tsai
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Switching out how headers are handled, and updating the permissions test.

pull/1252/head
mike12345567 5 years ago
parent
f10ac0a178
commit
f7cdced688
6 changed files with 62 additions and 80 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      packages/server/src/api/routes/tests/application.spec.js
  2. 21
      packages/server/src/api/routes/tests/automation.spec.js
  3. 15
      packages/server/src/api/routes/tests/datasource.spec.js
  4. 41
      packages/server/src/api/routes/tests/permissions.spec.js
  5. 27
      packages/server/src/api/routes/tests/utilities/TestConfiguration.js
  6. 33
      packages/server/src/api/routes/tests/utilities/index.js

5
packages/server/src/api/routes/tests/application.spec.js
View File

@ -1,6 +1,5 @@
const {
supertest,
defaultHeaders,
} = require("./utilities")
const TestConfig = require("./utilities/TestConfiguration")
const { clearAllApps, checkBuilderEndpoint } = require("./utilities/TestFunctions")
@ -29,7 +28,7 @@ describe("/applications", () => {
const res = await request
.post("/api/applications")
.send({ name: "My App" })
.set(defaultHeaders())
.set(config.defaultHeaders())
.expect('Content-Type', /json/)
.expect(200)
expect(res.res.statusMessage).toEqual("Application My App created successfully")
@ -53,7 +52,7 @@ describe("/applications", () => {
const res = await request
.get("/api/applications")
.set(defaultHeaders())
.set(config.defaultHeaders())
.expect('Content-Type', /json/)
.expect(200)

21
packages/server/src/api/routes/tests/automation.spec.js
View File

@ -1,5 +1,4 @@
const {
defaultHeaders,
supertest,
} = require("./utilities")
const TestConfig = require("./utilities/TestConfiguration")
@ -22,7 +21,6 @@ describe("/automations", () => {
let request
let server
let app
let appId
let config
let automation
@ -33,7 +31,6 @@ describe("/automations", () => {
beforeEach(async () => {
config = new TestConfig(request)
app = await config.init()
appId = app.instance._id
})
afterAll(() => {
@ -44,7 +41,7 @@ describe("/automations", () => {
return await request
.post(`/api/automations/${automation._id}/trigger`)
.send({ name: "Test", description: "TEST" })
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect('Content-Type', /json/)
.expect(200)
}
@ -53,7 +50,7 @@ describe("/automations", () => {
it("returns a list of definitions for actions", async () => {
const res = await request
.get(`/api/automations/action/list`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect('Content-Type', /json/)
.expect(200)
@ -64,7 +61,7 @@ describe("/automations", () => {
it("returns a list of definitions for triggers", async () => {
const res = await request
.get(`/api/automations/trigger/list`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect('Content-Type', /json/)
.expect(200)
@ -75,7 +72,7 @@ describe("/automations", () => {
it("returns a list of definitions for actions", async () => {
const res = await request
.get(`/api/automations/logic/list`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect('Content-Type', /json/)
.expect(200)
@ -86,7 +83,7 @@ describe("/automations", () => {
it("returns all of the definitions in one", async () => {
const res = await request
.get(`/api/automations/definitions/list`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect('Content-Type', /json/)
.expect(200)
@ -115,7 +112,7 @@ describe("/automations", () => {
it("returns a success message when the automation is successfully created", async () => {
const res = await request
.post(`/api/automations`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.send(autoConfig)
.expect('Content-Type', /json/)
.expect(200)
@ -173,7 +170,7 @@ describe("/automations", () => {
const res = await request
.put(`/api/automations`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.send(automation)
.expect('Content-Type', /json/)
.expect(200)
@ -190,7 +187,7 @@ describe("/automations", () => {
automation = await config.createAutomation(autoConfig)
const res = await request
.get(`/api/automations`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect('Content-Type', /json/)
.expect(200)
@ -211,7 +208,7 @@ describe("/automations", () => {
const automation = await config.createAutomation()
const res = await request
.delete(`/api/automations/${automation.id}/${automation.rev}`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect('Content-Type', /json/)
.expect(200)

15
packages/server/src/api/routes/tests/datasource.spec.js
View File

@ -1,6 +1,5 @@
const {
supertest,
defaultHeaders,
} = require("./utilities")
let TestConfig = require("./utilities/TestConfiguration")
let { basicDatasource } = require("./utilities/structures")
@ -9,10 +8,7 @@ let { checkBuilderEndpoint } = require("./utilities/TestFunctions")
describe("/datasources", () => {
let request
let server
let app
let appId
let config
let datasource
beforeAll(async () => {
({ request, server } = await supertest())
@ -24,8 +20,7 @@ describe("/datasources", () => {
})
beforeEach(async () => {
app = await config.init()
appId = app.instance._id
await config.init()
});
describe("create", () => {
@ -33,7 +28,7 @@ describe("/datasources", () => {
const res = await request
.post(`/api/datasources`)
.send(basicDatasource())
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect('Content-Type', /json/)
.expect(200)
@ -56,7 +51,7 @@ describe("/datasources", () => {
it("returns all the datasources from the server", async () => {
const res = await request
.get(`/api/datasources`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect('Content-Type', /json/)
.expect(200)
@ -95,12 +90,12 @@ describe("/datasources", () => {
await request
.delete(`/api/datasources/${datasource._id}/${datasource._rev}`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect(200)
const res = await request
.get(`/api/datasources`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect('Content-Type', /json/)
.expect(200)

41
packages/server/src/api/routes/tests/permissions.spec.js
View File

@ -1,14 +1,9 @@
const {
createApplication,
createTable,
createRow,
supertest,
defaultHeaders,
addPermission,
publicHeaders,
makeBasicRow,
} = require("./couchTestUtils")
} = require("./utilities")
const { BUILTIN_ROLE_IDS } = require("../../../utilities/security/roles")
const TestConfig = require("./utilities/TestConfiguration")
const { basicRow } = require("./utilities/structures")
const HIGHER_ROLE_ID = BUILTIN_ROLE_IDS.BASIC
const STD_ROLE_ID = BUILTIN_ROLE_IDS.PUBLIC
@ -16,13 +11,14 @@ const STD_ROLE_ID = BUILTIN_ROLE_IDS.PUBLIC
describe("/permission", () => {
let server
let request
let appId
let table
let perms
let row
let config
beforeAll(async () => {
;({ request, server } = await supertest())
config = new TestConfig(request)
})
afterAll(() => {
@ -30,17 +26,16 @@ describe("/permission", () => {
})
beforeEach(async () => {
let app = await createApplication(request)
appId = app.instance._id
table = await createTable(request, appId)
perms = await addPermission(request, appId, STD_ROLE_ID, table._id)
row = await createRow(request, appId, table._id)
await config.init()
table = await config.createTable()
row = await config.createRow()
perms = await config.addPermission(STD_ROLE_ID, table._id)
})
async function getTablePermissions() {
return request
.get(`/api/permission/${table._id}`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect("Content-Type", /json/)
.expect(200)
}
@ -49,7 +44,7 @@ describe("/permission", () => {
it("should be able to get levels", async () => {
const res = await request
.get(`/api/permission/levels`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect("Content-Type", /json/)
.expect(200)
expect(res.body).toBeDefined()
@ -68,7 +63,7 @@ describe("/permission", () => {
it("should get the resource permissions", async () => {
const res = await request
.get(`/api/permission/${table._id}`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect("Content-Type", /json/)
.expect(200)
expect(res.body["read"]).toEqual(STD_ROLE_ID)
@ -76,13 +71,13 @@ describe("/permission", () => {
})
it("should get resource permissions with multiple roles", async () => {
perms = await addPermission(request, appId, HIGHER_ROLE_ID, table._id, "write")
perms = await config.addPermission(HIGHER_ROLE_ID, table._id, "write")
const res = await getTablePermissions()
expect(res.body["read"]).toEqual(STD_ROLE_ID)
expect(res.body["write"]).toEqual(HIGHER_ROLE_ID)
const allRes = await request
.get(`/api/permission`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect("Content-Type", /json/)
.expect(200)
expect(allRes.body[table._id]["write"]).toEqual(HIGHER_ROLE_ID)
@ -94,7 +89,7 @@ describe("/permission", () => {
it("should be able to remove the permission", async () => {
const res = await request
.delete(`/api/permission/${STD_ROLE_ID}/${table._id}/read`)
.set(defaultHeaders(appId))
.set(config.defaultHeaders())
.expect("Content-Type", /json/)
.expect(200)
expect(res.body[0]._id).toEqual(STD_ROLE_ID)
@ -107,7 +102,7 @@ describe("/permission", () => {
it("should be able to read the row", async () => {
const res = await request
.get(`/api/${table._id}/rows`)
.set(publicHeaders(appId))
.set(config.publicHeaders())
.expect("Content-Type", /json/)
.expect(200)
expect(res.body[0]._id).toEqual(row._id)
@ -116,8 +111,8 @@ describe("/permission", () => {
it("shouldn't allow writing from a public user", async () => {
const res = await request
.post(`/api/${table._id}/rows`)
.send(makeBasicRow(table._id))
.set(publicHeaders(appId))
.send(basicRow(table._id))
.set(config.publicHeaders())
.expect("Content-Type", /json/)
.expect(403)
expect(res.status).toEqual(403)

27
packages/server/src/api/routes/tests/utilities/TestConfiguration.js
View File

@ -1,4 +1,5 @@
const { BUILTIN_ROLE_IDS } = require("../../../../utilities/security/roles")
const jwt = require("jsonwebtoken")
const env = require("../../../../environment")
const {
basicTable,
@ -41,6 +42,32 @@ class TestConfiguration {
return this.createApp(appName)
}
defaultHeaders() {
const builderUser = {
userId: "BUILDER",
roleId: BUILTIN_ROLE_IDS.BUILDER,
}
const builderToken = jwt.sign(builderUser, env.JWT_SECRET)
const headers = {
Accept: "application/json",
Cookie: [`budibase:builder:local=${builderToken}`],
}
if (this.appId) {
headers["x-budibase-app-id"] = this.appId
}
return headers
}
publicHeaders() {
const headers = {
Accept: "application/json",
}
if (this.appId) {
headers["x-budibase-app-id"] = this.appId
}
return headers
}
async createApp(appName) {
this.app = await this._req({ name: appName }, null, controllers.app.create)
this.appId = this.app._id

33
packages/server/src/api/routes/tests/utilities/index.js
View File

@ -1,11 +1,10 @@
const supertest = require("supertest")
const { BUILTIN_ROLE_IDS } = require("../../../../utilities/security/roles")
const jwt = require("jsonwebtoken")
const env = require("../../../../environment")
const TEST_CLIENT_ID = "test-client-id"
exports.TEST_CLIENT_ID = TEST_CLIENT_ID
exports.supertest = async () => {
let request
let server
@ -15,33 +14,3 @@ exports.supertest = async () => {
request = supertest(server)
return { request, server }
}
exports.defaultHeaders = appId => {
const builderUser = {
userId: "BUILDER",
roleId: BUILTIN_ROLE_IDS.BUILDER,
}
const builderToken = jwt.sign(builderUser, env.JWT_SECRET)
const headers = {
Accept: "application/json",
Cookie: [`budibase:builder:local=${builderToken}`],
}
if (appId) {
headers["x-budibase-app-id"] = appId
}
return headers
}
exports.publicHeaders = appId => {
const headers = {
Accept: "application/json",
}
if (appId) {
headers["x-budibase-app-id"] = appId
}
return headers
}

Write Preview
Loading…
Cancel
Save