Switching out how headers are handled, and updating the permissions test.
This commit is contained in:
parent
5d3b110985
commit
54d12bd9e7
|
@ -1,6 +1,5 @@
|
|||
const {
|
||||
supertest,
|
||||
defaultHeaders,
|
||||
} = require("./utilities")
|
||||
const TestConfig = require("./utilities/TestConfiguration")
|
||||
const { clearAllApps, checkBuilderEndpoint } = require("./utilities/TestFunctions")
|
||||
|
@ -29,7 +28,7 @@ describe("/applications", () => {
|
|||
const res = await request
|
||||
.post("/api/applications")
|
||||
.send({ name: "My App" })
|
||||
.set(defaultHeaders())
|
||||
.set(config.defaultHeaders())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
expect(res.res.statusMessage).toEqual("Application My App created successfully")
|
||||
|
@ -53,7 +52,7 @@ describe("/applications", () => {
|
|||
|
||||
const res = await request
|
||||
.get("/api/applications")
|
||||
.set(defaultHeaders())
|
||||
.set(config.defaultHeaders())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
const {
|
||||
defaultHeaders,
|
||||
supertest,
|
||||
} = require("./utilities")
|
||||
const TestConfig = require("./utilities/TestConfiguration")
|
||||
|
@ -22,7 +21,6 @@ describe("/automations", () => {
|
|||
let request
|
||||
let server
|
||||
let app
|
||||
let appId
|
||||
let config
|
||||
let automation
|
||||
|
||||
|
@ -33,7 +31,6 @@ describe("/automations", () => {
|
|||
beforeEach(async () => {
|
||||
config = new TestConfig(request)
|
||||
app = await config.init()
|
||||
appId = app.instance._id
|
||||
})
|
||||
|
||||
afterAll(() => {
|
||||
|
@ -44,7 +41,7 @@ describe("/automations", () => {
|
|||
return await request
|
||||
.post(`/api/automations/${automation._id}/trigger`)
|
||||
.send({ name: "Test", description: "TEST" })
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
}
|
||||
|
@ -53,7 +50,7 @@ describe("/automations", () => {
|
|||
it("returns a list of definitions for actions", async () => {
|
||||
const res = await request
|
||||
.get(`/api/automations/action/list`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
|
||||
|
@ -64,7 +61,7 @@ describe("/automations", () => {
|
|||
it("returns a list of definitions for triggers", async () => {
|
||||
const res = await request
|
||||
.get(`/api/automations/trigger/list`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
|
||||
|
@ -75,7 +72,7 @@ describe("/automations", () => {
|
|||
it("returns a list of definitions for actions", async () => {
|
||||
const res = await request
|
||||
.get(`/api/automations/logic/list`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
|
||||
|
@ -86,7 +83,7 @@ describe("/automations", () => {
|
|||
it("returns all of the definitions in one", async () => {
|
||||
const res = await request
|
||||
.get(`/api/automations/definitions/list`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
|
||||
|
@ -115,7 +112,7 @@ describe("/automations", () => {
|
|||
it("returns a success message when the automation is successfully created", async () => {
|
||||
const res = await request
|
||||
.post(`/api/automations`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.send(autoConfig)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
|
@ -173,7 +170,7 @@ describe("/automations", () => {
|
|||
|
||||
const res = await request
|
||||
.put(`/api/automations`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.send(automation)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
|
@ -190,7 +187,7 @@ describe("/automations", () => {
|
|||
automation = await config.createAutomation(autoConfig)
|
||||
const res = await request
|
||||
.get(`/api/automations`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
|
||||
|
@ -211,7 +208,7 @@ describe("/automations", () => {
|
|||
const automation = await config.createAutomation()
|
||||
const res = await request
|
||||
.delete(`/api/automations/${automation.id}/${automation.rev}`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
const {
|
||||
supertest,
|
||||
defaultHeaders,
|
||||
} = require("./utilities")
|
||||
let TestConfig = require("./utilities/TestConfiguration")
|
||||
let { basicDatasource } = require("./utilities/structures")
|
||||
|
@ -9,10 +8,7 @@ let { checkBuilderEndpoint } = require("./utilities/TestFunctions")
|
|||
describe("/datasources", () => {
|
||||
let request
|
||||
let server
|
||||
let app
|
||||
let appId
|
||||
let config
|
||||
let datasource
|
||||
|
||||
beforeAll(async () => {
|
||||
({ request, server } = await supertest())
|
||||
|
@ -24,8 +20,7 @@ describe("/datasources", () => {
|
|||
})
|
||||
|
||||
beforeEach(async () => {
|
||||
app = await config.init()
|
||||
appId = app.instance._id
|
||||
await config.init()
|
||||
});
|
||||
|
||||
describe("create", () => {
|
||||
|
@ -33,7 +28,7 @@ describe("/datasources", () => {
|
|||
const res = await request
|
||||
.post(`/api/datasources`)
|
||||
.send(basicDatasource())
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
|
||||
|
@ -56,7 +51,7 @@ describe("/datasources", () => {
|
|||
it("returns all the datasources from the server", async () => {
|
||||
const res = await request
|
||||
.get(`/api/datasources`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
|
||||
|
@ -95,12 +90,12 @@ describe("/datasources", () => {
|
|||
|
||||
await request
|
||||
.delete(`/api/datasources/${datasource._id}/${datasource._rev}`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect(200)
|
||||
|
||||
const res = await request
|
||||
.get(`/api/datasources`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
|
||||
|
|
|
@ -1,14 +1,9 @@
|
|||
const {
|
||||
createApplication,
|
||||
createTable,
|
||||
createRow,
|
||||
supertest,
|
||||
defaultHeaders,
|
||||
addPermission,
|
||||
publicHeaders,
|
||||
makeBasicRow,
|
||||
} = require("./couchTestUtils")
|
||||
} = require("./utilities")
|
||||
const { BUILTIN_ROLE_IDS } = require("../../../utilities/security/roles")
|
||||
const TestConfig = require("./utilities/TestConfiguration")
|
||||
const { basicRow } = require("./utilities/structures")
|
||||
|
||||
const HIGHER_ROLE_ID = BUILTIN_ROLE_IDS.BASIC
|
||||
const STD_ROLE_ID = BUILTIN_ROLE_IDS.PUBLIC
|
||||
|
@ -16,13 +11,14 @@ const STD_ROLE_ID = BUILTIN_ROLE_IDS.PUBLIC
|
|||
describe("/permission", () => {
|
||||
let server
|
||||
let request
|
||||
let appId
|
||||
let table
|
||||
let perms
|
||||
let row
|
||||
let config
|
||||
|
||||
beforeAll(async () => {
|
||||
;({ request, server } = await supertest())
|
||||
config = new TestConfig(request)
|
||||
})
|
||||
|
||||
afterAll(() => {
|
||||
|
@ -30,17 +26,16 @@ describe("/permission", () => {
|
|||
})
|
||||
|
||||
beforeEach(async () => {
|
||||
let app = await createApplication(request)
|
||||
appId = app.instance._id
|
||||
table = await createTable(request, appId)
|
||||
perms = await addPermission(request, appId, STD_ROLE_ID, table._id)
|
||||
row = await createRow(request, appId, table._id)
|
||||
await config.init()
|
||||
table = await config.createTable()
|
||||
row = await config.createRow()
|
||||
perms = await config.addPermission(STD_ROLE_ID, table._id)
|
||||
})
|
||||
|
||||
async function getTablePermissions() {
|
||||
return request
|
||||
.get(`/api/permission/${table._id}`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect("Content-Type", /json/)
|
||||
.expect(200)
|
||||
}
|
||||
|
@ -49,7 +44,7 @@ describe("/permission", () => {
|
|||
it("should be able to get levels", async () => {
|
||||
const res = await request
|
||||
.get(`/api/permission/levels`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect("Content-Type", /json/)
|
||||
.expect(200)
|
||||
expect(res.body).toBeDefined()
|
||||
|
@ -68,7 +63,7 @@ describe("/permission", () => {
|
|||
it("should get the resource permissions", async () => {
|
||||
const res = await request
|
||||
.get(`/api/permission/${table._id}`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect("Content-Type", /json/)
|
||||
.expect(200)
|
||||
expect(res.body["read"]).toEqual(STD_ROLE_ID)
|
||||
|
@ -76,13 +71,13 @@ describe("/permission", () => {
|
|||
})
|
||||
|
||||
it("should get resource permissions with multiple roles", async () => {
|
||||
perms = await addPermission(request, appId, HIGHER_ROLE_ID, table._id, "write")
|
||||
perms = await config.addPermission(HIGHER_ROLE_ID, table._id, "write")
|
||||
const res = await getTablePermissions()
|
||||
expect(res.body["read"]).toEqual(STD_ROLE_ID)
|
||||
expect(res.body["write"]).toEqual(HIGHER_ROLE_ID)
|
||||
const allRes = await request
|
||||
.get(`/api/permission`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect("Content-Type", /json/)
|
||||
.expect(200)
|
||||
expect(allRes.body[table._id]["write"]).toEqual(HIGHER_ROLE_ID)
|
||||
|
@ -94,7 +89,7 @@ describe("/permission", () => {
|
|||
it("should be able to remove the permission", async () => {
|
||||
const res = await request
|
||||
.delete(`/api/permission/${STD_ROLE_ID}/${table._id}/read`)
|
||||
.set(defaultHeaders(appId))
|
||||
.set(config.defaultHeaders())
|
||||
.expect("Content-Type", /json/)
|
||||
.expect(200)
|
||||
expect(res.body[0]._id).toEqual(STD_ROLE_ID)
|
||||
|
@ -107,7 +102,7 @@ describe("/permission", () => {
|
|||
it("should be able to read the row", async () => {
|
||||
const res = await request
|
||||
.get(`/api/${table._id}/rows`)
|
||||
.set(publicHeaders(appId))
|
||||
.set(config.publicHeaders())
|
||||
.expect("Content-Type", /json/)
|
||||
.expect(200)
|
||||
expect(res.body[0]._id).toEqual(row._id)
|
||||
|
@ -116,8 +111,8 @@ describe("/permission", () => {
|
|||
it("shouldn't allow writing from a public user", async () => {
|
||||
const res = await request
|
||||
.post(`/api/${table._id}/rows`)
|
||||
.send(makeBasicRow(table._id))
|
||||
.set(publicHeaders(appId))
|
||||
.send(basicRow(table._id))
|
||||
.set(config.publicHeaders())
|
||||
.expect("Content-Type", /json/)
|
||||
.expect(403)
|
||||
expect(res.status).toEqual(403)
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
const { BUILTIN_ROLE_IDS } = require("../../../../utilities/security/roles")
|
||||
const jwt = require("jsonwebtoken")
|
||||
const env = require("../../../../environment")
|
||||
const {
|
||||
basicTable,
|
||||
|
@ -41,6 +42,32 @@ class TestConfiguration {
|
|||
return this.createApp(appName)
|
||||
}
|
||||
|
||||
defaultHeaders() {
|
||||
const builderUser = {
|
||||
userId: "BUILDER",
|
||||
roleId: BUILTIN_ROLE_IDS.BUILDER,
|
||||
}
|
||||
const builderToken = jwt.sign(builderUser, env.JWT_SECRET)
|
||||
const headers = {
|
||||
Accept: "application/json",
|
||||
Cookie: [`budibase:builder:local=${builderToken}`],
|
||||
}
|
||||
if (this.appId) {
|
||||
headers["x-budibase-app-id"] = this.appId
|
||||
}
|
||||
return headers
|
||||
}
|
||||
|
||||
publicHeaders() {
|
||||
const headers = {
|
||||
Accept: "application/json",
|
||||
}
|
||||
if (this.appId) {
|
||||
headers["x-budibase-app-id"] = this.appId
|
||||
}
|
||||
return headers
|
||||
}
|
||||
|
||||
async createApp(appName) {
|
||||
this.app = await this._req({ name: appName }, null, controllers.app.create)
|
||||
this.appId = this.app._id
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
const supertest = require("supertest")
|
||||
const { BUILTIN_ROLE_IDS } = require("../../../../utilities/security/roles")
|
||||
const jwt = require("jsonwebtoken")
|
||||
const env = require("../../../../environment")
|
||||
|
||||
const TEST_CLIENT_ID = "test-client-id"
|
||||
|
||||
exports.TEST_CLIENT_ID = TEST_CLIENT_ID
|
||||
|
||||
exports.supertest = async () => {
|
||||
let request
|
||||
let server
|
||||
|
@ -15,33 +14,3 @@ exports.supertest = async () => {
|
|||
request = supertest(server)
|
||||
return { request, server }
|
||||
}
|
||||
|
||||
exports.defaultHeaders = appId => {
|
||||
const builderUser = {
|
||||
userId: "BUILDER",
|
||||
roleId: BUILTIN_ROLE_IDS.BUILDER,
|
||||
}
|
||||
|
||||
const builderToken = jwt.sign(builderUser, env.JWT_SECRET)
|
||||
|
||||
const headers = {
|
||||
Accept: "application/json",
|
||||
Cookie: [`budibase:builder:local=${builderToken}`],
|
||||
}
|
||||
if (appId) {
|
||||
headers["x-budibase-app-id"] = appId
|
||||
}
|
||||
|
||||
return headers
|
||||
}
|
||||
|
||||
exports.publicHeaders = appId => {
|
||||
const headers = {
|
||||
Accept: "application/json",
|
||||
}
|
||||
if (appId) {
|
||||
headers["x-budibase-app-id"] = appId
|
||||
}
|
||||
|
||||
return headers
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue