Skip to content

test: add coverage for acl:AuthenticatedAgent #61

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
melvincarvalho wants to merge 2 commits into
base: gh-pages
Choose a base branch
from
Open

test: add coverage for acl:AuthenticatedAgent #61

melvincarvalho wants to merge 2 commits into from

Conversation

@melvincarvalho
Copy link
Contributor

@melvincarvalho melvincarvalho commented Jan 7, 2026

Summary

Adds test coverage for acl:AuthenticatedAgent functionality, addressing issue #58.

Changes

  • Added integration test in test/auth.test.js that validates acl:AuthenticatedAgent behavior
  • Test creates a resource with a custom ACL using acl:AuthenticatedAgent
  • Verifies three critical scenarios:
    1. ❌ Anonymous/unauthenticated users are denied access (401)
    2. ✅ Resource owner has access (200)
    3. Any authenticated user has access (200) - key distinction

Test Approach

The test:

  1. Creates two test pods (authuser1 and authuser2)
  2. Creates a resource under authuser1/authenticated-only/test.txt
  3. Applies a custom ACL with acl:AuthenticatedAgent to the parent container
  4. Validates access control for all three user types

Why This Matters

This test validates the key semantic difference between:

Access Type Anonymous Owner Other Authenticated
foaf:Agent (public)
Specific agent (private)
acl:AuthenticatedAgent

The implementation already works correctly (exists in src/wac/parser.js and src/wac/checker.js), but this test ensures the behavior is validated and won't regress.

Related

@melvincarvalho
test: add coverage for acl:AuthenticatedAgent
de34118 
Add test to verify that acl:AuthenticatedAgent works correctly:
- Denies anonymous/unauthenticated access
- Allows the resource owner
- Allows ANY authenticated user (key distinction from private ACLs)

Fixes #58
@melvincarvalho
fix: include owner permissions in AuthenticatedAgent test ACL
5bb55d7 
The ACL needs to include owner with Control permission to manage the ACL
and preserve their Write access. Without this, the custom ACL would
override the inherited permissions completely.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add test coverage for acl:AuthenticatedAgent

1 participant

@melvincarvalho