forked from 352Media/mongoose-authorization
-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Disallowing the use of API Model.create and Model.remove (#12)
These two methods can't be protected by this plugin, so it's best to disallow them entirely. By doing so, it makes it safe to wrap your mongoose models with an Restify wrapper. Also, this diff introduces Ava and the new testing engine. Very similar syntax as before, just a newer, modern, maintained library.
- Loading branch information
Showing
7 changed files
with
3,003 additions
and
731 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| # 2.0.0 | ||
|
|
||
| - Removing the ability to call Model.remove() and Model.create() since those aren't compatible with how this library works. | ||
| - |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| const test = require('ava'); | ||
| const mongoose = require('mongoose'); | ||
| const authz = require('../'); | ||
| const IncompatibleMethodError = require('../lib/IncompatibleMethodError'); | ||
|
|
||
| test.before((t) => { | ||
| const schema = new mongoose.Schema({ friend: String }); | ||
| schema.plugin(authz); | ||
| t.context.MyModel = mongoose.model('MyModel', schema); | ||
| }); | ||
|
|
||
| test('Model.create should not be callable', (t) => { | ||
| const { MyModel } = t.context; | ||
| t.throws( | ||
| () => MyModel.create({ friend: 'bar' }), | ||
| IncompatibleMethodError, | ||
| ); | ||
| }); | ||
|
|
||
| test('Model.remove should not be callable', (t) => { | ||
| const { MyModel } = t.context; | ||
| t.throws( | ||
| () => MyModel.remove({}), | ||
| IncompatibleMethodError, | ||
| ); | ||
| }); | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| module.exports = class IncompatibleMethodError extends Error { | ||
| constructor(method) { | ||
| const message = `[${method}] is not compatable with mongoose-authz. ` + | ||
| `Please see https://www.npmjs.com/package/mongoose-authz#${method} for more details.`; | ||
|
|
||
| super(message); | ||
| this.name = 'IncompatibleMethod'; | ||
| } | ||
| }; |
Oops, something went wrong.