archtechx/tenancy
1
0
Fork 0
mirror of https://github.com/archtechx/tenancy.git synced 2026-02-04 21:14:02 +00:00
Code Activity

Add test for granting permissions to new Postgres users

Browse source
This commit is contained in:
lukinovec 2023-06-14 09:40:55 +02:00
parent c31340bff0
commit 741af3929c
1 changed files with 14 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

14
tests/PostgresRLSTest.php
View file

@ -38,6 +38,8 @@ beforeEach(function () {
config(['tenancy.models.tenant_key_column' => 'tenant_id']); config(['tenancy.models.tenant_key_column' => 'tenant_id']);
config(['tenancy.models.tenant' => $tenantClass = Tenant::class]); config(['tenancy.models.tenant' => $tenantClass = Tenant::class]);
CreatePostgresUserForTenant::$permissions = ['ALL'];
$tenantModel = new $tenantClass; $tenantModel = new $tenantClass;
$primaryModel = new Post; $primaryModel = new Post;
$secondaryModel = new ScopedComment; $secondaryModel = new ScopedComment;
@ -205,6 +207,18 @@ test('queries are correctly scoped using RLS', function() {
tenancy()->end(); tenancy()->end();
}); });
test('users created by CreatePostgresUserForTenant are only granted the permissions specified in the static property', function() {
CreatePostgresUserForTenant::$permissions = ['INSERT', 'SELECT', 'UPDATE'];
$tenant = Tenant::create();
$name = $tenant->getTenantKey();
CreatePostgresUserForTenant::dispatchSync($tenant);
$grants = array_map(fn (object $grant) => $grant->privilege_type, DB::select("SELECT * FROM information_schema.role_table_grants WHERE grantee = '$name';"));
expect($grants)->toContain(...CreatePostgresUserForTenant::$permissions)
->not()->toContain('DELETE');
});
trait UsesUuidAsPrimaryKey trait UsesUuidAsPrimaryKey
{ {
use HasUuids; use HasUuids;