import {setupApphierarchy, validUser, basicAppHierarchyCreator_WithFields} from "./specHelpers"; import { parseTemporaryCode, USERS_LOCK_FILE, USERS_LIST_FILE, getUserByName} from "../src/authApi/authCommon"; import {$} from "../src/common"; import {getLock} from "../src/common/lock"; import {permission} from "../src/authApi/permissions"; describe("authApi > enableUser", () => { it("should enable a user when disabled", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "firstpassword", false); await authApi.enableUser(u.name); const loadedUser = await getUser(app, authApi, u.name); expect(loadedUser.enabled).toBe(true); }); it("should do nothing when user already enabled", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "firstpassword", true); await authApi.enableUser(u.name); const loadedUser = await getUser(app, authApi, u.name); expect(loadedUser.enabled).toBe(true); }); it("should throw en error when user does not exist", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "firstpassword", false); let ex; try { await authApi.enableUser("nobody"); } catch(e) { ex = e; } expect(ex).toBeDefined(); }); it("should throw en error when users file is locked", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "firstpassword", false); await getLock(app, USERS_LOCK_FILE, 10000, 0, 0); let ex; try { await authApi.enableUser(u.name); } catch(e) { ex = e; } expect(ex).toBeDefined(); }); it("should throw error when user user does not have permission", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "firstpassword", false); app.removePermission(permission.enableDisableUser.get()); expect(authApi.enableUser(u)).rejects.toThrow(/Unauthorized/); }); it("should not depend on having any other permissions", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "firstpassword", false); app.withOnlyThisPermission(permission.enableDisableUser.get()); await authApi.enableUser(u.name); }); }); describe("authApi > disableUser", () => { it("should disable a user when enabled", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "firstpassword", true); await authApi.disableUser(u.name); const loadedUser = await getUser(app, authApi, u.name); expect(loadedUser.enabled).toBe(false); }); it("should do nothing when user already enabled", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "firstpassword", false); await authApi.disableUser(u.name); const loadedUser = await getUser(app, authApi, u.name); expect(loadedUser.enabled).toBe(false); }); it("should throw en error when user does not exist", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "firstpassword", false); let ex; try { await authApi.disableUser("nobody"); } catch(e) { ex = e; } expect(ex).toBeDefined(); }); it("should throw en error when users file is locked", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "firstpassword", false); await getLock(app, USERS_LOCK_FILE, 10000, 0, 0); let ex; try { await authApi.disableUser(u.name); } catch(e) { ex = e; } expect(ex).toBeDefined(); }); it("should throw error when user user does not have permission", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "firstpassword", false); app.removePermission(permission.enableDisableUser.get()); expect(authApi.disableUser(u)).rejects.toThrow(/Unauthorized/); }); it("should not depend on having any other permissions", async () => { const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields); const u = await validUser(app, authApi, "firstpassword", false); app.withOnlyThisPermission(permission.enableDisableUser.get()); await authApi.disableUser(u.name); }); }); const getUser = async (app, authApi, userName) => $(await app.datastore.loadJson(USERS_LIST_FILE), [ users => getUserByName(users, userName) ]);