mirror of
https://github.com/Ed1s0nZ/CyberStrikeAI.git
synced 2026-07-16 00:47:29 +02:00
acfacfe1b3
* docs: define local workflow package mvp * docs: fix workflow package api contract * feat: add local workflow package mvp * feat(workflow): add package API client * feat(workflow): add package import interface * feat(workflow): connect package import flow * fix(workflow): map package validation errors * fix(workflow): handle import key generation errors * feat(workflow): localize package import states * fix(workflow): reset package import modal on open --------- Co-authored-by: ruanmingchen <“ruanm@chenchen”>
21 lines
804 B
Go
21 lines
804 B
Go
package security
|
|
|
|
import (
|
|
"net/http"
|
|
"testing"
|
|
)
|
|
|
|
func TestWorkflowPackageRoutesHaveExplicitWorkflowPermissions(t *testing.T) {
|
|
if got := permissionForRequest(http.MethodGet, "/api/workflows/:id/package"); got != "workflow:read" {
|
|
t.Fatalf("export permission=%q", got)
|
|
}
|
|
for _, path := range []string{"/api/workflow-package-inspections", "/api/workflow-package-inspections/:inspectionId", "/api/workflow-package-imports", "/api/workflow-package-imports/:importId"} {
|
|
if got := permissionForRequest(http.MethodGet, path); got != "workflow:write" {
|
|
t.Fatalf("%s permission=%q", path, got)
|
|
}
|
|
}
|
|
if !isProcessGlobalMutationPath("/workflow-package-imports") || !isProcessGlobalMutationPath("/workflow-package-inspections") {
|
|
t.Fatal("package mutations must require all-resource scope")
|
|
}
|
|
}
|