Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Test WAC-Allow header #8

Merged
merged 5 commits into from
Nov 26, 2020
Merged

Test WAC-Allow header #8

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
ffe6882
WAC-Allow test
michielbdejong Nov 19, 2020
41bff88
Add from-default tests
michielbdejong Nov 19, 2020
36bd0cf
Merge branch 'master' into wac-allow
michielbdejong Nov 19, 2020
a6d9d34
Fix WAC-allow tests accounting for a user inheriting permissions from…
Nov 23, 2020
84f4240
Merge pull request #9 from edwardsph/wac-allow
michielbdejong Nov 26, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
176 changes: 176 additions & 0 deletions test/surface/wac-allow.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,176 @@
import fetch from 'node-fetch';
import { generateTestFolder, getSolidLogicInstance } from '../helpers/env';
import { SolidLogic } from '../../solid-logic-move-me';

const WEBID_ALICE = process.env.WEBID_ALICE;
const WEBID_BOB = process.env.WEBID_BOB;

function makeBody(accessToModes: string, defaultModes: string, publicAccessToModes: string, publicDefaultModes: string, target: string) {
let str = [
'@prefix acl: <http://www.w3.org/ns/auth/acl#>.',
'@prefix foaf: <http://xmlns.com/foaf/0.1/>.',
'',
`<#alice> a acl:Authorization;\n acl:agent <${WEBID_ALICE}>;`,
` acl:accessTo <${target}>;`,
` acl:default <${target}>;`,
' acl:mode acl:Read, acl:Write, acl:Control.',
''
].join('\n')
if (accessToModes) {
str += [
'<#bobAccessTo> a acl:Authorization;',
` acl:agent <${WEBID_BOB}>;`,
` acl:accessTo <${target}>;`,
` acl:mode ${accessToModes}.`,
''
].join('\n')
}
if (defaultModes) {
str += [
'<#bobDefault> a acl:Authorization;',
` acl:agent <${WEBID_BOB}>;`,
` acl:default <${target}>;`,
` acl:mode ${defaultModes}.`,
''
].join('\n')
}
if (publicAccessToModes) {
str += [
'<#publicAccessTo> a acl:Authorization;',
` acl:agentClass foaf:Agent;`,
` acl:accessTo <${target}>;`,
` acl:mode ${publicAccessToModes}.`,
''
].join('\n')
}

if (publicDefaultModes) {
str += [
'<#publicDefault> a acl:Authorization;',
` acl:agentClass foaf:Agent;`,
` acl:default <${target}>;`,
` acl:mode ${publicDefaultModes}.`,
''
].join('\n')
}
return str
}

describe('For Alice\'s public folder', () => {
let solidLogicBob: SolidLogic;
beforeAll(async () => {
solidLogicBob = await getSolidLogicInstance('BOB')
});
it(`Shows the correct WAC-Allow header for Bob's request`, async () => {
const result = await solidLogicBob.fetch(`https://server/public/`);
expect(result.headers.get('WAC-Allow')).toEqual('user="read",public="read"');
});
it(`Shows the correct WAC-Allow header for an unauthenticated request`, async () => {
const result = await fetch(`https://server/public/`);
expect(result.headers.get('WAC-Allow')).toEqual('user="read",public="read"');
});
});

describe('From accessTo', () => {
let solidLogicAlice: SolidLogic;
let solidLogicBob: SolidLogic;
beforeAll(async () => {
solidLogicAlice = await getSolidLogicInstance('ALICE')
solidLogicBob = await getSolidLogicInstance('BOB')
});

const { testFolderUrl } = generateTestFolder('ALICE');
beforeEach(async () => {
// FIXME: NSS ACL cache,
// wait for ACL cache to clear:
await new Promise(resolve => setTimeout(resolve, 20));
});

afterEach(() => {
return solidLogicAlice.recursiveDelete(testFolderUrl);
});

describe('Public accessTo Read+Append, Bob accessTo Write', () => {
beforeAll(async () => {
const containerUrl = `${testFolderUrl}publicReadBobWrite/`;
// This will do mkdir-p:
await solidLogicAlice.fetch(`${containerUrl}test.txt`, {
method: 'PUT',
body: 'hello',
headers: {
'Content-Type': 'text/plain',
'If-None-Match': '*'
}
});
const aclDocUrl = await solidLogicAlice.findAclDocUrl(containerUrl);
await solidLogicAlice.fetch(aclDocUrl, {
method: 'PUT',
body: makeBody('acl:Write', null, 'acl:Read, acl:Append', null, containerUrl),
headers: {
'Content-Type': 'text/turtle',
'If-None-Match': '*'
}
});
});
it(`Shows the correct WAC-Allow header to Bob`, async () => {
const result = await solidLogicBob.fetch(`${testFolderUrl}publicReadBobWrite/`);
expect(result.headers.get('WAC-Allow')).toEqual('user="read write append",public="read append"');
});
it(`Shows the correct WAC-Allow header to the public`, async () => {
const result = await fetch(`${testFolderUrl}publicReadBobWrite/`);
expect(result.headers.get('WAC-Allow')).toEqual('user="read append",public="read append"');
});
});
});

describe('From default', () => {
let solidLogicAlice: SolidLogic;
let solidLogicBob: SolidLogic;
beforeAll(async () => {
solidLogicAlice = await getSolidLogicInstance('ALICE')
solidLogicBob = await getSolidLogicInstance('BOB')
});

const { testFolderUrl } = generateTestFolder('ALICE');
beforeEach(async () => {
// FIXME: NSS ACL cache,
// wait for ACL cache to clear:
await new Promise(resolve => setTimeout(resolve, 20));
});

afterEach(() => {
return solidLogicAlice.recursiveDelete(testFolderUrl);
});

describe('Public accessTo Read+Append, Bob accessTo Write', () => {
beforeAll(async () => {
const containerUrl = `${testFolderUrl}publicReadBobWrite/`;
// This will do mkdir-p:
await solidLogicAlice.fetch(`${containerUrl}test.txt`, {
method: 'PUT',
body: 'hello',
headers: {
'Content-Type': 'text/plain',
'If-None-Match': '*'
}
});
const aclDocUrl = await solidLogicAlice.findAclDocUrl(containerUrl);
await solidLogicAlice.fetch(aclDocUrl, {
method: 'PUT',
body: makeBody(null, 'acl:Write', null, 'acl:Read, acl:Append', containerUrl),
headers: {
'Content-Type': 'text/turtle',
'If-None-Match': '*'
}
});
});
it(`Shows the correct WAC-Allow header to Bob`, async () => {
const result = await solidLogicBob.fetch(`${testFolderUrl}publicReadBobWrite/test.txt`);
expect(result.headers.get('WAC-Allow')).toEqual('user="read write append",public="read append"');
});
it(`Shows the correct WAC-Allow header to the public`, async () => {
const result = await fetch(`${testFolderUrl}publicReadBobWrite/test.txt`);
expect(result.headers.get('WAC-Allow')).toEqual('user="read append",public="read append"');
});
});
});