Migrating tests for getAuthorizedFields (#19)

Author: makinde

__tests__/exampleSchemas/bareBonesSchema.js

@@ -0,0 +1,13 @@
+const mongoose = require('mongoose');
+
+const bareBonesSchema = new mongoose.Schema({});
+bareBonesSchema.permissions = {
+  admin: {
+    read: ['address', 'phone', 'birthday', 'does_not_exist'],
+    write: ['address', 'phone', 'birthday', 'not_here_either'],
+    create: true,
+    remove: true,
+  },
+};
+
+module.exports = bareBonesSchema;

__tests__/exampleSchemas/goodSchema.js

@@ -0,0 +1,44 @@
+const mongoose = require('mongoose');
+
+const goodSchema = new mongoose.Schema({
+  name: String,
+  address: String,
+  phone: String,
+  birthday: String,
+  nested: { thing: String },
+});
+goodSchema.permissions = {
+  defaults: {
+    read: ['_id', 'name'],
+    write: [],
+    create: false,
+  },
+  admin: {
+    read: ['address', 'phone', 'birthday'],
+    write: ['address', 'phone', 'birthday'],
+    create: true,
+    remove: true,
+  },
+  self: {
+    read: ['address', 'phone', 'birthday'],
+    write: ['address', 'phone'],
+  },
+  stranger: {},
+  hasVirtuals: {
+    read: ['virtual_name'],
+  },
+  nested_top: {
+    read: ['nested'],
+  },
+  nested_deep: {
+    read: ['nested.thing'],
+  },
+};
+goodSchema.virtual('virtual_name').get(function getVirtualName() {
+  return `virtual${this.name}`;
+});
+goodSchema.getAuthLevel = function getAuthLevel(payload) {
+  return payload && payload.authLevel;
+};
+
+module.exports = goodSchema;

__tests__/getAuthorizedFields.test.js

@@ -1,3 +1,75 @@
 const test = require('ava');
+const goodSchema = require('./exampleSchemas/goodSchema');
+const bareBonesSchema = require('./exampleSchemas/bareBonesSchema');
+const getAuthorizedFields = require('../src/getAuthorizedFields');
 
-test.todo('Migrate tests for getAuthorizedFields');
+test('No authorized fields', (t) => {
+  t.deepEqual(
+    getAuthorizedFields(bareBonesSchema, 'foobar', 'read'),
+    [],
+  );
+});
+
+test('Handles non-existent authLevels', (t) => {
+  t.deepEqual(
+    getAuthorizedFields(goodSchema, ['defaults', 'foobar'], 'read').sort(),
+    ['_id', 'name'].sort(),
+  );
+});
+
+test('Combines basic authLevel permissions', (t) => {
+  t.deepEqual(
+    getAuthorizedFields(goodSchema, ['defaults', 'admin'], 'read').sort(),
+    ['_id', 'name', 'address', 'phone', 'birthday'].sort(),
+  );
+});
+
+test('Handles authLevels that have no permissions specified', (t) => {
+  t.deepEqual(
+    getAuthorizedFields(goodSchema, ['defaults', 'stranger'], 'read').sort(),
+    ['_id', 'name'].sort(),
+  );
+});
+
+test('Correctly deduping fields that are mentioned in multiple authLevels', (t) => {
+  t.deepEqual(
+    getAuthorizedFields(goodSchema, ['defaults', 'self', 'admin'], 'read').sort(),
+    ['_id', 'name', 'address', 'phone', 'birthday'].sort(),
+  );
+});
+
+test('Handles basic write permissions', (t) => {
+  t.deepEqual(
+    getAuthorizedFields(goodSchema, ['defaults', 'self'], 'write').sort(),
+    ['address', 'phone'].sort(),
+  );
+});
+
+test('Handles authorized fields that are not in the schema', (t) => {
+  t.deepEqual(
+    getAuthorizedFields(bareBonesSchema, 'admin', 'write'),
+    [],
+  );
+});
+
+test('Virtual fields are correctly returned', (t) => {
+  t.deepEqual(
+    getAuthorizedFields(goodSchema, ['defaults', 'hasVirtuals'], 'read').sort(),
+    ['_id', 'name', 'virtual_name'].sort(),
+  );
+});
+
+test('Top level nested field should be ok as authorized field', (t) => {
+  t.deepEqual(
+    getAuthorizedFields(goodSchema, ['defaults', 'nested_top'], 'read').sort(),
+    ['_id', 'name', 'nested'].sort(),
+    'top level nested field should be ok as authorized field',
+  );
+});
+test('Deeply nested field should be ok as authorized field', (t) => {
+  t.deepEqual(
+    getAuthorizedFields(goodSchema, ['defaults', 'nested_deep'], 'read').sort(),
+    ['_id', 'name', 'nested.thing'].sort(),
+    'deeply nested field should be ok as authorized field',
+  );
+});

test/helpers.test.js

@@ -1,7 +1,6 @@
 const mongoose = require('mongoose');
 
 const resolveAuthLevel = require('../src/resolveAuthLevel');
-const getAuthorizedFields = require('../src/getAuthorizedFields');
 const hasPermission = require('../src/hasPermission');
 const getUpdatePaths = require('../src/getUpdatePaths');
 
@@ -154,53 +153,6 @@ module.exports = {
       test.done();
     },
   },
-  getAuthorizedFields(test) {
-    test.deepEqual(
-      getAuthorizedFields(bareBonesSchema, 'foobar', 'read'),
-      [],
-    );
-    test.deepEqual(
-      getAuthorizedFields(goodSchema, ['defaults', 'foobar'], 'read').sort(),
-      ['_id', 'name'].sort(),
-    );
-    test.deepEqual(
-      getAuthorizedFields(goodSchema, ['defaults', 'admin'], 'read').sort(),
-      ['_id', 'name', 'address', 'phone', 'birthday'].sort(),
-    );
-    test.deepEqual(
-      getAuthorizedFields(goodSchema, ['defaults', 'stranger'], 'read').sort(),
-      ['_id', 'name'].sort(),
-    );
-    test.deepEqual(
-      getAuthorizedFields(goodSchema, ['defaults', 'self', 'admin'], 'read').sort(),
-      ['_id', 'name', 'address', 'phone', 'birthday'].sort(),
-    );
-    test.deepEqual(
-      getAuthorizedFields(goodSchema, ['defaults', 'self'], 'write').sort(),
-      ['address', 'phone'].sort(),
-    );
-    test.deepEqual(
-      getAuthorizedFields(bareBonesSchema, 'admin', 'write'),
-      [],
-    );
-    test.deepEqual(
-      getAuthorizedFields(goodSchema, ['defaults', 'hasVirtuals'], 'read').sort(),
-      ['_id', 'name', 'virtual_name'].sort(),
-      'virtuals should be included in the list of fields',
-    );
-    test.deepEqual(
-      getAuthorizedFields(goodSchema, ['defaults', 'nested_top'], 'read').sort(),
-      ['_id', 'name', 'nested'].sort(),
-      'top level nested field should be ok as authorized field',
-    );
-    test.deepEqual(
-      getAuthorizedFields(goodSchema, ['defaults', 'nested_deep'], 'read').sort(),
-      ['_id', 'name', 'nested.thing'].sort(),
-      'deeply nested field should be ok as authorized field',
-    );
-
-    test.done();
-  },
   hasPermission(test) {
     test.equal(
       hasPermission(bareBonesSchema, undefined, 'create'),