DC/dc-project
1
1
Fork 0
Code Issues 25 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Rename Voter to AccessControl

Browse Source
This commit is contained in:
Fabrice Lecomte
2021-01-22 22:07:25 +01:00
parent c1b8b508ac
commit 49a03a57cb
63 changed files with 462 additions and 462 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
src/test/kotlin/unit/voter/ArticleVoterTest.kt → src/test/kotlin/unit/security/ArticleAccessControlTest.kt
View File

@@ -1,13 +1,13 @@
package unit.voter
package unit.security
import fr.dcproject.component.article.ArticleAccessControl
import fr.dcproject.component.article.ArticleForView
import fr.dcproject.component.article.ArticleVoter
import fr.dcproject.component.auth.User
import fr.dcproject.component.auth.UserI
import fr.dcproject.component.citizen.CitizenCart
import fr.dcproject.component.citizen.CitizenI
import fr.dcproject.voter.Vote.DENIED
import fr.dcproject.voter.Vote.GRANTED
import fr.dcproject.security.AccessDecision.DENIED
import fr.dcproject.security.AccessDecision.GRANTED
import fr.postgresjson.connexion.Paginated
import io.mockk.every
import io.mockk.mockk
@@ -23,8 +23,8 @@ import fr.dcproject.component.article.ArticleRepository as ArticleRepo
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
@Execution(CONCURRENT)
@Tag("voter")
internal class ArticleVoterTest {
@Tag("security")
internal class ArticleAccessControlTest {
private val tesla = CitizenCart(
id = UUID.fromString("e6efc288-4283-4729-a268-6debb18de1a0"),
user = User(
@@ -50,35 +50,35 @@ internal class ArticleVoterTest {
@Test
fun `creator can be view the article`() {
val article = getArticle(tesla).copy(draft = true)
ArticleVoter(getRepo(article))
ArticleAccessControl(getRepo(article))
.canView(article, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `other user can be view the article`() {
val article = getArticle(tesla)
ArticleVoter(getRepo(article))
ArticleAccessControl(getRepo(article))
.canView(article, einstein)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `other user can be view the article list`(): Unit = listOf(ArticleVoter(mockk())).run {
fun `other user can be view the article list`(): Unit = listOf(ArticleAccessControl(mockk())).run {
val article = getArticle(tesla)
val article2 = getArticle(tesla)
ArticleVoter(getRepo(article))
ArticleAccessControl(getRepo(article))
.canView(listOf(article, article2), einstein)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `the no creator can not be view the article on draft`() {
val article = getArticle(tesla).copy(draft = true)
ArticleVoter(getRepo(article))
ArticleAccessControl(getRepo(article))
.canView(article, einstein)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
@@ -86,31 +86,31 @@ internal class ArticleVoterTest {
val article = getArticle(tesla)
val article2 = getArticle(tesla).copy(draft = true)
ArticleVoter(getRepo(article))
ArticleAccessControl(getRepo(article))
.canView(listOf(article, article2), einstein)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can not view deleted article`() {
val article = getArticle(tesla).copy(deletedAt = DateTime.now())
ArticleVoter(getRepo(article))
ArticleAccessControl(getRepo(article))
.canView(article, tesla)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can delete article if owner`() {
val article = getArticle(tesla)
ArticleVoter(getRepo(article))
ArticleAccessControl(getRepo(article))
.canDelete(article, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not delete article if not owner`() {
val article = getArticle(tesla).copy(deletedAt = DateTime.now())
ArticleVoter(getRepo(article))
ArticleAccessControl(getRepo(article))
.canDelete(article, einstein)
.code `should be` "article.delete.notYours"
}
@@ -118,15 +118,15 @@ internal class ArticleVoterTest {
@Test
fun `can create article if logged`() {
val article = getArticle(tesla)
ArticleVoter(getRepo(article))
ArticleAccessControl(getRepo(article))
.canUpsert(article, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not create article if not logged`() {
val article = getArticle(tesla)
ArticleVoter(getRepo(article))
ArticleAccessControl(getRepo(article))
.canUpsert(article, null)
.code `should be` "article.create.notConnected"
}
@@ -134,15 +134,15 @@ internal class ArticleVoterTest {
@Test
fun `can update article if yours`() {
val article = getArticle(tesla)
ArticleVoter(getRepo(article))
ArticleAccessControl(getRepo(article))
.canUpsert(article, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not update article if not yours`() {
val article = getArticle(tesla)
ArticleVoter(getRepo(article))
ArticleAccessControl(getRepo(article))
.canUpsert(article, einstein)
.code `should be` "article.update.notYours"
}

40
src/test/kotlin/unit/voter/CitizenVoterTest.kt → src/test/kotlin/unit/security/CitizenAccessControlTest.kt
View File

@@ -1,12 +1,12 @@
package unit.voter
package unit.security
import fr.dcproject.component.auth.User
import fr.dcproject.component.auth.UserI
import fr.dcproject.component.citizen.CitizenAccessControl
import fr.dcproject.component.citizen.CitizenBasic
import fr.dcproject.component.citizen.CitizenI
import fr.dcproject.component.citizen.CitizenVoter
import fr.dcproject.voter.Vote.DENIED
import fr.dcproject.voter.Vote.GRANTED
import fr.dcproject.security.AccessDecision.DENIED
import fr.dcproject.security.AccessDecision.GRANTED
import org.amshove.kluent.`should be`
import org.joda.time.DateTime
import org.junit.jupiter.api.Tag
@@ -17,8 +17,8 @@ import org.junit.jupiter.api.parallel.ExecutionMode.CONCURRENT
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
@Execution(CONCURRENT)
@Tag("voter")
internal class CitizenVoterTest {
@Tag("security")
internal class CitizenAccessControlTest {
private val tesla = CitizenBasic(
user = User(
username = "nicolas-tesla",
@@ -51,50 +51,50 @@ internal class CitizenVoterTest {
@Test
fun `can be view the citizen`() {
CitizenVoter()
CitizenAccessControl()
.canView(subject = einstein, connectedCitizen = tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can be view the citizen list`() {
CitizenVoter()
CitizenAccessControl()
.canView(subjects = listOf(tesla, einstein), connectedCitizen = einstein)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not view deleted citizen`() {
CitizenVoter()
CitizenAccessControl()
.canView(subject = curie, connectedCitizen = tesla)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can be update itself`() {
CitizenVoter()
CitizenAccessControl()
.canUpdate(subject = einstein, connectedCitizen = einstein)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be update other citizen`() {
CitizenVoter()
CitizenAccessControl()
.canUpdate(subject = tesla, connectedCitizen = einstein)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can be change password of itself`() {
CitizenVoter()
CitizenAccessControl()
.canChangePassword(subject = einstein, connectedCitizen = einstein)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be change password of other citizen`() {
CitizenVoter()
CitizenAccessControl()
.canChangePassword(subject = tesla, connectedCitizen = einstein)
.vote `should be` DENIED
.decision `should be` DENIED
}
}

44
src/test/kotlin/unit/voter/CommentVoterTest.kt → src/test/kotlin/unit/security/CommentAccessControlTest.kt
View File

@@ -1,4 +1,4 @@
package unit.voter
package unit.security
import fr.dcproject.component.article.ArticleForView
import fr.dcproject.component.article.ArticleRef
@@ -7,11 +7,11 @@ import fr.dcproject.component.auth.UserI
import fr.dcproject.component.citizen.Citizen
import fr.dcproject.component.citizen.CitizenCart
import fr.dcproject.component.citizen.CitizenI
import fr.dcproject.component.comment.generic.CommentAccessControl
import fr.dcproject.component.comment.generic.CommentForUpdate
import fr.dcproject.component.comment.generic.CommentForView
import fr.dcproject.component.comment.generic.CommentVoter
import fr.dcproject.voter.Vote.DENIED
import fr.dcproject.voter.Vote.GRANTED
import fr.dcproject.security.AccessDecision.DENIED
import fr.dcproject.security.AccessDecision.GRANTED
import org.amshove.kluent.`should be`
import org.joda.time.DateTime
import org.junit.jupiter.api.Tag
@@ -23,8 +23,8 @@ import java.util.UUID
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
@Execution(CONCURRENT)
@Tag("voter")
internal class CommentVoterTest {
@Tag("security")
internal class CommentAccessControlTest {
private val tesla = Citizen(
user = User(
username = "nicolas-tesla",
@@ -99,57 +99,57 @@ internal class CommentVoterTest {
@Test
fun `can be view the comment`() {
CommentVoter()
CommentAccessControl()
.canView(comment1, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can be view the comment list`() {
CommentVoter()
CommentAccessControl()
.canView(listOf(comment1, comment2), einstein)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can be update your comment`() {
CommentVoter()
CommentAccessControl()
.canUpdate(comment1, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be update other comment`() {
CommentVoter()
CommentAccessControl()
.canUpdate(comment1, einstein)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can be create a comment`() {
CommentVoter()
CommentAccessControl()
.canCreate(comment1, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be create a comment if target is deleted`() {
CommentVoter()
CommentAccessControl()
.canCreate(commentTargetDeleted, tesla)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can not be create a comment with other creator`() {
CommentVoter()
CommentAccessControl()
.canCreate(comment1, einstein)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can not be create a comment if not connected`() {
CommentVoter()
CommentAccessControl()
.canCreate(comment1, null)
.vote `should be` DENIED
.decision `should be` DENIED
}
}

44
src/test/kotlin/unit/voter/FollowVoterTest.kt → src/test/kotlin/unit/security/FollowAccessControlTest.kt
View File

@@ -1,4 +1,4 @@
package unit.voter
package unit.security
import fr.dcproject.component.article.ArticleForView
import fr.dcproject.component.auth.User
@@ -8,9 +8,9 @@ import fr.dcproject.component.citizen.CitizenBasic
import fr.dcproject.component.citizen.CitizenCart
import fr.dcproject.component.citizen.CitizenI
import fr.dcproject.component.follow.Follow
import fr.dcproject.component.follow.FollowVoter
import fr.dcproject.voter.Vote.DENIED
import fr.dcproject.voter.Vote.GRANTED
import fr.dcproject.component.follow.FollowAccessControl
import fr.dcproject.security.AccessDecision.DENIED
import fr.dcproject.security.AccessDecision.GRANTED
import org.amshove.kluent.`should be`
import org.joda.time.DateTime
import org.junit.jupiter.api.Tag
@@ -22,8 +22,8 @@ import java.util.UUID
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
@Execution(CONCURRENT)
@Tag("voter")
internal class FollowVoterTest {
@Tag("security")
internal class FollowAccessControlTest {
private val tesla = CitizenBasic(
user = User(
username = "nicolas-tesla",
@@ -97,57 +97,57 @@ internal class FollowVoterTest {
@Test
fun `can be view the follow`() {
FollowVoter()
FollowAccessControl()
.canView(follow1, tesla2)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can be view the follow list`() {
FollowVoter()
FollowAccessControl()
.canView(listOf(follow1), tesla2)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can be view your anonymous follow`() {
FollowVoter()
FollowAccessControl()
.canView(followAnon, einstein3)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be view the anonymous follow of other`() {
FollowVoter()
FollowAccessControl()
.canView(followAnon, tesla2)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can be follow article`() {
FollowVoter()
FollowAccessControl()
.canCreate(follow1, tesla2)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be follow article if not connected`() {
FollowVoter()
FollowAccessControl()
.canCreate(follow1, null)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can be unfollow article`() {
FollowVoter()
FollowAccessControl()
.canDelete(follow1, tesla2)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be unfollow article if not connected`() {
FollowVoter()
FollowAccessControl()
.canDelete(follow1, null)
.vote `should be` DENIED
.decision `should be` DENIED
}
}

40
src/test/kotlin/unit/voter/OpinionVoterTest.kt → src/test/kotlin/unit/security/OpinionAccessControlTest.kt
View File

@@ -1,4 +1,4 @@
package unit.voter
package unit.security
import fr.dcproject.component.article.ArticleForView
import fr.dcproject.component.auth.User
@@ -6,11 +6,11 @@ import fr.dcproject.component.auth.UserI
import fr.dcproject.component.citizen.CitizenBasic
import fr.dcproject.component.citizen.CitizenCart
import fr.dcproject.component.citizen.CitizenI
import fr.dcproject.component.opinion.OpinionVoter
import fr.dcproject.component.opinion.OpinionAccessControl
import fr.dcproject.component.opinion.entity.Opinion
import fr.dcproject.component.opinion.entity.OpinionChoice
import fr.dcproject.voter.Vote.DENIED
import fr.dcproject.voter.Vote.GRANTED
import fr.dcproject.security.AccessDecision.DENIED
import fr.dcproject.security.AccessDecision.GRANTED
import org.amshove.kluent.`should be`
import org.joda.time.DateTime
import org.junit.jupiter.api.Tag
@@ -22,8 +22,8 @@ import java.util.UUID
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
@Execution(CONCURRENT)
@Tag("voter")
internal class OpinionVoterTest {
@Tag("security")
internal class OpinionAccessControlTest {
private val tesla = CitizenBasic(
user = User(
username = "nicolas-tesla",
@@ -74,50 +74,50 @@ internal class OpinionVoterTest {
@Test
fun `can be view the opinion`() {
OpinionVoter()
OpinionAccessControl()
.canView(opinion1, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can be view the opinion list`() {
OpinionVoter()
OpinionAccessControl()
.canView(listOf(opinion1), tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can be opinion an article`() {
OpinionVoter()
OpinionAccessControl()
.canCreate(opinion1, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be opinion if not connected`() {
OpinionVoter()
OpinionAccessControl()
.canCreate(opinion1, null)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can be remove opinion`() {
OpinionVoter()
OpinionAccessControl()
.canDelete(opinion1, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be remove opinion if not connected`() {
OpinionVoter()
OpinionAccessControl()
.canDelete(opinion1, null)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can not be remove opinion of other user`() {
OpinionVoter()
OpinionAccessControl()
.canDelete(opinion1, einstein)
.vote `should be` DENIED
.decision `should be` DENIED
}
}

18
src/test/kotlin/unit/voter/OpinionChoiceVoterTest.kt → src/test/kotlin/unit/security/OpinionChoiceAccessControlTest.kt
View File

@@ -1,4 +1,4 @@
package unit.voter
package unit.security
import fr.dcproject.component.article.ArticleForView
import fr.dcproject.component.auth.User
@@ -6,9 +6,9 @@ import fr.dcproject.component.auth.UserI
import fr.dcproject.component.citizen.CitizenBasic
import fr.dcproject.component.citizen.CitizenCart
import fr.dcproject.component.citizen.CitizenI
import fr.dcproject.component.opinion.OpinionChoiceVoter
import fr.dcproject.component.opinion.OpinionChoiceAccessControl
import fr.dcproject.component.opinion.entity.OpinionChoice
import fr.dcproject.voter.Vote.GRANTED
import fr.dcproject.security.AccessDecision.GRANTED
import org.amshove.kluent.`should be`
import org.joda.time.DateTime
import org.junit.jupiter.api.Tag
@@ -20,8 +20,8 @@ import java.util.UUID
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
@Execution(CONCURRENT)
@Tag("voter")
internal class OpinionChoiceVoterTest {
@Tag("security")
internal class OpinionChoiceAccessControlTest {
private val tesla = CitizenBasic(
id = UUID.fromString("e6efc288-4283-4729-a268-6debb18de1a0"),
user = User(
@@ -57,15 +57,15 @@ internal class OpinionChoiceVoterTest {
@Test
fun `can be view the opinion choice`() {
OpinionChoiceVoter()
OpinionChoiceAccessControl()
.canView(choice1, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can be view the opinion choice list`() {
OpinionChoiceVoter()
OpinionChoiceAccessControl()
.canView(listOf(choice1), tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
}

36
src/test/kotlin/unit/voter/VoteVoterTest.kt → src/test/kotlin/unit/security/VoteAccessControlTest.kt
View File

@@ -1,4 +1,4 @@
package unit.voter
package unit.security
import fr.dcproject.component.article.ArticleForView
import fr.dcproject.component.auth.User
@@ -7,10 +7,10 @@ import fr.dcproject.component.citizen.Citizen
import fr.dcproject.component.citizen.CitizenBasic
import fr.dcproject.component.citizen.CitizenCart
import fr.dcproject.component.citizen.CitizenI
import fr.dcproject.component.vote.VoteVoter
import fr.dcproject.component.vote.VoteAccessControl
import fr.dcproject.component.vote.entity.VoteForUpdate
import fr.dcproject.voter.Vote.DENIED
import fr.dcproject.voter.Vote.GRANTED
import fr.dcproject.security.AccessDecision.DENIED
import fr.dcproject.security.AccessDecision.GRANTED
import org.amshove.kluent.`should be`
import org.joda.time.DateTime
import org.junit.jupiter.api.Tag
@@ -23,8 +23,8 @@ import fr.dcproject.component.vote.entity.Vote as VoteEntity
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
@Execution(CONCURRENT)
@Tag("voter")
internal class VoteVoterTest {
@Tag("security")
internal class VoteAccessControlTest {
private val tesla = Citizen(
id = UUID.fromString("a1e35c99-9d33-4fb4-9201-58d7071243bb"),
user = User(
@@ -101,43 +101,43 @@ internal class VoteVoterTest {
@Test
fun `can be view your the vote`() {
VoteVoter()
VoteAccessControl()
.canView(vote1, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be view vote of other`() {
VoteVoter()
VoteAccessControl()
.canView(vote1, einstein)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can be view your votes list`() {
VoteVoter()
VoteAccessControl()
.canView(listOf(vote1), tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can be vote an article`() {
VoteVoter()
VoteAccessControl()
.canCreate(voteForUpdate, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be vote if not connected`() {
VoteVoter()
VoteAccessControl()
.canCreate(voteForUpdate, null)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can not be vote an article if article is deleted`() {
VoteVoter()
VoteAccessControl()
.canCreate(voteOnDeleted, tesla)
.vote `should be` DENIED
.decision `should be` DENIED
}
}

56
src/test/kotlin/unit/voter/WorkgroupVoterTest.kt → src/test/kotlin/unit/security/WorkgroupAccessControlTest.kt
View File

@@ -1,14 +1,14 @@
package unit.voter
package unit.security
import fr.dcproject.component.auth.User
import fr.dcproject.component.auth.UserI
import fr.dcproject.component.citizen.CitizenBasic
import fr.dcproject.component.citizen.CitizenCart
import fr.dcproject.component.citizen.CitizenI
import fr.dcproject.component.workgroup.WorkgroupVoter
import fr.dcproject.component.workgroup.WorkgroupAccessControl
import fr.dcproject.component.workgroup.WorkgroupWithMembersI
import fr.dcproject.voter.Vote.DENIED
import fr.dcproject.voter.Vote.GRANTED
import fr.dcproject.security.AccessDecision.DENIED
import fr.dcproject.security.AccessDecision.GRANTED
import org.amshove.kluent.`should be`
import org.joda.time.DateTime
import org.junit.jupiter.api.Tag
@@ -21,8 +21,8 @@ import fr.dcproject.component.workgroup.Workgroup as WorkgroupEntity
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
@Execution(CONCURRENT)
@Tag("voter")
internal class WorkgroupVoterTest {
@Tag("security")
internal class WorkgroupAccessControlTest {
private val tesla = CitizenBasic(
user = User(
username = "nicolas-tesla",
@@ -73,78 +73,78 @@ internal class WorkgroupVoterTest {
@Test
fun `can be view your workgroup`() {
WorkgroupVoter()
WorkgroupAccessControl()
.canView(workgroupPublic, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can be view your workgroup if is not public`() {
WorkgroupVoter()
WorkgroupAccessControl()
.canView(workgroupAnon, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can be view workgroup of other if is public`() {
WorkgroupVoter()
WorkgroupAccessControl()
.canView(workgroupPublic, einstein)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be view workgroup of other if is not public`() {
WorkgroupVoter()
WorkgroupAccessControl()
.canView(workgroupAnon, einstein)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can be view your workgroup list`() {
WorkgroupVoter()
WorkgroupAccessControl()
.canView(listOf(workgroupPublic, workgroupAnon), tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can be create workgroup`() {
WorkgroupVoter()
WorkgroupAccessControl()
.canCreate(workgroupPublic, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be create workgroup if not connected`() {
WorkgroupVoter()
WorkgroupAccessControl()
.canCreate(workgroupPublic, null)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can be delete workgroup if owner`() {
WorkgroupVoter()
WorkgroupAccessControl()
.canDelete(workgroupPublic, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be delete workgroup if not owner`() {
WorkgroupVoter()
WorkgroupAccessControl()
.canDelete(workgroupPublic, einstein)
.vote `should be` DENIED
.decision `should be` DENIED
}
@Test
fun `can be update workgroup if owner`() {
WorkgroupVoter()
WorkgroupAccessControl()
.canUpdate(workgroupPublic, tesla)
.vote `should be` GRANTED
.decision `should be` GRANTED
}
@Test
fun `can not be update workgroup if not owner`() {
WorkgroupVoter()
WorkgroupAccessControl()
.canUpdate(workgroupPublic, einstein)
.vote `should be` DENIED
.decision `should be` DENIED
}
}