Open aquelatecnologia opened 4 years ago
The first test that gives an error, the test code or test case have a problem.
it('Restricts access to protected route for multiple authorized roles that are not defined as plugin roles', (done) => {
At this point, options have hierarchy so, it will check if the role is within hierarchy and it will fail.
userRole: { role: 'ADMIN' }
requiredRole: [ 'USER', 'ADMIN' ]
hierarchy: [ 'OWNER', 'MANAGER', 'EMPLOYEE' ]
internals.isGranted = function(userRole, requiredRole, hierarchy) {
let userRoles = null;
// If we're using a hierarchy, get all the possible roles
if(hierarchy) {
const index = hierarchy.indexOf(userRole); // Get the index of userRole in the hierarchy
// If the user's role is not any of the possible roles
if (index === -1) {
return false; <==== This is where it fails.
}
I am not sure if the hierarchy test should be made after the role validation or after. The tests were passing because hierarchy was always undefined as hapijs changed the server.bind behavior
Actually both tests case that fail have the same behavior.
you should add the roles below in the hierarchy and not fail when the user role is not in the hierarchy definition
Server.bind send its info to h.context