kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-07 10:55:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Account for disabled ACLs in ability tests

Browse Source
This commit is contained in:
Michael Lange
2020-01-30 16:34:35 -08:00
parent 35d7744ba7
commit f5662817ff
2 changed files with 32 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
ui/tests/unit/abilities/client-test.js
View File

@@ -7,8 +7,18 @@ module('Unit | Ability | client', function(hooks) {
setupTest(hooks);
setupAbility('client')(hooks);
test('it permits client write when ACLs are disabled', function(assert) {
const mockToken = Service.extend({
aclEnabled: false,
});
this.owner.register('service:token', mockToken);
assert.ok(this.ability.canWrite);
});
test('it permits client write for management tokens', function(assert) {
const mockToken = Service.extend({
aclEnabled: true,
selfToken: { type: 'management' },
});
this.owner.register('service:token', mockToken);
@@ -18,6 +28,7 @@ module('Unit | Ability | client', function(hooks) {
test('it permits client write for tokens with a policy that has node-write', function(assert) {
const mockToken = Service.extend({
aclEnabled: true,
selfToken: { type: 'client' },
selfTokenPolicies: [
{
@@ -36,6 +47,7 @@ module('Unit | Ability | client', function(hooks) {
test('it permits client write for tokens with a policy that allows write and another policy that disallows it', function(assert) {
const mockToken = Service.extend({
aclEnabled: true,
selfToken: { type: 'client' },
selfTokenPolicies: [
{
@@ -61,6 +73,7 @@ module('Unit | Ability | client', function(hooks) {
test('it blocks client write for tokens with a policy that does not allow node-write', function(assert) {
const mockToken = Service.extend({
aclEnabled: true,
selfToken: { type: 'client' },
selfTokenPolicies: [
{

19
ui/tests/unit/abilities/job-test.js
View File

@@ -7,8 +7,19 @@ module('Unit | Ability | job', function(hooks) {
setupTest(hooks);
setupAbility('job')(hooks);
test('it permits job run when ACLs are disabled', function(assert) {
const mockToken = Service.extend({
aclEnabled: false,
});
this.owner.register('service:token', mockToken);
assert.ok(this.ability.canRun);
});
test('it permits job run for management tokens', function(assert) {
const mockToken = Service.extend({
aclEnabled: true,
selfToken: { type: 'management' },
});
@@ -19,12 +30,14 @@ module('Unit | Ability | job', function(hooks) {
test('it permits job run for client tokens with a policy that has namespace submit-job', function(assert) {
const mockSystem = Service.extend({
aclEnabled: true,
activeNamespace: {
name: 'aNamespace',
},
});
const mockToken = Service.extend({
aclEnabled: true,
selfToken: { type: 'client' },
selfTokenPolicies: [
{
@@ -48,12 +61,14 @@ module('Unit | Ability | job', function(hooks) {
test('it permits job run for client tokens with a policy that has default namespace submit-job and no capabilities for active namespace', function(assert) {
const mockSystem = Service.extend({
aclEnabled: true,
activeNamespace: {
name: 'anotherNamespace',
},
});
const mockToken = Service.extend({
aclEnabled: true,
selfToken: { type: 'client' },
selfTokenPolicies: [
{
@@ -81,12 +96,14 @@ module('Unit | Ability | job', function(hooks) {
test('it blocks job run for client tokens with a policy that has no submit-job capability', function(assert) {
const mockSystem = Service.extend({
aclEnabled: true,
activeNamespace: {
name: 'aNamespace',
},
});
const mockToken = Service.extend({
aclEnabled: true,
selfToken: { type: 'client' },
selfTokenPolicies: [
{
@@ -110,12 +127,14 @@ module('Unit | Ability | job', function(hooks) {
test('it handles globs in namespace names', function(assert) {
const mockSystem = Service.extend({
aclEnabled: true,
activeNamespace: {
name: 'aNamespace',
},
});
const mockToken = Service.extend({
aclEnabled: true,
selfToken: { type: 'client' },
selfTokenPolicies: [
{