From f7cdced688c2e396b8ec2203babc1f2683228129 Mon Sep 17 00:00:00 2001 From: mike12345567 Date: Thu, 4 Mar 2021 10:40:27 +0000 Subject: [PATCH] Switching out how headers are handled, and updating the permissions test. --- .../src/api/routes/tests/application.spec.js | 5 +-- .../src/api/routes/tests/automation.spec.js | 21 ++++------ .../src/api/routes/tests/datasource.spec.js | 15 +++---- .../src/api/routes/tests/permissions.spec.js | 41 ++++++++----------- .../tests/utilities/TestConfiguration.js | 27 ++++++++++++ .../src/api/routes/tests/utilities/index.js | 33 +-------------- 6 files changed, 62 insertions(+), 80 deletions(-) diff --git a/packages/server/src/api/routes/tests/application.spec.js b/packages/server/src/api/routes/tests/application.spec.js index e5100573ff..8aa3d0288a 100644 --- a/packages/server/src/api/routes/tests/application.spec.js +++ b/packages/server/src/api/routes/tests/application.spec.js @@ -1,6 +1,5 @@ const { supertest, - defaultHeaders, } = require("./utilities") const TestConfig = require("./utilities/TestConfiguration") const { clearAllApps, checkBuilderEndpoint } = require("./utilities/TestFunctions") @@ -29,7 +28,7 @@ describe("/applications", () => { const res = await request .post("/api/applications") .send({ name: "My App" }) - .set(defaultHeaders()) + .set(config.defaultHeaders()) .expect('Content-Type', /json/) .expect(200) expect(res.res.statusMessage).toEqual("Application My App created successfully") @@ -53,7 +52,7 @@ describe("/applications", () => { const res = await request .get("/api/applications") - .set(defaultHeaders()) + .set(config.defaultHeaders()) .expect('Content-Type', /json/) .expect(200) diff --git a/packages/server/src/api/routes/tests/automation.spec.js b/packages/server/src/api/routes/tests/automation.spec.js index 3f3fa93192..3118f36903 100644 --- a/packages/server/src/api/routes/tests/automation.spec.js +++ b/packages/server/src/api/routes/tests/automation.spec.js @@ -1,5 +1,4 @@ const { - defaultHeaders, supertest, } = require("./utilities") const TestConfig = require("./utilities/TestConfiguration") @@ -22,7 +21,6 @@ describe("/automations", () => { let request let server let app - let appId let config let automation @@ -33,7 +31,6 @@ describe("/automations", () => { beforeEach(async () => { config = new TestConfig(request) app = await config.init() - appId = app.instance._id }) afterAll(() => { @@ -44,7 +41,7 @@ describe("/automations", () => { return await request .post(`/api/automations/${automation._id}/trigger`) .send({ name: "Test", description: "TEST" }) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect('Content-Type', /json/) .expect(200) } @@ -53,7 +50,7 @@ describe("/automations", () => { it("returns a list of definitions for actions", async () => { const res = await request .get(`/api/automations/action/list`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect('Content-Type', /json/) .expect(200) @@ -64,7 +61,7 @@ describe("/automations", () => { it("returns a list of definitions for triggers", async () => { const res = await request .get(`/api/automations/trigger/list`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect('Content-Type', /json/) .expect(200) @@ -75,7 +72,7 @@ describe("/automations", () => { it("returns a list of definitions for actions", async () => { const res = await request .get(`/api/automations/logic/list`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect('Content-Type', /json/) .expect(200) @@ -86,7 +83,7 @@ describe("/automations", () => { it("returns all of the definitions in one", async () => { const res = await request .get(`/api/automations/definitions/list`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect('Content-Type', /json/) .expect(200) @@ -115,7 +112,7 @@ describe("/automations", () => { it("returns a success message when the automation is successfully created", async () => { const res = await request .post(`/api/automations`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .send(autoConfig) .expect('Content-Type', /json/) .expect(200) @@ -173,7 +170,7 @@ describe("/automations", () => { const res = await request .put(`/api/automations`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .send(automation) .expect('Content-Type', /json/) .expect(200) @@ -190,7 +187,7 @@ describe("/automations", () => { automation = await config.createAutomation(autoConfig) const res = await request .get(`/api/automations`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect('Content-Type', /json/) .expect(200) @@ -211,7 +208,7 @@ describe("/automations", () => { const automation = await config.createAutomation() const res = await request .delete(`/api/automations/${automation.id}/${automation.rev}`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect('Content-Type', /json/) .expect(200) diff --git a/packages/server/src/api/routes/tests/datasource.spec.js b/packages/server/src/api/routes/tests/datasource.spec.js index 0bded03020..1f78c65f07 100644 --- a/packages/server/src/api/routes/tests/datasource.spec.js +++ b/packages/server/src/api/routes/tests/datasource.spec.js @@ -1,6 +1,5 @@ const { supertest, - defaultHeaders, } = require("./utilities") let TestConfig = require("./utilities/TestConfiguration") let { basicDatasource } = require("./utilities/structures") @@ -9,10 +8,7 @@ let { checkBuilderEndpoint } = require("./utilities/TestFunctions") describe("/datasources", () => { let request let server - let app - let appId let config - let datasource beforeAll(async () => { ({ request, server } = await supertest()) @@ -24,8 +20,7 @@ describe("/datasources", () => { }) beforeEach(async () => { - app = await config.init() - appId = app.instance._id + await config.init() }); describe("create", () => { @@ -33,7 +28,7 @@ describe("/datasources", () => { const res = await request .post(`/api/datasources`) .send(basicDatasource()) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect('Content-Type', /json/) .expect(200) @@ -56,7 +51,7 @@ describe("/datasources", () => { it("returns all the datasources from the server", async () => { const res = await request .get(`/api/datasources`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect('Content-Type', /json/) .expect(200) @@ -95,12 +90,12 @@ describe("/datasources", () => { await request .delete(`/api/datasources/${datasource._id}/${datasource._rev}`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect(200) const res = await request .get(`/api/datasources`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect('Content-Type', /json/) .expect(200) diff --git a/packages/server/src/api/routes/tests/permissions.spec.js b/packages/server/src/api/routes/tests/permissions.spec.js index bb1f072efc..046a0dc00b 100644 --- a/packages/server/src/api/routes/tests/permissions.spec.js +++ b/packages/server/src/api/routes/tests/permissions.spec.js @@ -1,14 +1,9 @@ const { - createApplication, - createTable, - createRow, supertest, - defaultHeaders, - addPermission, - publicHeaders, - makeBasicRow, -} = require("./couchTestUtils") +} = require("./utilities") const { BUILTIN_ROLE_IDS } = require("../../../utilities/security/roles") +const TestConfig = require("./utilities/TestConfiguration") +const { basicRow } = require("./utilities/structures") const HIGHER_ROLE_ID = BUILTIN_ROLE_IDS.BASIC const STD_ROLE_ID = BUILTIN_ROLE_IDS.PUBLIC @@ -16,13 +11,14 @@ const STD_ROLE_ID = BUILTIN_ROLE_IDS.PUBLIC describe("/permission", () => { let server let request - let appId let table let perms let row + let config beforeAll(async () => { ;({ request, server } = await supertest()) + config = new TestConfig(request) }) afterAll(() => { @@ -30,17 +26,16 @@ describe("/permission", () => { }) beforeEach(async () => { - let app = await createApplication(request) - appId = app.instance._id - table = await createTable(request, appId) - perms = await addPermission(request, appId, STD_ROLE_ID, table._id) - row = await createRow(request, appId, table._id) + await config.init() + table = await config.createTable() + row = await config.createRow() + perms = await config.addPermission(STD_ROLE_ID, table._id) }) async function getTablePermissions() { return request .get(`/api/permission/${table._id}`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect("Content-Type", /json/) .expect(200) } @@ -49,7 +44,7 @@ describe("/permission", () => { it("should be able to get levels", async () => { const res = await request .get(`/api/permission/levels`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect("Content-Type", /json/) .expect(200) expect(res.body).toBeDefined() @@ -68,7 +63,7 @@ describe("/permission", () => { it("should get the resource permissions", async () => { const res = await request .get(`/api/permission/${table._id}`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect("Content-Type", /json/) .expect(200) expect(res.body["read"]).toEqual(STD_ROLE_ID) @@ -76,13 +71,13 @@ describe("/permission", () => { }) it("should get resource permissions with multiple roles", async () => { - perms = await addPermission(request, appId, HIGHER_ROLE_ID, table._id, "write") + perms = await config.addPermission(HIGHER_ROLE_ID, table._id, "write") const res = await getTablePermissions() expect(res.body["read"]).toEqual(STD_ROLE_ID) expect(res.body["write"]).toEqual(HIGHER_ROLE_ID) const allRes = await request .get(`/api/permission`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect("Content-Type", /json/) .expect(200) expect(allRes.body[table._id]["write"]).toEqual(HIGHER_ROLE_ID) @@ -94,7 +89,7 @@ describe("/permission", () => { it("should be able to remove the permission", async () => { const res = await request .delete(`/api/permission/${STD_ROLE_ID}/${table._id}/read`) - .set(defaultHeaders(appId)) + .set(config.defaultHeaders()) .expect("Content-Type", /json/) .expect(200) expect(res.body[0]._id).toEqual(STD_ROLE_ID) @@ -107,7 +102,7 @@ describe("/permission", () => { it("should be able to read the row", async () => { const res = await request .get(`/api/${table._id}/rows`) - .set(publicHeaders(appId)) + .set(config.publicHeaders()) .expect("Content-Type", /json/) .expect(200) expect(res.body[0]._id).toEqual(row._id) @@ -116,8 +111,8 @@ describe("/permission", () => { it("shouldn't allow writing from a public user", async () => { const res = await request .post(`/api/${table._id}/rows`) - .send(makeBasicRow(table._id)) - .set(publicHeaders(appId)) + .send(basicRow(table._id)) + .set(config.publicHeaders()) .expect("Content-Type", /json/) .expect(403) expect(res.status).toEqual(403) diff --git a/packages/server/src/api/routes/tests/utilities/TestConfiguration.js b/packages/server/src/api/routes/tests/utilities/TestConfiguration.js index 544c5434e6..1c07a8f7ff 100644 --- a/packages/server/src/api/routes/tests/utilities/TestConfiguration.js +++ b/packages/server/src/api/routes/tests/utilities/TestConfiguration.js @@ -1,4 +1,5 @@ const { BUILTIN_ROLE_IDS } = require("../../../../utilities/security/roles") +const jwt = require("jsonwebtoken") const env = require("../../../../environment") const { basicTable, @@ -41,6 +42,32 @@ class TestConfiguration { return this.createApp(appName) } + defaultHeaders() { + const builderUser = { + userId: "BUILDER", + roleId: BUILTIN_ROLE_IDS.BUILDER, + } + const builderToken = jwt.sign(builderUser, env.JWT_SECRET) + const headers = { + Accept: "application/json", + Cookie: [`budibase:builder:local=${builderToken}`], + } + if (this.appId) { + headers["x-budibase-app-id"] = this.appId + } + return headers + } + + publicHeaders() { + const headers = { + Accept: "application/json", + } + if (this.appId) { + headers["x-budibase-app-id"] = this.appId + } + return headers + } + async createApp(appName) { this.app = await this._req({ name: appName }, null, controllers.app.create) this.appId = this.app._id diff --git a/packages/server/src/api/routes/tests/utilities/index.js b/packages/server/src/api/routes/tests/utilities/index.js index 9c58364aaa..1421521a26 100644 --- a/packages/server/src/api/routes/tests/utilities/index.js +++ b/packages/server/src/api/routes/tests/utilities/index.js @@ -1,11 +1,10 @@ const supertest = require("supertest") -const { BUILTIN_ROLE_IDS } = require("../../../../utilities/security/roles") -const jwt = require("jsonwebtoken") const env = require("../../../../environment") const TEST_CLIENT_ID = "test-client-id" exports.TEST_CLIENT_ID = TEST_CLIENT_ID + exports.supertest = async () => { let request let server @@ -15,33 +14,3 @@ exports.supertest = async () => { request = supertest(server) return { request, server } } - -exports.defaultHeaders = appId => { - const builderUser = { - userId: "BUILDER", - roleId: BUILTIN_ROLE_IDS.BUILDER, - } - - const builderToken = jwt.sign(builderUser, env.JWT_SECRET) - - const headers = { - Accept: "application/json", - Cookie: [`budibase:builder:local=${builderToken}`], - } - if (appId) { - headers["x-budibase-app-id"] = appId - } - - return headers -} - -exports.publicHeaders = appId => { - const headers = { - Accept: "application/json", - } - if (appId) { - headers["x-budibase-app-id"] = appId - } - - return headers -}