Mercurial > gemma
view schema/tap_tests.sql @ 119:29e56c342c9f
Added first middleware for JWT token extraction. TODO: Add second one to check against logged in users.
author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
---|---|
date | Tue, 26 Jun 2018 18:29:26 +0200 |
parents | d349db18bece |
children | 3f7053e53fa6 |
line wrap: on
line source
-- -- pgTAP test script -- BEGIN; CREATE EXTENSION pgtap; SELECT plan(10); -- Give number of tests that have to be run SET search_path TO public, gemma, gemma_waterway, gemma_fairway; \i tap_tests_data.sql -- -- Run tests as unprivileged user -- SET SESSION AUTHORIZATION waterway_user; SELECT throws_ok('CREATE TABLE test()', 42501, NULL, 'No objects can be created'); SELECT isnt_empty('SELECT * FROM bottlenecks', 'Staged data should be visible'); SELECT is_empty('SELECT * FROM bottlenecks WHERE NOT staging_done', 'Only staged data should be visible'); SELECT set_eq('SELECT count(*) FROM gemma.user_profiles', ARRAY[1], 'User should only see his own profile'); SELECT results_eq('SELECT username FROM user_profiles', 'SELECT CAST(current_user AS varchar)', 'User should only see his own profile'); SELECT isnt_empty('SELECT * FROM templates', 'User should see templates associated to him'); SELECT is_empty('SELECT * FROM templates t JOIN user_templates ut ON t.id = template_id WHERE username <> current_user', 'User should only see templates associated to him'); -- -- Run tests as waterway administrator -- SET SESSION AUTHORIZATION waterway_admin; PREPARE bn_insert (varchar, geometry(POLYGON, 4326)) AS INSERT INTO bottlenecks ( bottleneck_id, fk_g_fid, stretch, area, rb, lb, responsible_country, revisiting_time, limiting, source_organization) VALUES ($1, ('AT', 'XXX', '00001', '00000', 1)::isrs, isrsrange(('AT', 'XXX', '00001', '00000', 0)::isrs, ('AT', 'XXX', '00001', '00000', 2)::isrs), $2, 'AT', 'AT', 'AT', 1, 'depth', 'testorganization'); -- XXX: In contrast to what table 240 in the PostgreSQL docs says -- (https://www.postgresql.org/docs/10/static/sql-createpolicy.html), -- the following tests seem to show that the USING expression is applied -- also to an INSERT: SELECT lives_ok('EXECUTE bn_insert(''test1'', ST_geomfromtext(''POLYGON((0 0, 0 1, 1 1, 1 0, 0 0))'', 4326))', 'Waterway admin can insert data within his region'); SELECT throws_ok('EXECUTE bn_insert(''test2'', ST_geomfromtext(''POLYGON((1 0, 1 1, 2 1, 2 0, 1 0))'', 4326))', 42501, NULL, 'Waterway admin cannot insert data outside his region'); -- XXX: Why does this fail? POLICY manage_templates should allow to see -- the template of waterway_user. SELECT isnt_empty('SELECT * FROM templates t JOIN user_templates ut ON t.id = template_id WHERE username <> current_user', 'Waterway admin should see templates of users in country'); -- -- finish tests -- SELECT * FROM finish(); ROLLBACK;