HorizonStackSoftware/optima
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
Files
27755d4a00bfdce730aabc71b3309d3ab98d5786
optima/src/lib/permissions.spec.ts
T
HoloPanio 27755d4a00 fix: default permissions to true on API failure to prevent UI hiding 
- When the permission check API call fails (timeout, network error, etc.),
  permissions now default to true instead of false
- This prevents UI elements like the WiFi tab from disappearing when the
  permission check has a transient failure
- The API still enforces access server-side, so no security impact
- Added __checkFailed flag to PermissionMap for observability
2026-02-27 18:12:14 -06:00

76 lines
2.0 KiB
TypeScript
Raw Blame History

import { beforeEach, describe, expect, it, vi } from "vitest";
const { mockCheckPermissions } = vi.hoisted(() => ({
mockCheckPermissions: vi.fn(),
}));
vi.mock("$lib", () => ({
optima: {
user: {
checkPermissions: mockCheckPermissions,
},
},
}));
import {
checkPermissions,
hasPermission,
resolvePermissions,
} from "./permissions";
describe("permissions helpers", () => {
beforeEach(() => {
vi.clearAllMocks();
});
it("returns empty map when no permissions are requested", async () => {
const result = await checkPermissions("token", []);
expect(result).toEqual({});
expect(mockCheckPermissions).not.toHaveBeenCalled();
});
it("maps API response into permission booleans", async () => {
mockCheckPermissions.mockResolvedValueOnce({
data: {
results: [
{ permission: "company.read", hasPermission: true },
{ permission: "credential.create", hasPermission: false },
],
},
});
const result = await checkPermissions("token", [
"company.read",
"credential.create",
]);
expect(result).toEqual({
"company.read": true,
"credential.create": false,
});
});
it("defaults requested permissions to true on API error and marks __checkFailed", async () => {
mockCheckPermissions.mockRejectedValueOnce(new Error("request failed"));
const result = await checkPermissions("token", ["a", "b"]);
expect(result.a).toBe(true);
expect(result.b).toBe(true);
expect(result.__checkFailed).toBe(true);
});
it("hasPermission returns true only for explicit true values", () => {
expect(hasPermission({ "company.read": true }, "company.read")).toBe(true);
expect(hasPermission({ "company.read": false }, "company.read")).toBe(
false,
);
expect(hasPermission({}, "company.read")).toBe(false);
});
it("exports resolvePermissions as backward-compatible alias", () => {
expect(resolvePermissions).toBe(checkPermissions);
});
});
Reference in New Issue View Git Blame Copy Permalink