRead); 96 assert.notOk(this.ability.canWrite); 97 }); 98 99 test('it blocks client read and write for tokens without a node policy', function (assert) { 100 const mockToken = Service.extend({ 101 aclEnabled: true, 102 selfToken: { type: 'client' }, 103 selfTokenPolicies: [ 104 { 105 rulesJSON: {}, 106 }, 107 ], 108 }); 109 this.owner.register('service:token', mockToken); 110 111 assert.notOk(this.ability.canRead); 112 assert.notOk(this.ability.canWrite); 113 }); 114 });