From 6627127cd5832fa13f5d98db658f716705e3e03f Mon Sep 17 00:00:00 2001 From: kobelb Date: Wed, 5 Sep 2018 17:29:37 -0400 Subject: [PATCH] Adding GET test suite --- .../common/suites/saved_objects/get.js | 108 ++++++++ .../apis/saved_objects/get.js | 243 ++++++++++++++++++ .../apis/saved_objects/index.js | 1 + .../security_only/apis/saved_objects/get.js | 165 ++++++------ .../spaces_only/apis/saved_objects/get.js | 100 +++---- 5 files changed, 480 insertions(+), 137 deletions(-) create mode 100644 x-pack/test/saved_object_api_integration/common/suites/saved_objects/get.js create mode 100644 x-pack/test/saved_object_api_integration/security_and_spaces/apis/saved_objects/get.js diff --git a/x-pack/test/saved_object_api_integration/common/suites/saved_objects/get.js b/x-pack/test/saved_object_api_integration/common/suites/saved_objects/get.js new file mode 100644 index 00000000000000..78c632b9bb9eec --- /dev/null +++ b/x-pack/test/saved_object_api_integration/common/suites/saved_objects/get.js @@ -0,0 +1,108 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +import expect from 'expect.js'; +import { getIdPrefix, getUrlPrefix } from "../../lib/space_test_utils"; +import { DEFAULT_SPACE_ID } from '../../../../../plugins/spaces/common/constants'; + +export function getTestSuiteFactory(esArchiver, supertest) { + const existsId = 'dd7caf20-9efd-11e7-acb3-3dab96693fab'; + const doesntExistId = 'foobar'; + const makeGetTest = (describeFn) => (description, { + auth = { + username: undefined, + password: undefined, + }, + spaceId = DEFAULT_SPACE_ID, + otherSpaceId = spaceId, + tests + }) => { + describeFn(description, () => { + before(() => esArchiver.load('saved_objects/spaces')); + after(() => esArchiver.unload('saved_objects/spaces')); + + it(`should return ${tests.exists.statusCode}`, async () => { + await supertest + .get(`${getUrlPrefix(spaceId)}/api/saved_objects/visualization/${getIdPrefix(otherSpaceId)}${existsId}`) + .auth(auth.username, auth.password) + .expect(tests.exists.statusCode) + .then(tests.exists.response); + }); + + describe('document does not exist', () => { + it(`should return ${tests.doesntExist.statusCode}`, async () => { + await supertest + .get(`${getUrlPrefix(spaceId)}/api/saved_objects/visualization/${getIdPrefix(otherSpaceId)}${doesntExistId}`) + .auth(auth.username, auth.password) + .expect(tests.doesntExist.statusCode) + .then(tests.doesntExist.response); + }); + }); + }); + }; + + const getTest = makeGetTest(describe); + getTest.only = makeGetTest(describe.only); + + const createExpectLegacyForbidden = username => resp => { + expect(resp.body).to.eql({ + statusCode: 403, + error: 'Forbidden', + // eslint-disable-next-line max-len + message: `action [indices:data/read/get] is unauthorized for user [${username}]: [security_exception] action [indices:data/read/get] is unauthorized for user [${username}]` + }); + }; + + const createExpectNotFound = (id, spaceId = DEFAULT_SPACE_ID) => (resp) => { + expect(resp.body).to.eql({ + error: 'Not Found', + message: `Saved object [visualization/${getIdPrefix(spaceId)}${id}] not found`, + statusCode: 404, + }); + }; + + const createExpectDoesntExistNotFound = (spaceId = DEFAULT_SPACE_ID) => { + return createExpectNotFound(doesntExistId, spaceId); + }; + + const createExpectExistsNotFound = (spaceId = DEFAULT_SPACE_ID) => { + return createExpectNotFound(existsId, spaceId); + }; + + const createExpectRbacForbidden = () => (resp) => { + expect(resp.body).to.eql({ + error: 'Forbidden', + message: `Unable to get visualization, missing action:saved_objects/visualization/get`, + statusCode: 403, + }); + }; + + const createExpectResults = (spaceId = DEFAULT_SPACE_ID) => (resp) => { + expect(resp.body).to.eql({ + id: `${getIdPrefix(spaceId)}dd7caf20-9efd-11e7-acb3-3dab96693fab`, + type: 'visualization', + updated_at: '2017-09-21T18:51:23.794Z', + version: resp.body.version, + attributes: { + title: 'Count of requests', + description: '', + version: 1, + // cheat for some of the more complex attributes + visState: resp.body.attributes.visState, + uiStateJSON: resp.body.attributes.uiStateJSON, + kibanaSavedObjectMeta: resp.body.attributes.kibanaSavedObjectMeta + } + }); + }; + + return { + createExpectDoesntExistNotFound, + createExpectExistsNotFound, + createExpectLegacyForbidden, + createExpectRbacForbidden, + createExpectResults, + getTest + }; +} diff --git a/x-pack/test/saved_object_api_integration/security_and_spaces/apis/saved_objects/get.js b/x-pack/test/saved_object_api_integration/security_and_spaces/apis/saved_objects/get.js new file mode 100644 index 00000000000000..e049843ebad3fd --- /dev/null +++ b/x-pack/test/saved_object_api_integration/security_and_spaces/apis/saved_objects/get.js @@ -0,0 +1,243 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { AUTHENTICATION } from '../../../common/lib/authentication'; +import { getTestSuiteFactory } from '../../../common/suites/saved_objects/get'; +import { SPACES } from '../../../common/lib/spaces'; + +export default function ({ getService }) { + const supertest = getService('supertestWithoutAuth'); + const esArchiver = getService('esArchiver'); + + const { + createExpectDoesntExistNotFound, + createExpectLegacyForbidden, + createExpectRbacForbidden, + createExpectResults, + getTest + } = getTestSuiteFactory(esArchiver, supertest); + + describe('get', () => { + [ + { + spaceId: SPACES.DEFAULT.spaceId, + userWithAllAtSpace: AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_ALL_USER, + userWithReadAtSpace: AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_READ_USER, + userWithAllAtOtherSpace: AUTHENTICATION.KIBANA_RBAC_SPACE_1_ALL_USER, + }, + { + spaceId: SPACES.SPACE_1.spaceId, + userWithAllAtSpace: AUTHENTICATION.KIBANA_RBAC_SPACE_1_ALL_USER, + userWithReadAtSpace: AUTHENTICATION.KIBANA_RBAC_SPACE_1_READ_USER, + userWithAllAtOtherSpace: AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_ALL_USER, + } + ].forEach(({ + spaceId, + userWithAllAtSpace, + userWithReadAtSpace, + userWithAllAtOtherSpace, + }) => { + getTest(AUTHENTICATION.NOT_A_KIBANA_USER.USERNAME, { + auth: { + username: AUTHENTICATION.NOT_A_KIBANA_USER.USERNAME, + password: AUTHENTICATION.NOT_A_KIBANA_USER.PASSWORD, + }, + spaceId, + tests: { + exists: { + statusCode: 403, + response: createExpectLegacyForbidden(AUTHENTICATION.NOT_A_KIBANA_USER.USERNAME), + }, + doesntExist: { + statusCode: 403, + response: createExpectLegacyForbidden(AUTHENTICATION.NOT_A_KIBANA_USER.USERNAME), + }, + } + }); + + + getTest(AUTHENTICATION.SUPERUSER.USERNAME, { + auth: { + username: AUTHENTICATION.SUPERUSER.USERNAME, + password: AUTHENTICATION.SUPERUSER.PASSWORD, + }, + spaceId, + tests: { + exists: { + statusCode: 200, + response: createExpectResults(spaceId), + }, + doesntExist: { + statusCode: 404, + response: createExpectDoesntExistNotFound(spaceId), + }, + } + }); + + getTest(AUTHENTICATION.KIBANA_LEGACY_USER.USERNAME, { + auth: { + username: AUTHENTICATION.KIBANA_LEGACY_USER.USERNAME, + password: AUTHENTICATION.KIBANA_LEGACY_USER.PASSWORD, + }, + spaceId, + tests: { + exists: { + statusCode: 200, + response: createExpectResults(spaceId), + }, + doesntExist: { + statusCode: 404, + response: createExpectDoesntExistNotFound(spaceId), + }, + } + }); + + getTest(AUTHENTICATION.KIBANA_LEGACY_DASHBOARD_ONLY_USER.USERNAME, { + auth: { + username: AUTHENTICATION.KIBANA_LEGACY_DASHBOARD_ONLY_USER.USERNAME, + password: AUTHENTICATION.KIBANA_LEGACY_DASHBOARD_ONLY_USER.PASSWORD, + }, + spaceId, + tests: { + exists: { + statusCode: 200, + response: createExpectResults(spaceId), + }, + doesntExist: { + statusCode: 404, + response: createExpectDoesntExistNotFound(spaceId), + }, + } + }); + + getTest(AUTHENTICATION.KIBANA_DUAL_PRIVILEGES_USER.USERNAME, { + auth: { + username: AUTHENTICATION.KIBANA_DUAL_PRIVILEGES_USER.USERNAME, + password: AUTHENTICATION.KIBANA_DUAL_PRIVILEGES_USER.PASSWORD, + }, + spaceId, + tests: { + exists: { + statusCode: 200, + response: createExpectResults(spaceId), + }, + doesntExist: { + statusCode: 404, + response: createExpectDoesntExistNotFound(spaceId), + }, + } + }); + + getTest(AUTHENTICATION.KIBANA_DUAL_PRIVILEGES_DASHBOARD_ONLY_USER.USERNAME, { + auth: { + username: AUTHENTICATION.KIBANA_DUAL_PRIVILEGES_DASHBOARD_ONLY_USER.USERNAME, + password: AUTHENTICATION.KIBANA_DUAL_PRIVILEGES_DASHBOARD_ONLY_USER.PASSWORD, + }, + spaceId, + tests: { + exists: { + statusCode: 200, + response: createExpectResults(spaceId), + }, + doesntExist: { + statusCode: 404, + response: createExpectDoesntExistNotFound(spaceId), + }, + } + }); + + getTest(AUTHENTICATION.KIBANA_RBAC_USER.USERNAME, { + auth: { + username: AUTHENTICATION.KIBANA_RBAC_USER.USERNAME, + password: AUTHENTICATION.KIBANA_RBAC_USER.PASSWORD, + }, + spaceId, + tests: { + exists: { + statusCode: 200, + response: createExpectResults(spaceId), + }, + doesntExist: { + statusCode: 404, + response: createExpectDoesntExistNotFound(spaceId), + }, + } + }); + + getTest(AUTHENTICATION.KIBANA_RBAC_DASHBOARD_ONLY_USER.USERNAME, { + auth: { + username: AUTHENTICATION.KIBANA_RBAC_DASHBOARD_ONLY_USER.USERNAME, + password: AUTHENTICATION.KIBANA_RBAC_DASHBOARD_ONLY_USER.PASSWORD, + }, + spaceId, + tests: { + exists: { + statusCode: 200, + response: createExpectResults(spaceId), + }, + doesntExist: { + statusCode: 404, + response: createExpectDoesntExistNotFound(spaceId), + }, + } + }); + + getTest(`${userWithAllAtSpace.USERNAME} user`, { + auth: { + username: userWithAllAtSpace.USERNAME, + password: userWithAllAtSpace.PASSWORD, + }, + spaceId, + tests: { + exists: { + statusCode: 200, + response: createExpectResults(spaceId), + }, + doesntExist: { + statusCode: 404, + response: createExpectDoesntExistNotFound(spaceId), + }, + } + }); + + getTest(`${userWithReadAtSpace.USERNAME} user`, { + auth: { + username: userWithReadAtSpace.USERNAME, + password: userWithReadAtSpace.PASSWORD, + }, + spaceId, + tests: { + exists: { + statusCode: 200, + response: createExpectResults(spaceId), + }, + doesntExist: { + statusCode: 404, + response: createExpectDoesntExistNotFound(spaceId), + }, + } + }); + + getTest(`${userWithAllAtOtherSpace.USERNAME} user`, { + auth: { + username: userWithAllAtOtherSpace.USERNAME, + password: userWithAllAtOtherSpace.PASSWORD, + }, + spaceId, + tests: { + exists: { + statusCode: 403, + response: createExpectRbacForbidden(), + }, + doesntExist: { + statusCode: 403, + response: createExpectRbacForbidden(), + }, + } + }); + }); + }); +} diff --git a/x-pack/test/saved_object_api_integration/security_and_spaces/apis/saved_objects/index.js b/x-pack/test/saved_object_api_integration/security_and_spaces/apis/saved_objects/index.js index 14ac105ad147c8..a55dca87696ffd 100644 --- a/x-pack/test/saved_object_api_integration/security_and_spaces/apis/saved_objects/index.js +++ b/x-pack/test/saved_object_api_integration/security_and_spaces/apis/saved_objects/index.js @@ -10,5 +10,6 @@ export default function ({ loadTestFile }) { describe('saved_objects', () => { loadTestFile(require.resolve('./create')); loadTestFile(require.resolve('./find')); + loadTestFile(require.resolve('./get')); }); } diff --git a/x-pack/test/saved_object_api_integration/security_only/apis/saved_objects/get.js b/x-pack/test/saved_object_api_integration/security_only/apis/saved_objects/get.js index 8c075aa67b98e1..76747454fd0e2f 100644 --- a/x-pack/test/saved_object_api_integration/security_only/apis/saved_objects/get.js +++ b/x-pack/test/saved_object_api_integration/security_only/apis/saved_objects/get.js @@ -4,74 +4,21 @@ * you may not use this file except in compliance with the Elastic License. */ -import expect from 'expect.js'; import { AUTHENTICATION } from '../../../common/lib/authentication'; +import { getTestSuiteFactory } from '../../../common/suites/saved_objects/get'; export default function ({ getService }) { const supertest = getService('supertestWithoutAuth'); const esArchiver = getService('esArchiver'); - describe('get', () => { + const { + createExpectDoesntExistNotFound, + createExpectLegacyForbidden, + createExpectResults, + getTest + } = getTestSuiteFactory(esArchiver, supertest); - const expectResults = (resp) => { - expect(resp.body).to.eql({ - id: 'dd7caf20-9efd-11e7-acb3-3dab96693fab', - type: 'visualization', - updated_at: '2017-09-21T18:51:23.794Z', - version: resp.body.version, - attributes: { - title: 'Count of requests', - description: '', - version: 1, - // cheat for some of the more complex attributes - visState: resp.body.attributes.visState, - uiStateJSON: resp.body.attributes.uiStateJSON, - kibanaSavedObjectMeta: resp.body.attributes.kibanaSavedObjectMeta - } - }); - }; - - const expectNotFound = (resp) => { - expect(resp.body).to.eql({ - error: 'Not Found', - message: 'Saved object [visualization/foobar] not found', - statusCode: 404, - }); - }; - - const createExpectLegacyForbidden = username => resp => { - expect(resp.body).to.eql({ - statusCode: 403, - error: 'Forbidden', - // eslint-disable-next-line max-len - message: `action [indices:data/read/get] is unauthorized for user [${username}]: [security_exception] action [indices:data/read/get] is unauthorized for user [${username}]` - }); - }; - - const getTest = (description, { auth, tests }) => { - describe(description, () => { - before(() => esArchiver.load('saved_objects/spaces')); - after(() => esArchiver.unload('saved_objects/spaces')); - - it(`should return ${tests.exists.statusCode}`, async () => ( - await supertest - .get(`/api/saved_objects/visualization/dd7caf20-9efd-11e7-acb3-3dab96693fab`) - .auth(auth.username, auth.password) - .expect(tests.exists.statusCode) - .then(tests.exists.response) - )); - - describe('document does not exist', () => { - it(`should return ${tests.doesntExist.statusCode}`, async () => ( - await supertest - .get(`/api/saved_objects/visualization/foobar`) - .auth(auth.username, auth.password) - .expect(tests.doesntExist.statusCode) - .then(tests.doesntExist.response) - )); - }); - }); - }; + describe('get', () => { getTest(`not a kibana user`, { auth: { @@ -98,11 +45,11 @@ export default function ({ getService }) { tests: { exists: { statusCode: 200, - response: expectResults, + response: createExpectResults(), }, doesntExist: { statusCode: 404, - response: expectNotFound, + response: createExpectDoesntExistNotFound(), }, } }); @@ -115,11 +62,11 @@ export default function ({ getService }) { tests: { exists: { statusCode: 200, - response: expectResults, + response: createExpectResults(), }, doesntExist: { statusCode: 404, - response: expectNotFound, + response: createExpectDoesntExistNotFound(), }, } }); @@ -132,11 +79,11 @@ export default function ({ getService }) { tests: { exists: { statusCode: 200, - response: expectResults, + response: createExpectResults(), }, doesntExist: { statusCode: 404, - response: expectNotFound, + response: createExpectDoesntExistNotFound(), }, } }); @@ -149,11 +96,11 @@ export default function ({ getService }) { tests: { exists: { statusCode: 200, - response: expectResults, + response: createExpectResults(), }, doesntExist: { statusCode: 404, - response: expectNotFound, + response: createExpectDoesntExistNotFound(), }, } }); @@ -166,11 +113,11 @@ export default function ({ getService }) { tests: { exists: { statusCode: 200, - response: expectResults, + response: createExpectResults(), }, doesntExist: { statusCode: 404, - response: expectNotFound, + response: createExpectDoesntExistNotFound(), }, } }); @@ -183,11 +130,11 @@ export default function ({ getService }) { tests: { exists: { statusCode: 200, - response: expectResults, + response: createExpectResults(), }, doesntExist: { statusCode: 404, - response: expectNotFound, + response: createExpectDoesntExistNotFound(), }, } }); @@ -200,11 +147,79 @@ export default function ({ getService }) { tests: { exists: { statusCode: 200, - response: expectResults, + response: createExpectResults(), }, doesntExist: { statusCode: 404, - response: expectNotFound, + response: createExpectDoesntExistNotFound(), + }, + } + }); + + getTest(`kibana rbac default space all user`, { + auth: { + username: AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_ALL_USER.USERNAME, + password: AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_ALL_USER.PASSWORD, + }, + tests: { + exists: { + statusCode: 403, + response: createExpectLegacyForbidden(AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_ALL_USER.USERNAME), + }, + doesntExist: { + statusCode: 403, + response: createExpectLegacyForbidden(AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_ALL_USER.USERNAME), + }, + } + }); + + getTest(`kibana rbac default space read user`, { + auth: { + username: AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_READ_USER.USERNAME, + password: AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_READ_USER.PASSWORD, + }, + tests: { + exists: { + statusCode: 403, + response: createExpectLegacyForbidden(AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_READ_USER.USERNAME), + }, + doesntExist: { + statusCode: 403, + response: createExpectLegacyForbidden(AUTHENTICATION.KIBANA_RBAC_DEFAULT_SPACE_READ_USER.USERNAME), + }, + } + }); + + getTest(`kibana rbac space 1 all user`, { + auth: { + username: AUTHENTICATION.KIBANA_RBAC_SPACE_1_ALL_USER.USERNAME, + password: AUTHENTICATION.KIBANA_RBAC_SPACE_1_ALL_USER.PASSWORD, + }, + tests: { + exists: { + statusCode: 403, + response: createExpectLegacyForbidden(AUTHENTICATION.KIBANA_RBAC_SPACE_1_ALL_USER.USERNAME), + }, + doesntExist: { + statusCode: 403, + response: createExpectLegacyForbidden(AUTHENTICATION.KIBANA_RBAC_SPACE_1_ALL_USER.USERNAME), + }, + } + }); + + getTest(`kibana rbac space 1 readonly user`, { + auth: { + username: AUTHENTICATION.KIBANA_RBAC_SPACE_1_READ_USER.USERNAME, + password: AUTHENTICATION.KIBANA_RBAC_SPACE_1_READ_USER.PASSWORD, + }, + tests: { + exists: { + statusCode: 403, + response: createExpectLegacyForbidden(AUTHENTICATION.KIBANA_RBAC_SPACE_1_READ_USER.USERNAME), + }, + doesntExist: { + statusCode: 403, + response: createExpectLegacyForbidden(AUTHENTICATION.KIBANA_RBAC_SPACE_1_READ_USER.USERNAME), }, } }); diff --git a/x-pack/test/saved_object_api_integration/spaces_only/apis/saved_objects/get.js b/x-pack/test/saved_object_api_integration/spaces_only/apis/saved_objects/get.js index 06b32d795add40..de25327f10865f 100644 --- a/x-pack/test/saved_object_api_integration/spaces_only/apis/saved_objects/get.js +++ b/x-pack/test/saved_object_api_integration/spaces_only/apis/saved_objects/get.js @@ -4,100 +4,76 @@ * you may not use this file except in compliance with the Elastic License. */ -import expect from 'expect.js'; -import { getIdPrefix, getUrlPrefix } from '../../../common/lib/space_test_utils'; +import { getTestSuiteFactory } from '../../../common/suites/saved_objects/get'; import { SPACES } from '../../../common/lib/spaces'; export default function ({ getService }) { const supertest = getService('supertest'); const esArchiver = getService('esArchiver'); - describe('get', () => { - - const expectResults = (spaceId) => () => (resp) => { - const expectedBody = { - id: `${getIdPrefix(spaceId)}dd7caf20-9efd-11e7-acb3-3dab96693fab`, - type: 'visualization', - updated_at: '2017-09-21T18:51:23.794Z', - version: resp.body.version, - - attributes: { - title: 'Count of requests', - description: '', - version: 1, - // cheat for some of the more complex attributes - visState: resp.body.attributes.visState, - uiStateJSON: resp.body.attributes.uiStateJSON, - kibanaSavedObjectMeta: resp.body.attributes.kibanaSavedObjectMeta - } - }; - - expect(resp.body).to.eql(expectedBody); - }; + const { + createExpectDoesntExistNotFound, + createExpectExistsNotFound, + createExpectResults, + getTest + } = getTestSuiteFactory(esArchiver, supertest); - const expectNotFound = (type, id) => (resp) => { - expect(resp.body).to.eql({ - error: 'Not Found', - message: `Saved object [${type}/${id}] not found`, - statusCode: 404, - }); - }; - - const getTest = (description, { spaceId, tests, otherSpaceId = spaceId }) => { - describe(description, () => { - before(async () => esArchiver.load(`saved_objects/spaces`)); - after(async () => esArchiver.unload(`saved_objects/spaces`)); - - it(`should return ${tests.exists.statusCode}`, async () => { - const objectId = `${getIdPrefix(otherSpaceId)}dd7caf20-9efd-11e7-acb3-3dab96693fab`; - - return supertest - .get(`${getUrlPrefix(spaceId)}/api/saved_objects/visualization/${objectId}`) - .expect(tests.exists.statusCode) - .then(tests.exists.response('visualization', objectId)); - }); - }); - }; - - getTest(`can access objects belonging to the current space (space_1)`, { - ...SPACES.SPACE_1, + describe('get', () => { + getTest(`can access objects belonging to the current space (default)`, { + ...SPACES.DEFAULT, tests: { exists: { statusCode: 200, - response: expectResults(SPACES.SPACE_1.spaceId), + response: createExpectResults(SPACES.DEFAULT.spaceId), }, + doesntExist: { + statusCode: 404, + response: createExpectDoesntExistNotFound(SPACES.DEFAULT.spaceId), + } } }); - getTest(`cannot access objects belonging to a different space (space_1)`, { - ...SPACES.SPACE_1, - otherSpaceId: SPACES.SPACE_2.spaceId, + getTest(`cannot access objects belonging to a different space (default)`, { + ...SPACES.DEFAULT, + otherSpaceId: SPACES.SPACE_1.spaceId, tests: { exists: { statusCode: 404, - response: expectNotFound + response: createExpectExistsNotFound(SPACES.SPACE_1.spaceId) }, + doesntExist: { + statusCode: 404, + response: createExpectDoesntExistNotFound(SPACES.SPACE_1.spaceId), + } } }); - getTest(`can access objects belonging to the current space (default)`, { - ...SPACES.DEFAULT, + getTest(`can access objects belonging to the current space (space_1)`, { + ...SPACES.SPACE_1, tests: { exists: { statusCode: 200, - response: expectResults(SPACES.DEFAULT.spaceId), + response: createExpectResults(SPACES.SPACE_1.spaceId), }, + doesntExist: { + statusCode: 404, + response: createExpectDoesntExistNotFound(SPACES.SPACE_1.spaceId), + } } }); - getTest(`cannot access objects belonging to a different space (default)`, { - ...SPACES.DEFAULT, - otherSpaceId: SPACES.SPACE_1.spaceId, + getTest(`cannot access objects belonging to a different space (space_1)`, { + ...SPACES.SPACE_1, + otherSpaceId: SPACES.SPACE_2.spaceId, tests: { exists: { statusCode: 404, - response: expectNotFound + response: createExpectExistsNotFound(SPACES.SPACE_2.spaceId) }, + doesntExist: { + statusCode: 404, + response: createExpectDoesntExistNotFound(SPACES.SPACE_2.spaceId), + } } }); });