steve
/
sunrise-cms
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

user function testing

deepsource-autofix-76c6eb20
Dan Gowans 2022-10-28 09:58:55 -04:00
parent 1bc790cbab
commit 4817d40c94
8 changed files with 307 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
helpers/functions.user.d.ts vendored
View File

@ -1,4 +1,14 @@
import type { Request } from "express"; import type { User } from "../types/recordTypes";
export declare const userIsAdmin: (request: Request) => boolean; export interface UserRequest {
export declare const userCanUpdate: (request: Request) => boolean; session?: {
export declare const apiKeyIsValid: (request: Request) => Promise<boolean>; user?: User;
};
}
export interface APIRequest {
params?: {
apiKey?: string;
};
}
export declare const userIsAdmin: (request: UserRequest) => boolean;
export declare const userCanUpdate: (request: UserRequest) => boolean;
export declare const apiKeyIsValid: (request: APIRequest) => Promise<boolean>;

3
helpers/functions.user.js
View File

@ -17,7 +17,8 @@ export const userCanUpdate = (request) => {
return user.userProperties.canUpdate; return user.userProperties.canUpdate;
}; };
export const apiKeyIsValid = async (request) => { export const apiKeyIsValid = async (request) => {
const apiKey = request.params.apiKey; var _a;
const apiKey = (_a = request.params) === null || _a === void 0 ? void 0 : _a.apiKey;
if (!apiKey) { if (!apiKey) {
return false; return false;
} }

22
helpers/functions.user.ts
View File

@ -1,9 +1,21 @@
import { getUserNameFromApiKey } from "./functions.api.js"; import { getUserNameFromApiKey } from "./functions.api.js";
import * as configFunctions from "./functions.config.js"; import * as configFunctions from "./functions.config.js";
import type { Request } from "express"; import type { User } from "../types/recordTypes";
export const userIsAdmin = (request: Request): boolean => { export interface UserRequest {
session?: {
user?: User;
}
}
export interface APIRequest {
params?: {
apiKey?: string;
}
}
export const userIsAdmin = (request: UserRequest): boolean => {
const user = request.session?.user; const user = request.session?.user;
if (!user) { if (!user) {
@ -13,7 +25,7 @@ export const userIsAdmin = (request: Request): boolean => {
return user.userProperties.isAdmin; return user.userProperties.isAdmin;
}; };
export const userCanUpdate = (request: Request): boolean => { export const userCanUpdate = (request: UserRequest): boolean => {
const user = request.session?.user; const user = request.session?.user;
if (!user) { if (!user) {
@ -23,8 +35,8 @@ export const userCanUpdate = (request: Request): boolean => {
return user.userProperties.canUpdate; return user.userProperties.canUpdate;
}; };
export const apiKeyIsValid = async (request: Request): Promise<boolean> => { export const apiKeyIsValid = async (request: APIRequest): Promise<boolean> => {
const apiKey = request.params.apiKey; const apiKey = request.params?.apiKey;
if (!apiKey) { if (!apiKey) {
return false; return false;

1
test/functions.d.ts vendored 100644
View File

@ -0,0 +1 @@
export {};

122
test/functions.js 100644
View File

@ -0,0 +1,122 @@
import * as assert from "assert";
import fs from "node:fs";
import * as userFunctions from "../helpers/functions.user.js";
describe("functions.user", () => {
describe("unauthenticated, no user in session", () => {
const noUserRequest = {
session: {}
};
it("can not update", () => {
assert.strictEqual(userFunctions.userCanUpdate(noUserRequest), false);
});
it("is not admin", () => {
assert.strictEqual(userFunctions.userIsAdmin(noUserRequest), false);
});
});
describe("read only user, no update, no admin", () => {
const readOnlyRequest = {
session: {
user: {
userName: "*test",
userProperties: {
canUpdate: false,
isAdmin: false,
apiKey: ""
}
}
}
};
it("can not update", () => {
assert.strictEqual(userFunctions.userCanUpdate(readOnlyRequest), false);
});
it("is not admin", () => {
assert.strictEqual(userFunctions.userIsAdmin(readOnlyRequest), false);
});
});
describe("update only user, no admin", () => {
const updateOnlyRequest = {
session: {
user: {
userName: "*test",
userProperties: {
canUpdate: true,
isAdmin: false,
apiKey: ""
}
}
}
};
it("can update", () => {
assert.strictEqual(userFunctions.userCanUpdate(updateOnlyRequest), true);
});
it("is not admin", () => {
assert.strictEqual(userFunctions.userIsAdmin(updateOnlyRequest), false);
});
});
describe("admin only user, no update", () => {
const adminOnlyRequest = {
session: {
user: {
userName: "*test",
userProperties: {
canUpdate: false,
isAdmin: true,
apiKey: ""
}
}
}
};
it("can not update", () => {
assert.strictEqual(userFunctions.userCanUpdate(adminOnlyRequest), false);
});
it("is admin", () => {
assert.strictEqual(userFunctions.userIsAdmin(adminOnlyRequest), true);
});
});
describe("update admin user", () => {
const updateAdminRequest = {
session: {
user: {
userName: "*test",
userProperties: {
canUpdate: true,
isAdmin: true,
apiKey: ""
}
}
}
};
it("can update", () => {
assert.strictEqual(userFunctions.userCanUpdate(updateAdminRequest), true);
});
it("is admin", () => {
assert.strictEqual(userFunctions.userIsAdmin(updateAdminRequest), true);
});
});
describe("API key check", () => {
it("authenticates with a valid API key", async () => {
const apiKeysJSON = JSON.parse(fs.readFileSync("data/apiKeys.json", "utf8"));
const apiKey = Object.values(apiKeysJSON)[0];
const apiRequest = {
params: {
apiKey
}
};
assert.strictEqual(await userFunctions.apiKeyIsValid(apiRequest), true);
});
it("fails to authenticate with an invalid API key", async () => {
const apiRequest = {
params: {
apiKey: "badKey"
}
};
assert.strictEqual(await userFunctions.apiKeyIsValid(apiRequest), false);
});
it("fails to authenticate with no API key", async () => {
const apiRequest = {
params: {}
};
assert.strictEqual(await userFunctions.apiKeyIsValid(apiRequest), false);
});
});
});

149
test/functions.ts 100644
View File

@ -0,0 +1,149 @@
import * as assert from "assert";
import fs from "node:fs";
import * as userFunctions from "../helpers/functions.user.js";
describe("functions.user", () => {
describe("unauthenticated, no user in session", () => {
const noUserRequest = {
session: {}
};
it("can not update", () => {
assert.strictEqual(userFunctions.userCanUpdate(noUserRequest), false);
});
it("is not admin", () => {
assert.strictEqual(userFunctions.userIsAdmin(noUserRequest), false);
});
});
describe("read only user, no update, no admin", () => {
const readOnlyRequest: userFunctions.UserRequest = {
session: {
user: {
userName: "*test",
userProperties: {
canUpdate: false,
isAdmin: false,
apiKey: ""
}
}
}
};
it("can not update", () => {
assert.strictEqual(userFunctions.userCanUpdate(readOnlyRequest), false);
});
it("is not admin", () => {
assert.strictEqual(userFunctions.userIsAdmin(readOnlyRequest), false);
});
});
describe("update only user, no admin", () => {
const updateOnlyRequest: userFunctions.UserRequest = {
session: {
user: {
userName: "*test",
userProperties: {
canUpdate: true,
isAdmin: false,
apiKey: ""
}
}
}
};
it("can update", () => {
assert.strictEqual(userFunctions.userCanUpdate(updateOnlyRequest), true);
});
it("is not admin", () => {
assert.strictEqual(userFunctions.userIsAdmin(updateOnlyRequest), false);
});
});
describe("admin only user, no update", () => {
const adminOnlyRequest: userFunctions.UserRequest = {
session: {
user: {
userName: "*test",
userProperties: {
canUpdate: false,
isAdmin: true,
apiKey: ""
}
}
}
};
it("can not update", () => {
assert.strictEqual(userFunctions.userCanUpdate(adminOnlyRequest), false);
});
it("is admin", () => {
assert.strictEqual(userFunctions.userIsAdmin(adminOnlyRequest), true);
});
});
describe("update admin user", () => {
const updateAdminRequest: userFunctions.UserRequest = {
session: {
user: {
userName: "*test",
userProperties: {
canUpdate: true,
isAdmin: true,
apiKey: ""
}
}
}
};
it("can update", () => {
assert.strictEqual(userFunctions.userCanUpdate(updateAdminRequest), true);
});
it("is admin", () => {
assert.strictEqual(userFunctions.userIsAdmin(updateAdminRequest), true);
});
});
describe("API key check", () => {
it("authenticates with a valid API key", async () => {
const apiKeysJSON: { [userName: string]: string } = JSON.parse(
fs.readFileSync("data/apiKeys.json", "utf8")
);
const apiKey = Object.values(apiKeysJSON)[0];
const apiRequest: userFunctions.APIRequest = {
params: {
apiKey
}
};
assert.strictEqual(await userFunctions.apiKeyIsValid(apiRequest), true);
});
it("fails to authenticate with an invalid API key", async () => {
const apiRequest: userFunctions.APIRequest = {
params: {
apiKey: "badKey"
}
};
assert.strictEqual(await userFunctions.apiKeyIsValid(apiRequest), false);
});
it("fails to authenticate with no API key", async () => {
const apiRequest: userFunctions.APIRequest = {
params: {}
};
assert.strictEqual(await userFunctions.apiKeyIsValid(apiRequest), false);
});
});
});

2
test/version.js
View File

@ -1,5 +1,5 @@
import * as assert from "assert"; import * as assert from "assert";
import fs from "fs"; import fs from "node:fs";
import { version } from "../version.js"; import { version } from "../version.js";
describe("version", () => { describe("version", () => {
it("has a version that matches the package.json", () => { it("has a version that matches the package.json", () => {

2
test/version.ts
View File

@ -1,6 +1,6 @@
import * as assert from "assert"; import * as assert from "assert";
import fs from "fs"; import fs from "node:fs";
import { version } from "../version.js"; import { version } from "../version.js";