Open aquelatecnologia opened 4 years ago
coveralls
commented
4 years ago Coverage remained the same at 100.0% when pulling 92ca5be1e7292617f46e168c549eca0ff2379097 on aquelatecnologia:master into 8dac9750970f904b3d594857a6c1afc0bfb3c9f0 on toymachiner62:master.
coveralls
commented
4 years ago Coverage remained the same at 100.0% when pulling 3257183e973634ab3c8e67d136b65751a4d74a2c on aquelatecnologia:master into 8dac9750970f904b3d594857a6c1afc0bfb3c9f0 on toymachiner62:master.
aquelatecnologia
commented
4 years ago The first test that gives an error, the test code or test case have a problem.
it('Restricts access to protected route for multiple authorized roles that are not defined as plugin roles', (done) => {
At this point, options have hierarchy so, it will check if the role is within hierarchy and it will fail.
userRole: { role: 'ADMIN' }
requiredRole: [ 'USER', 'ADMIN' ]
hierarchy: [ 'OWNER', 'MANAGER', 'EMPLOYEE' ]
internals.isGranted = function(userRole, requiredRole, hierarchy) {
let userRoles = null;
// If we're using a hierarchy, get all the possible roles
if(hierarchy) {
const index = hierarchy.indexOf(userRole); // Get the index of userRole in the hierarchy
// If the user's role is not any of the possible roles
if (index === -1) {
return false; <==== This is where it fails.
}I am not sure if the hierarchy test should be made after the role validation or after. The tests were passing because hierarchy was always undefined as hapijs changed the server.bind behavior
aquelatecnologia
commented
4 years ago Actually both tests case that fail have the same behavior.
RicardoRdzG
commented
4 years ago you should add the roles below in the hierarchy and not fail when the user role is not in the hierarchy definition
Server.bind send its info to h.context