unleash.unleash/src/test/e2e/services/reset-token-service.e2e.test.ts

import dbInit from '../helpers/database-init';
import getLogger from '../../fixtures/no-logger';
import ResetTokenService from '../../../lib/services/reset-token-service';
import UserService from '../../../lib/services/user-service';
import { AccessService } from '../../../lib/services/access-service';
import { EmailService } from '../../../lib/services/email-service';
import { IUnleashConfig } from '../../../lib/types/option';
import { createTestConfig } from '../../config/test-config';
import SessionService from '../../../lib/services/session-service';
import InvalidTokenError from '../../../lib/error/invalid-token-error';
import { IUser } from '../../../lib/types/user';

const config: IUnleashConfig = createTestConfig();

let stores;
let db;
let adminUser;
let userToCreateResetFor: IUser;
let userIdToCreateResetFor: number;
let accessService: AccessService;
let userService: UserService;
let resetTokenService: ResetTokenService;
let sessionService: SessionService;
beforeAll(async () => {
    db = await dbInit('reset_token_service_serial', getLogger);
    stores = db.stores;
    accessService = new AccessService(stores, config);
    resetTokenService = new ResetTokenService(stores, config);
    sessionService = new SessionService(stores, config);
    const emailService = new EmailService(undefined, config.getLogger);

    userService = new UserService(stores, config, {
        accessService,
        resetTokenService,
        emailService,
        sessionService,
    });

    adminUser = await userService.createUser({
        username: 'admin@test.com',
        rootRole: 1,
    });

    userToCreateResetFor = await userService.createUser({
        username: 'test@test.com',
        rootRole: 2,
    });
    userIdToCreateResetFor = userToCreateResetFor.id;
});

afterAll(async () => {
    if (db) {
        await db.destroy();
    }
});

test('Should create a reset link', async () => {
    const url = await resetTokenService.createResetPasswordUrl(
        userIdToCreateResetFor,
        adminUser,
    );

    expect(url.toString().substring(0, url.toString().indexOf('='))).toBe(
        `${config.server.unleashUrl}/reset-password?token`,
    );
});

test('Should create a reset link with unleashUrl with context path', async () => {
    const localConfig = createTestConfig({
        server: { unleashUrl: 'http://localhost:4242/my/sub/path' },
    });
    const resetToken: ResetTokenService = new ResetTokenService(
        stores,
        localConfig,
    );

    const url = await resetToken.createResetPasswordUrl(
        userIdToCreateResetFor,
        adminUser,
    );
    expect(url.toString().substring(0, url.toString().indexOf('='))).toBe(
        `${localConfig.server.unleashUrl}/reset-password?token`,
    );
});

test('Should create a welcome link', async () => {
    const url = await resetTokenService.createNewUserUrl(
        userIdToCreateResetFor,
        adminUser.username,
    );
    const urlS = url.toString();
    expect(urlS.substring(0, urlS.indexOf('='))).toBe(
        `${config.server.unleashUrl}/new-user?token`,
    );
});

test('Tokens should be one-time only', async () => {
    const token = await resetTokenService.createToken(
        userIdToCreateResetFor,
        adminUser,
    );

    const accessGranted = await resetTokenService.useAccessToken(token);
    expect(accessGranted).toBe(true);
    const secondGo = await resetTokenService.useAccessToken(token);
    expect(secondGo).toBe(false);
});

test('Creating a new token should expire older tokens', async () => {
    const firstToken = await resetTokenService.createToken(
        userIdToCreateResetFor,
        adminUser,
    );
    const secondToken = await resetTokenService.createToken(
        userIdToCreateResetFor,
        adminUser,
    );
    await expect(async () =>
        resetTokenService.isValid(firstToken.token),
    ).rejects.toThrow(InvalidTokenError);
    const validToken = await resetTokenService.isValid(secondToken.token);
    expect(secondToken.token).toBe(validToken.token);
});

test('Retrieving valid invitation links should retrieve an object with userid key and token value', async () => {
    const token = await resetTokenService.createToken(
        userIdToCreateResetFor,
        adminUser,
    );
    expect(token).toBeTruthy();
    const activeInvitations = await resetTokenService.getActiveInvitations();
    expect(Object.keys(activeInvitations).length === 1).toBe(true);
    expect(+Object.keys(activeInvitations)[0] === userIdToCreateResetFor).toBe(
        true,
    );
    expect(activeInvitations[userIdToCreateResetFor]).toBeTruthy();
});