Optimize code

Signed-off-by: gaobinlong <gbinlong@amazon.com>
ruanyl · Aug 3, 2023 · 0dd5a0a · 0dd5a0a
1 parent db26b2b
commit 0dd5a0a
Show file tree

Hide file tree

Showing 3 changed files with 178 additions and 157 deletions.
diff --git a/src/core/server/saved_objects/permission_control/acl.test.ts b/src/core/server/saved_objects/permission_control/acl.test.ts
@@ -3,17 +3,12 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import exp from 'constants';
 import { PermissionMode } from '../../../../core/utils/constants';
 import { Principals, Permissions, ACL } from './acl';
 
 describe('SavedObjectTypeRegistry', () => {
   let acl: ACL;
 
-  beforeEach(() => {
-    acl = new ACL();
-  });
-
   it('test has permission', () => {
     const principals: Principals = {
       users: ['user1'],
@@ -22,20 +17,37 @@ describe('SavedObjectTypeRegistry', () => {
     const permissions: Permissions = {
       read: principals,
     };
-    expect(acl.hasPermission(PermissionMode.Read, permissions, 'user1')).toEqual(true);
-    expect(acl.hasPermission(PermissionMode.Read, permissions, 'user2')).toEqual(false);
+    acl = new ACL(permissions);
+    expect(
+      acl.hasPermission([PermissionMode.Read], {
+        users: ['user1'],
+        groups: [],
+      })
+    ).toEqual(true);
+    expect(
+      acl.hasPermission([PermissionMode.Read], {
+        users: ['user2'],
+        groups: [],
+      })
+    ).toEqual(false);
   });
 
   it('test add permission', () => {
-    const result1 = acl.addPermission([PermissionMode.Read], ['user1']).getPermissions();
+    acl = new ACL();
+    const result1 = acl
+      .addPermission([PermissionMode.Read], {
+        users: ['user1'],
+        groups: [],
+      })
+      .getPermissions();
     expect(result1?.read?.users).toEqual(['user1']);
 
+    acl.resetPermissions();
     const result2 = acl
-      .addPermission(
-        [PermissionMode.Write, PermissionMode.Management],
-        ['user2'],
-        ['group1', 'group2']
-      )
+      .addPermission([PermissionMode.Write, PermissionMode.Management], {
+        users: ['user2'],
+        groups: ['group1', 'group2'],
+      })
       .getPermissions();
     expect(result2?.write?.users).toEqual(['user2']);
     expect(result2?.management?.groups).toEqual(['group1', 'group2']);
@@ -52,8 +64,14 @@ describe('SavedObjectTypeRegistry', () => {
     };
     acl = new ACL(permissions1);
     const result1 = acl
-      .removePermission([PermissionMode.Read], ['user1'])
-      .removePermission([PermissionMode.Write], [], ['group2'])
+      .removePermission([PermissionMode.Read], {
+        users: ['user1'],
+        groups: [],
+      })
+      .removePermission([PermissionMode.Write], {
+        users: [],
+        groups: ['group2'],
+      })
       .getPermissions();
     expect(result1?.read?.users).toEqual([]);
     expect(result1?.write?.groups).toEqual(['group1']);
@@ -70,7 +88,10 @@ describe('SavedObjectTypeRegistry', () => {
 
     acl = new ACL(permissions2);
     const result2 = acl
-      .removePermission([PermissionMode.Read, PermissionMode.Write], ['user1'], ['group1'])
+      .removePermission([PermissionMode.Read, PermissionMode.Write], {
+        users: ['user1'],
+        groups: ['group1'],
+      })
       .getPermissions();
     expect(result2?.read?.users).toEqual(['*']);
     expect(result2?.write?.groups).toEqual(['*']);
@@ -85,16 +106,20 @@ describe('SavedObjectTypeRegistry', () => {
       read: principals,
       write: principals,
     };
-    const result = acl.transformPermissions(permissions);
+    acl = new ACL(permissions);
+    const result = acl.transformPermissions();
     expect(result?.length).toEqual(3);
   });
 
   it('test genereate query DSL', () => {
-    const result = acl.genereateGetPermittedSavedObjectsQueryDSL(
-      'read',
-      'workspace',
-      'user1',
-      'group1'
+    const principals = {
+      users: ['user1'],
+      groups: ['group1'],
+    };
+    const result = ACL.genereateGetPermittedSavedObjectsQueryDSL(
+      PermissionMode.Read,
+      principals,
+      'workspace'
     );
     expect(result).toEqual({
       query: {
@@ -104,8 +129,8 @@ describe('SavedObjectTypeRegistry', () => {
               bool: {
                 should: [
                   {
-                    term: {
-                      'permissions.read.users': 'user1',
+                    terms: {
+                      'permissions.read.users': ['user1'],
                     },
                   },
                   {
@@ -114,8 +139,8 @@ describe('SavedObjectTypeRegistry', () => {
                     },
                   },
                   {
-                    term: {
-                      'permissions.read.groups': 'group1',
+                    terms: {
+                      'permissions.read.groups': ['group1'],
                     },
                   },
                   {