1
0
mirror of https://github.com/Unleash/unleash.git synced 2025-01-25 00:07:47 +01:00
unleash.unleash/src/test/e2e/api/admin/api-token.e2e.test.ts

352 lines
10 KiB
TypeScript
Raw Normal View History

import { setupApp } from '../../helpers/test-helper';
2021-03-29 19:58:11 +02:00
import dbInit from '../../helpers/database-init';
import getLogger from '../../../fixtures/no-logger';
import { ALL, ApiTokenType } from '../../../../lib/types/models/api-token';
import { DEFAULT_ENV } from '../../../../lib/util/constants';
2021-03-29 19:58:11 +02:00
let db;
let app;
2021-03-29 19:58:11 +02:00
beforeAll(async () => {
2021-03-29 19:58:11 +02:00
db = await dbInit('token_api_serial', getLogger);
app = await setupApp(db.stores);
2021-03-29 19:58:11 +02:00
});
afterAll(async () => {
if (db) {
await db.destroy();
}
await app.destroy();
2021-03-29 19:58:11 +02:00
});
afterEach(async () => {
await db.stores.apiTokenStore.deleteAll();
2021-03-29 19:58:11 +02:00
});
test('returns empty list of tokens', async () => {
return app.request
2021-03-29 19:58:11 +02:00
.get('/api/admin/api-tokens')
.expect('Content-Type', /json/)
.expect(200)
.expect((res) => {
expect(res.body.tokens.length).toBe(0);
2021-03-29 19:58:11 +02:00
});
});
test('creates new client token', async () => {
return app.request
2021-03-29 19:58:11 +02:00
.post('/api/admin/api-tokens')
.send({
username: 'default-client',
type: 'client',
})
.set('Content-Type', 'application/json')
.expect(201)
.expect((res) => {
expect(res.body.username).toBe('default-client');
expect(res.body.type).toBe('client');
expect(res.body.createdAt).toBeTruthy();
expect(res.body.secret.length > 16).toBe(true);
2021-03-29 19:58:11 +02:00
});
});
test('creates new admin token', async () => {
return app.request
2021-03-29 19:58:11 +02:00
.post('/api/admin/api-tokens')
.send({
username: 'default-admin',
type: 'admin',
})
.set('Content-Type', 'application/json')
.expect(201)
.expect((res) => {
expect(res.body.username).toBe('default-admin');
expect(res.body.type).toBe('admin');
expect(res.body.environment).toBe(ALL);
expect(res.body.createdAt).toBeTruthy();
expect(res.body.expiresAt).toBeFalsy();
expect(res.body.secret.length > 16).toBe(true);
2021-03-29 19:58:11 +02:00
});
});
test('creates new ADMIN token should fix casing', async () => {
return app.request
.post('/api/admin/api-tokens')
.send({
username: 'default-admin',
type: 'ADMIN',
})
.set('Content-Type', 'application/json')
.expect(201)
.expect((res) => {
expect(res.body.username).toBe('default-admin');
expect(res.body.type).toBe('admin');
expect(res.body.createdAt).toBeTruthy();
expect(res.body.expiresAt).toBeFalsy();
expect(res.body.secret.length > 16).toBe(true);
});
});
test('creates new admin token with expiry', async () => {
2021-03-29 19:58:11 +02:00
const expiresAt = new Date();
const expiresAtAsISOStr = JSON.parse(JSON.stringify(expiresAt));
return app.request
2021-03-29 19:58:11 +02:00
.post('/api/admin/api-tokens')
.send({
username: 'default-admin',
type: 'admin',
expiresAt,
})
.set('Content-Type', 'application/json')
.expect(201)
.expect((res) => {
expect(res.body.expiresAt).toBe(expiresAtAsISOStr);
2021-03-29 19:58:11 +02:00
});
});
test('update admin token with expiry', async () => {
2021-03-29 19:58:11 +02:00
const tokenSecret = 'random-secret-update';
await db.stores.apiTokenStore.insert({
2021-03-29 19:58:11 +02:00
username: 'test',
secret: tokenSecret,
type: ApiTokenType.CLIENT,
});
await app.request
2021-03-29 19:58:11 +02:00
.put(`/api/admin/api-tokens/${tokenSecret}`)
.send({
expiresAt: new Date(),
})
.set('Content-Type', 'application/json')
.expect(200);
return app.request
2021-03-29 19:58:11 +02:00
.get('/api/admin/api-tokens')
.expect('Content-Type', /json/)
.expect(200)
.expect((res) => {
expect(res.body.tokens.length).toBe(1);
expect(res.body.tokens[0].expiresAt).toBeTruthy();
2021-03-29 19:58:11 +02:00
});
});
test('creates a lot of client tokens', async () => {
2021-03-29 19:58:11 +02:00
const requests = [];
for (let i = 0; i < 10; i++) {
requests.push(
app.request
2021-03-29 19:58:11 +02:00
.post('/api/admin/api-tokens')
.send({
username: 'default-client',
type: 'client',
})
.set('Content-Type', 'application/json')
.expect(201),
);
}
await Promise.all(requests);
expect.assertions(2);
return app.request
2021-03-29 19:58:11 +02:00
.get('/api/admin/api-tokens')
.expect('Content-Type', /json/)
.expect(200)
.expect((res) => {
expect(res.body.tokens.length).toBe(10);
expect(res.body.tokens[2].type).toBe('client');
2021-03-29 19:58:11 +02:00
});
});
test('removes api token', async () => {
2021-03-29 19:58:11 +02:00
const tokenSecret = 'random-secret';
await db.stores.apiTokenStore.insert({
2021-03-29 19:58:11 +02:00
username: 'test',
secret: tokenSecret,
type: ApiTokenType.CLIENT,
});
await app.request
2021-03-29 19:58:11 +02:00
.delete(`/api/admin/api-tokens/${tokenSecret}`)
.set('Content-Type', 'application/json')
.expect(200);
return app.request
2021-03-29 19:58:11 +02:00
.get('/api/admin/api-tokens')
.expect('Content-Type', /json/)
.expect(200)
.expect((res) => {
expect(res.body.tokens.length).toBe(0);
2021-03-29 19:58:11 +02:00
});
});
test('creates new client token: project & environment defaults to "*"', async () => {
return app.request
.post('/api/admin/api-tokens')
.send({
username: 'default-client',
type: 'client',
})
.set('Content-Type', 'application/json')
.expect(201)
.expect((res) => {
expect(res.body.type).toBe('client');
expect(res.body.secret.length > 16).toBe(true);
expect(res.body.environment).toBe(DEFAULT_ENV);
expect(res.body.project).toBe(ALL);
});
});
test('creates new client token with project & environment set', async () => {
return app.request
.post('/api/admin/api-tokens')
.send({
username: 'default-client',
type: 'client',
project: 'default',
environment: DEFAULT_ENV,
})
.set('Content-Type', 'application/json')
.expect(201)
.expect((res) => {
expect(res.body.type).toBe('client');
expect(res.body.secret.length > 16).toBe(true);
expect(res.body.environment).toBe(DEFAULT_ENV);
expect(res.body.project).toBe('default');
});
});
test('should prefix default token with "*:*."', async () => {
return app.request
.post('/api/admin/api-tokens')
.send({
username: 'default-client',
type: 'client',
})
.set('Content-Type', 'application/json')
.expect(201)
.expect((res) => {
expect(res.body.secret).toMatch(/\*:default\..*/);
});
});
test('should prefix token with "project:environment."', async () => {
return app.request
.post('/api/admin/api-tokens')
.send({
username: 'default-client',
type: 'client',
project: 'default',
environment: DEFAULT_ENV,
})
.set('Content-Type', 'application/json')
.expect(201)
.expect((res) => {
expect(res.body.secret).toMatch(/default:default\..*/);
});
});
test('should not create token for invalid projectId', async () => {
return app.request
.post('/api/admin/api-tokens')
.send({
username: 'default-client',
type: 'client',
project: 'bogus-project-something',
})
.set('Content-Type', 'application/json')
.expect(400)
.expect((res) => {
expect(res.body.details[0].message).toMatch(
/bogus-project-something/,
);
});
});
test('should not create token for invalid environment', async () => {
return app.request
.post('/api/admin/api-tokens')
.send({
username: 'default-client',
type: 'client',
environment: 'bogus-environment-something',
})
.set('Content-Type', 'application/json')
.expect(400)
.expect((res) => {
expect(res.body.details[0].message).toMatch(
/bogus-environment-something/,
);
});
});
test('should not create token for invalid project & environment', async () => {
return app.request
.post('/api/admin/api-tokens')
.send({
username: 'default-admin',
type: 'admin',
project: 'bogus-project-something',
environment: 'bogus-environment-something',
})
.set('Content-Type', 'application/json')
.expect(400);
});
test('admin token only supports ALL projects', async () => {
return app.request
.post('/api/admin/api-tokens')
.send({
username: 'default-admin',
type: 'admin',
project: 'default',
environment: '*',
})
.set('Content-Type', 'application/json')
.expect(400);
});
test('admin token only supports ALL environments', async () => {
return app.request
.post('/api/admin/api-tokens')
.send({
username: 'default-admin',
type: 'admin',
project: '*',
environment: DEFAULT_ENV,
})
.set('Content-Type', 'application/json')
.expect(400);
});
test('client tokens cannot span all environments', async () => {
return app.request
.post('/api/admin/api-tokens')
.send({
username: 'default-client',
type: 'client',
environment: ALL,
})
.set('Content-Type', 'application/json')
.expect(400);
});
test('should not create token for disabled environment', async () => {
await db.stores.environmentStore.create({
name: 'disabledEnvironment',
type: 'production',
enabled: false,
});
return app.request
.post('/api/admin/api-tokens')
.send({
username: 'default',
type: 'client',
project: 'default',
environment: 'disabledEnvironment',
})
.set('Content-Type', 'application/json')
.expect(400);
});