joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updates based on review

Browse Source
This commit is contained in:
awgeorge
2019-02-22 09:45:22 +00:00
committed by Arthur Cinader
parent ff33c9939c
commit c5a5f57451
4 changed files with 13 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
spec/UserPII.spec.js
View File

@@ -522,8 +522,8 @@ describe('Personally Identifiable Information', () => {
.catch(done.fail);
});
// Explict ACL should be able to read sensitive information
describe('with privilaged user no CLP', () => {
// Explicit ACL should be able to read sensitive information
describe('with privileged user no CLP', () => {
let adminUser;
beforeEach(async done => {
@@ -748,21 +748,18 @@ describe('Personally Identifiable Information', () => {
protectedFields: {
_User: { '*': ['ssn', 'zip'], 'role:Administrator': [] },
},
}).then(() => done());
}).then(done);
});
it('should be able to get own PII via API with object', done => {
const userObj = new (Parse.Object.extend(Parse.User))();
userObj.id = user.id;
userObj.fetch().then(
fetchedUser => {
expect(fetchedUser.get('email')).toBe(EMAIL);
expect(fetchedUser.get('zip')).toBe(ZIP);
expect(fetchedUser.get('ssn')).toBe(SSN);
done();
},
e => done.fail(e)
);
userObj.fetch().then(fetchedUser => {
expect(fetchedUser.get('email')).toBe(EMAIL);
expect(fetchedUser.get('zip')).toBe(ZIP);
expect(fetchedUser.get('ssn')).toBe(SSN);
done();
}, done.fail);
});
it('should not be able to get PII via API with object', done => {
@@ -997,7 +994,7 @@ describe('Personally Identifiable Information', () => {
.catch(done.fail);
});
// Explict ACL should be able to read sensitive information
// Explicit ACL should be able to read sensitive information
describe('with privilaged user CLP', () => {
let adminUser;