-
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathacl.test.ts
More file actions
57 lines (48 loc) · 1.9 KB
/
Copy pathacl.test.ts
File metadata and controls
57 lines (48 loc) · 1.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
import { enhance } from '@zenstackhq/runtime';
import { inspect } from 'util';
import { PrismaClient } from './.prisma/client';
it('ACL test', async () => {
const prisma = new PrismaClient();
// clean up
await prisma.user.deleteMany();
// create two users
const emily = await prisma.user.create({
data: { name: 'Emily' },
});
const adam = await prisma.user.create({
data: { name: 'Adam' },
});
// create an enhanced PrismaClient for each user
const emilyDb = enhance(prisma, { user: emily }, { loadPath: '.zenstack' });
const adamDb = enhance(prisma, { user: adam }, { loadPath: '.zenstack' });
// create a resource with Emily's identity
const res = await emilyDb.resource.create({
data: { name: 'resource1', owner: { connect: { id: emily.id } } },
});
console.log('Resource created by Emily:', inspect(res));
// Adam shouldn't see the resource because he's not in the ACL
let allResourcesByAdam = await adamDb.resource.findMany();
console.log('All resources read by Adam:', inspect(allResourcesByAdam));
expect(allResourcesByAdam).toHaveLength(0);
// Emily should be able to add Adam to the ACL
await emilyDb.resource.update({
where: { id: res.id },
data: {
access: {
create: { user: { connect: { id: adam.id } }, view: true },
},
},
});
console.log('Resource access granted to Adam with view access');
// Adam should now be able to see the resource
allResourcesByAdam = await adamDb.resource.findMany();
console.log('All resources read by Adam:', inspect(allResourcesByAdam));
expect(allResourcesByAdam).toHaveLength(1);
// Adam shouldn't be able to update the resource
await expect(
adamDb.resource.update({
where: { id: res.id },
data: { name: 'resource2' },
})
).rejects.toThrow();
});