Citali/cms.fellies.org
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
de26cb7647cf537a783cc9c77ae447a0f8a09ef6
cms.fellies.org/packages/content/src/rbac.test.ts

32 lines
1.2 KiB
TypeScript
Raw Blame History

import { describe, expect, it } from "vitest"
import { hasPermission, normalizeRole, permissionMatrix } from "./rbac"
describe("rbac model", () => {
it("normalizes valid roles", () => {
expect(normalizeRole("OWNER")).toBe("owner")
expect(normalizeRole("support")).toBe("support")
expect(normalizeRole("ADMIN")).toBe("admin")
expect(normalizeRole("manager")).toBe("manager")
expect(normalizeRole("unknown")).toBeNull()
})
it("grants admin full access", () => {
expect(hasPermission("owner", "users:manage_roles", "global")).toBe(true)
expect(hasPermission("support", "news:publish", "global")).toBe(true)
expect(hasPermission("admin", "users:manage_roles", "global")).toBe(true)
expect(hasPermission("admin", "news:publish", "global")).toBe(true)
})
it("enforces scope hierarchy", () => {
expect(hasPermission("editor", "news:write", "team")).toBe(true)
expect(hasPermission("editor", "news:write", "global")).toBe(false)
expect(hasPermission("editor", "news:publish", "own")).toBe(true)
})
it("keeps matrix explicit for non-admin roles", () => {
expect(permissionMatrix.editor.length).toBeGreaterThan(0)
expect(permissionMatrix.manager.length).toBeGreaterThan(0)
})
})
Reference in New Issue View Git Blame Copy Permalink