From 7142a8caab847e6a7744e61b55ee8ad881b74b5e Mon Sep 17 00:00:00 2001 From: mdecimus Date: Tue, 14 Jan 2025 14:22:07 +0100 Subject: [PATCH] Token revoke tests --- crates/common/src/auth/access_token.rs | 14 +++++--------- tests/src/jmap/mod.rs | 4 ++-- tests/src/jmap/permissions.rs | 12 ++++++++++-- 3 files changed, 17 insertions(+), 13 deletions(-) diff --git a/crates/common/src/auth/access_token.rs b/crates/common/src/auth/access_token.rs index f0b97b2b..21b9b9e9 100644 --- a/crates/common/src/auth/access_token.rs +++ b/crates/common/src/auth/access_token.rs @@ -254,13 +254,11 @@ impl Server { pub async fn increment_principal_revision(&self, changed_principals: ChangedPrincipals) { let mut nested_principals = Vec::new(); - let mut fetched_ids = AHashSet::new(); for (id, changed_principal) in changed_principals.iter() { self.increment_revision(*id).await; - if changed_principal.member_change { - nested_principals.push(*id); + if changed_principal.member_change { if changed_principal.typ == Type::Tenant { match self .store() @@ -277,12 +275,7 @@ impl Server { Ok(principals) => { for principal in principals.items { if !changed_principals.contains(principal.id()) { - if principal.typ() == Type::Role { - nested_principals.push(principal.id()); - } else { - self.increment_revision(principal.id()).await; - fetched_ids.insert(principal.id()); - } + self.increment_revision(principal.id()).await; } } } @@ -293,11 +286,14 @@ impl Server { .account_id(*id)); } } + } else { + nested_principals.push(*id); } } } if !nested_principals.is_empty() { + let mut fetched_ids = AHashSet::new(); let mut ids = nested_principals.into_iter(); let mut ids_stack = vec![]; diff --git a/tests/src/jmap/mod.rs b/tests/src/jmap/mod.rs index 5c98e8dc..bb48b1ac 100644 --- a/tests/src/jmap/mod.rs +++ b/tests/src/jmap/mod.rs @@ -383,7 +383,7 @@ pub async fn jmap_tests() { thread_get::test(&mut params).await; thread_merge::test(&mut params).await; mailbox::test(&mut params).await; - delivery::test(&mut params).await; + delivery::test(&mut params).await;*/ auth_acl::test(&mut params).await; auth_limits::test(&mut params).await; auth_oauth::test(&mut params).await; @@ -395,7 +395,7 @@ pub async fn jmap_tests() { websocket::test(&mut params).await; quota::test(&mut params).await; crypto::test(&mut params).await; - blob::test(&mut params).await;*/ + blob::test(&mut params).await; permissions::test(¶ms).await; purge::test(&mut params).await; enterprise::test(&mut params).await; diff --git a/tests/src/jmap/permissions.rs b/tests/src/jmap/permissions.rs index 5c99b6bd..30695713 100644 --- a/tests/src/jmap/permissions.rs +++ b/tests/src/jmap/permissions.rs @@ -50,7 +50,8 @@ pub async fn test(params: &JMAPTest) { .unwrap() .validate_permissions( Permission::all().filter(|p| p.is_user_permission() && *p != Permission::Pop3Dele), - ); + ) + .validate_revision(0); // Create multiple roles for (role, permissions, parent_role) in &[ @@ -139,7 +140,8 @@ pub async fn test(params: &JMAPTest) { Permission::ImapList, Permission::Pop3Authenticate, Permission::Pop3List, - ]); + ]) + .validate_revision(1); // Query all principals api.get::>("/api/principal") @@ -833,6 +835,7 @@ trait ValidatePermissions { expected_permissions: impl IntoIterator, ) -> Self; fn validate_tenant(self, tenant_id: u32, tenant_quota: u64) -> Self; + fn validate_revision(self, revision: u64) -> Self; } impl ValidatePermissions for Arc { @@ -877,4 +880,9 @@ impl ValidatePermissions for Arc { ); self } + + fn validate_revision(self, revision: u64) -> Self { + assert_eq!(self.revision, revision); + self + } }