import {setupApphierarchy, basicAppHierarchyCreator_WithFields} from "./specHelpers"; import { permissionTypes, userAuthFile} from "../src/authApi/authCommon"; import {permission} from "../src/authApi/permissions"; describe("authApi > authenticate", () => { it("should return user + access when correct password supplied", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "password"); const result = await authApi.authenticate(u.name, "password"); expect(result).not.toBeNull(); expect(result.name).toBe("bob"); expect(result.temp).toBe(false); expect(result.passwordHash).toBeUndefined(); expect(result.temporaryAccessId).toBeUndefined(); expect(result.permissions.length).toBe(1); expect(result.permissions[0]).toEqual({type:permissionTypes.SET_PASSWORD}); }); it("should return null when password incorrect", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "password"); const result = await authApi.authenticate(u.name, "letmein"); expect(result).toBeNull(); }); it("should return null when non existing user", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const result = await authApi.authenticate("nobody", "password"); expect(result).toBeNull(); }); it("should return null when user not enabled", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "password", false); const result = await authApi.authenticate(u.name, "password"); expect(result).toBeNull(); }); it("should return null when password not set", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "", false); const result = await authApi.authenticate(u.name, ""); expect(result).toBeNull(); }); it("authenticate should be allowed wit no permissions", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); app.withNoPermissions(); await authApi.authenticate("", ""); }); }); describe("authApi > authenticateTemporaryAccess", () => { it("should return user with no permissions", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, ""); const result = await authApi.authenticateTemporaryAccess(u.tempCode); expect(result).not.toBeNull(); expect(result.name).toBe("bob"); expect(result.passwordHash).toBeUndefined(); expect(result.permissions.length).toBe(0); expect(result.temp).toBe(true); }); it("should return null when blank code suplied", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const result = await authApi.authenticateTemporaryAccess(""); expect(result).toBeNull(); }); it("should return null when invalid code supplied", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const result = await authApi.authenticateTemporaryAccess("incorrect"); expect(result).toBeNull(); }); it("should return null when user disabled", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "", false); const result = await authApi.authenticateTemporaryAccess(u.tempCode); expect(result).toBeNull(); }); it("should return null when temporary access code is expired", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, ""); const userAuth = await app.datastore.loadJson( userAuthFile(u.name) ); userAuth.temporaryAccessExpiryEpoch = 0; await app.datastore.updateJson( userAuthFile(u.name), userAuth ); const result = await authApi.authenticateTemporaryAccess(u.tempCode); expect(result).toBeNull(); }); it("authenticate should be allowed wit no permissions", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); app.withNoPermissions(); await authApi.authenticateTemporaryAccess(""); }); }); const validUser = async (app, authApi, password, enabled=true) => { const access = await authApi.getNewAccessLevel(app); access.name = "admin"; permission.setPassword.add(access); await authApi.saveAccessLevels({version:0, levels:[access]}); const u = authApi.getNewUser(app); u.name = "bob"; u.accessLevels = ["admin"]; u.enabled = enabled; await authApi.createUser(u, password); return u; };