fixed documentation and added tests for grants API

2017-03-03 12:33:13 +01:00 · 2017-03-03 12:33:13 +01:00 · 3a39921147
parent cdf8fbac7f
commit 3a39921147
3 changed files with 71 additions and 4 deletions
--- a/Documentation/DocuBlocks/Rest/User
+++ b/Documentation/DocuBlocks/Rest/User
@ -66,7 +66,8 @@ Returned if a user with the same name already exists.
@RESTHEADER{PUT /_api/user/{user}/database/{dbname}, Grant or revoke database access}

@RESTBODYPARAM{grant,string,required,string}
-Use "rw" to grant access right and "none" to revoke.
+Use "rw" to grant read and write access rights, or "ro" to
+grant read-only access right. To revoke access rights, use "none".

@RESTURLPARAMETERS

--- a/js/actions/_api/user/app.js
+++ b/js/actions/_api/user/app.js
@ -283,8 +283,11 @@ function put_api_permission (req, res) {

    if (json.grant === 'rw' || json.grant === 'ro') {
      doc = users.grantDatabase(user, dbname, json.grant);
-    } else {
+    } else if (json.grant === 'none' || json.grant === '') {
      doc = users.revokeDatabase(user, dbname, json.grant);
+    } else {
+      actions.resultBad(req, res, arangodb.ERROR_HTTP_BAD_PARAMETER, "invalid grant type");
+      return;
    }

    users.reload();
--- a/js/common/tests/shell/shell-users.js
+++ b/js/common/tests/shell/shell-users.js
@ -1,5 +1,5 @@
 /*jshint globalstrict:false, strict:false */
-/*global assertEqual, fail */
+/*global assertEqual, assertTrue, fail */

 ////////////////////////////////////////////////////////////////////////////////
 /// @brief test the users management
@ -253,8 +253,71 @@ function UsersSuite () {

    testReload : function () {
      users.reload();
-    }
+    },

+////////////////////////////////////////////////////////////////////////////////
+/// @brief test invalid grants
+////////////////////////////////////////////////////////////////////////////////
+
+    testInvalidGrants : function () {
+      var username = "users-1";
+      var passwd = "passwd";
+
+      users.save(username, passwd);
+      assertEqual(username, c.firstExample({ user: username }).user);
+      
+      [ "foo", "bar", "baz", "w", "wx", "_system" ].forEach(function(type) {
+        try {
+          users.grantDatabase(username, "_system", type);
+          fail();
+        } catch (err) {
+          assertTrue(err.errorNum === ERRORS.ERROR_BAD_PARAMETER.code ||
+                     err.errorNum === ERRORS.ERROR_HTTP_BAD_PARAMETER.code);
+        }
+      });
+    },
+
+////////////////////////////////////////////////////////////////////////////////
+/// @brief test grant
+////////////////////////////////////////////////////////////////////////////////
+
+    testGrantExisting : function () {
+      var username = "users-1";
+      var passwd = "passwd";
+
+      users.save(username, passwd);
+      assertEqual(username, c.firstExample({ user: username }).user);
+
+      users.grantDatabase(username, "_system", "rw");
+      // cannot really test something here as grantDatabase() does not return anything
+      // but if it did not throw an exception, this is already a success!
+    },
+
+////////////////////////////////////////////////////////////////////////////////
+/// @brief test grant non-existing user
+////////////////////////////////////////////////////////////////////////////////
+
+    testGrantNonExisting1 : function () {
+      try {
+        users.grantDatabase("this user does not exist", "_system", "rw");
+        fail();
+      } catch (err) {
+        assertEqual(ERRORS.ERROR_USER_NOT_FOUND.code, err.errorNum);
+      }
+    },
+
+////////////////////////////////////////////////////////////////////////////////
+/// @brief test grant non-existing user
+////////////////////////////////////////////////////////////////////////////////
+
+    testGrantNonExisting2 : function () {
+      try {
+        users.grantDatabase("users-1", "_system", "rw");
+        fail();
+      } catch (err) {
+        assertEqual(ERRORS.ERROR_USER_NOT_FOUND.code, err.errorNum);
+      }
+    }
  };
 }