Fixing #26

[aquelatecnologia]

Server.bind send its info to h.context

[coveralls]

Coverage remained the same at 100.0% when pulling 92ca5be1e7292617f46e168c549eca0ff2379097 on aquelatecnologia:master into 8dac9750970f904b3d594857a6c1afc0bfb3c9f0 on toymachiner62:master.

[coveralls]

Coverage remained the same at 100.0% when pulling 3257183e973634ab3c8e67d136b65751a4d74a2c on aquelatecnologia:master into 8dac9750970f904b3d594857a6c1afc0bfb3c9f0 on toymachiner62:master.

[aquelatecnologia]

The first test that gives an error, the test code or test case have a problem.

it('Restricts access to protected route for multiple authorized roles that are not defined as plugin roles', (done) => {

At this point, options have hierarchy so, it will check if the role is within hierarchy and it will fail.

userRole: { role: 'ADMIN' }
requiredRole: [ 'USER', 'ADMIN' ]
hierarchy: [ 'OWNER', 'MANAGER', 'EMPLOYEE' ]

internals.isGranted = function(userRole, requiredRole, hierarchy) {

	let userRoles = null;

	// If we're using a hierarchy, get all the possible roles
	if(hierarchy) {
                 const index = hierarchy.indexOf(userRole);	// Get the index of userRole in the hierarchy

		// If the user's role is not any of the possible roles
		if (index === -1) {
			return false;  <==== This is where it fails.
		}

I am not sure if the hierarchy test should be made after the role validation or after. The tests were passing because hierarchy was always undefined as hapijs changed the server.bind behavior

[aquelatecnologia]

Actually both tests case that fail have the same behavior.

[RicardoRdzG]

you should add the roles below in the hierarchy and not fail when the user role is not in the hierarchy definition