Skip to content

Commit

Permalink
test/integration: bind authenticateUser() to service (#1225)
Browse files Browse the repository at this point in the history 
Closes #1223
  • Loading branch information
@alxndrsn
alxndrsn authored Oct 16, 2024
1 parent 64ee88c commit 8e63271
Show file tree
Hide file tree
Showing 6 changed files with 20 additions and 22 deletions.
3 changes: 1 addition & 2 deletions test/integration/api/app-users.js
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
const should = require('should');
const { testService, withClosedForm } = require('../setup');
const testData = require('../../data/xml');
const authenticateUser = require('../../util/authenticate-user');

describe('api: /projects/:id/app-users', () => {
describe('POST', () => {
Expand Down Expand Up @@ -235,7 +234,7 @@ describe('api: /key/:key', () => {
.expect(403)));

it('should reject non-field tokens', testService((service) =>
authenticateUser(service, 'alice')
service.authenticateUser('alice')
.then((token) => service.get(`/v1/key/${token}/users/current`)
.expect(403))));

Expand Down
3 changes: 1 addition & 2 deletions test/integration/api/public-links.js
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
const should = require('should');
const { testService, withClosedForm } = require('../setup');
const testData = require('../../data/xml');
const authenticateUser = require('../../util/authenticate-user');

describe('api: /projects/:id/forms/:id/public-links', () => {
describe('POST', () => {
Expand Down Expand Up @@ -196,7 +195,7 @@ describe('api: /key/:key', () => {
.expect(403)));

it('should allow cookie+public-link', testService((service) =>
authenticateUser(service, 'alice')
service.authenticateUser('alice')
.then((aliceToken) => service.login('alice', (asAlice) =>
asAlice.post('/v1/projects/1/forms/simple/public-links')
.send({ displayName: 'linktest' })
Expand Down
23 changes: 11 additions & 12 deletions test/integration/api/sessions.js
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
const should = require('should');
const { DateTime } = require('luxon');
const { testService } = require('../setup');
const authenticateUser = require('../../util/authenticate-user');

describe('api: /sessions', () => {
describe('POST', () => {
Expand Down Expand Up @@ -94,7 +93,7 @@ describe('api: /sessions', () => {
.expect(404)));

it('should return the active session if it exists', testService((service) =>
authenticateUser(service, 'alice')
service.authenticateUser('alice')
.then((token) => service.get('/v1/sessions/restore')
.set('X-Forwarded-Proto', 'https')
.set('Cookie', 'session=' + token)
Expand All @@ -111,12 +110,12 @@ describe('api: /sessions', () => {
.expect(403)));

it('should return a 403 if the user cannot delete the given token', testService((service) =>
authenticateUser(service, 'alice')
service.authenticateUser('alice')
.then((token) => service.login('chelsea', (asChelsea) =>
asChelsea.delete('/v1/sessions/' + token).expect(403)))));

it('should invalidate the token if successful', testService((service) =>
authenticateUser(service, 'alice')
service.authenticateUser('alice')
.then((token) => service.delete('/v1/sessions/' + token)
.set('Authorization', 'Bearer ' + token)
.expect(200)
Expand All @@ -139,7 +138,7 @@ describe('api: /sessions', () => {
})))));

it('should allow non-admins to delete their own sessions', testService((service) =>
authenticateUser(service, 'chelsea')
service.authenticateUser('chelsea')
.then((token) => service.delete('/v1/sessions/' + token)
.set('Authorization', 'Bearer ' + token)
.expect(200)
Expand Down Expand Up @@ -179,7 +178,7 @@ describe('api: /sessions', () => {
.expect(403)))));

it('should clear cookies if successful for the current session', testService((service) =>
authenticateUser(service, 'alice')
service.authenticateUser('alice')
.then((token) => service.delete('/v1/sessions/' + token)
.set('Authorization', 'Bearer ' + token)
.expect(200)
Expand All @@ -191,7 +190,7 @@ describe('api: /sessions', () => {
}))));

it('should not clear cookies if using some other session', testService((service) =>
authenticateUser(service, 'alice')
service.authenticateUser('alice')
.then((token) => service.login('alice', (asAlice) =>
asAlice.delete('/v1/sessions/' + token)
.expect(200)
Expand All @@ -200,7 +199,7 @@ describe('api: /sessions', () => {
})))));

it('should not log the action in the audit log for users', testService((service) =>
authenticateUser(service, 'alice')
service.authenticateUser('alice')
.then((token) => service.delete('/v1/sessions/' + token)
.set('Authorization', 'Bearer ' + token)
.expect(200)
Expand Down Expand Up @@ -248,7 +247,7 @@ describe('api: /sessions', () => {
.expect(404)));

it('should invalidate the token if successful', testService(async (service) => {
const token = await authenticateUser(service, 'alice');
const token = await service.authenticateUser('alice');
const { body } = await service.delete('/v1/sessions/current')
.set('Authorization', `Bearer ${token}`)
.expect(200);
Expand All @@ -272,23 +271,23 @@ describe('api: /sessions', () => {
// whole stack in addition to the unit tests.
describe('cookie CSRF auth', () => {
it('should reject if the CSRF token is missing', testService((service) =>
authenticateUser(service, 'alice')
service.authenticateUser('alice')
.then((token) => service.post('/v1/projects')
.send({ name: 'my project' })
.set('X-Forwarded-Proto', 'https')
.set('Cookie', 'session=' + token)
.expect(401))));

it('should reject if the CSRF token is wrong', testService((service) =>
authenticateUser(service, 'alice')
service.authenticateUser('alice')
.then((token) => service.post('/v1/projects')
.send({ name: 'my project', __csrf: 'nope' })
.set('X-Forwarded-Proto', 'https')
.set('Cookie', 'session=' + token)
.expect(401))));

it('should succeed if the CSRF token is correct', testService((service) =>
authenticateUser(service, 'alice', 'includeCsrf')
service.authenticateUser('alice', 'includeCsrf')
.then((body) => service.post('/v1/projects')
.send({ name: 'my project', __csrf: body.csrf })
.set('X-Forwarded-Proto', 'https')
Expand Down
5 changes: 2 additions & 3 deletions test/integration/api/users.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ const appRoot = require('app-root-path');
const should = require('should');
const { getOrNotFound } = require(appRoot + '/lib/util/promise');
const { testService } = require('../setup');
const authenticateUser = require('../../util/authenticate-user');

describe('api: /users', () => {
describe('GET', () => {
Expand Down Expand Up @@ -523,7 +522,7 @@ describe('api: /users', () => {

if (process.env.TEST_AUTH === 'oidc') {
after.body.email.should.equal('[email protected]');
return authenticateUser(service, 'bob');
return service.authenticateUser('bob');
} else {
after.body.email.should.equal('[email protected]');
return service.post('/v1/sessions')
Expand Down Expand Up @@ -804,7 +803,7 @@ describe('api: /users', () => {
.then(async () => {
if (process.env.TEST_AUTH === 'oidc') {
try {
await authenticateUser(service, 'chelsea');
await service.authenticateUser('chelsea');
should.fail();
} catch (err) {
err.message.should.equal('expected 200 "OK", got 303 "See Other"');
Expand Down
3 changes: 1 addition & 2 deletions test/integration/other/encryption.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ const { Form, Key, Submission, Actor } = require(appRoot + '/lib/model/frames');
// eslint-disable-next-line import/no-dynamic-require
const { mapSequential } = require(appRoot + '/test/util/util');
const { exhaust } = require(appRoot + '/lib/worker/worker');
const authenticateUser = require('../../util/authenticate-user');
const should = require('should');

describe('managed encryption', () => {
Expand Down Expand Up @@ -311,7 +310,7 @@ describe('managed encryption', () => {
asAlice.get('/v1/projects/1/forms/simple/submissions/keys')
.expect(200)
.then(({ body }) => body[0].id),
authenticateUser(service, 'alice', 'include-csrf'),
service.authenticateUser('alice', 'include-csrf'),
]))
.then(([ keyId, session ]) => httpZipResponseToFiles(service.post('/v1/projects/1/forms/simple/submissions.csv.zip')
.send(`${keyId}=supersecret&__csrf=${session.csrf}`)
Expand Down
5 changes: 4 additions & 1 deletion test/integration/setup.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,10 +125,13 @@ const authProxy = (token) => ({
});
// eslint-disable-next-line no-shadow
const augment = (service) => {
// eslint-disable-next-line no-param-reassign
service.authenticateUser = authenticateUser.bind(null, service);

// eslint-disable-next-line no-param-reassign
service.login = async (userOrUsers, test = undefined) => {
const users = Array.isArray(userOrUsers) ? userOrUsers : [userOrUsers];
const tokens = await Promise.all(users.map(user => authenticateUser(service, user)));
const tokens = await Promise.all(users.map(user => service.authenticateUser(user)));
const proxies = tokens.map((token) => new Proxy(service, authProxy(token)));
return test != null
? test(...proxies)
Expand Down

0 comments on commit 8e63271

Please sign in to comment.