test: field level access for nested fields

2022-09-23 03:26:26 -04:00
parent 22ea98ca33
commit c64f15d4d9
2 changed files with 70 additions and 2 deletions
--- a/test/access-control/config.ts
+++ b/test/access-control/config.ts
@@ -25,7 +25,7 @@ const PublicReadabilityAccess: FieldAccess = ({ req: { user }, siblingData }) =>
  return false;
 };

-export const requestHeaders = {authorization: 'Bearer testBearerToken'};
+export const requestHeaders = { authorization: 'Bearer testBearerToken' };
 const UseRequestHeadersAccess: FieldAccess = ({ req: { headers } }) => {
  return !!headers && headers.authorization === requestHeaders.authorization;
 };
@@ -47,6 +47,50 @@ export default buildConfig({
            update: () => false,
          },
        },
+        {
+          type: 'group',
+          name: 'group',
+          fields: [
+            {
+              name: 'restrictedGroupText',
+              type: 'text',
+              access: {
+                read: () => false,
+                update: () => false,
+                create: () => false,
+              },
+            },
+          ],
+        },
+        {
+          type: 'row',
+          fields: [
+            {
+              name: 'restrictedRowText',
+              type: 'text',
+              access: {
+                read: () => false,
+                update: () => false,
+                create: () => false,
+              },
+            },
+          ],
+        },
+        {
+          type: 'collapsible',
+          label: 'Access',
+          fields: [
+            {
+              name: 'restrictedCollapsibleText',
+              type: 'text',
+              access: {
+                read: () => false,
+                update: () => false,
+                create: () => false,
+              },
+            },
+          ],
+        },
      ],
    },
    {
--- a/test/access-control/e2e.spec.ts
+++ b/test/access-control/e2e.spec.ts
@@ -44,7 +44,31 @@ describe('access control', () => {

    await page.goto(url.edit(id));

-    await expect(page.locator('input[name="restrictedField"]')).toHaveCount(0);
+    await expect(page.locator('#field-restrictedField')).toHaveCount(0);
+  });
+
+  test('field without read access inside a group should not show', async () => {
+    const { id } = await createDoc({ restrictedField: 'restricted' });
+
+    await page.goto(url.edit(id));
+
+    await expect(page.locator('#field-group__restrictedGroupText')).toHaveCount(0);
+  });
+
+  test('field without read access inside a collapsible should not show', async () => {
+    const { id } = await createDoc({ restrictedField: 'restricted' });
+
+    await page.goto(url.edit(id));
+
+    await expect(page.locator('#field-restrictedRowText')).toHaveCount(0);
+  });
+
+  test('field without read access inside a row should not show', async () => {
+    const { id } = await createDoc({ restrictedField: 'restricted' });
+
+    await page.goto(url.edit(id));
+
+    await expect(page.locator('#field-restrictedCollapsibleText')).toHaveCount(0);
  });

  describe('restricted collection', () => {