fixed documentation and added tests for grants API

Documentation/DocuBlocks/Rest/User Management/README.md

@@ -66,7 +66,8 @@ Returned if a user with the same name already exists.
 @RESTHEADER{PUT /_api/user/{user}/database/{dbname}, Grant or revoke database access}
 
 @RESTBODYPARAM{grant,string,required,string}
-Use "rw" to grant access right and "none" to revoke.
+Use "rw" to grant read and write access rights, or "ro" to
+grant read-only access right. To revoke access rights, use "none".
 
 @RESTURLPARAMETERS
 

js/actions/_api/user/app.js

@@ -283,8 +283,11 @@ function put_api_permission (req, res) {
 
     if (json.grant === 'rw' || json.grant === 'ro') {
       doc = users.grantDatabase(user, dbname, json.grant);
-    } else {
+    } else if (json.grant === 'none' || json.grant === '') {
       doc = users.revokeDatabase(user, dbname, json.grant);
+    } else {
+      actions.resultBad(req, res, arangodb.ERROR_HTTP_BAD_PARAMETER, "invalid grant type");
+      return;
     }
 
     users.reload();

js/common/tests/shell/shell-users.js

@@ -1,5 +1,5 @@
 /*jshint globalstrict:false, strict:false */
-/*global assertEqual, fail */
+/*global assertEqual, assertTrue, fail */
 
 ////////////////////////////////////////////////////////////////////////////////
 /// @brief test the users management
@@ -253,8 +253,71 @@ function UsersSuite () {
 
     testReload : function () {
       users.reload();
-    }
+    },
 
+////////////////////////////////////////////////////////////////////////////////
+/// @brief test invalid grants
+////////////////////////////////////////////////////////////////////////////////
+
+    testInvalidGrants : function () {
+      var username = "users-1";
+      var passwd = "passwd";
+
+      users.save(username, passwd);
+      assertEqual(username, c.firstExample({ user: username }).user);
+      
+      [ "foo", "bar", "baz", "w", "wx", "_system" ].forEach(function(type) {
+        try {
+          users.grantDatabase(username, "_system", type);
+          fail();
+        } catch (err) {
+          assertTrue(err.errorNum === ERRORS.ERROR_BAD_PARAMETER.code ||
+                     err.errorNum === ERRORS.ERROR_HTTP_BAD_PARAMETER.code);
+        }
+      });
+    },
+
+////////////////////////////////////////////////////////////////////////////////
+/// @brief test grant
+////////////////////////////////////////////////////////////////////////////////
+
+    testGrantExisting : function () {
+      var username = "users-1";
+      var passwd = "passwd";
+
+      users.save(username, passwd);
+      assertEqual(username, c.firstExample({ user: username }).user);
+
+      users.grantDatabase(username, "_system", "rw");
+      // cannot really test something here as grantDatabase() does not return anything
+      // but if it did not throw an exception, this is already a success!
+    },
+
+////////////////////////////////////////////////////////////////////////////////
+/// @brief test grant non-existing user
+////////////////////////////////////////////////////////////////////////////////
+
+    testGrantNonExisting1 : function () {
+      try {
+        users.grantDatabase("this user does not exist", "_system", "rw");
+        fail();
+      } catch (err) {
+        assertEqual(ERRORS.ERROR_USER_NOT_FOUND.code, err.errorNum);
+      }
+    },
+
+////////////////////////////////////////////////////////////////////////////////
+/// @brief test grant non-existing user
+////////////////////////////////////////////////////////////////////////////////
+
+    testGrantNonExisting2 : function () {
+      try {
+        users.grantDatabase("users-1", "_system", "rw");
+        fail();
+      } catch (err) {
+        assertEqual(ERRORS.ERROR_USER_NOT_FOUND.code, err.errorNum);
+      }
+    }
   };
 }