Firestore MCP Server

import { jest, describe, it, expect, beforeEach } from '@jest/globals'; import { PermissionManager } from '../../permissions/manager.js'; import { PermissionConfig } from '../../permissions/types.js'; describe('PermissionManager', () => { let manager: PermissionManager; describe('with default deny config', () => { beforeEach(() => { const config: PermissionConfig = { collections: [ { collectionId: 'users', operations: ['read', 'write'] }, { collectionId: 'products', operations: ['read'] } ], defaultAllow: false }; manager = new PermissionManager(config); }); it('should allow permitted operations', () => { expect(manager.hasPermission('users', 'read')).toBe(true); expect(manager.hasPermission('users', 'write')).toBe(true); expect(manager.hasPermission('products', 'read')).toBe(true); }); it('should deny unpermitted operations', () => { expect(manager.hasPermission('products', 'write')).toBe(false); expect(manager.hasPermission('users', 'delete')).toBe(false); expect(manager.hasPermission('unknown', 'read')).toBe(false); }); }); describe('with default allow config', () => { beforeEach(() => { const config: PermissionConfig = { collections: [ { collectionId: 'private', operations: [] } ], defaultAllow: true }; manager = new PermissionManager(config); }); it('should allow operations by default', () => { expect(manager.hasPermission('random', 'read')).toBe(true); expect(manager.hasPermission('unknown', 'write')).toBe(true); }); it('should deny explicitly blocked collections', () => { expect(manager.hasPermission('private', 'read')).toBe(false); expect(manager.hasPermission('private', 'write')).toBe(false); }); }); describe('with conditional permissions', () => { beforeEach(() => { const config: PermissionConfig = { collections: [ { collectionId: 'orders', operations: ['read', 'write'], conditions: [ { field: 'status', operator: '==', value: 'active' } ] } ], defaultAllow: false }; manager = new PermissionManager(config); }); it('should handle conditional permissions', () => { // Note: Current implementation doesn't check conditions at permission check time // This would need to be enhanced to support runtime condition evaluation expect(manager.hasPermission('orders', 'read')).toBe(true); }); }); describe('getCollectionPermissions', () => { beforeEach(() => { const config: PermissionConfig = { collections: [ { collectionId: 'users', operations: ['read', 'write'] } ], defaultAllow: false }; manager = new PermissionManager(config); }); it('should return permissions for a collection', () => { // Note: The current PermissionManager implementation doesn't have this method // This test would need to be updated if we add this functionality expect(manager.hasPermission('users', 'read')).toBe(true); }); }); });