Switching out how headers are handled, and updating the permissions test.
This commit is contained in:
mike12345567
parent
f10ac0a178
commit
f7cdced688
|
|
@ -1,6 +1,5 @@
|
||||||
const {
|
const {
|
||||||
supertest,
|
supertest,
|
||||||
defaultHeaders,
|
|
||||||
} = require("./utilities")
|
} = require("./utilities")
|
||||||
const TestConfig = require("./utilities/TestConfiguration")
|
const TestConfig = require("./utilities/TestConfiguration")
|
||||||
const { clearAllApps, checkBuilderEndpoint } = require("./utilities/TestFunctions")
|
const { clearAllApps, checkBuilderEndpoint } = require("./utilities/TestFunctions")
|
||||||
|
|
@ -29,7 +28,7 @@ describe("/applications", () => {
|
||||||
const res = await request
|
const res = await request
|
||||||
.post("/api/applications")
|
.post("/api/applications")
|
||||||
.send({ name: "My App" })
|
.send({ name: "My App" })
|
||||||
.set(defaultHeaders())
|
.set(config.defaultHeaders())
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
expect(res.res.statusMessage).toEqual("Application My App created successfully")
|
expect(res.res.statusMessage).toEqual("Application My App created successfully")
|
||||||
|
|
@ -53,7 +52,7 @@ describe("/applications", () => {
|
||||||
|
|
||||||
const res = await request
|
const res = await request
|
||||||
.get("/api/applications")
|
.get("/api/applications")
|
||||||
.set(defaultHeaders())
|
.set(config.defaultHeaders())
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,4 @@
|
||||||
const {
|
const {
|
||||||
defaultHeaders,
|
|
||||||
supertest,
|
supertest,
|
||||||
} = require("./utilities")
|
} = require("./utilities")
|
||||||
const TestConfig = require("./utilities/TestConfiguration")
|
const TestConfig = require("./utilities/TestConfiguration")
|
||||||
|
|
@ -22,7 +21,6 @@ describe("/automations", () => {
|
||||||
let request
|
let request
|
||||||
let server
|
let server
|
||||||
let app
|
let app
|
||||||
let appId
|
|
||||||
let config
|
let config
|
||||||
let automation
|
let automation
|
||||||
|
|
||||||
|
|
@ -33,7 +31,6 @@ describe("/automations", () => {
|
||||||
beforeEach(async () => {
|
beforeEach(async () => {
|
||||||
config = new TestConfig(request)
|
config = new TestConfig(request)
|
||||||
app = await config.init()
|
app = await config.init()
|
||||||
appId = app.instance._id
|
|
||||||
})
|
})
|
||||||
|
|
||||||
afterAll(() => {
|
afterAll(() => {
|
||||||
|
|
@ -44,7 +41,7 @@ describe("/automations", () => {
|
||||||
return await request
|
return await request
|
||||||
.post(`/api/automations/${automation._id}/trigger`)
|
.post(`/api/automations/${automation._id}/trigger`)
|
||||||
.send({ name: "Test", description: "TEST" })
|
.send({ name: "Test", description: "TEST" })
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
}
|
}
|
||||||
|
|
@ -53,7 +50,7 @@ describe("/automations", () => {
|
||||||
it("returns a list of definitions for actions", async () => {
|
it("returns a list of definitions for actions", async () => {
|
||||||
const res = await request
|
const res = await request
|
||||||
.get(`/api/automations/action/list`)
|
.get(`/api/automations/action/list`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
|
|
||||||
|
|
@ -64,7 +61,7 @@ describe("/automations", () => {
|
||||||
it("returns a list of definitions for triggers", async () => {
|
it("returns a list of definitions for triggers", async () => {
|
||||||
const res = await request
|
const res = await request
|
||||||
.get(`/api/automations/trigger/list`)
|
.get(`/api/automations/trigger/list`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
|
|
||||||
|
|
@ -75,7 +72,7 @@ describe("/automations", () => {
|
||||||
it("returns a list of definitions for actions", async () => {
|
it("returns a list of definitions for actions", async () => {
|
||||||
const res = await request
|
const res = await request
|
||||||
.get(`/api/automations/logic/list`)
|
.get(`/api/automations/logic/list`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
|
|
||||||
|
|
@ -86,7 +83,7 @@ describe("/automations", () => {
|
||||||
it("returns all of the definitions in one", async () => {
|
it("returns all of the definitions in one", async () => {
|
||||||
const res = await request
|
const res = await request
|
||||||
.get(`/api/automations/definitions/list`)
|
.get(`/api/automations/definitions/list`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
|
|
||||||
|
|
@ -115,7 +112,7 @@ describe("/automations", () => {
|
||||||
it("returns a success message when the automation is successfully created", async () => {
|
it("returns a success message when the automation is successfully created", async () => {
|
||||||
const res = await request
|
const res = await request
|
||||||
.post(`/api/automations`)
|
.post(`/api/automations`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.send(autoConfig)
|
.send(autoConfig)
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
|
|
@ -173,7 +170,7 @@ describe("/automations", () => {
|
||||||
|
|
||||||
const res = await request
|
const res = await request
|
||||||
.put(`/api/automations`)
|
.put(`/api/automations`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.send(automation)
|
.send(automation)
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
|
|
@ -190,7 +187,7 @@ describe("/automations", () => {
|
||||||
automation = await config.createAutomation(autoConfig)
|
automation = await config.createAutomation(autoConfig)
|
||||||
const res = await request
|
const res = await request
|
||||||
.get(`/api/automations`)
|
.get(`/api/automations`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
|
|
||||||
|
|
@ -211,7 +208,7 @@ describe("/automations", () => {
|
||||||
const automation = await config.createAutomation()
|
const automation = await config.createAutomation()
|
||||||
const res = await request
|
const res = await request
|
||||||
.delete(`/api/automations/${automation.id}/${automation.rev}`)
|
.delete(`/api/automations/${automation.id}/${automation.rev}`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,5 @@
|
||||||
const {
|
const {
|
||||||
supertest,
|
supertest,
|
||||||
defaultHeaders,
|
|
||||||
} = require("./utilities")
|
} = require("./utilities")
|
||||||
let TestConfig = require("./utilities/TestConfiguration")
|
let TestConfig = require("./utilities/TestConfiguration")
|
||||||
let { basicDatasource } = require("./utilities/structures")
|
let { basicDatasource } = require("./utilities/structures")
|
||||||
|
|
@ -9,10 +8,7 @@ let { checkBuilderEndpoint } = require("./utilities/TestFunctions")
|
||||||
describe("/datasources", () => {
|
describe("/datasources", () => {
|
||||||
let request
|
let request
|
||||||
let server
|
let server
|
||||||
let app
|
|
||||||
let appId
|
|
||||||
let config
|
let config
|
||||||
let datasource
|
|
||||||
|
|
||||||
beforeAll(async () => {
|
beforeAll(async () => {
|
||||||
({ request, server } = await supertest())
|
({ request, server } = await supertest())
|
||||||
|
|
@ -24,8 +20,7 @@ describe("/datasources", () => {
|
||||||
})
|
})
|
||||||
|
|
||||||
beforeEach(async () => {
|
beforeEach(async () => {
|
||||||
app = await config.init()
|
await config.init()
|
||||||
appId = app.instance._id
|
|
||||||
});
|
});
|
||||||
|
|
||||||
describe("create", () => {
|
describe("create", () => {
|
||||||
|
|
@ -33,7 +28,7 @@ describe("/datasources", () => {
|
||||||
const res = await request
|
const res = await request
|
||||||
.post(`/api/datasources`)
|
.post(`/api/datasources`)
|
||||||
.send(basicDatasource())
|
.send(basicDatasource())
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
|
|
||||||
|
|
@ -56,7 +51,7 @@ describe("/datasources", () => {
|
||||||
it("returns all the datasources from the server", async () => {
|
it("returns all the datasources from the server", async () => {
|
||||||
const res = await request
|
const res = await request
|
||||||
.get(`/api/datasources`)
|
.get(`/api/datasources`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
|
|
||||||
|
|
@ -95,12 +90,12 @@ describe("/datasources", () => {
|
||||||
|
|
||||||
await request
|
await request
|
||||||
.delete(`/api/datasources/${datasource._id}/${datasource._rev}`)
|
.delete(`/api/datasources/${datasource._id}/${datasource._rev}`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect(200)
|
.expect(200)
|
||||||
|
|
||||||
const res = await request
|
const res = await request
|
||||||
.get(`/api/datasources`)
|
.get(`/api/datasources`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,14 +1,9 @@
|
||||||
const {
|
const {
|
||||||
createApplication,
|
|
||||||
createTable,
|
|
||||||
createRow,
|
|
||||||
supertest,
|
supertest,
|
||||||
defaultHeaders,
|
} = require("./utilities")
|
||||||
addPermission,
|
|
||||||
publicHeaders,
|
|
||||||
makeBasicRow,
|
|
||||||
} = require("./couchTestUtils")
|
|
||||||
const { BUILTIN_ROLE_IDS } = require("../../../utilities/security/roles")
|
const { BUILTIN_ROLE_IDS } = require("../../../utilities/security/roles")
|
||||||
|
const TestConfig = require("./utilities/TestConfiguration")
|
||||||
|
const { basicRow } = require("./utilities/structures")
|
||||||
|
|
||||||
const HIGHER_ROLE_ID = BUILTIN_ROLE_IDS.BASIC
|
const HIGHER_ROLE_ID = BUILTIN_ROLE_IDS.BASIC
|
||||||
const STD_ROLE_ID = BUILTIN_ROLE_IDS.PUBLIC
|
const STD_ROLE_ID = BUILTIN_ROLE_IDS.PUBLIC
|
||||||
|
|
@ -16,13 +11,14 @@ const STD_ROLE_ID = BUILTIN_ROLE_IDS.PUBLIC
|
||||||
describe("/permission", () => {
|
describe("/permission", () => {
|
||||||
let server
|
let server
|
||||||
let request
|
let request
|
||||||
let appId
|
|
||||||
let table
|
let table
|
||||||
let perms
|
let perms
|
||||||
let row
|
let row
|
||||||
|
let config
|
||||||
|
|
||||||
beforeAll(async () => {
|
beforeAll(async () => {
|
||||||
;({ request, server } = await supertest())
|
;({ request, server } = await supertest())
|
||||||
|
config = new TestConfig(request)
|
||||||
})
|
})
|
||||||
|
|
||||||
afterAll(() => {
|
afterAll(() => {
|
||||||
|
|
@ -30,17 +26,16 @@ describe("/permission", () => {
|
||||||
})
|
})
|
||||||
|
|
||||||
beforeEach(async () => {
|
beforeEach(async () => {
|
||||||
let app = await createApplication(request)
|
await config.init()
|
||||||
appId = app.instance._id
|
table = await config.createTable()
|
||||||
table = await createTable(request, appId)
|
row = await config.createRow()
|
||||||
perms = await addPermission(request, appId, STD_ROLE_ID, table._id)
|
perms = await config.addPermission(STD_ROLE_ID, table._id)
|
||||||
row = await createRow(request, appId, table._id)
|
|
||||||
})
|
})
|
||||||
|
|
||||||
async function getTablePermissions() {
|
async function getTablePermissions() {
|
||||||
return request
|
return request
|
||||||
.get(`/api/permission/${table._id}`)
|
.get(`/api/permission/${table._id}`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect("Content-Type", /json/)
|
.expect("Content-Type", /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
}
|
}
|
||||||
|
|
@ -49,7 +44,7 @@ describe("/permission", () => {
|
||||||
it("should be able to get levels", async () => {
|
it("should be able to get levels", async () => {
|
||||||
const res = await request
|
const res = await request
|
||||||
.get(`/api/permission/levels`)
|
.get(`/api/permission/levels`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect("Content-Type", /json/)
|
.expect("Content-Type", /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
expect(res.body).toBeDefined()
|
expect(res.body).toBeDefined()
|
||||||
|
|
@ -68,7 +63,7 @@ describe("/permission", () => {
|
||||||
it("should get the resource permissions", async () => {
|
it("should get the resource permissions", async () => {
|
||||||
const res = await request
|
const res = await request
|
||||||
.get(`/api/permission/${table._id}`)
|
.get(`/api/permission/${table._id}`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect("Content-Type", /json/)
|
.expect("Content-Type", /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
expect(res.body["read"]).toEqual(STD_ROLE_ID)
|
expect(res.body["read"]).toEqual(STD_ROLE_ID)
|
||||||
|
|
@ -76,13 +71,13 @@ describe("/permission", () => {
|
||||||
})
|
})
|
||||||
|
|
||||||
it("should get resource permissions with multiple roles", async () => {
|
it("should get resource permissions with multiple roles", async () => {
|
||||||
perms = await addPermission(request, appId, HIGHER_ROLE_ID, table._id, "write")
|
perms = await config.addPermission(HIGHER_ROLE_ID, table._id, "write")
|
||||||
const res = await getTablePermissions()
|
const res = await getTablePermissions()
|
||||||
expect(res.body["read"]).toEqual(STD_ROLE_ID)
|
expect(res.body["read"]).toEqual(STD_ROLE_ID)
|
||||||
expect(res.body["write"]).toEqual(HIGHER_ROLE_ID)
|
expect(res.body["write"]).toEqual(HIGHER_ROLE_ID)
|
||||||
const allRes = await request
|
const allRes = await request
|
||||||
.get(`/api/permission`)
|
.get(`/api/permission`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect("Content-Type", /json/)
|
.expect("Content-Type", /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
expect(allRes.body[table._id]["write"]).toEqual(HIGHER_ROLE_ID)
|
expect(allRes.body[table._id]["write"]).toEqual(HIGHER_ROLE_ID)
|
||||||
|
|
@ -94,7 +89,7 @@ describe("/permission", () => {
|
||||||
it("should be able to remove the permission", async () => {
|
it("should be able to remove the permission", async () => {
|
||||||
const res = await request
|
const res = await request
|
||||||
.delete(`/api/permission/${STD_ROLE_ID}/${table._id}/read`)
|
.delete(`/api/permission/${STD_ROLE_ID}/${table._id}/read`)
|
||||||
.set(defaultHeaders(appId))
|
.set(config.defaultHeaders())
|
||||||
.expect("Content-Type", /json/)
|
.expect("Content-Type", /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
expect(res.body[0]._id).toEqual(STD_ROLE_ID)
|
expect(res.body[0]._id).toEqual(STD_ROLE_ID)
|
||||||
|
|
@ -107,7 +102,7 @@ describe("/permission", () => {
|
||||||
it("should be able to read the row", async () => {
|
it("should be able to read the row", async () => {
|
||||||
const res = await request
|
const res = await request
|
||||||
.get(`/api/${table._id}/rows`)
|
.get(`/api/${table._id}/rows`)
|
||||||
.set(publicHeaders(appId))
|
.set(config.publicHeaders())
|
||||||
.expect("Content-Type", /json/)
|
.expect("Content-Type", /json/)
|
||||||
.expect(200)
|
.expect(200)
|
||||||
expect(res.body[0]._id).toEqual(row._id)
|
expect(res.body[0]._id).toEqual(row._id)
|
||||||
|
|
@ -116,8 +111,8 @@ describe("/permission", () => {
|
||||||
it("shouldn't allow writing from a public user", async () => {
|
it("shouldn't allow writing from a public user", async () => {
|
||||||
const res = await request
|
const res = await request
|
||||||
.post(`/api/${table._id}/rows`)
|
.post(`/api/${table._id}/rows`)
|
||||||
.send(makeBasicRow(table._id))
|
.send(basicRow(table._id))
|
||||||
.set(publicHeaders(appId))
|
.set(config.publicHeaders())
|
||||||
.expect("Content-Type", /json/)
|
.expect("Content-Type", /json/)
|
||||||
.expect(403)
|
.expect(403)
|
||||||
expect(res.status).toEqual(403)
|
expect(res.status).toEqual(403)
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,5 @@
|
||||||
const { BUILTIN_ROLE_IDS } = require("../../../../utilities/security/roles")
|
const { BUILTIN_ROLE_IDS } = require("../../../../utilities/security/roles")
|
||||||
|
const jwt = require("jsonwebtoken")
|
||||||
const env = require("../../../../environment")
|
const env = require("../../../../environment")
|
||||||
const {
|
const {
|
||||||
basicTable,
|
basicTable,
|
||||||
|
|
@ -41,6 +42,32 @@ class TestConfiguration {
|
||||||
return this.createApp(appName)
|
return this.createApp(appName)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
defaultHeaders() {
|
||||||
|
const builderUser = {
|
||||||
|
userId: "BUILDER",
|
||||||
|
roleId: BUILTIN_ROLE_IDS.BUILDER,
|
||||||
|
}
|
||||||
|
const builderToken = jwt.sign(builderUser, env.JWT_SECRET)
|
||||||
|
const headers = {
|
||||||
|
Accept: "application/json",
|
||||||
|
Cookie: [`budibase:builder:local=${builderToken}`],
|
||||||
|
}
|
||||||
|
if (this.appId) {
|
||||||
|
headers["x-budibase-app-id"] = this.appId
|
||||||
|
}
|
||||||
|
return headers
|
||||||
|
}
|
||||||
|
|
||||||
|
publicHeaders() {
|
||||||
|
const headers = {
|
||||||
|
Accept: "application/json",
|
||||||
|
}
|
||||||
|
if (this.appId) {
|
||||||
|
headers["x-budibase-app-id"] = this.appId
|
||||||
|
}
|
||||||
|
return headers
|
||||||
|
}
|
||||||
|
|
||||||
async createApp(appName) {
|
async createApp(appName) {
|
||||||
this.app = await this._req({ name: appName }, null, controllers.app.create)
|
this.app = await this._req({ name: appName }, null, controllers.app.create)
|
||||||
this.appId = this.app._id
|
this.appId = this.app._id
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,10 @@
|
||||||
const supertest = require("supertest")
|
const supertest = require("supertest")
|
||||||
const { BUILTIN_ROLE_IDS } = require("../../../../utilities/security/roles")
|
|
||||||
const jwt = require("jsonwebtoken")
|
|
||||||
const env = require("../../../../environment")
|
const env = require("../../../../environment")
|
||||||
|
|
||||||
const TEST_CLIENT_ID = "test-client-id"
|
const TEST_CLIENT_ID = "test-client-id"
|
||||||
|
|
||||||
exports.TEST_CLIENT_ID = TEST_CLIENT_ID
|
exports.TEST_CLIENT_ID = TEST_CLIENT_ID
|
||||||
|
|
||||||
exports.supertest = async () => {
|
exports.supertest = async () => {
|
||||||
let request
|
let request
|
||||||
let server
|
let server
|
||||||
|
|
@ -15,33 +14,3 @@ exports.supertest = async () => {
|
||||||
request = supertest(server)
|
request = supertest(server)
|
||||||
return { request, server }
|
return { request, server }
|
||||||
}
|
}
|
||||||
|
|
||||||
exports.defaultHeaders = appId => {
|
|
||||||
const builderUser = {
|
|
||||||
userId: "BUILDER",
|
|
||||||
roleId: BUILTIN_ROLE_IDS.BUILDER,
|
|
||||||
}
|
|
||||||
|
|
||||||
const builderToken = jwt.sign(builderUser, env.JWT_SECRET)
|
|
||||||
|
|
||||||
const headers = {
|
|
||||||
Accept: "application/json",
|
|
||||||
Cookie: [`budibase:builder:local=${builderToken}`],
|
|
||||||
}
|
|
||||||
if (appId) {
|
|
||||||
headers["x-budibase-app-id"] = appId
|
|
||||||
}
|
|
||||||
|
|
||||||
return headers
|
|
||||||
}
|
|
||||||
|
|
||||||
exports.publicHeaders = appId => {
|
|
||||||
const headers = {
|
|
||||||
Accept: "application/json",
|
|
||||||
}
|
|
||||||
if (appId) {
|
|
||||||
headers["x-budibase-app-id"] = appId
|
|
||||||
}
|
|
||||||
|
|
||||||
return headers
|
|
||||||
}
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue