// 文章表
app.db.collection({
name: "posts",
createdBy: true,
fields: [
{ name: "title", type: "string" },
{ name: "content", type: "text" },
{ name: "published", type: "boolean", defaultValue: false },
],
});
// scope, 已发布的文章
let scope = await Scope.repository.create({
values: {
name: "get published posts",
resourceName: "posts",
scope: {
published: true,
},
},
});
// anonymouse 角色和权限
let role = await Role.repository.create({
values: {
name: "anonymous",
title: "Anonymous",
resources: [
{
name: "posts",
actions: [
{
name: "list",
fields: ["title", "content", "published"],
scope,
},
{
name: "get",
fields: ["title", "content", "published"],
scope,
},
],
},
],
},
});
import { Application } from "@nocobase/server";
import request from "supertest";
import PluginACL from "@nocobase/plugin-acl/lib/server";
import UsersPlugin from "@nocobase/plugin-users/lib/server";
import { PluginErrorHandler } from "@nocobase/plugin-error-handler/lib/server";
class MockServer extends Application {}
describe("app test", () => {
let app: Application;
beforeAll(async () => {
app = new MockServer({
registerActions: true,
database: {
dialect: "sqlite",
storage: ":memory:",
// storage: "/tmp/tmp.sqlite",
logging: false,
},
resourcer: {
prefix: `/api`,
},
});
app.plugin(UsersPlugin);
app.plugin(PluginACL);
app.plugin(PluginErrorHandler);
await app.load();
await app.install({
sync: {
force: true,
},
});
// 文章表
app.db.collection({
name: "posts",
createdBy: true,
fields: [
{ name: "title", type: "string" },
{ name: "content", type: "text" },
{ name: "published", type: "boolean", defaultValue: false },
],
});
await app.db.sync();
// app.acl.skip("posts", "get");
// app.acl.skip("posts", "list");
// 角色信息同步到 ACL 组件中
let plugin = app.getPlugin("PluginACL") as PluginACL;
await plugin.writeRolesToACL();
// 初始化数据
const User = app.db.getCollection("users");
const Role = app.db.getCollection("roles");
const Scope = app.db.getCollection("rolesResourcesScopes");
// 创建一个用户
await User.repository.create({
values: {
email: "[email protected]",
password: "password",
nickname: "zhangsan",
roles: ["member"],
},
});
// scope, 已发布的文章
let scope = await Scope.repository.create({
values: {
name: "get published posts",
resourceName: "posts",
scope: {
published: true,
},
},
});
// anonymouse 角色和权限
let role = await Role.repository.create({
values: {
name: "anonymous",
title: "Anonymous",
resources: [
{
name: "posts",
actions: [
{
name: "list",
fields: ["title", "content", "published"],
scope,
},
{
name: "get",
fields: ["title", "content", "published"],
scope,
},
],
},
],
},
});
// member 角色权限
await Role.repository
.relation("resources")
.of("member")
.create({
values: {
name: "posts",
actions: [
{
name: "get",
fields: ["title", "content", "published"],
scope,
},
{
name: "list",
fields: ["title", "content", "published"],
scope,
},
{
name: "create",
fields: ["title", "content", "published"],
},
{
name: "update",
fields: ["title", "content", "published"],
},
],
},
});
});
afterAll(async () => {
await app.destroy();
});
// 普通用户
it("using app with member", async () => {
// 登录
let response = await request(app.callback())
.post("/api/users:signin")
.send({
email: "[email protected]",
password: "password",
});
expect(response.statusCode).toEqual(200);
const { token, id: userId } = response.body.data;
expect(token).toBeDefined();
// 创建文章且发布;
response = await request(app.callback())
.post("/api/posts")
.set("Authorization", `Bearer ${token}`)
.send({
title: "Hello world",
content: "my first posts.",
published: true,
});
expect(response.statusCode).toEqual(200);
// 匿名阅读文章列表
response = await request(app.callback()).get("/api/posts");
expect(response.statusCode).toEqual(200);
expect(response.body.data.length).toEqual(1);
});
});