github-mirror/BookStack
2
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-06-16 17:38:18 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Started more formal permission test case definitions

Browse Source
This commit is contained in:
Dan Brown
2022-12-15 11:22:53 +00:00
parent e8a8fedfd6
commit d54ea1b3ed
3 changed files with 90 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
dev/docs/permission-scenario-testing.md Normal file
View File

@ -0,0 +1,37 @@
# Permission Scenario Testing
Due to complexity that can arise in the various combinations of permissions, this document details scenarios and their expected results.
Test cases are written ability abstract, since all abilities should act the same in theory. Functional test cases may test abilities separate due to implementation differences.
## Cases
### Entity Role Permissions
These are tests related to entity-level role-specific permission overrides.
#### entity_role_01 - Explicit allow
- Page permissions have inherit disabled.
- Role A has explicit page permission.
- User has Role A.
User should have page permission.
#### entity_role_02 - Explicit deny
- Page permissions have inherit disabled.
- Role A has explicit page permission.
- User has Role A.
User should not have permission.
#### entity_role_03 - Same level conflicting
- Page permissions have inherit disabled.
- Role A has explicit page permission.
- Role B has explicit blocked page permission.
- User has both Role A & B.
User should have page permission. Explicit grant overrides explicit deny at same level.