84 lines
2.6 KiB
TypeScript
84 lines
2.6 KiB
TypeScript
import test from "node:test";
|
|
import assert from "node:assert/strict";
|
|
|
|
import {
|
|
buildApiKeyCreateScopes,
|
|
mergeApiKeyPermissionScopes,
|
|
} from "../../src/app/(dashboard)/dashboard/api-manager/apiManagerScopes.ts";
|
|
import {
|
|
SELF_ACCOUNT_QUOTA_SCOPE,
|
|
SELF_USAGE_SCOPE,
|
|
} from "../../src/shared/constants/selfServiceScopes.ts";
|
|
import { API_KEY_BYPASS_PROVIDER_QUOTA_SCOPE } from "../../src/shared/constants/apiKeyPolicyScopes.ts";
|
|
|
|
test("create scopes enable own usage by default without shared account quota", () => {
|
|
assert.deepEqual(buildApiKeyCreateScopes({ manageEnabled: false }), [SELF_USAGE_SCOPE]);
|
|
assert.deepEqual(buildApiKeyCreateScopes({ manageEnabled: true }), ["manage", SELF_USAGE_SCOPE]);
|
|
assert.deepEqual(
|
|
buildApiKeyCreateScopes({
|
|
manageEnabled: false,
|
|
bypassProviderQuotaPolicyEnabled: true,
|
|
}),
|
|
[SELF_USAGE_SCOPE, API_KEY_BYPASS_PROVIDER_QUOTA_SCOPE]
|
|
);
|
|
assert.deepEqual(
|
|
buildApiKeyCreateScopes({
|
|
manageEnabled: false,
|
|
selfUsageEnabled: false,
|
|
selfAccountQuotaEnabled: true,
|
|
}),
|
|
[]
|
|
);
|
|
});
|
|
|
|
test("permission scope merge preserves unrelated scopes while toggling managed scopes", () => {
|
|
const scopes = mergeApiKeyPermissionScopes(["custom:scope", SELF_USAGE_SCOPE], {
|
|
manageEnabled: true,
|
|
selfUsageEnabled: true,
|
|
selfAccountQuotaEnabled: true,
|
|
bypassProviderQuotaPolicyEnabled: true,
|
|
});
|
|
|
|
assert.deepEqual(scopes, [
|
|
"custom:scope",
|
|
SELF_USAGE_SCOPE,
|
|
"manage",
|
|
SELF_ACCOUNT_QUOTA_SCOPE,
|
|
API_KEY_BYPASS_PROVIDER_QUOTA_SCOPE,
|
|
]);
|
|
});
|
|
|
|
test("permission scope merge removes shared quota visibility when own usage is disabled", () => {
|
|
const scopes = mergeApiKeyPermissionScopes(
|
|
["custom:scope", SELF_USAGE_SCOPE, SELF_ACCOUNT_QUOTA_SCOPE],
|
|
{
|
|
manageEnabled: false,
|
|
selfUsageEnabled: false,
|
|
selfAccountQuotaEnabled: true,
|
|
bypassProviderQuotaPolicyEnabled: false,
|
|
}
|
|
);
|
|
|
|
assert.deepEqual(scopes, ["custom:scope"]);
|
|
});
|
|
|
|
test("permission scope merge toggles provider quota policy bypass without dropping custom scopes", () => {
|
|
const enabled = mergeApiKeyPermissionScopes(["custom:scope"], {
|
|
manageEnabled: false,
|
|
selfUsageEnabled: false,
|
|
selfAccountQuotaEnabled: false,
|
|
bypassProviderQuotaPolicyEnabled: true,
|
|
});
|
|
|
|
assert.deepEqual(enabled, ["custom:scope", API_KEY_BYPASS_PROVIDER_QUOTA_SCOPE]);
|
|
|
|
const disabled = mergeApiKeyPermissionScopes(enabled, {
|
|
manageEnabled: false,
|
|
selfUsageEnabled: false,
|
|
selfAccountQuotaEnabled: false,
|
|
bypassProviderQuotaPolicyEnabled: false,
|
|
});
|
|
|
|
assert.deepEqual(disabled, ["custom:scope"]);
|
|
});
|