2022-08-19 08:09:44 +02:00
|
|
|
import { allowRequestOrigin } from './cors-origin-middleware';
|
2022-08-26 09:09:48 +02:00
|
|
|
import FakeSettingStore from '../../test/fixtures/fake-setting-store';
|
|
|
|
import SettingService from '../services/setting-service';
|
|
|
|
import { createTestConfig } from '../../test/config/test-config';
|
|
|
|
import FakeEventStore from '../../test/fixtures/fake-event-store';
|
|
|
|
import { randomId } from '../util/random-id';
|
|
|
|
import { frontendSettingsKey } from '../types/settings/frontend-settings';
|
|
|
|
|
|
|
|
const createSettingService = (frontendApiOrigins: string[]): SettingService => {
|
|
|
|
const config = createTestConfig({ frontendApiOrigins });
|
|
|
|
|
|
|
|
const stores = {
|
|
|
|
settingStore: new FakeSettingStore(),
|
|
|
|
eventStore: new FakeEventStore(),
|
|
|
|
};
|
|
|
|
|
|
|
|
return new SettingService(stores, config);
|
|
|
|
};
|
2022-08-19 08:09:44 +02:00
|
|
|
|
|
|
|
test('allowRequestOrigin', () => {
|
|
|
|
const dotCom = 'https://example.com';
|
|
|
|
const dotOrg = 'https://example.org';
|
|
|
|
|
|
|
|
expect(allowRequestOrigin('', [])).toEqual(false);
|
|
|
|
expect(allowRequestOrigin(dotCom, [])).toEqual(false);
|
|
|
|
expect(allowRequestOrigin(dotCom, [dotOrg])).toEqual(false);
|
|
|
|
|
|
|
|
expect(allowRequestOrigin(dotCom, [dotCom, dotOrg])).toEqual(true);
|
|
|
|
expect(allowRequestOrigin(dotCom, [dotOrg, dotCom])).toEqual(true);
|
|
|
|
expect(allowRequestOrigin(dotCom, [dotCom, dotCom])).toEqual(true);
|
|
|
|
|
|
|
|
expect(allowRequestOrigin(dotCom, ['*'])).toEqual(true);
|
|
|
|
expect(allowRequestOrigin(dotCom, [dotOrg, '*'])).toEqual(true);
|
|
|
|
expect(allowRequestOrigin(dotCom, [dotCom, dotOrg, '*'])).toEqual(true);
|
|
|
|
});
|
2022-08-26 09:09:48 +02:00
|
|
|
|
|
|
|
test('corsOriginMiddleware origin validation', async () => {
|
|
|
|
const service = createSettingService([]);
|
|
|
|
const userName = randomId();
|
|
|
|
await expect(() =>
|
|
|
|
service.setFrontendSettings({ frontendApiOrigins: ['a'] }, userName),
|
|
|
|
).rejects.toThrow('Invalid origin: a');
|
|
|
|
});
|
|
|
|
|
|
|
|
test('corsOriginMiddleware without config', async () => {
|
|
|
|
const service = createSettingService([]);
|
|
|
|
const userName = randomId();
|
|
|
|
expect(await service.getFrontendSettings()).toEqual({
|
|
|
|
frontendApiOrigins: [],
|
|
|
|
});
|
|
|
|
await service.setFrontendSettings({ frontendApiOrigins: [] }, userName);
|
|
|
|
expect(await service.getFrontendSettings()).toEqual({
|
|
|
|
frontendApiOrigins: [],
|
|
|
|
});
|
|
|
|
await service.setFrontendSettings({ frontendApiOrigins: ['*'] }, userName);
|
|
|
|
expect(await service.getFrontendSettings()).toEqual({
|
|
|
|
frontendApiOrigins: ['*'],
|
|
|
|
});
|
|
|
|
await service.delete(frontendSettingsKey, userName);
|
|
|
|
expect(await service.getFrontendSettings()).toEqual({
|
|
|
|
frontendApiOrigins: [],
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
test('corsOriginMiddleware with config', async () => {
|
|
|
|
const service = createSettingService(['*']);
|
|
|
|
const userName = randomId();
|
|
|
|
expect(await service.getFrontendSettings()).toEqual({
|
|
|
|
frontendApiOrigins: ['*'],
|
|
|
|
});
|
|
|
|
await service.setFrontendSettings({ frontendApiOrigins: [] }, userName);
|
|
|
|
expect(await service.getFrontendSettings()).toEqual({
|
|
|
|
frontendApiOrigins: [],
|
|
|
|
});
|
|
|
|
await service.setFrontendSettings(
|
|
|
|
{ frontendApiOrigins: ['https://example.com', 'https://example.org'] },
|
|
|
|
userName,
|
|
|
|
);
|
|
|
|
expect(await service.getFrontendSettings()).toEqual({
|
|
|
|
frontendApiOrigins: ['https://example.com', 'https://example.org'],
|
|
|
|
});
|
|
|
|
await service.delete(frontendSettingsKey, userName);
|
|
|
|
expect(await service.getFrontendSettings()).toEqual({
|
|
|
|
frontendApiOrigins: ['*'],
|
|
|
|
});
|
|
|
|
});
|