Small fixes to databases.R permission functions and completion of rol…

…e() tests
bedatadriven · Jun 6, 2024 · 6b26ed3 · 6b26ed3
1 parent de5002e
commit 6b26ed3
Show file tree

Hide file tree

Showing 3 changed files with 304 additions and 12 deletions.
diff --git a/R/databases.R b/R/databases.R
@@ -587,7 +587,6 @@ permissions <- function(view = TRUE,
 operationList = function(operation, permissionList, reviewerOnly = FALSE) {
   p <- list(operation = toupper(operation))
   v <- permissionList[[operation]]
-  message(deparse(v), "\n")
   if (is.character(v)) {
     p$filter <- as.character(v)
   }
@@ -618,17 +617,17 @@ adminPermissions <- function(manage_automations = FALSE, manage_users = FALSE, m
 
   operations <- names(formals())
 
-  permissions <- lapply(operations, function(operation) {
+  permissionList <- lapply(operations, function(operation) {
     v <- eval(as.name(operation))
     if (length(v) != 1 || is.na(v) || !(is.logical(v))) {
       stop(sprintf("Invalid value for operation '%s': %s", operation, deparse(v)))
     }
     v
   })
-  names(permissions) <- operations
-  granted <- sapply(permissions, function(p) p == TRUE)
-  
-  result <- lapply(operations[granted], operationList)
+  names(permissionList) <- operations
+  granted <- sapply(permissionList, function(p) p == TRUE)
+
+  result <- lapply(operations[granted], function(x) {operationList(x, permissionList)})
 
   class(result) <- c("activityInfoManagementPermissions", class(result))
 
@@ -766,7 +765,7 @@ updateRole <- function(databaseId, role) {
     invisible()
   } else {
     path <- paste("databases", databaseId, sep = "/")
-    request$roleUpdates = list(role)
+    request = list(roleUpdates = list(role))
     x <- postResource(path, request, task = "updateRole")
     invisible()    
   }
@@ -988,5 +987,5 @@ role <- function(id, label, parameters = list(), grants, managementPermissions =
   )
 
   class(result) <- c("activityInfoRole", class(result))
-  result
+  invisible(result)
 }
diff --git a/tests/testthat/_snaps/databases.md b/tests/testthat/_snaps/databases.md
@@ -41,3 +41,266 @@
             inviteDate = "<date or time value>", lastLoginDate = "<date or time value>", 
             name = "Test database user", userId = "<id value>", userLicenseType = "BASIC"))
 
+# permissions() helper works
+
+    Code
+      defaultPermissions
+    Output
+      [[1]]
+      [[1]]$operation
+      [1] "VIEW"
+      
+      
+      attr(,"class")
+      [1] "activityInfoPermissions" "list"                   
+
+---
+
+    Code
+      reviewerPermissions
+    Output
+      [[1]]
+      [[1]]$operation
+      [1] "VIEW"
+      
+      
+      [[2]]
+      [[2]]$operation
+      [1] "ADD_RECORD"
+      
+      [[2]]$securityCategories
+      [[2]]$securityCategories[[1]]
+      [1] "reviewer"
+      
+      
+      
+      [[3]]
+      [[3]]$operation
+      [1] "DISCOVER"
+      
+      
+      attr(,"class")
+      [1] "activityInfoPermissions" "list"                   
+
+# parameter() works
+
+    Code
+      param
+    Output
+      $parameterId
+      [1] "partner"
+      
+      $label
+      [1] "Reporting partner"
+      
+      $range
+      [1] "ck5dxt1712"
+      
+      attr(,"class")
+      [1] "activityInfoParameter" "list"                 
+
+# adminPermissions() works
+
+    Code
+      defaultAdminPermissions
+    Output
+      list()
+      attr(,"class")
+      [1] "activityInfoManagementPermissions" "list"                             
+
+---
+
+    Code
+      enhancedAdminPermissions
+    Output
+      [[1]]
+      [[1]]$operation
+      [1] "MANAGE_AUTOMATIONS"
+      
+      
+      [[2]]
+      [[2]]$operation
+      [1] "MANAGE_USERS"
+      
+      
+      [[3]]
+      [[3]]$operation
+      [1] "MANAGE_ROLES"
+      
+      
+      attr(,"class")
+      [1] "activityInfoManagementPermissions" "list"                             
+
+# grant() works
+
+    Code
+      optionalGrant
+    Output
+      $resourceId
+      [1] "ck5dxt1552"
+      
+      $operations
+      [[1]]
+      [[1]]$operation
+      [1] "VIEW"
+      
+      
+      [[2]]
+      [[2]]$operation
+      [1] "ADD_RECORD"
+      
+      
+      [[3]]
+      [[3]]$operation
+      [1] "EDIT_RECORD"
+      
+      
+      attr(,"class")
+      [1] "activityInfoPermissions" "list"                   
+      
+      $optional
+      [1] TRUE
+      
+      attr(,"class")
+      [1] "activityInfoGrant" "list"             
+
+# roleFilter() works
+
+    Code
+      roleLevelFilter
+    Output
+      $id
+      [1] "partner"
+      
+      $label
+      [1] "Partner is user's partner"
+      
+      $filter
+      [1] "ck5dxt1712 == @user.partner"
+      
+      attr(,"class")
+      [1] "activityInfoRoleFilter" "list"                  
+
+# role() works
+
+    Code
+      grantBasedRole
+    Output
+      $id
+      [1] "rp"
+      
+      $label
+      [1] "Reporting Partner"
+      
+      $parameters
+      $parameters[[1]]
+      $parameterId
+      [1] "partner"
+      
+      $label
+      [1] "Partner"
+      
+      $range
+      [1] "ck5dxt1712"
+      
+      attr(,"class")
+      [1] "activityInfoParameter" "list"                 
+      
+      
+      $permissions
+      list()
+      attr(,"class")
+      [1] "activityInfoManagementPermissions" "list"                             
+      
+      $grants
+      $grants[[1]]
+      $resourceId
+      [1] "cq9xyz1552"
+      
+      $operations
+      [[1]]
+      [[1]]$operation
+      [1] "VIEW"
+      
+      [[1]]$filter
+      [1] "ck5dxt1712 == @user.partner"
+      
+      
+      [[2]]
+      [[2]]$operation
+      [1] "EDIT_RECORD"
+      
+      [[2]]$filter
+      [1] "ck5dxt1712 == @user.partner"
+      
+      
+      [[3]]
+      [[3]]$operation
+      [1] "EXPORT_RECORDS"
+      
+      
+      [[4]]
+      [[4]]$operation
+      [1] "DISCOVER"
+      
+      
+      attr(,"class")
+      [1] "activityInfoPermissions" "list"                   
+      
+      $optional
+      [1] FALSE
+      
+      attr(,"class")
+      [1] "activityInfoGrant" "list"             
+      
+      $grants[[2]]
+      $resourceId
+      [1] "cz55555555"
+      
+      $operations
+      [[1]]
+      [[1]]$operation
+      [1] "VIEW"
+      
+      
+      [[2]]
+      [[2]]$operation
+      [1] "ADD_RECORD"
+      
+      
+      [[3]]
+      [[3]]$operation
+      [1] "DISCOVER"
+      
+      
+      attr(,"class")
+      [1] "activityInfoPermissions" "list"                   
+      
+      $optional
+      [1] TRUE
+      
+      attr(,"class")
+      [1] "activityInfoGrant" "list"             
+      
+      
+      $filters
+      $filters[[1]]
+      $id
+      [1] "partner"
+      
+      $label
+      [1] "Partner is user's partner"
+      
+      $filter
+      [1] "ck5dxt1712 == @user.partner"
+      
+      attr(,"class")
+      [1] "activityInfoRoleFilter" "list"                  
+      
+      
+      $grantBased
+      [1] TRUE
+      
+      attr(,"class")
+      [1] "activityInfoRole" "list"            
+
diff --git a/tests/testthat/test-databases.R b/tests/testthat/test-databases.R
@@ -211,9 +211,9 @@ testthat::test_that("parameter() works", {
   testthat::expect_snapshot(param)
 })
 
-testthat::test_that("managementPermissions() works", {
-  defaultAdminPermissions <- managementPermissions()
-  enhancedAdminPermissions <- managementPermissions(
+testthat::test_that("adminPermissions() works", {
+  defaultAdminPermissions <- adminPermissions()
+  enhancedAdminPermissions <- adminPermissions(
     manage_automations = TRUE, 
     manage_users = TRUE, 
     manage_roles = TRUE
@@ -354,7 +354,37 @@ testthat::test_that("updateRole() works", {
 
   roleIdentical <- sapply(tree$roles, function(x) {
     if (x$id == roleId) {
-      testthat::expect_identical(newRole, x)
+      testthat::expect_identical(x$label, roleLabel)
+      testthat::expect_length(object = x$parameters, n = 1)
+      testthat::expect_identical(x$parameters[[1]]$parameterId,"partner")
+      testthat::expect_identical(x$parameters[[1]]$range,partnerForm$id)
+
+      testthat::expect_length(object = x$permissions, n = 0)
+
+      testthat::expect_length(object = x$grants, n = 2)
+
+      grant1 <- x$grants[[which(sapply(x$grants, function(g) g$resourceId == reportingForm$id))]]
+      testthat::expect_identical(grant1$resourceId, reportingForm$id)
+      testthat::expect_length(object = grant1$operations, n = 4)
+      testthat::expect_identical(grant1$operations[[1]]$operation, "VIEW")
+      testthat::expect_identical(grant1$operations[[1]]$filter, sprintf("%s == @user.partner", partnerForm$id))
+      testthat::expect_identical(grant1$operations[[2]]$operation, "EDIT_RECORD")
+      testthat::expect_identical(grant1$operations[[2]]$filter, sprintf("%s == @user.partner", partnerForm$id))
+      testthat::expect_identical(grant1$operations[[3]]$operation, "EXPORT_RECORDS")
+      testthat::expect_identical(grant1$operations[[4]]$operation, "DISCOVER")
+
+      grant2 <- x$grants[[which(sapply(x$grants, function(g) g$resourceId == partnerForm$id))]]
+      testthat::expect_identical(grant2$resourceId, partnerForm$id)
+      testthat::expect_length(object = grant2$operations, n = 1)
+      testthat::expect_identical(grant2$operations[[1]]$operation, "VIEW")
+
+      #testthat::expect_length(object = x$filters, n = 1)
+      #testthat::expect_identical(x$filters[[1]]$id, "partner")
+      #testthat::expect_identical(x$filters[[1]]$label, "Partner is user's partner")
+      #testthat::expect_identical(x$filters[[1]]$filter, "cwjcaculx3axxgxo == @user.partner")
+
+      testthat::expect_true(x$grantBased)
+
       TRUE
     } else {
       FALSE