test/nocobase2
1
0
Fork 0
mirror of https://gitee.com/nocobase/nocobase.git synced 2024-11-29 18:58:26 +08:00
Code Issues Actions 17 Packages Projects Releases Wiki Activity

fix(plugin-workflow): fix admin role with workflow plugin permission can not delete executions (#4961)

Browse Source 
* test(plugin-workflow): add test case for acl

* fix(plugin-workflow): fix acl snippets
This commit is contained in:
Junyi 2024-07-30 14:42:59 +08:00 committed by GitHub
parent 9adfd4cbab
commit 8f6d2d5426
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 43 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
packages/plugins/@nocobase/plugin-workflow/src/server/Plugin.ts
View File

@ -223,6 +223,7 @@ export default class PluginWorkflowServer extends Plugin {
'executions:list', 'executions:list',
'executions:get', 'executions:get',
'executions:cancel', 'executions:cancel',
'executions:destroy',
'flow_nodes:update', 'flow_nodes:update',
'flow_nodes:destroy', 'flow_nodes:destroy',
], ],

45
packages/plugins/@nocobase/plugin-workflow/src/server/__tests__/actions/executions.test.ts
View File

@ -19,10 +19,15 @@ describe('workflow > actions > executions', () => {
let PostRepo; let PostRepo;
let WorkflowModel; let WorkflowModel;
let workflow; let workflow;
let users;
let userAgents;
beforeEach(async () => { beforeEach(async () => {
app = await getApp(); app = await getApp({
agent = app.agent(); plugins: ['users', 'acl', 'auth', 'data-source-manager'],
acl: true,
});
agent = app.agent().loginUsingId(1);
db = app.db; db = app.db;
WorkflowModel = db.getCollection('workflows').model; WorkflowModel = db.getCollection('workflows').model;
PostRepo = db.getCollection('posts').repository; PostRepo = db.getCollection('posts').repository;
@ -35,6 +40,14 @@ describe('workflow > actions > executions', () => {
collection: 'posts', collection: 'posts',
}, },
}); });
const UserRepo = db.getCollection('users').repository;
users = await UserRepo.createMany({
records: [
{ id: 2, nickname: 'a', roles: ['admin'] },
{ id: 3, nickname: 'b' },
],
});
userAgents = users.map((user) => app.agent().login(user));
}); });
afterEach(async () => await app.destroy()); afterEach(async () => await app.destroy());
@ -48,11 +61,12 @@ describe('workflow > actions > executions', () => {
expect(e1.length).toBe(1); expect(e1.length).toBe(1);
expect(e1[0].get('status')).toBe(EXECUTION_STATUS.RESOLVED); expect(e1[0].get('status')).toBe(EXECUTION_STATUS.RESOLVED);
await agent.resource('executions').destroy({ const res1 = await agent.resource('executions').destroy({
filter: { filter: {
key: workflow.key, key: workflow.key,
}, },
}); });
expect(res1.status).toBe(200);
const e2 = await workflow.getExecutions(); const e2 = await workflow.getExecutions();
expect(e2.length).toBe(0); expect(e2.length).toBe(0);
@ -79,6 +93,31 @@ describe('workflow > actions > executions', () => {
const e2 = await workflow.getExecutions(); const e2 = await workflow.getExecutions();
expect(e2.length).toBe(1); expect(e2.length).toBe(1);
}); });
it('role as admin could delete execution', async () => {
const post = await PostRepo.create({ values: { title: 't1' } });
await sleep(500);
const e1 = await workflow.getExecutions();
expect(e1.length).toBe(1);
expect(e1[0].get('status')).toBe(EXECUTION_STATUS.RESOLVED);
const res1 = await userAgents[1].resource('executions').destroy({
filter: {
key: workflow.key,
},
});
expect(res1.status).toBe(403);
const res2 = await userAgents[0].resource('executions').destroy({
filter: {
key: workflow.key,
},
});
expect(res2.status).toBe(200);
const e2 = await workflow.getExecutions();
expect(e2.length).toBe(0);
});
}); });
describe('cancel', () => { describe('cancel', () => {