mirror of
https://github.com/lingble/chatwoot.git
synced 2025-10-31 19:17:48 +00:00
77b718c22c
Remove the `user.permissions` field and resolve the permissions directly from the accounts array in the user. This change ensures that the cache or previous values from the last active account don't affect the permissions. In this PR: - Remove user.permissions usage, replace it with getUserPermissions method. - Remove json.permissions from user.json.jbuilder
81 lines
2.4 KiB
JavaScript
81 lines
2.4 KiB
JavaScript
import { validateAuthenticateRoutePermission } from './index';
|
|
|
|
describe('#validateAuthenticateRoutePermission', () => {
|
|
describe(`when route is protected`, () => {
|
|
describe(`when user not logged in`, () => {
|
|
it(`should redirect to login`, () => {
|
|
const to = { name: 'some-protected-route', params: { accountId: 1 } };
|
|
const next = vi.fn();
|
|
const getters = {
|
|
isLoggedIn: false,
|
|
getCurrentUser: {
|
|
account_id: null,
|
|
id: null,
|
|
accounts: [],
|
|
},
|
|
};
|
|
|
|
expect(validateAuthenticateRoutePermission(to, next, { getters })).toBe(
|
|
'/app/login'
|
|
);
|
|
});
|
|
});
|
|
describe(`when user is logged in`, () => {
|
|
describe(`when route is not accessible to current user`, () => {
|
|
it(`should redirect to dashboard`, () => {
|
|
const to = {
|
|
name: 'general_settings_index',
|
|
params: { accountId: 1 },
|
|
meta: { permissions: ['administrator'] },
|
|
};
|
|
const next = vi.fn();
|
|
const getters = {
|
|
isLoggedIn: true,
|
|
getCurrentUser: {
|
|
account_id: 1,
|
|
id: 1,
|
|
accounts: [
|
|
{
|
|
permissions: ['agent'],
|
|
id: 1,
|
|
role: 'agent',
|
|
status: 'active',
|
|
},
|
|
],
|
|
},
|
|
};
|
|
validateAuthenticateRoutePermission(to, next, { getters });
|
|
expect(next).toHaveBeenCalledWith('/app/accounts/1/dashboard');
|
|
});
|
|
});
|
|
describe(`when route is accessible to current user`, () => {
|
|
it(`should go there`, () => {
|
|
const to = {
|
|
name: 'general_settings_index',
|
|
params: { accountId: 1 },
|
|
meta: { permissions: ['administrator'] },
|
|
};
|
|
const next = vi.fn();
|
|
const getters = {
|
|
isLoggedIn: true,
|
|
getCurrentUser: {
|
|
account_id: 1,
|
|
id: 1,
|
|
accounts: [
|
|
{
|
|
id: 1,
|
|
role: 'administrator',
|
|
permissions: ['administrator'],
|
|
status: 'active',
|
|
},
|
|
],
|
|
},
|
|
};
|
|
validateAuthenticateRoutePermission(to, next, { getters });
|
|
expect(next).toHaveBeenCalledWith();
|
|
});
|
|
});
|
|
});
|
|
});
|
|
});
|