69. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 10/4/2017 8:04:35 AM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

69.1 Files compared

#	Location	File	Last Modified
1	rdk.zip\rdk\product\production\rdk\src\resources\permission-sets	edit-user-permission-sets-spec.js	Mon Aug 28 19:41:48 2017 UTC
2	rdk.zip\rdk\product\production\rdk\src\resources\permission-sets	edit-user-permission-sets-spec.js	Tue Oct 3 18:21:37 2017 UTC

69.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	10	338
Changed	9	30
Inserted	0	0
Removed	0	0

69.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

69.4 Active regular expressions

No regular expressions were active.

69.5 Comparison detail

	1	'use stric t';
	2
	3	var _ = re quire('lod ash');
	4	var nock = require(' nock');
	5	var httpMo cks = requ ire('node- mocks-http ');
	6	var editPe rmissionSe ts = requi re('./edit -user-perm ission-set s');
	7	var testDa ta = requi re('./perm ission-set s-test-dat a.json');
	8	var rdk = require('. ./../core/ rdk');
	9	var pjds = rdk.utils .pjdsStore ;
	10	var logger = sinon.s tub(requir e('bunyan' ).createLo gger({
	11	name: 'edit-user -permissio n-sets'
	12	}));
	13
	14	describe(' Edit User Permission Sets', fu nction() {
	15	var re q;
	16	var re s;
	17
	18	before Each(funct ion(done) {
	19	re q = httpMo cks.create Request({
	20	method: 'PUT',
	21	url: 're source/per mission-se ts/edit'
	22	}) ;
	23	_. set(req, ' app.config .generalPu rposeJdsSe rver', {
	24	baseUrl: ' http:// IP ',
	25	urlLengt hLimit: 12 0
	26	}) ;
	27	_. set(req, ' app.config .jbpm.ehmp routingDat abase', {
	28	user: 'n one',
	29	password : 'fake',
	30	connectStr ing: ' IP /XE'
	31	}) ;
	32	_. set(req, ' audit', {} );
	33	_. set(req, ' logger', l ogger);
	34	_. set(req, ' session.us er', _.clo ne(testDat a.actingUs er));
	35	_. set(req, ' session.us er.consume rType', 'u ser');
	36	re s = httpMo cks.create Response() ;
	37	re s.rdkSend = function (results) {};
	38	do ne();
	39	});
	40
	41	afterE ach(functi on(done) {
	42	no ck.cleanAl l();
	43	do ne();
	44	});
	45
	46	descri be('stops early when ', functio n() {
	47	be foreEach(f unction() {
	48	_.set(re q, ['sessi on', 'user ', 'permis sionSet', 'val', 0], 'acc');
	49	}) ;
	50
	51	it ('no user is sent', function() {
	52	res.rdkS end = func tion (resu lt) {
	53	expe ct(result) .to.match( /Missing u ser parame ter/);
	54	};
	55	editPerm issionSets (req, res) ;
	56	}) ;
	57
	58	it ('no uid i s sent on the user', function( ) {
	59	_.set(re q, 'query. user', {}) ;
	60	res.rdkS end = func tion (resu lt) {
	61	expe ct(result) .to.match( /Missing u ser uid/);
	62	};
	63	editPerm issionSets (req, res) ;
	64	}) ;
	65	});
	66
	67	descri be('having \'acc\' p ermission set', func tion() {
	68	be foreEach(f unction() {
	69	_.set(re q, ['sessi on', 'user ', 'permis sionSet', 'val', 0], 'acc');
	70	_.set(re q, ['sessi on', 'user ', 'permis sions'], [
	71	'add -user-perm ission-set ',
	72	'edi t-user-per mission-se t',
	73	'rea d-user-per mission-se t',
	74	'rem ove-user-p ermission- set'
	75	]);
	76	_.set(re q, 'query' , {
	77	user : {},
	78	perm issionSets : ['contes tant-at-ea ting'],
	79	addi tionalPerm issions: [ 'pie-is-gr eat']
	80	});
	81	}) ;
	82
	83	it ('does not allow a u ser to edi t their ow n permissi ons withou t \'edit-o wn-permiss ions\'', f unction(do ne) {
	84	_.set(re q, 'query. user.uid', testData. actingUser .uid);
	85	res.rdkS end = func tion (resu lt) {
	86	expe ct(result) .to.match( /Not allow ed to edit permissio n sets on this user/ );
	87	done ();
	88	};
	89	editPerm issionSets (req, res) ;
	90	}) ;
	91
	92	it ('does all ow a user to edit th eir own pe rmissions with \'edi t-own-perm issions\'' , function (done) {
	93	_.set(re q, 'query. user.uid', testData. actingUser .uid);
	94	_.set(re q, ['sessi on', 'user ', 'permis sionSet', 'additiona lPermissio ns', 0], ' edit-own-p ermissions ');
	95	req.sess ion.user.p ermissions .push('edi t-own-perm issions');
	96
	97	nock('http :// IP ')
	98	.get('/ehm pusers/urn :va:user: REDACTED :0007')
	99	.rep ly(200, _. clone(test Data.actin gUser));
	100
	101	nock('http :// IP ')
	102	.put('/ehm pusers/urn :va:user: REDACTED :0007')
	103	.rep ly(201, {} );
	104
	105	res.rdkS end = func tion (resp onse) {
	106	expe ct(_.get(r esponse, ' data.val') ).to.conta in('contes tant-at-ea ting');
	107	expe ct(_.get(r esponse, ' data.addit ionalPermi ssions')). to.contain ('pie-is-g reat');
	108	expe ct(respons e.data).to .have.prop erty('modi fiedOn');
	109	expe ct(respons e.data).to .have.prop erty('modi fiedBy');
	110	res. rdkSend = sinon.stub (); //rese t the func tion to a stub
	111	done ();
	112	};
	113
	114	editPerm issionSets (req, res) ;
	115	}) ;
	116
	117	it ('does all ow a user to edit an other user \'s permis sions', fu nction(don e) {
	118	_.set(req, 'query.us er.uid', ' urn:va:use r: REDACTED :0001');
	119	req.sess ion.user.p ermissions .push('edi t-own-perm issions');
	120
	121	nock('http :// IP ')
	122	.get('/ehm pusers/urn :va:user: REDACTED :0001')
	123	.rep ly(200, _. clone(pjds .defaults. user));
	124
	125	nock('http :// IP ')
	126	.put('/ehm pusers/urn :va:user: REDACTED :0001')
	127	.rep ly(201, {} );
	128
	129	res.rdkS end = func tion(respo nse) {
	130	expe ct(_.get(r esponse, ' data.val') ).to.conta in('contes tant-at-ea ting');
	131	expe ct(_.get(r esponse, ' data.addit ionalPermi ssions')). to.contain ('pie-is-g reat');
	132	expe ct(respons e.data).to .have.prop erty('modi fiedOn');
	133	expe ct(respons e.data).to .have.prop erty('modi fiedBy');
	134	res. rdkSend = sinon.stub (); //rese t the func tion to a stub
	135	done ();
	136	};
	137
	138	editPerm issionSets (req, res) ;
	139	}) ;
	140	});
	141
	142	descri be('when m issing \'a cc\' permi ssion set' , function () {
	143	be foreEach(f unction() {
	144	_.set(re q, 'query' , {
	145	user : {},
	146	perm issionSets : ['contes tant-at-ea ting'],
	147	addi tionalPerm issions: [ 'pie-is-gr eat']
	148	});
	149	}) ;
	150
	151	it ('does not allow a u ser to edi t their ow n permissi ons withou t \'edit-o wn-permiss ions\'', f unction() {
	152	_.set(re q, 'query. user.uid', testData. actingUser .uid);
	153	res.rdkS end = func tion (resu lt) {
	154	expe ct(result) .to.match( /Not allow ed to edit permissio n sets on this user/ );
	155	};
	156	editPerm issionSets (req, res) ;
	157	}) ;
	158
	159	it ('does all ow a user to edit th eir own pe rmissions with \'edi t-own-perm issions\'' , function (done) {
	160	_.set(re q, 'query. user.uid', testData. actingUser .uid);
	161	_.set(re q, ['sessi on', 'user ', 'permis sionSet', 'additiona lPermissio ns', 0], ' edit-own-p ermissions ');
	162	_.set(re q, 'sessio n.user.per missions', ['edit-ow n-permissi ons']);
	163
	164	nock('http :// IP ')
	165	.get('/ehm pusers/urn :va:user: REDACTED :0007')
	166	.rep ly(200, _. clone(test Data.actin gUser));
	167
	168	nock('http :// IP ')
	169	.put('/ehm pusers/urn :va:user: REDACTED :0007')
	170	.rep ly(201, {} );
	171
	172	res.rdkS end = func tion(respo nse) {
	173	expe ct(_.get(r esponse, ' data.val') ).to.conta in('contes tant-at-ea ting');
	174	expe ct(_.get(r esponse, ' data.addit ionalPermi ssions')). to.contain ('pie-is-g reat');
	175	expe ct(respons e.data).to .have.prop erty('modi fiedOn');
	176	expe ct(respons e.data).to .have.prop erty('modi fiedBy');
	177	res. rdkSend = sinon.stub (); //rese t the func tion to a stub
	178	done ();
	179	};
	180
	181	editPerm issionSets (req, res) ;
	182	}) ;
	183	});
	184	});