Complete tests of permissions on mp

quadratichq · Jan 26, 2024 · 0a780a6 · 0a780a6
1 parent e569bb6
commit 0a780a6
Show file tree

Hide file tree

Showing 3 changed files with 70 additions and 8 deletions.
diff --git a/DEVELOPMENT.md b/DEVELOPMENT.md
@@ -64,10 +64,10 @@ for more more information.
 Docker Compose is a utility that's built into Docker Desktop and is a compact 
 infrastructure-as-code framework.  Services (e.g. running Docker containers) are
 defined, along with configuration information, in the `docker-compose.yml` file.
-Service can talk to each other and can communicate with services in the user's host
+Services can talk to each other and can communicate with services in the user's host
 network.
 
-To pull up the network with just the required depedencies (Redis, Postgres, Localstack):
+To pull up the Docker network with just the required depedencies (Redis, Postgres, Localstack):
 
 ```shell
 npm run docker:up

diff --git a/quadratic-multiplayer/src/permissions.rs b/quadratic-multiplayer/src/permissions.rs
@@ -90,12 +90,58 @@ pub(crate) mod tests {
         let (_, state, _, file_id, user, _) = setup().await;
         let session_id = user.session_id;
 
-        let roles = vec![FilePermRole::FileView, FilePermRole::FileEdit];
+        let perms = vec![FilePermRole::FileView, FilePermRole::FileEdit];
+        state
+            .update_user_permissions(file_id, &session_id, perms)
+            .await
+            .unwrap();
         let result = validate_user_can_edit_or_view_file(state.clone(), file_id, session_id).await;
-        // assert!(result.is_ok());
+        assert!(result.is_ok());
+
+        let perms = vec![FilePermRole::FileEdit];
+        state
+            .update_user_permissions(file_id, &session_id, perms)
+            .await
+            .unwrap();
+        let result = validate_user_can_edit_or_view_file(state.clone(), file_id, session_id).await;
+        assert!(result.is_ok());
+
+        let perms = vec![FilePermRole::FileView];
+        state
+            .update_user_permissions(file_id, &session_id, perms)
+            .await
+            .unwrap();
+        let result = validate_user_can_edit_or_view_file(state.clone(), file_id, session_id).await;
+        assert!(result.is_ok());
+
+        let perms = vec![FilePermRole::FileDelete];
+        state
+            .update_user_permissions(file_id, &session_id, perms)
+            .await
+            .unwrap();
+        let result = validate_user_can_edit_or_view_file(state.clone(), file_id, session_id).await;
+        assert!(result.is_err());
+    }
+
+    #[tokio::test]
+    async fn validates_user_can_edit_file() {
+        let (_, state, _, file_id, user, _) = setup().await;
+        let session_id = user.session_id;
+
+        let perms = vec![FilePermRole::FileView, FilePermRole::FileEdit];
+        state
+            .update_user_permissions(file_id, &session_id, perms)
+            .await
+            .unwrap();
+        let result = validate_user_can_edit_file(state.clone(), file_id, session_id).await;
+        assert!(result.is_ok());
 
-        // let roles = vec![FilePermRole::FileDelete];
-        // let result = validate_user_can_edit_or_view_file(&roles);
-        // assert!(matches!(result, Err(MpError::FilePermissions(_))));
+        let perms = vec![FilePermRole::FileView];
+        state
+            .update_user_permissions(file_id, &session_id, perms)
+            .await
+            .unwrap();
+        let result = validate_user_can_edit_file(state.clone(), file_id, session_id).await;
+        assert!(result.is_err());
     }
 }
diff --git a/quadratic-multiplayer/src/state/user.rs b/quadratic-multiplayer/src/state/user.rs
@@ -9,7 +9,7 @@ use uuid::Uuid;
 use crate::error::{MpError, Result};
 use crate::state::State;
 use crate::{get_mut_room, get_room};
-use quadratic_rust_shared::quadratic_api::FilePermRole;
+use quadratic_rust_shared::quadratic_api::{FilePermRole, FilePerms};
 
 pub(crate) type UserSocket = Arc<Mutex<SplitSink<WebSocket, Message>>>;
 
@@ -149,6 +149,22 @@ impl State {
         Ok(())
     }
 
+    /// Updates a user's permissions in a room
+    #[tracing::instrument(level = "trace")]
+    pub(crate) async fn update_user_permissions(
+        &self,
+        file_id: Uuid,
+        session_id: &Uuid,
+        permissions: Vec<FilePermRole>,
+    ) -> Result<()> {
+        get_mut_room!(self, file_id)?
+            .users
+            .entry(session_id.to_owned())
+            .and_modify(|user| user.permissions = permissions);
+
+        Ok(())
+    }
+
     /// updates a user's state in a room
     pub(crate) async fn update_user_state(
         &self,