mirror of
https://github.com/bpatrik/pigallery2.git
synced 2024-12-23 01:27:14 +02:00
Adding public router tests to sharing link #591
This commit is contained in:
parent
1edb156076
commit
65ce042278
@ -84,7 +84,6 @@ export class DBTestHelper {
|
|||||||
}
|
}
|
||||||
|
|
||||||
static describe(settingsOverride: {
|
static describe(settingsOverride: {
|
||||||
memory?: boolean;
|
|
||||||
sqlite?: boolean;
|
sqlite?: boolean;
|
||||||
mysql?: boolean;
|
mysql?: boolean;
|
||||||
} = {}): (name: string, tests: (helper?: DBTestHelper) => void) => void {
|
} = {}): (name: string, tests: (helper?: DBTestHelper) => void) => void {
|
||||||
|
@ -20,28 +20,23 @@ declare let describe: any;
|
|||||||
declare const after: any;
|
declare const after: any;
|
||||||
declare const it: any;
|
declare const it: any;
|
||||||
const tmpDescribe = describe;
|
const tmpDescribe = describe;
|
||||||
describe = DBTestHelper.describe({memory: true});
|
describe = DBTestHelper.describe({sqlite: true});
|
||||||
|
|
||||||
describe('GalleryRouter', (sqlHelper: DBTestHelper) => {
|
describe('GalleryRouter', (sqlHelper: DBTestHelper) => {
|
||||||
describe = tmpDescribe;
|
describe = tmpDescribe;
|
||||||
|
|
||||||
const tempDir = path.join(__dirname, '../../tmp');
|
const tempDir = sqlHelper.tempDir;
|
||||||
let server: Server;
|
let server: Server;
|
||||||
const setUp = async () => {
|
const setUp = async () => {
|
||||||
await sqlHelper.initDB();
|
await sqlHelper.initDB();
|
||||||
await fs.promises.rm(tempDir, {recursive: true, force: true});
|
|
||||||
Config.Users.authenticationRequired = false;
|
Config.Users.authenticationRequired = false;
|
||||||
Config.Server.Threading.enabled = false;
|
Config.Server.Threading.enabled = false;
|
||||||
Config.Media.Video.enabled = true;
|
Config.Media.Video.enabled = true;
|
||||||
Config.Media.folder = path.join(__dirname, '../../assets');
|
Config.Media.folder = path.join(__dirname, '../../assets');
|
||||||
Config.Media.tempFolder = path.join(__dirname, '../../tmp');
|
Config.Media.tempFolder = tempDir;
|
||||||
ProjectPath.reset();
|
ProjectPath.reset();
|
||||||
// ProjectPath.ImageFolder = path.join(__dirname, '../../assets');
|
|
||||||
// ProjectPath.TempFolder = tempDir;
|
|
||||||
|
|
||||||
server = new Server();
|
server = new Server();
|
||||||
await server.onStarted.wait();
|
await server.onStarted.wait();
|
||||||
|
|
||||||
};
|
};
|
||||||
const tearDown = async () => {
|
const tearDown = async () => {
|
||||||
await sqlHelper.clearDB();
|
await sqlHelper.clearDB();
|
||||||
|
112
test/backend/integration/routers/PublicRouter.ts
Normal file
112
test/backend/integration/routers/PublicRouter.ts
Normal file
@ -0,0 +1,112 @@
|
|||||||
|
import {Config} from '../../../../src/common/config/private/Config';
|
||||||
|
import {Server} from '../../../../src/backend/server';
|
||||||
|
import {UserDTO, UserRoles} from '../../../../src/common/entities/UserDTO';
|
||||||
|
import * as path from 'path';
|
||||||
|
import * as fs from 'fs';
|
||||||
|
import {SQLConnection} from '../../../../src/backend/model/database/SQLConnection';
|
||||||
|
import {ObjectManagers} from '../../../../src/backend/model/ObjectManagers';
|
||||||
|
import {Utils} from '../../../../src/common/Utils';
|
||||||
|
import {SuperAgentStatic} from 'superagent';
|
||||||
|
import {RouteTestingHelper} from './RouteTestingHelper';
|
||||||
|
import {QueryParams} from '../../../../src/common/QueryParams';
|
||||||
|
import {DatabaseType} from '../../../../src/common/config/private/PrivateConfig';
|
||||||
|
|
||||||
|
|
||||||
|
process.env.NODE_ENV = 'test';
|
||||||
|
const chai: any = require('chai');
|
||||||
|
const chaiHttp = require('chai-http');
|
||||||
|
const should = chai.should();
|
||||||
|
const {expect} = chai;
|
||||||
|
chai.use(chaiHttp);
|
||||||
|
|
||||||
|
describe('PublicRouter', () => {
|
||||||
|
|
||||||
|
const testUser: UserDTO = {
|
||||||
|
id: 1,
|
||||||
|
name: 'test',
|
||||||
|
password: 'test',
|
||||||
|
role: UserRoles.User,
|
||||||
|
permissions: null
|
||||||
|
};
|
||||||
|
const {password: pass, ...expectedUser} = testUser;
|
||||||
|
const tempDir = path.join(__dirname, '../../tmp');
|
||||||
|
let server: Server;
|
||||||
|
const setUp = async () => {
|
||||||
|
await fs.promises.rm(tempDir, {recursive: true, force: true});
|
||||||
|
Config.Users.authenticationRequired = true;
|
||||||
|
Config.Server.Threading.enabled = false;
|
||||||
|
Config.Sharing.enabled = true;
|
||||||
|
Config.Database.type = DatabaseType.sqlite;
|
||||||
|
Config.Database.dbFolder = tempDir;
|
||||||
|
|
||||||
|
server = new Server();
|
||||||
|
await server.onStarted.wait();
|
||||||
|
|
||||||
|
await ObjectManagers.InitSQLManagers();
|
||||||
|
await ObjectManagers.getInstance().UserManager.createUser(Utils.clone(testUser));
|
||||||
|
await SQLConnection.close();
|
||||||
|
};
|
||||||
|
const tearDown = async () => {
|
||||||
|
await ObjectManagers.reset();
|
||||||
|
await fs.promises.rm(tempDir, {recursive: true, force: true});
|
||||||
|
};
|
||||||
|
|
||||||
|
const shouldHaveInjectedUser = (result: any, user: any) => {
|
||||||
|
|
||||||
|
result.should.have.status(200);
|
||||||
|
result.text.should.be.a('string');
|
||||||
|
result.body.should.deep.equal({});
|
||||||
|
const startToken = 'ServerInject = {user:';
|
||||||
|
const endToken = ', ConfigInject';
|
||||||
|
|
||||||
|
const u = JSON.parse(result.text.substring(result.text.indexOf(startToken) + startToken.length, result.text.indexOf(endToken)));
|
||||||
|
|
||||||
|
delete u?.csrfToken;
|
||||||
|
expect(u).to.deep.equal(user);
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
describe('/Get share/:' + QueryParams.gallery.sharingKey_params, () => {
|
||||||
|
|
||||||
|
beforeEach(setUp);
|
||||||
|
afterEach(tearDown);
|
||||||
|
|
||||||
|
const fistLoad = async (srv: Server, sharingKey: string): Promise<any> => {
|
||||||
|
return (chai.request(srv.App) as SuperAgentStatic)
|
||||||
|
.get('/share/' + sharingKey);
|
||||||
|
};
|
||||||
|
|
||||||
|
it('should not get default user with passworded share share without password', async () => {
|
||||||
|
Config.Sharing.passwordProtected = true;
|
||||||
|
const sharing = await RouteTestingHelper.createSharing(testUser, 'secret_pass');
|
||||||
|
const res = await fistLoad(server, sharing.sharingKey);
|
||||||
|
shouldHaveInjectedUser(res, null);
|
||||||
|
});
|
||||||
|
|
||||||
|
|
||||||
|
it('should get default user with no-password share', async () => {
|
||||||
|
Config.Sharing.passwordProtected = true;
|
||||||
|
const sharing = await RouteTestingHelper.createSharing(testUser);
|
||||||
|
const res = await fistLoad(server, sharing.sharingKey);
|
||||||
|
shouldHaveInjectedUser(res, RouteTestingHelper.getExpectedSharingUser(sharing));
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should get default user for no-password share when password protection disabled', async () => {
|
||||||
|
Config.Sharing.passwordProtected = false;
|
||||||
|
const sharing = await RouteTestingHelper.createSharing(testUser);
|
||||||
|
const res = await fistLoad(server, sharing.sharingKey);
|
||||||
|
shouldHaveInjectedUser(res, RouteTestingHelper.getExpectedSharingUser(sharing));
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should get default user for passworded share when password protection disabled', async () => {
|
||||||
|
Config.Sharing.passwordProtected = false;
|
||||||
|
const sharing = await RouteTestingHelper.createSharing(testUser, 'secret_pass');
|
||||||
|
const res = await fistLoad(server, sharing.sharingKey);
|
||||||
|
shouldHaveInjectedUser(res, RouteTestingHelper.getExpectedSharingUser(sharing));
|
||||||
|
});
|
||||||
|
|
||||||
|
|
||||||
|
});
|
||||||
|
|
||||||
|
|
||||||
|
});
|
@ -48,7 +48,7 @@ describe('SharingRouter', () => {
|
|||||||
await SQLConnection.close();
|
await SQLConnection.close();
|
||||||
};
|
};
|
||||||
const tearDown = async () => {
|
const tearDown = async () => {
|
||||||
await SQLConnection.close();
|
await ObjectManagers.reset();
|
||||||
await fs.promises.rm(tempDir, {recursive: true, force: true});
|
await fs.promises.rm(tempDir, {recursive: true, force: true});
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -69,21 +69,6 @@ describe('SharingRouter', () => {
|
|||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
const login = async (srv: Server): Promise<any> => {
|
|
||||||
const result = await (chai.request(srv.App) as SuperAgentStatic)
|
|
||||||
.post(Config.Server.apiPath + '/user/login')
|
|
||||||
.send({
|
|
||||||
loginCredential: {
|
|
||||||
password: testUser.password,
|
|
||||||
username: testUser.name,
|
|
||||||
rememberMe: false
|
|
||||||
} as LoginCredential
|
|
||||||
});
|
|
||||||
|
|
||||||
shouldBeValidUser(result, expectedUser);
|
|
||||||
return result;
|
|
||||||
};
|
|
||||||
|
|
||||||
|
|
||||||
describe('/POST share/login', () => {
|
describe('/POST share/login', () => {
|
||||||
|
|
||||||
@ -91,12 +76,14 @@ describe('SharingRouter', () => {
|
|||||||
afterEach(tearDown);
|
afterEach(tearDown);
|
||||||
|
|
||||||
it('should login with passworded share', async () => {
|
it('should login with passworded share', async () => {
|
||||||
|
Config.Sharing.passwordProtected = true;
|
||||||
const sharing = await RouteTestingHelper.createSharing(testUser, 'secret_pass');
|
const sharing = await RouteTestingHelper.createSharing(testUser, 'secret_pass');
|
||||||
const res = await shareLogin(server, sharing.sharingKey, sharing.password);
|
const res = await shareLogin(server, sharing.sharingKey, sharing.password);
|
||||||
shouldBeValidUser(res, RouteTestingHelper.getExpectedSharingUser(sharing));
|
shouldBeValidUser(res, RouteTestingHelper.getExpectedSharingUser(sharing));
|
||||||
});
|
});
|
||||||
|
|
||||||
it('should not login with passworded share without password', async () => {
|
it('should not login with passworded share without password', async () => {
|
||||||
|
Config.Sharing.passwordProtected = true;
|
||||||
const sharing = await RouteTestingHelper.createSharing(testUser, 'secret_pass');
|
const sharing = await RouteTestingHelper.createSharing(testUser, 'secret_pass');
|
||||||
const result = await shareLogin(server, sharing.sharingKey);
|
const result = await shareLogin(server, sharing.sharingKey);
|
||||||
|
|
||||||
@ -106,7 +93,16 @@ describe('SharingRouter', () => {
|
|||||||
should.equal(result.body.error.code, ErrorCodes.CREDENTIAL_NOT_FOUND);
|
should.equal(result.body.error.code, ErrorCodes.CREDENTIAL_NOT_FOUND);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('should not login with passworded share but password protection disabled', async () => {
|
||||||
|
Config.Sharing.passwordProtected = false;
|
||||||
|
const sharing = await RouteTestingHelper.createSharing(testUser, 'secret_pass');
|
||||||
|
const res = await shareLogin(server, sharing.sharingKey);
|
||||||
|
|
||||||
|
shouldBeValidUser(res, RouteTestingHelper.getExpectedSharingUser(sharing));
|
||||||
|
});
|
||||||
|
|
||||||
it('should login with no-password share', async () => {
|
it('should login with no-password share', async () => {
|
||||||
|
Config.Sharing.passwordProtected = true;
|
||||||
const sharing = await RouteTestingHelper.createSharing(testUser);
|
const sharing = await RouteTestingHelper.createSharing(testUser);
|
||||||
const res = await shareLogin(server, sharing.sharingKey, sharing.password);
|
const res = await shareLogin(server, sharing.sharingKey, sharing.password);
|
||||||
shouldBeValidUser(res, RouteTestingHelper.getExpectedSharingUser(sharing));
|
shouldBeValidUser(res, RouteTestingHelper.getExpectedSharingUser(sharing));
|
||||||
|
@ -48,7 +48,7 @@ describe('UserRouter', () => {
|
|||||||
await SQLConnection.close();
|
await SQLConnection.close();
|
||||||
};
|
};
|
||||||
const tearDown = async () => {
|
const tearDown = async () => {
|
||||||
await SQLConnection.close();
|
await ObjectManagers.reset();
|
||||||
await fs.promises.rm(tempDir, {recursive: true, force: true});
|
await fs.promises.rm(tempDir, {recursive: true, force: true});
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -126,12 +126,13 @@ describe('UserRouter', () => {
|
|||||||
it('it should authenticate as user with sharing key', async () => {
|
it('it should authenticate as user with sharing key', async () => {
|
||||||
Config.Users.authenticationRequired = true;
|
Config.Users.authenticationRequired = true;
|
||||||
Config.Sharing.enabled = true;
|
Config.Sharing.enabled = true;
|
||||||
|
Config.Sharing.passwordProtected = true;
|
||||||
|
|
||||||
const sharingKey = (await RouteTestingHelper.createSharing(testUser)).sharingKey;
|
const sharingKey = (await RouteTestingHelper.createSharing(testUser)).sharingKey;
|
||||||
|
|
||||||
|
|
||||||
const loginRes = await login(server);
|
const loginRes = await login(server);
|
||||||
const q: any = {};
|
const q: Record<string, string> = {};
|
||||||
q[QueryParams.gallery.sharingKey_query] = sharingKey;
|
q[QueryParams.gallery.sharingKey_query] = sharingKey;
|
||||||
const result = await chai.request(server.App)
|
const result = await chai.request(server.App)
|
||||||
.get(Config.Server.apiPath + '/user/me?' + QueryParams.gallery.sharingKey_query + '=' + sharingKey)
|
.get(Config.Server.apiPath + '/user/me?' + QueryParams.gallery.sharingKey_query + '=' + sharingKey)
|
||||||
@ -146,29 +147,30 @@ describe('UserRouter', () => {
|
|||||||
it('it should authenticate with sharing key', async () => {
|
it('it should authenticate with sharing key', async () => {
|
||||||
Config.Users.authenticationRequired = true;
|
Config.Users.authenticationRequired = true;
|
||||||
Config.Sharing.enabled = true;
|
Config.Sharing.enabled = true;
|
||||||
|
Config.Sharing.passwordProtected = true;
|
||||||
const sharing = (await RouteTestingHelper.createSharing(testUser));
|
const sharing = (await RouteTestingHelper.createSharing(testUser));
|
||||||
|
|
||||||
|
|
||||||
const q: any = {};
|
const q: Record<string, string> = {};
|
||||||
q[QueryParams.gallery.sharingKey_query] = sharing.sharingKey;
|
q[QueryParams.gallery.sharingKey_query] = sharing.sharingKey;
|
||||||
const result = await chai.request(server.App)
|
const result = await chai.request(server.App)
|
||||||
.get(Config.Server.apiPath + '/user/me?' + QueryParams.gallery.sharingKey_query + '=' + sharing.sharingKey);
|
.get(Config.Server.apiPath + '/user/me?' + QueryParams.gallery.sharingKey_query + '=' + sharing.sharingKey);
|
||||||
|
|
||||||
|
|
||||||
checkUserResult(result, RouteTestingHelper.getExpectedSharingUser(sharing));
|
checkUserResult(result, RouteTestingHelper.getExpectedSharingUser(sharing));
|
||||||
});
|
});
|
||||||
|
|
||||||
it('it should not authenticate with sharing key without password', async () => {
|
it('it should not authenticate with sharing key without password', async () => {
|
||||||
Config.Users.authenticationRequired = true;
|
Config.Users.authenticationRequired = true;
|
||||||
Config.Sharing.enabled = true;
|
Config.Sharing.enabled = true;
|
||||||
|
Config.Sharing.passwordProtected = true;
|
||||||
const sharing = (await RouteTestingHelper.createSharing(testUser, 'pass_secret'));
|
const sharing = (await RouteTestingHelper.createSharing(testUser, 'pass_secret'));
|
||||||
|
|
||||||
|
|
||||||
const q: any = {};
|
const q: Record<string, string> = {};
|
||||||
q[QueryParams.gallery.sharingKey_query] = sharing.sharingKey;
|
q[QueryParams.gallery.sharingKey_query] = sharing.sharingKey;
|
||||||
const result = await chai.request(server.App)
|
const result = await chai.request(server.App)
|
||||||
.get(Config.Server.apiPath + '/user/me?' + QueryParams.gallery.sharingKey_query + '=' + sharing.sharingKey);
|
.get(Config.Server.apiPath + '/user/me?' + QueryParams.gallery.sharingKey_query + '=' + sharing.sharingKey);
|
||||||
|
|
||||||
|
|
||||||
result.should.have.status(401);
|
result.should.have.status(401);
|
||||||
result.body.should.be.a('object');
|
result.body.should.be.a('object');
|
||||||
result.body.error.should.be.a('object');
|
result.body.error.should.be.a('object');
|
||||||
|
@ -6,6 +6,7 @@ import {Server} from '../../../../../src/backend/server';
|
|||||||
import {DatabaseType, ServerConfig} from '../../../../../src/common/config/private/PrivateConfig';
|
import {DatabaseType, ServerConfig} from '../../../../../src/common/config/private/PrivateConfig';
|
||||||
import {ProjectPath} from '../../../../../src/backend/ProjectPath';
|
import {ProjectPath} from '../../../../../src/backend/ProjectPath';
|
||||||
import {TAGS} from '../../../../../src/common/config/public/ClientConfig';
|
import {TAGS} from '../../../../../src/common/config/public/ClientConfig';
|
||||||
|
import {ObjectManagers} from '../../../../../src/backend/model/ObjectManagers';
|
||||||
|
|
||||||
process.env.NODE_ENV = 'test';
|
process.env.NODE_ENV = 'test';
|
||||||
const chai: any = require('chai');
|
const chai: any = require('chai');
|
||||||
@ -26,7 +27,7 @@ describe('SettingsRouter', () => {
|
|||||||
|
|
||||||
|
|
||||||
afterEach(async () => {
|
afterEach(async () => {
|
||||||
await SQLConnection.close();
|
await ObjectManagers.reset();
|
||||||
await fs.promises.rm(tempDir, {recursive: true, force: true});
|
await fs.promises.rm(tempDir, {recursive: true, force: true});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user