mirror of
https://github.com/openclaw/openclaw.git
synced 2026-03-30 19:32:27 +00:00
3e2b3bd2c5
Preserve Control UI scopes through the device-auth bypass path, normalize implied operator device-auth scopes, ignore cached under-scoped operator tokens, and degrade read-backed main pages gracefully when a connection truly lacks operator.read. Co-authored-by: Val Alexander <68980965+BunsDev@users.noreply.github.com>
37 lines
1.4 KiB
TypeScript
37 lines
1.4 KiB
TypeScript
import { describe, expect, it } from "vitest";
|
|
import { normalizeDeviceAuthRole, normalizeDeviceAuthScopes } from "./device-auth.js";
|
|
|
|
describe("shared/device-auth", () => {
|
|
it("trims device auth roles without further rewriting", () => {
|
|
expect(normalizeDeviceAuthRole(" operator ")).toBe("operator");
|
|
expect(normalizeDeviceAuthRole("")).toBe("");
|
|
expect(normalizeDeviceAuthRole(" NODE.Admin ")).toBe("NODE.Admin");
|
|
});
|
|
|
|
it("dedupes, trims, sorts, and filters auth scopes", () => {
|
|
expect(
|
|
normalizeDeviceAuthScopes([" node.invoke ", "operator.read", "", "node.invoke", "a.scope"]),
|
|
).toEqual(["a.scope", "node.invoke", "operator.read"]);
|
|
expect(normalizeDeviceAuthScopes(undefined)).toEqual([]);
|
|
expect(normalizeDeviceAuthScopes(null as unknown as string[])).toEqual([]);
|
|
expect(normalizeDeviceAuthScopes([" ", "\t", "\n"])).toEqual([]);
|
|
expect(normalizeDeviceAuthScopes(["z.scope", "A.scope", "m.scope"])).toEqual([
|
|
"A.scope",
|
|
"m.scope",
|
|
"z.scope",
|
|
]);
|
|
});
|
|
|
|
it("expands implied operator scopes for stored device auth", () => {
|
|
expect(normalizeDeviceAuthScopes(["operator.write"])).toEqual([
|
|
"operator.read",
|
|
"operator.write",
|
|
]);
|
|
expect(normalizeDeviceAuthScopes(["operator.admin"])).toEqual([
|
|
"operator.admin",
|
|
"operator.read",
|
|
"operator.write",
|
|
]);
|
|
});
|
|
});
|