novalon/novalon-website
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: remove GitHub Actions workflows, use Woodpecker CI exclusively

Browse Source
This commit is contained in:
张翔
2026-03-10 13:10:11 +08:00
parent 0a1adfc2a2
commit e8dffa4f05
82 changed files with 19565 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/lib/auth/check-permission.test.ts
+165
View File
@@ -0,0 +1,165 @@
import { describe, it, expect, beforeEach, jest } from '@jest/globals';
import { checkPermission, requirePermission } from './check-permission';
jest.mock('../auth', () => ({
auth: jest.fn(),
}));
import { auth } from '../auth';
const mockAuth = auth as jest.MockedFunction<typeof auth>;
describe('check-permission', () => {
beforeEach(() => {
jest.clearAllMocks();
});
describe('checkPermission', () => {
it('should return allowed: false when no session', async () => {
mockAuth.mockResolvedValue(null as any);
const result = await checkPermission('content', 'read');
expect(result).toEqual({ allowed: false });
});
it('should return allowed: false when no user', async () => {
mockAuth.mockResolvedValue({} as any);
const result = await checkPermission('content', 'read');
expect(result).toEqual({ allowed: false });
});
it('should return allowed: true for admin with valid permission', async () => {
mockAuth.mockResolvedValue({
user: {
id: 'user-1',
role: 'admin',
},
} as any);
const result = await checkPermission('content', 'create');
expect(result.allowed).toBe(true);
expect(result.userId).toBe('user-1');
expect(result.role).toBe('admin');
});
it('should return allowed: false for viewer with invalid permission', async () => {
mockAuth.mockResolvedValue({
user: {
id: 'user-2',
role: 'viewer',
},
} as any);
const result = await checkPermission('content', 'create');
expect(result.allowed).toBe(false);
expect(result.userId).toBe('user-2');
expect(result.role).toBe('viewer');
});
it('should return allowed: true for editor with valid permission', async () => {
mockAuth.mockResolvedValue({
user: {
id: 'user-3',
role: 'editor',
},
} as any);
const result = await checkPermission('content', 'update');
expect(result.allowed).toBe(true);
expect(result.userId).toBe('user-3');
expect(result.role).toBe('editor');
});
it('should return allowed: false for editor with delete permission', async () => {
mockAuth.mockResolvedValue({
user: {
id: 'user-4',
role: 'editor',
},
} as any);
const result = await checkPermission('content', 'delete');
expect(result.allowed).toBe(false);
});
it('should handle different resources', async () => {
mockAuth.mockResolvedValue({
user: {
id: 'user-5',
role: 'admin',
},
} as any);
const result = await checkPermission('users', 'delete');
expect(result.allowed).toBe(true);
});
});
describe('requirePermission', () => {
it('should throw error when no permission', async () => {
mockAuth.mockResolvedValue({
user: {
id: 'user-6',
role: 'viewer',
},
} as any);
await expect(requirePermission('content', 'create')).rejects.toThrow('无权限执行此操作');
});
it('should return userId and role when has permission', async () => {
mockAuth.mockResolvedValue({
user: {
id: 'user-7',
role: 'admin',
},
} as any);
const result = await requirePermission('content', 'create');
expect(result).toEqual({
userId: 'user-7',
role: 'admin',
});
});
it('should throw error when no session', async () => {
mockAuth.mockResolvedValue(null as any);
await expect(requirePermission('content', 'read')).rejects.toThrow('无权限执行此操作');
});
it('should allow editor to publish content', async () => {
mockAuth.mockResolvedValue({
user: {
id: 'user-8',
role: 'editor',
},
} as any);
const result = await requirePermission('content', 'publish');
expect(result.userId).toBe('user-8');
expect(result.role).toBe('editor');
});
it('should deny viewer to update config', async () => {
mockAuth.mockResolvedValue({
user: {
id: 'user-9',
role: 'viewer',
},
} as any);
await expect(requirePermission('config', 'update')).rejects.toThrow('无权限执行此操作');
});
});
});