Getting most of the test auth working, adding in global builder configuration.

This commit is contained in:
mike12345567 2021-04-13 18:12:35 +01:00
parent f1e37a501c
commit 105e1cc16f
7 changed files with 50 additions and 33 deletions

View File

@ -29,6 +29,9 @@
email: "test@test.com",
password: "test",
roles: {},
builder: {
global: true,
}
})
notifier.success("Test user created")
} catch (err) {

View File

@ -10,8 +10,15 @@ module.exports = async (url, opts) => {
}
}
if (url.includes("/api/admin")) {
return json({
email: "test@test.com",
_id: "us_test@test.com",
status: "active",
})
}
// mocked data based on url
if (url.includes("api/apps")) {
else if (url.includes("api/apps")) {
return json({
app1: {
url: "/app1",
@ -41,12 +48,6 @@ module.exports = async (url, opts) => {
],
bookmark: "test",
})
} else if (url.includes("/api/admin")) {
return json({
email: "test@test.com",
_id: "us_test@test.com",
status: "active",
})
}
return fetch(url, opts)
}

View File

@ -30,14 +30,10 @@ module.exports = (permType, permLevel = null) => async (ctx, next) => {
ctx.roleId
)
// TODO: need to determine if the user has permission to build here, global cookie
// this may need to change in the future, right now only admins
// can have access to builder features, this is hard coded into
// our rules
if (isAuthed) {
let isBuilder = ctx.user && ctx.user.builder && ctx.user.builder.global
if (permType === PermissionTypes.BUILDER && isBuilder) {
return next()
} else if (permType === PermissionTypes.BUILDER) {
} else if (permType === PermissionTypes.BUILDER && !isBuilder) {
return ctx.throw(403, "Not Authorized")
}

View File

@ -15,12 +15,11 @@ module.exports = async (ctx, next) => {
let updateCookie = false,
appId,
roleId
roleId = BUILTIN_ROLE_IDS.PUBLIC
if (!ctx.user) {
// not logged in, try to set a cookie for public apps
updateCookie = true
appId = requestAppId
roleId = BUILTIN_ROLE_IDS.PUBLIC
} else if (
requestAppId != null &&
(appCookie == null ||
@ -31,7 +30,9 @@ module.exports = async (ctx, next) => {
const globalUser = await getGlobalUsers(ctx, requestAppId, ctx.user.email)
updateCookie = true
appId = requestAppId
roleId = globalUser.roles[requestAppId] || BUILTIN_ROLE_IDS.PUBLIC
if (globalUser.roles && globalUser.roles[requestAppId]) {
roleId = globalUser.roles[requestAppId]
}
} else if (appCookie != null) {
appId = appCookie.appId
roleId = appCookie.roleId || BUILTIN_ROLE_IDS.PUBLIC

View File

@ -15,6 +15,7 @@ const {
const controllers = require("./controllers")
const supertest = require("supertest")
const { cleanup } = require("../../utilities/fileSystem")
const { Cookies } = require("@budibase/auth")
const EMAIL = "babs@babs.com"
const PASSWORD = "babs_password"
@ -68,16 +69,26 @@ class TestConfiguration {
}
defaultHeaders() {
const builderUser = {
userId: "BUILDER",
const user = {
userId: "us_test@test.com",
email: "test@test.com",
roleId: BUILTIN_ROLE_IDS.BUILDER,
builder: {
global: true,
},
}
const builderToken = jwt.sign(builderUser, env.JWT_SECRET)
// can be "production" for test case
const type = env.isProd() ? "cloud" : "local"
const app = {
roleId: BUILTIN_ROLE_IDS.BUILDER,
appId: this.appId,
}
const authToken = jwt.sign(user, env.JWT_SECRET)
const appToken = jwt.sign(app, env.JWT_SECRET)
const headers = {
Accept: "application/json",
Cookie: [`budibase:builder:${type}=${builderToken}`],
Cookie: [
`${Cookies.Auth}=${authToken}`,
`${Cookies.CurrentApp}=${appToken}`,
],
}
if (this.appId) {
headers["x-budibase-app-id"] = this.appId
@ -307,20 +318,18 @@ class TestConfiguration {
}
if (!email || !password) {
await this.createUser()
email = EMAIL
password = PASSWORD
}
const result = await this.request
.post(`/api/authenticate`)
.set({
"x-budibase-app-id": this.appId,
})
.send({ email, password })
const user = {
userId: "us_test@test.com",
email: EMAIL,
roleId: BUILTIN_ROLE_IDS.BASIC,
}
const token = jwt.sign(user, env.JWT_SECRET)
// returning necessary request headers
return {
Accept: "application/json",
Cookie: result.headers["set-cookie"],
Cookie: [`${Cookies.Auth}=${token}`],
"x-budibase-app-id": this.appId,
}
}

View File

@ -99,6 +99,9 @@ exports.saveGlobalUser = async (ctx, appId, email, body) => {
password: body.password || undefined,
status: body.status,
roles,
builder: {
global: true,
},
},
}

View File

@ -13,12 +13,16 @@ function buildUserSaveValidation() {
_rev: Joi.string(),
email: Joi.string(),
password: Joi.string().allow(null, ""),
builder: Joi.object({
global: Joi.boolean().allow(undefined),
apps: Joi.array().allow(undefined),
}).unknown(true).allow(undefined),
// maps appId -> roleId for the user
roles: Joi.object()
.pattern(/.*/, Joi.string())
.required()
.unknown(true)
}).required().unknown(true))
}).required().unknown(true).allow(undefined))
}
router