From 2b7984355a47d2130211f78fd9bd71ea99eeef78 Mon Sep 17 00:00:00 2001 From: Daniel Lee Date: Tue, 30 Jan 2018 13:28:00 +0100 Subject: [PATCH] dashfolders: adds comment for dashboard acl test --- pkg/api/dashboard_acl_test.go | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/pkg/api/dashboard_acl_test.go b/pkg/api/dashboard_acl_test.go index 4187f93570e..467045e360a 100644 --- a/pkg/api/dashboard_acl_test.go +++ b/pkg/api/dashboard_acl_test.go @@ -39,6 +39,12 @@ func TestDashboardAclApiEndpoint(t *testing.T) { return nil }) + // This tests four scenarios: + // 1. user is an org admin + // 2. user is an org editor AND has been granted admin permission for the dashboard + // 3. user is an org viewer AND has been granted edit permission for the dashboard + // 4. user is an org editor AND has no permissions for the dashboard + Convey("When user is org admin", func() { loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/acl", "/api/dashboards/id/:dashboardsId/acl", m.ROLE_ADMIN, func(sc *scenarioContext) { Convey("Should be able to access ACL", func() { @@ -56,7 +62,7 @@ func TestDashboardAclApiEndpoint(t *testing.T) { }) }) - Convey("When user is editor and has admin permission in the ACL", func() { + Convey("When user is org editor and has admin permission in the ACL", func() { loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/acl", "/api/dashboards/id/:dashboardId/acl", m.ROLE_EDITOR, func(sc *scenarioContext) { mockResult = append(mockResult, &m.DashboardAclInfoDTO{Id: 6, OrgId: 1, DashboardId: 1, UserId: 1, Permission: m.PERMISSION_ADMIN}) @@ -147,11 +153,12 @@ func TestDashboardAclApiEndpoint(t *testing.T) { }) }) - Convey("When user is editor and has edit permission in the ACL", func() { - loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/acl", "/api/dashboards/id/:dashboardId/acl", m.ROLE_EDITOR, func(sc *scenarioContext) { + Convey("When user is org viewer and has edit permission in the ACL", func() { + loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/acl", "/api/dashboards/id/:dashboardId/acl", m.ROLE_VIEWER, func(sc *scenarioContext) { mockResult = append(mockResult, &m.DashboardAclInfoDTO{Id: 1, OrgId: 1, DashboardId: 1, UserId: 1, Permission: m.PERMISSION_EDIT}) - Convey("Should not be able to access ACL", func() { + // Getting the permissions is an Admin permission + Convey("Should not be able to get list of permissions from ACL", func() { sc.handlerFunc = GetDashboardAclList sc.fakeReqWithParams("GET", sc.url, map[string]string{}).exec() @@ -159,7 +166,7 @@ func TestDashboardAclApiEndpoint(t *testing.T) { }) }) - loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/dashboards/id/1/acl/1", "/api/dashboards/id/:dashboardId/acl/:aclId", m.ROLE_EDITOR, func(sc *scenarioContext) { + loggedInUserScenarioWithRole("When calling DELETE on", "DELETE", "/api/dashboards/id/1/acl/1", "/api/dashboards/id/:dashboardId/acl/:aclId", m.ROLE_VIEWER, func(sc *scenarioContext) { mockResult = append(mockResult, &m.DashboardAclInfoDTO{Id: 1, OrgId: 1, DashboardId: 1, UserId: 1, Permission: m.PERMISSION_EDIT}) bus.AddHandler("test3", func(cmd *m.RemoveDashboardAclCommand) error { @@ -175,7 +182,7 @@ func TestDashboardAclApiEndpoint(t *testing.T) { }) }) - Convey("When user is editor and not in the ACL", func() { + Convey("When user is org editor and not in the ACL", func() { loggedInUserScenarioWithRole("When calling GET on", "GET", "/api/dashboards/id/1/acl", "/api/dashboards/id/:dashboardsId/acl", m.ROLE_EDITOR, func(sc *scenarioContext) { Convey("Should not be able to access ACL", func() {