167 lines
5.5 KiB
JavaScript
167 lines
5.5 KiB
JavaScript
function m(mod) { return __dirname + '/../../../src/' + mod; }
|
|
|
|
const assert = require('assert').strict;
|
|
const log4js = require(m('node_modules/log4js'));
|
|
const plugins = require(m('static/js/pluginfw/plugin_defs'));
|
|
const server = require(m('node/server'));
|
|
const settings = require(m('node/utils/Settings'));
|
|
const supertest = require(m('node_modules/supertest'));
|
|
|
|
let agent;
|
|
const logger = log4js.getLogger('test');
|
|
|
|
before(async function() {
|
|
settings.port = 0;
|
|
settings.ip = 'localhost';
|
|
const httpServer = await server.start();
|
|
const baseUrl = `http://localhost:${httpServer.address().port}`;
|
|
logger.debug(`HTTP server at ${baseUrl}`);
|
|
agent = supertest(baseUrl);
|
|
});
|
|
|
|
after(async function() {
|
|
await server.stop();
|
|
});
|
|
|
|
describe('webaccess without any plugins', function() {
|
|
const backup = {};
|
|
|
|
before(async function() {
|
|
Object.assign(backup, settings);
|
|
settings.users = {
|
|
admin: {password: 'admin-password', is_admin: true},
|
|
user: {password: 'user-password'},
|
|
};
|
|
});
|
|
|
|
after(async function() {
|
|
Object.assign(settings, backup);
|
|
});
|
|
|
|
it('!authn !authz anonymous / -> 200', async function() {
|
|
settings.requireAuthentication = false;
|
|
settings.requireAuthorization = false;
|
|
await agent.get('/').expect(200);
|
|
});
|
|
it('!authn !authz anonymous /admin/ -> 401', async function() {
|
|
settings.requireAuthentication = false;
|
|
settings.requireAuthorization = false;
|
|
await agent.get('/admin/').expect(401);
|
|
});
|
|
it('authn !authz anonymous / -> 401', async function() {
|
|
settings.requireAuthentication = true;
|
|
settings.requireAuthorization = false;
|
|
await agent.get('/').expect(401);
|
|
});
|
|
it('authn !authz user / -> 200', async function() {
|
|
settings.requireAuthentication = true;
|
|
settings.requireAuthorization = false;
|
|
await agent.get('/').auth('user', 'user-password').expect(200);
|
|
});
|
|
it('authn !authz user /admin/ -> 403', async function() {
|
|
settings.requireAuthentication = true;
|
|
settings.requireAuthorization = false;
|
|
await agent.get('/admin/').auth('user', 'user-password').expect(403);
|
|
});
|
|
it('authn !authz admin / -> 200', async function() {
|
|
settings.requireAuthentication = true;
|
|
settings.requireAuthorization = false;
|
|
await agent.get('/').auth('admin', 'admin-password').expect(200);
|
|
});
|
|
it('authn !authz admin /admin/ -> 200', async function() {
|
|
settings.requireAuthentication = true;
|
|
settings.requireAuthorization = false;
|
|
await agent.get('/admin/').auth('admin', 'admin-password').expect(200);
|
|
});
|
|
it('authn authz user / -> 403', async function() {
|
|
settings.requireAuthentication = true;
|
|
settings.requireAuthorization = true;
|
|
await agent.get('/').auth('user', 'user-password').expect(403);
|
|
});
|
|
it('authn authz user /admin/ -> 403', async function() {
|
|
settings.requireAuthentication = true;
|
|
settings.requireAuthorization = true;
|
|
await agent.get('/admin/').auth('user', 'user-password').expect(403);
|
|
});
|
|
it('authn authz admin / -> 200', async function() {
|
|
settings.requireAuthentication = true;
|
|
settings.requireAuthorization = true;
|
|
await agent.get('/').auth('admin', 'admin-password').expect(200);
|
|
});
|
|
it('authn authz admin /admin/ -> 200', async function() {
|
|
settings.requireAuthentication = true;
|
|
settings.requireAuthorization = true;
|
|
await agent.get('/admin/').auth('admin', 'admin-password').expect(200);
|
|
});
|
|
});
|
|
|
|
describe('webaccess with authFailure plugin', function() {
|
|
let handle, returnUndef, status, called;
|
|
const authFailure = (hookName, context, cb) => {
|
|
assert.equal(hookName, 'authFailure');
|
|
assert(context != null);
|
|
assert(context.req != null);
|
|
assert(context.res != null);
|
|
assert(context.next != null);
|
|
assert(!called);
|
|
called = true;
|
|
if (handle) {
|
|
context.res.status(status).send('injected content');
|
|
return cb([true]);
|
|
}
|
|
if (returnUndef) return cb();
|
|
return cb([]);
|
|
};
|
|
|
|
const settingsBackup = {};
|
|
let authFailureHooksBackup;
|
|
before(function() {
|
|
Object.assign(settingsBackup, settings);
|
|
authFailureHooksBackup = plugins.hooks.authFailure;
|
|
plugins.hooks.authFailure = [{hook_fn: authFailure}];
|
|
settings.requireAuthentication = true;
|
|
settings.requireAuthorization = true;
|
|
settings.users = {
|
|
admin: {password: 'admin-password', is_admin: true},
|
|
user: {password: 'user-password'},
|
|
};
|
|
});
|
|
after(function() {
|
|
Object.assign(settings, settingsBackup);
|
|
plugins.hooks.authFailure = authFailureHooksBackup;
|
|
});
|
|
|
|
beforeEach(function() {
|
|
handle = false;
|
|
returnUndef = false;
|
|
status = 200;
|
|
called = false;
|
|
});
|
|
afterEach(function() {
|
|
assert(called);
|
|
});
|
|
|
|
it('authn fail, hook handles -> 200', async function() {
|
|
handle = true;
|
|
await agent.get('/').expect(200, /injected content/);
|
|
});
|
|
it('authn fail, hook defers (undefined) -> 401', async function() {
|
|
returnUndef = true;
|
|
await agent.get('/').expect(401);
|
|
});
|
|
it('authn fail, hook defers (empty list) -> 401', async function() {
|
|
await agent.get('/').expect(401);
|
|
});
|
|
it('authz fail, hook handles -> 200', async function() {
|
|
handle = true;
|
|
await agent.get('/').auth('user', 'user-password').expect(200, /injected content/);
|
|
});
|
|
it('authz fail, hook defers (undefined) -> 403', async function() {
|
|
returnUndef = true;
|
|
await agent.get('/').auth('user', 'user-password').expect(403);
|
|
});
|
|
it('authz fail, hook defers (empty list) -> 403', async function() {
|
|
await agent.get('/').auth('user', 'user-password').expect(403);
|
|
});
|
|
});
|