add a test for item precedence over site rule

where an item that is denied by the site rule but allowed by the individual protection should be allowed.
bu-ist · Nov 9, 2023 · ae2a208 · ae2a208
1 parent 2757bc8
commit ae2a208
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/src/authorizeRequest/authorizeRequest.test.js b/src/authorizeRequest/authorizeRequest.test.js
@@ -147,4 +147,21 @@ describe('authorizeRequest', () => {
     const result = await authorizeRequest(userRequest, siteRule);
     expect(result).toBe(false);
   });
+
+  it('should return true if the user is granted access by groupName even if denied by siteRule', async () => {
+    const userRequest = {
+      url: 'https://example-access-point.s3-object-lambda.us-east-1.amazonaws.com/somesite/files/2023/08/image.jpg',
+      headers: {
+        Eppn: '[email protected]', // This user should have access to 'somegroup' but not 'othergroup'.
+        'X-Real-Ip': '127.0.0.1',
+        'X-Forwarded-Host': 'example.host.bu.edu, example.host.bu.edu',
+      },
+    };
+    const siteRule = {
+      'example.host.bu.edu/somesite': 'othergroup',
+    };
+
+    const result = await authorizeRequest(userRequest, siteRule);
+    expect(result).toBe(true);
+  });
 });