1 # Permission Scenario Testing
3 Due to complexity that can arise in the various combinations of permissions, this document details scenarios and their expected results.
5 Test cases are written ability abstract, since all abilities should act the same in theory. Functional test cases may test abilities separate due to implementation differences.
9 TODO - User permissions
10 TODO - Role & entity-role interplay
11 TODO - entity-user permissions
12 TODO - entity-user & entity-role interplay
14 ### Content Role Permissions
16 These are tests related to item/entity permissions that are set only at a role level.
20 - Role A has role all-page permission.
23 User granted page permission.
27 - Role A has no page permission.
30 User denied page permission.
32 #### test_10_allow_on_own_with_own
34 - Role A has role own-page permission.
36 - User is owner of page.
38 User granted page permission.
40 #### test_11_deny_on_other_with_own
42 - Role A has role own-page permission.
44 - User is not owner of page.
46 User denied page permission.
48 #### test_20_multiple_role_conflicting_all
50 - Role A has role all-page permission.
51 - Role B has no page permission.
52 - User has Role A & B.
54 User granted page permission.
56 #### test_21_multiple_role_conflicting_own
58 - Role A has role own-page permission.
59 - Role B has no page permission.
60 - User has Role A & B.
61 - User is owner of page.
63 User granted page permission.
67 ### Entity Role Permissions
69 These are tests related to entity-level role-specific permission overrides.
71 #### test_01_explicit_allow
73 - Page permissions have inherit disabled.
74 - Role A has entity allow page permission.
77 User granted page permission.
79 #### test_02_explicit_deny
81 - Page permissions have inherit disabled.
82 - Role A has entity deny page permission.
85 User denied page permission.
87 #### test_03_same_level_conflicting
89 - Page permissions have inherit disabled.
90 - Role A has entity allow page permission.
91 - Role B has entity deny page permission.
92 - User has both Role A & B.
94 User granted page permission.
95 Explicit grant overrides entity deny at same level.
97 #### test_20_inherit_allow
99 - Page permissions have inherit enabled.
100 - Chapter permissions has inherit disabled.
101 - Role A has entity allow chapter permission.
104 User granted page permission.
106 #### test_21_inherit_deny
108 - Page permissions have inherit enabled.
109 - Chapter permissions has inherit disabled.
110 - Role A has entity deny chapter permission.
113 User denied page permission.
115 #### test_22_same_level_conflict_inherit
117 - Page permissions have inherit enabled.
118 - Chapter permissions has inherit disabled.
119 - Role A has entity deny chapter permission.
120 - Role B has entity allow chapter permission.
121 - User has both Role A & B.
123 User granted page permission.
125 #### test_30_child_inherit_override_allow
127 - Page permissions have inherit enabled.
128 - Chapter permissions has inherit disabled.
129 - Role A has entity deny chapter permission.
130 - Role A has entity allow page permission.
133 User granted page permission.
135 #### test_31_child_inherit_override_deny
137 - Page permissions have inherit enabled.
138 - Chapter permissions has inherit disabled.
139 - Role A has entity allow chapter permission.
140 - Role A has entity deny page permission.
143 User denied page permission.
projects / bookstack / blob