2020-01-08 05:17:54 +08:00
|
|
|
import {Config} from '../../../../src/common/config/private/Config';
|
|
|
|
import {Server} from '../../../../src/backend/server';
|
|
|
|
import {LoginCredential} from '../../../../src/common/entities/LoginCredential';
|
|
|
|
import {UserDTO, UserRoles} from '../../../../src/common/entities/UserDTO';
|
|
|
|
import * as path from 'path';
|
2021-01-04 17:32:19 +08:00
|
|
|
import * as fs from 'fs';
|
2023-01-06 06:11:58 +08:00
|
|
|
import {SQLConnection} from '../../../../src/backend/model/database/SQLConnection';
|
2020-01-08 05:17:54 +08:00
|
|
|
import {ObjectManagers} from '../../../../src/backend/model/ObjectManagers';
|
|
|
|
import {Utils} from '../../../../src/common/Utils';
|
|
|
|
import {SuperAgentStatic} from 'superagent';
|
|
|
|
import {RouteTestingHelper} from './RouteTestingHelper';
|
|
|
|
import {QueryParams} from '../../../../src/common/QueryParams';
|
|
|
|
import {ErrorCodes} from '../../../../src/common/entities/Error';
|
2022-01-15 18:32:46 +08:00
|
|
|
import {DatabaseType} from '../../../../src/common/config/private/PrivateConfig';
|
2020-01-08 05:17:54 +08:00
|
|
|
|
|
|
|
|
|
|
|
process.env.NODE_ENV = 'test';
|
|
|
|
const chai: any = require('chai');
|
|
|
|
const chaiHttp = require('chai-http');
|
|
|
|
const should = chai.should();
|
|
|
|
chai.use(chaiHttp);
|
|
|
|
|
2020-01-08 05:48:54 +08:00
|
|
|
describe('SharingRouter', () => {
|
2020-01-08 05:17:54 +08:00
|
|
|
|
|
|
|
const testUser: UserDTO = {
|
|
|
|
id: 1,
|
|
|
|
name: 'test',
|
|
|
|
password: 'test',
|
|
|
|
role: UserRoles.User,
|
|
|
|
permissions: null
|
|
|
|
};
|
2021-04-18 21:48:35 +08:00
|
|
|
const {password: pass, ...expectedUser} = testUser;
|
2020-01-08 05:17:54 +08:00
|
|
|
const tempDir = path.join(__dirname, '../../tmp');
|
|
|
|
let server: Server;
|
|
|
|
const setUp = async () => {
|
2022-01-15 18:32:46 +08:00
|
|
|
await fs.promises.rm(tempDir, {recursive: true, force: true});
|
2022-12-29 02:12:18 +08:00
|
|
|
Config.Users.authenticationRequired = true;
|
|
|
|
Config.Sharing.enabled = true;
|
|
|
|
Config.Database.type = DatabaseType.sqlite;
|
|
|
|
Config.Database.dbFolder = tempDir;
|
2020-01-08 05:17:54 +08:00
|
|
|
|
|
|
|
server = new Server();
|
|
|
|
await server.onStarted.wait();
|
|
|
|
|
2023-11-17 06:41:05 +08:00
|
|
|
await ObjectManagers.getInstance().init();
|
2020-01-08 05:17:54 +08:00
|
|
|
await ObjectManagers.getInstance().UserManager.createUser(Utils.clone(testUser));
|
|
|
|
await SQLConnection.close();
|
|
|
|
};
|
|
|
|
const tearDown = async () => {
|
2023-01-13 18:22:49 +08:00
|
|
|
await ObjectManagers.reset();
|
2022-01-15 18:32:46 +08:00
|
|
|
await fs.promises.rm(tempDir, {recursive: true, force: true});
|
2020-01-08 05:17:54 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
const shouldBeValidUser = (result: any, user: any) => {
|
|
|
|
|
|
|
|
result.should.have.status(200);
|
|
|
|
result.body.should.be.a('object');
|
|
|
|
should.equal(result.body.error, null);
|
|
|
|
result.body.result.csrfToken.should.be.a('string');
|
|
|
|
const {csrfToken, ...u} = result.body.result;
|
|
|
|
u.should.deep.equal(user);
|
|
|
|
};
|
|
|
|
|
|
|
|
const shareLogin = async (srv: Server, sharingKey: string, password?: string): Promise<any> => {
|
2023-11-17 06:41:05 +08:00
|
|
|
return (chai.request(srv.Server) as SuperAgentStatic)
|
2022-12-29 02:12:18 +08:00
|
|
|
.post(Config.Server.apiPath + '/share/login?' + QueryParams.gallery.sharingKey_query + '=' + sharingKey)
|
2020-01-08 05:17:54 +08:00
|
|
|
.send({password});
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
describe('/POST share/login', () => {
|
|
|
|
|
|
|
|
beforeEach(setUp);
|
|
|
|
afterEach(tearDown);
|
|
|
|
|
2023-12-02 02:33:39 +08:00
|
|
|
it('should login with passworded share when password required', async () => {
|
|
|
|
Config.Sharing.passwordRequired = true;
|
2020-01-08 05:17:54 +08:00
|
|
|
const sharing = await RouteTestingHelper.createSharing(testUser, 'secret_pass');
|
|
|
|
const res = await shareLogin(server, sharing.sharingKey, sharing.password);
|
|
|
|
shouldBeValidUser(res, RouteTestingHelper.getExpectedSharingUser(sharing));
|
|
|
|
});
|
|
|
|
|
2023-12-02 02:33:39 +08:00
|
|
|
it('should login with passworded share when password not required', async () => {
|
|
|
|
Config.Sharing.passwordRequired = false;
|
|
|
|
const sharing = await RouteTestingHelper.createSharing(testUser, 'secret_pass');
|
|
|
|
const res = await shareLogin(server, sharing.sharingKey, sharing.password);
|
|
|
|
shouldBeValidUser(res, RouteTestingHelper.getExpectedSharingUser(sharing));
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
it('should login without passworded share when password not required', async () => {
|
|
|
|
Config.Sharing.passwordRequired = false;
|
|
|
|
const sharing = await RouteTestingHelper.createSharing(testUser );
|
|
|
|
const res = await shareLogin(server, sharing.sharingKey, sharing.password);
|
|
|
|
shouldBeValidUser(res, RouteTestingHelper.getExpectedSharingUser(sharing));
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-01-08 05:17:54 +08:00
|
|
|
it('should not login with passworded share without password', async () => {
|
2023-12-02 02:33:39 +08:00
|
|
|
Config.Sharing.passwordRequired = true;
|
2020-01-08 05:17:54 +08:00
|
|
|
const sharing = await RouteTestingHelper.createSharing(testUser, 'secret_pass');
|
|
|
|
const result = await shareLogin(server, sharing.sharingKey);
|
|
|
|
|
|
|
|
result.should.have.status(401);
|
|
|
|
result.body.should.be.a('object');
|
|
|
|
result.body.error.should.be.a('object');
|
|
|
|
should.equal(result.body.error.code, ErrorCodes.CREDENTIAL_NOT_FOUND);
|
|
|
|
});
|
|
|
|
|
2023-01-13 18:22:49 +08:00
|
|
|
|
2023-12-02 02:33:39 +08:00
|
|
|
it('should not login to share without password when password required', async () => {
|
|
|
|
Config.Sharing.passwordRequired = false;
|
2020-01-29 01:36:52 +08:00
|
|
|
const sharing = await RouteTestingHelper.createSharing(testUser);
|
2023-12-02 02:33:39 +08:00
|
|
|
Config.Sharing.passwordRequired = true;
|
|
|
|
const result = await shareLogin(server, sharing.sharingKey);
|
|
|
|
|
|
|
|
result.should.have.status(401);
|
|
|
|
result.body.should.be.a('object');
|
|
|
|
result.body.error.should.be.a('object');
|
|
|
|
should.equal(result.body.error.code, ErrorCodes.CREDENTIAL_NOT_FOUND);
|
2020-01-08 05:17:54 +08:00
|
|
|
});
|
|
|
|
|
|
|
|
|
2023-12-02 02:33:39 +08:00
|
|
|
|
|
|
|
|
2020-01-08 05:17:54 +08:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
|
});
|