Hugging Face's logo

Spaces:
AZLABS
/
admin
Running

App Files Community
admin
File size: 3,269 Bytes 
530729e
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
 
package auth

import (
	"net/url"
	"testing"

	"github.com/GoAdminGroup/go-admin/modules/config"
	"github.com/GoAdminGroup/go-admin/plugins/admin/models"
	"github.com/stretchr/testify/assert"
)

func TestCheckPermissions(t *testing.T) {

	config.Initialize(&config.Config{
		UrlPrefix: "admin",
	})

	user := models.UserModel{
		Permissions: []models.PermissionModel{
			{
				Name:       "/",
				Slug:       "/",
				HttpMethod: []string{"GET"},
				HttpPath:   []string{"/"},
			}, {
				Name:       "/info/user",
				Slug:       "/",
				HttpMethod: []string{"GET"},
				HttpPath:   []string{"/info/user"},
			}, {
				Name:       "/info/user/edit",
				Slug:       "/",
				HttpMethod: []string{"GET"},
				HttpPath:   []string{"/info/user/edit"},
			}, {
				Name:       "/info/normal_manager?id=2",
				Slug:       "/",
				HttpMethod: []string{"GET"},
				HttpPath:   []string{"/info/normal_manager?id=2"},
			}, {
				Name:       "/info/normal_manager/edit?id=2",
				Slug:       "/",
				HttpMethod: []string{"GET"},
				HttpPath:   []string{"/info/normal_manager/edit?id=2"},
			}, {
				Name:       "/info/user_list?user_type=10",
				Slug:       "/",
				HttpMethod: []string{"GET"},
				HttpPath:   []string{"/info/user_list?user_type=10"},
			}, {
				Name:       "/info/user_list?user_type=20",
				Slug:       "/",
				HttpMethod: []string{"GET"},
				HttpPath:   []string{"/info/user_list?user_type=20"},
			}, {
				Name:       "/delete/user",
				Slug:       "/",
				HttpMethod: []string{"POST"},
				HttpPath:   []string{"/delete/user"},
			},
		},
	}

	param := make(url.Values)

	assert.Equal(t, CheckPermissions(user, "/admin/", "GET", param), true)
	assert.Equal(t, CheckPermissions(user, "/admin", "GET", param), true)
	assert.Equal(t, CheckPermissions(user, "/", "GET", param), false)
	assert.Equal(t, CheckPermissions(user, "/admin", "POST", param), false)
	assert.Equal(t, CheckPermissions(user, "/admin/info/users", "GET", param), false)
	assert.Equal(t, CheckPermissions(user, "/admin/info/user", "GET", param), true)
	assert.Equal(t, CheckPermissions(user, "/admin/info/user", "get", param), true)
	assert.Equal(t, CheckPermissions(user, "/admin/info/normal_manager/edit?__goadmin_edit_pk=2&__columns=id,roles,created_at,updated_at", "get", param), true)
	assert.Equal(t, CheckPermissions(user, "/admin/info/normal_manager/edit?__goadmin_edit_pk=2", "get", param), true)
	assert.Equal(t, CheckPermissions(user, "/admin/info/normal_manager/edit?__goadmin_edit_pk=3&__columns=id,roles,created_at,updated_at", "get", param), false)
	assert.Equal(t, CheckPermissions(user, "/admin/info/normal_manager/edit?__columns=id,roles,created_at,updated_at&id=3", "get", param), false)
	assert.Equal(t, CheckPermissions(user, "/admin/info/user", "post", param), false)
	assert.Equal(t, CheckPermissions(user, "/admin/info/user/edit?id=3", "get", param), true)
	assert.Equal(t, CheckPermissions(user, "/admin/logout?j=asdf", "post", param), true)
	assert.Equal(t, CheckPermissions(user, "/admin/info/user_list?user_type=20", "get", param), true)
	assert.Equal(t, CheckPermissions(user, "/admin/info/user_list?__goadmin_edit_pk=3&user_type=20", "get", param), true)
	assert.Equal(t, CheckPermissions(user, "/admin/delete/user", "post", param), true)
}