1
0
mirror of https://github.com/Unleash/unleash.git synced 2025-01-06 00:07:44 +01:00
unleash.unleash/src/lib/routes/public-invite.test.ts
Ivar Conradi Østhus f00eac0881
fix: User audit events (create, update, delete) should include rootRole. (#5399)
Audit events for USER_CREATE, USER_UPDATE and USER_DELETE did not
include the users rootRole.


![image](https://github.com/Unleash/unleash/assets/158948/fcbc1407-e4f0-438f-86cf-7073205cd8c2)

---------

Co-authored-by: Gastón Fournier <gaston@getunleash.io>
2023-11-24 16:06:37 +01:00

200 lines
5.8 KiB
TypeScript

import createStores from '../../test/fixtures/store';
import { createTestConfig } from '../../test/config/test-config';
import { createServices } from '../services';
import getApp from '../app';
import supertest from 'supertest';
import permissions from '../../test/fixtures/permissions';
import { RoleName, RoleType } from '../types/model';
describe('Public Signup API', () => {
async function getSetup() {
const stores = createStores();
const perms = permissions();
const config = createTestConfig({
preRouterHook: perms.hook,
});
stores.accessStore = {
...stores.accessStore,
addUserToRole: jest.fn(),
removeRolesOfTypeForUser: jest.fn(),
getRolesForUserId: () => Promise.resolve([]),
getRootRoleForUser: () =>
Promise.resolve({
id: -1,
name: RoleName.VIEWER,
type: RoleType.ROOT,
}),
};
const services = createServices(stores, config);
const app = await getApp(config, stores, services);
await stores.roleStore.create({
name: RoleName.VIEWER,
roleType: RoleType.ROOT,
description: '',
});
await stores.roleStore.create({
name: RoleName.ADMIN,
roleType: RoleType.ROOT,
description: '',
});
return {
request: supertest(app),
stores,
perms,
};
}
let stores;
let request;
const user = {
username: 'some-username',
email: 'someEmail@example.com',
name: 'some-name',
password: 'password',
};
beforeEach(async () => {
const setup = await getSetup();
stores = setup.stores;
request = setup.request;
});
const expireAt = (addDays: number = 7): Date => {
const now = new Date();
now.setDate(now.getDate() + addDays);
return now;
};
const createBody = () => ({
name: 'some-name',
expiresAt: expireAt(),
});
test('should create user and add to token', async () => {
expect.assertions(3);
const appName = '123!23';
stores.clientApplicationsStore.upsert({ appName });
stores.publicSignupTokenStore.create({
name: 'some-name',
expiresAt: expireAt(),
});
return request
.post('/invite/some-secret/signup')
.send(user)
.expect(201)
.expect(async (res) => {
const count = await stores.userStore.count();
expect(count).toBe(1);
const eventCount = await stores.eventStore.count();
expect(eventCount).toBe(2); //USER_CREATED && PUBLIC_SIGNUP_TOKEN_USER_ADDED
expect(res.body.username).toBe(user.username);
});
});
test('Should validate required fields', async () => {
const appName = '123!23';
stores.clientApplicationsStore.upsert({ appName });
stores.publicSignupTokenStore.create({
name: 'some-name',
expiresAt: expireAt(),
});
await request
.post('/invite/some-secret/signup')
.send({ name: 'test' })
.expect(400);
await request
.post('/invite/some-secret/signup')
.send({ email: 'test@test.com' })
.expect(400);
await request
.post('/invite/some-secret/signup')
.send({ ...user, rootRole: 1 })
.expect(400);
await request.post('/invite/some-secret/signup').send({}).expect(400);
});
test('should not be able to send root role in signup request body', async () => {
const appName = '123!23';
stores.clientApplicationsStore.upsert({ appName });
stores.publicSignupTokenStore.create({
name: 'some-name',
expiresAt: expireAt(),
});
const roles = await stores.roleStore.getAll();
const adminId = roles.find((role) => role.name === RoleName.ADMIN).id;
return request
.post('/invite/some-secret/signup')
.send({ ...user, rootRole: adminId })
.expect(400);
});
test('should not allow a user to register with expired token', async () => {
const appName = '123!23';
stores.clientApplicationsStore.upsert({ appName });
stores.publicSignupTokenStore.create({
name: 'some-name',
expiresAt: expireAt(-1),
});
return request
.post('/invite/some-secret/signup')
.send(user)
.expect(400);
});
test('should not allow a user to register disabled token', async () => {
const appName = '123!23';
stores.clientApplicationsStore.upsert({ appName });
stores.publicSignupTokenStore.create({
name: 'some-name',
expiresAt: expireAt(),
});
stores.publicSignupTokenStore.update('some-secret', { enabled: false });
return request
.post('/invite/some-secret/signup')
.send(user)
.expect(400);
});
test('should return 200 if token is valid', async () => {
const appName = '123!23';
stores.clientApplicationsStore.upsert({ appName });
// Create a token
const res = await request
.post('/api/admin/invite-link/tokens')
.send(createBody())
.expect(201);
const { secret } = res.body;
return request.get(`/invite/${secret}/validate`).expect(200);
});
test('should return 400 if token is invalid', async () => {
const appName = '123!23';
stores.clientApplicationsStore.upsert({ appName });
return request.get('/invite/some-invalid-secret/validate').expect(400);
});
});