2021-04-09 13:46:53 +02:00
|
|
|
import dbInit from '../helpers/database-init';
|
|
|
|
import getLogger from '../../fixtures/no-logger';
|
|
|
|
import UserService from '../../../lib/services/user-service';
|
2021-08-12 15:04:37 +02:00
|
|
|
import { AccessService } from '../../../lib/services/access-service';
|
2021-04-09 13:46:53 +02:00
|
|
|
import UserStore from '../../../lib/db/user-store';
|
2021-04-16 15:29:23 +02:00
|
|
|
import ResetTokenService from '../../../lib/services/reset-token-service';
|
|
|
|
import { EmailService } from '../../../lib/services/email-service';
|
2021-04-22 15:04:08 +02:00
|
|
|
import { createTestConfig } from '../../config/test-config';
|
2021-04-27 09:16:44 +02:00
|
|
|
import SessionService from '../../../lib/services/session-service';
|
2021-04-29 10:54:11 +02:00
|
|
|
import NotFoundError from '../../../lib/error/notfound-error';
|
2021-08-12 15:04:37 +02:00
|
|
|
import { IRole } from '../../../lib/types/stores/access-store';
|
|
|
|
import { RoleName } from '../../../lib/types/model';
|
2021-04-09 13:46:53 +02:00
|
|
|
|
|
|
|
let db;
|
|
|
|
let stores;
|
|
|
|
let userService: UserService;
|
|
|
|
let userStore: UserStore;
|
|
|
|
let adminRole: IRole;
|
2021-08-23 12:11:29 +02:00
|
|
|
let viewerRole: IRole;
|
2021-04-29 10:54:11 +02:00
|
|
|
let sessionService: SessionService;
|
2021-04-09 13:46:53 +02:00
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
beforeAll(async () => {
|
2021-04-09 13:46:53 +02:00
|
|
|
db = await dbInit('user_service_serial', getLogger);
|
|
|
|
stores = db.stores;
|
2021-04-22 15:04:08 +02:00
|
|
|
const config = createTestConfig();
|
2021-04-09 13:46:53 +02:00
|
|
|
const accessService = new AccessService(stores, config);
|
2021-04-16 15:29:23 +02:00
|
|
|
const resetTokenService = new ResetTokenService(stores, config);
|
2021-04-22 10:07:10 +02:00
|
|
|
const emailService = new EmailService(undefined, config.getLogger);
|
2021-04-29 10:54:11 +02:00
|
|
|
sessionService = new SessionService(stores, config);
|
2021-04-16 15:29:23 +02:00
|
|
|
|
|
|
|
userService = new UserService(stores, config, {
|
|
|
|
accessService,
|
|
|
|
resetTokenService,
|
|
|
|
emailService,
|
2021-04-27 09:16:44 +02:00
|
|
|
sessionService,
|
2021-04-16 15:29:23 +02:00
|
|
|
});
|
2021-04-09 13:46:53 +02:00
|
|
|
userStore = stores.userStore;
|
|
|
|
const rootRoles = await accessService.getRootRoles();
|
2021-08-12 15:04:37 +02:00
|
|
|
adminRole = rootRoles.find((r) => r.name === RoleName.ADMIN);
|
2021-08-23 12:11:29 +02:00
|
|
|
viewerRole = rootRoles.find((r) => r.name === RoleName.VIEWER);
|
2021-04-09 13:46:53 +02:00
|
|
|
});
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
afterAll(async () => {
|
2021-04-09 13:46:53 +02:00
|
|
|
await db.destroy();
|
|
|
|
});
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
afterEach(async () => {
|
2021-04-29 10:54:11 +02:00
|
|
|
await userStore.deleteAll();
|
2021-04-09 13:46:53 +02:00
|
|
|
});
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
test('should create initial admin user', async () => {
|
2021-04-09 13:46:53 +02:00
|
|
|
await userService.initAdminUser();
|
2021-05-28 11:10:24 +02:00
|
|
|
await expect(async () =>
|
|
|
|
userService.loginUser('admin', 'wrong-password'),
|
|
|
|
).rejects.toThrow(Error);
|
|
|
|
await expect(async () =>
|
|
|
|
userService.loginUser('admin', 'unleash4all'),
|
|
|
|
).toBeTruthy();
|
2021-04-09 13:46:53 +02:00
|
|
|
});
|
|
|
|
|
2021-10-12 21:27:06 +02:00
|
|
|
test('should not init default user if we already have users', async () => {
|
|
|
|
await userService.createUser({
|
|
|
|
username: 'test',
|
|
|
|
password: 'A very strange P4ssw0rd_',
|
|
|
|
rootRole: adminRole.id,
|
|
|
|
});
|
|
|
|
await userService.initAdminUser();
|
|
|
|
const users = await userService.getAll();
|
|
|
|
expect(users).toHaveLength(1);
|
|
|
|
expect(users[0].username).toBe('test');
|
|
|
|
await expect(async () =>
|
|
|
|
userService.loginUser('admin', 'unleash4all'),
|
|
|
|
).rejects.toThrow(Error);
|
|
|
|
});
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
test('should not be allowed to create existing user', async () => {
|
2021-04-22 23:40:52 +02:00
|
|
|
await userStore.insert({ username: 'test', name: 'Hans Mola' });
|
2021-05-28 11:10:24 +02:00
|
|
|
await expect(async () =>
|
2021-04-09 13:46:53 +02:00
|
|
|
userService.createUser({ username: 'test', rootRole: adminRole.id }),
|
2021-05-28 11:10:24 +02:00
|
|
|
).rejects.toThrow(Error);
|
2021-04-09 13:46:53 +02:00
|
|
|
});
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
test('should create user with password', async () => {
|
2021-04-09 13:46:53 +02:00
|
|
|
await userService.createUser({
|
|
|
|
username: 'test',
|
|
|
|
password: 'A very strange P4ssw0rd_',
|
|
|
|
rootRole: adminRole.id,
|
|
|
|
});
|
|
|
|
const user = await userService.loginUser(
|
|
|
|
'test',
|
|
|
|
'A very strange P4ssw0rd_',
|
|
|
|
);
|
2021-05-28 11:10:24 +02:00
|
|
|
expect(user.username).toBe('test');
|
2021-04-09 13:46:53 +02:00
|
|
|
});
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
test('should login for user _without_ password', async () => {
|
2021-04-09 13:46:53 +02:00
|
|
|
const email = 'some@test.com';
|
|
|
|
await userService.createUser({
|
|
|
|
email,
|
|
|
|
password: 'A very strange P4ssw0rd_',
|
|
|
|
rootRole: adminRole.id,
|
|
|
|
});
|
|
|
|
const user = await userService.loginUserWithoutPassword(email);
|
2021-05-28 11:10:24 +02:00
|
|
|
expect(user.email).toBe(email);
|
2021-04-09 13:46:53 +02:00
|
|
|
});
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
test('should get user with root role', async () => {
|
2021-04-09 13:46:53 +02:00
|
|
|
const email = 'some@test.com';
|
|
|
|
const u = await userService.createUser({
|
|
|
|
email,
|
|
|
|
password: 'A very strange P4ssw0rd_',
|
|
|
|
rootRole: adminRole.id,
|
|
|
|
});
|
|
|
|
const user = await userService.getUser(u.id);
|
2021-05-28 11:10:24 +02:00
|
|
|
expect(user.email).toBe(email);
|
|
|
|
expect(user.id).toBe(u.id);
|
|
|
|
expect(user.rootRole).toBe(adminRole.id);
|
2021-04-30 13:25:24 +02:00
|
|
|
});
|
|
|
|
|
2021-05-28 11:10:24 +02:00
|
|
|
test('should get user with root role by name', async () => {
|
2021-04-30 13:25:24 +02:00
|
|
|
const email = 'some2@test.com';
|
|
|
|
const u = await userService.createUser({
|
|
|
|
email,
|
|
|
|
password: 'A very strange P4ssw0rd_',
|
|
|
|
rootRole: RoleName.ADMIN,
|
|
|
|
});
|
|
|
|
const user = await userService.getUser(u.id);
|
2021-05-28 11:10:24 +02:00
|
|
|
expect(user.email).toBe(email);
|
|
|
|
expect(user.id).toBe(u.id);
|
|
|
|
expect(user.rootRole).toBe(adminRole.id);
|
2021-04-09 13:46:53 +02:00
|
|
|
});
|
2021-04-29 10:54:11 +02:00
|
|
|
|
2021-08-12 15:04:37 +02:00
|
|
|
test("deleting a user should delete the user's sessions", async () => {
|
2021-04-29 10:54:11 +02:00
|
|
|
const email = 'some@test.com';
|
|
|
|
const user = await userService.createUser({
|
|
|
|
email,
|
|
|
|
password: 'A very strange P4ssw0rd_',
|
|
|
|
rootRole: adminRole.id,
|
|
|
|
});
|
|
|
|
const testComSession = {
|
|
|
|
sid: 'xyz321',
|
|
|
|
sess: {
|
|
|
|
cookie: {
|
|
|
|
originalMaxAge: 2880000,
|
|
|
|
expires: new Date(Date.now() + 86400000).toDateString(),
|
|
|
|
secure: false,
|
|
|
|
httpOnly: true,
|
|
|
|
path: '/',
|
|
|
|
},
|
|
|
|
user,
|
|
|
|
},
|
|
|
|
};
|
|
|
|
await sessionService.insertSession(testComSession);
|
|
|
|
const userSessions = await sessionService.getSessionsForUser(user.id);
|
2021-05-28 11:10:24 +02:00
|
|
|
expect(userSessions.length).toBe(1);
|
2021-04-29 10:54:11 +02:00
|
|
|
await userService.deleteUser(user.id);
|
2021-05-28 11:10:24 +02:00
|
|
|
await expect(async () =>
|
|
|
|
sessionService.getSessionsForUser(user.id),
|
|
|
|
).rejects.toThrow(NotFoundError);
|
2021-04-29 10:54:11 +02:00
|
|
|
});
|
2021-08-23 12:11:29 +02:00
|
|
|
|
|
|
|
test('should login and create user via SSO', async () => {
|
|
|
|
const email = 'some@test.com';
|
|
|
|
const user = await userService.loginUserSSO({
|
|
|
|
email,
|
|
|
|
rootRole: RoleName.VIEWER,
|
|
|
|
name: 'some',
|
|
|
|
autoCreate: true,
|
|
|
|
});
|
|
|
|
|
|
|
|
const userWithRole = await userService.getUser(user.id);
|
|
|
|
expect(user.email).toBe(email);
|
|
|
|
expect(user.name).toBe('some');
|
|
|
|
expect(userWithRole.name).toBe('some');
|
|
|
|
expect(userWithRole.rootRole).toBe(viewerRole.id);
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should throw if rootRole is wrong via SSO', async () => {
|
|
|
|
expect.assertions(1);
|
|
|
|
|
|
|
|
try {
|
|
|
|
await userService.loginUserSSO({
|
|
|
|
email: 'some@test.com',
|
|
|
|
rootRole: RoleName.MEMBER,
|
|
|
|
name: 'some',
|
|
|
|
autoCreate: true,
|
|
|
|
});
|
|
|
|
} catch (e) {
|
|
|
|
expect(e.message).toBe('Could not find rootRole=Member');
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should update user name when signing in via SSO', async () => {
|
|
|
|
const email = 'some@test.com';
|
|
|
|
const originalUser = await userService.createUser({
|
|
|
|
email,
|
|
|
|
rootRole: RoleName.VIEWER,
|
|
|
|
name: 'some',
|
|
|
|
});
|
|
|
|
|
|
|
|
await userService.loginUserSSO({
|
|
|
|
email,
|
|
|
|
rootRole: RoleName.ADMIN,
|
|
|
|
name: 'New name!',
|
|
|
|
autoCreate: true,
|
|
|
|
});
|
|
|
|
|
|
|
|
const actualUser = await userService.getUser(originalUser.id);
|
|
|
|
|
|
|
|
expect(actualUser.email).toBe(email);
|
|
|
|
expect(actualUser.name).toBe('New name!');
|
|
|
|
expect(actualUser.rootRole).toBe(viewerRole.id);
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should update name if it is different via SSO', async () => {
|
|
|
|
const email = 'some@test.com';
|
|
|
|
const originalUser = await userService.createUser({
|
|
|
|
email,
|
|
|
|
rootRole: RoleName.VIEWER,
|
|
|
|
name: 'some',
|
|
|
|
});
|
|
|
|
|
|
|
|
await userService.loginUserSSO({
|
|
|
|
email,
|
|
|
|
rootRole: RoleName.ADMIN,
|
|
|
|
name: 'New name!',
|
|
|
|
autoCreate: false,
|
|
|
|
});
|
|
|
|
|
|
|
|
const actualUser = await userService.getUser(originalUser.id);
|
|
|
|
|
|
|
|
expect(actualUser.email).toBe(email);
|
|
|
|
expect(actualUser.name).toBe('New name!');
|
|
|
|
expect(actualUser.rootRole).toBe(viewerRole.id);
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should throw if autoCreate is false via SSO', async () => {
|
|
|
|
expect.assertions(1);
|
|
|
|
|
|
|
|
try {
|
|
|
|
await userService.loginUserSSO({
|
|
|
|
email: 'some@test.com',
|
|
|
|
rootRole: RoleName.MEMBER,
|
|
|
|
name: 'some',
|
|
|
|
autoCreate: false,
|
|
|
|
});
|
|
|
|
} catch (e) {
|
|
|
|
expect(e.message).toBe('No user found');
|
|
|
|
}
|
|
|
|
});
|