44 lines
1.4 KiB
TypeScript
44 lines
1.4 KiB
TypeScript
import { describe, expect, it } from "vitest"
|
|
|
|
import { canAccessRoute, getRequiredPermission, isPublicRoute } from "./access"
|
|
|
|
describe("admin route access rules", () => {
|
|
it("treats support fallback route as public", () => {
|
|
expect(isPublicRoute("/support/support-access")).toBe(true)
|
|
expect(canAccessRoute("editor", "/support/support-access")).toBe(true)
|
|
})
|
|
|
|
it("keeps settings route restricted to role with users:manage_roles", () => {
|
|
expect(isPublicRoute("/settings")).toBe(false)
|
|
expect(canAccessRoute("manager", "/settings")).toBe(false)
|
|
expect(canAccessRoute("admin", "/settings")).toBe(true)
|
|
expect(canAccessRoute("owner", "/settings")).toBe(true)
|
|
})
|
|
|
|
it("resolves route-specific permission requirements", () => {
|
|
expect(getRequiredPermission("/todo")).toEqual({
|
|
permission: "roadmap:read",
|
|
scope: "global",
|
|
})
|
|
})
|
|
|
|
it("maps new admin IA routes to dedicated permissions", () => {
|
|
expect(getRequiredPermission("/pages")).toEqual({
|
|
permission: "pages:read",
|
|
scope: "team",
|
|
})
|
|
expect(getRequiredPermission("/media")).toEqual({
|
|
permission: "media:read",
|
|
scope: "team",
|
|
})
|
|
expect(getRequiredPermission("/users")).toEqual({
|
|
permission: "users:read",
|
|
scope: "own",
|
|
})
|
|
expect(getRequiredPermission("/commissions")).toEqual({
|
|
permission: "commissions:read",
|
|
scope: "own",
|
|
})
|
|
})
|
|
})
|