mirror of
https://github.com/logto-io/logto.git
synced 2025-01-13 21:30:30 -05:00
d4fc7b3e5f
* refactor(core)!: update `koaAuth()` to inject detailed auth info * test(core): add auth context to unit test requester
352 lines
12 KiB
TypeScript
352 lines
12 KiB
TypeScript
import { CreateUser, Role, User, userInfoSelectFields } from '@logto/schemas';
|
|
import pick from 'lodash.pick';
|
|
|
|
import { mockUser, mockUserList, mockUserListResponse, mockUserResponse } from '@/__mocks__';
|
|
import { encryptUserPassword } from '@/lib/user';
|
|
import { findRolesByRoleNames } from '@/queries/roles';
|
|
import {
|
|
hasUser,
|
|
findUserById,
|
|
updateUserById,
|
|
deleteUserIdentity,
|
|
deleteUserById,
|
|
} from '@/queries/user';
|
|
import { createRequester } from '@/utils/test-utils';
|
|
|
|
import adminUserRoutes from './admin-user';
|
|
|
|
const filterUsersWithSearch = (users: User[], search: string) =>
|
|
users.filter((user) =>
|
|
[user.username, user.primaryEmail, user.primaryPhone, user.name].some((value) =>
|
|
value ? !value.includes(search) : false
|
|
)
|
|
);
|
|
|
|
jest.mock('@/queries/user', () => ({
|
|
countUsers: jest.fn(async (search) => ({
|
|
count: search ? filterUsersWithSearch(mockUserList, search).length : mockUserList.length,
|
|
})),
|
|
findUsers: jest.fn(
|
|
async (limit, offset, search): Promise<User[]> =>
|
|
search ? filterUsersWithSearch(mockUserList, search) : mockUserList
|
|
),
|
|
findUserById: jest.fn(async (): Promise<User> => mockUser),
|
|
hasUser: jest.fn(async () => false),
|
|
updateUserById: jest.fn(
|
|
async (_, data: Partial<CreateUser>): Promise<User> => ({
|
|
...mockUser,
|
|
...data,
|
|
})
|
|
),
|
|
deleteUserById: jest.fn(),
|
|
deleteUserIdentity: jest.fn(),
|
|
}));
|
|
|
|
jest.mock('@/lib/user', () => ({
|
|
generateUserId: jest.fn(() => 'fooId'),
|
|
encryptUserPassword: jest.fn(() => ({
|
|
passwordEncrypted: 'password',
|
|
passwordEncryptionMethod: 'Argon2i',
|
|
})),
|
|
insertUser: jest.fn(
|
|
async (user: CreateUser): Promise<User> => ({
|
|
...mockUser,
|
|
...user,
|
|
})
|
|
),
|
|
}));
|
|
|
|
jest.mock('@/queries/roles', () => ({
|
|
findRolesByRoleNames: jest.fn(
|
|
async (): Promise<Role[]> => [{ name: 'admin', description: 'none' }]
|
|
),
|
|
}));
|
|
|
|
describe('adminUserRoutes', () => {
|
|
const userRequest = createRequester({ authedRoutes: adminUserRoutes });
|
|
|
|
afterEach(() => {
|
|
jest.clearAllMocks();
|
|
});
|
|
|
|
it('GET /users', async () => {
|
|
const response = await userRequest.get('/users');
|
|
expect(response.status).toEqual(200);
|
|
expect(response.body).toEqual(mockUserListResponse);
|
|
expect(response.header).toHaveProperty('total-number', `${mockUserList.length}`);
|
|
});
|
|
|
|
it('GET /users should return matched data', async () => {
|
|
const search = 'foo';
|
|
const response = await userRequest.get('/users').send({ search });
|
|
expect(response.status).toEqual(200);
|
|
expect(response.body).toEqual(
|
|
filterUsersWithSearch(mockUserList, search).map((user) => pick(user, ...userInfoSelectFields))
|
|
);
|
|
expect(response.header).toHaveProperty(
|
|
'total-number',
|
|
`${filterUsersWithSearch(mockUserList, search).length}`
|
|
);
|
|
});
|
|
|
|
it('GET /users/:userId', async () => {
|
|
const response = await userRequest.get('/users/foo');
|
|
expect(response.status).toEqual(200);
|
|
expect(response.body).toEqual(mockUserResponse);
|
|
});
|
|
|
|
it('POST /users', async () => {
|
|
const username = 'MJAtLogto';
|
|
const password = 'PASSWORD';
|
|
const name = 'Micheal';
|
|
|
|
const response = await userRequest.post('/users').send({ username, password, name });
|
|
expect(response.status).toEqual(200);
|
|
expect(response.body).toEqual({
|
|
...mockUserResponse,
|
|
id: 'fooId',
|
|
username,
|
|
name,
|
|
});
|
|
});
|
|
|
|
it('POST /users should throw with invalid input params', async () => {
|
|
const username = 'MJAtLogto';
|
|
const password = 'PASSWORD';
|
|
const name = 'Micheal';
|
|
|
|
// Missing input
|
|
await expect(userRequest.post('/users').send({})).resolves.toHaveProperty('status', 400);
|
|
await expect(userRequest.post('/users').send({ username, password })).resolves.toHaveProperty(
|
|
'status',
|
|
400
|
|
);
|
|
await expect(userRequest.post('/users').send({ username, name })).resolves.toHaveProperty(
|
|
'status',
|
|
400
|
|
);
|
|
await expect(userRequest.post('/users').send({ password, name })).resolves.toHaveProperty(
|
|
'status',
|
|
400
|
|
);
|
|
|
|
// Invalid input format
|
|
await expect(
|
|
userRequest.post('/users').send({ username, password: 'abc', name })
|
|
).resolves.toHaveProperty('status', 400);
|
|
});
|
|
|
|
it('POST /users should throw if username exist', async () => {
|
|
const mockHasUser = hasUser as jest.Mock;
|
|
mockHasUser.mockImplementationOnce(async () => true);
|
|
|
|
const username = 'MJAtLogto';
|
|
const password = 'PASSWORD';
|
|
const name = 'Micheal';
|
|
|
|
await expect(
|
|
userRequest.post('/users').send({ username, password, name })
|
|
).resolves.toHaveProperty('status', 422);
|
|
});
|
|
|
|
it('PATCH /users/:userId', async () => {
|
|
const name = 'Micheal';
|
|
const avatar = 'http://www.micheal.png';
|
|
|
|
const response = await userRequest.patch('/users/foo').send({ name, avatar });
|
|
expect(response.status).toEqual(200);
|
|
expect(response.body).toEqual({
|
|
...mockUserResponse,
|
|
name,
|
|
avatar,
|
|
});
|
|
});
|
|
|
|
it('PATCH /users/:userId should allow updated with empty avatar', async () => {
|
|
const name = 'Micheal';
|
|
const avatar = '';
|
|
|
|
const response = await userRequest.patch('/users/foo').send({ name, avatar });
|
|
expect(response.status).toEqual(200);
|
|
expect(response.body).toEqual({
|
|
...mockUserResponse,
|
|
name,
|
|
avatar,
|
|
});
|
|
});
|
|
|
|
it('PATCH /users/:userId should updated with one field if the other is undefined', async () => {
|
|
const name = 'Micheal';
|
|
|
|
const updateNameResponse = await userRequest.patch('/users/foo').send({ name });
|
|
expect(updateNameResponse.status).toEqual(200);
|
|
expect(updateNameResponse.body).toEqual({
|
|
...mockUserResponse,
|
|
name,
|
|
});
|
|
|
|
const avatar = 'https://www.miceal.png';
|
|
const updateAvatarResponse = await userRequest.patch('/users/foo').send({ avatar });
|
|
expect(updateAvatarResponse.status).toEqual(200);
|
|
expect(updateAvatarResponse.body).toEqual({
|
|
...mockUserResponse,
|
|
avatar,
|
|
});
|
|
});
|
|
|
|
it('PATCH /users/:userId throw with invalid input params', async () => {
|
|
const name = 'Micheal';
|
|
const avatar = 'http://www.micheal.png';
|
|
|
|
await expect(userRequest.patch('/users/foo').send({ avatar })).resolves.toHaveProperty(
|
|
'status',
|
|
200
|
|
);
|
|
|
|
await expect(
|
|
userRequest.patch('/users/foo').send({ name, avatar: 'non url' })
|
|
).resolves.toHaveProperty('status', 400);
|
|
});
|
|
|
|
it('PATCH /users/:userId throw if user not found', async () => {
|
|
const name = 'Micheal';
|
|
const avatar = 'http://www.micheal.png';
|
|
|
|
const mockFindUserById = findUserById as jest.Mock;
|
|
mockFindUserById.mockImplementationOnce(() => {
|
|
throw new Error(' ');
|
|
});
|
|
|
|
await expect(userRequest.patch('/users/foo').send({ name, avatar })).resolves.toHaveProperty(
|
|
'status',
|
|
500
|
|
);
|
|
expect(updateUserById).not.toBeCalled();
|
|
});
|
|
|
|
it('PATCH /users/:userId should throw if role names are invalid', async () => {
|
|
const mockedFindRolesByRoleNames = findRolesByRoleNames as jest.Mock;
|
|
mockedFindRolesByRoleNames.mockImplementationOnce(
|
|
async (): Promise<Role[]> => [
|
|
{ name: 'worker', description: 'none' },
|
|
{ name: 'cleaner', description: 'none' },
|
|
]
|
|
);
|
|
await expect(
|
|
userRequest.patch('/users/foo').send({ roleNames: ['admin'] })
|
|
).resolves.toHaveProperty('status', 400);
|
|
expect(findUserById).toHaveBeenCalledTimes(1);
|
|
expect(updateUserById).not.toHaveBeenCalled();
|
|
});
|
|
|
|
it('PATCH /users/:userId should update if roleNames field is an empty array', async () => {
|
|
const roleNames: string[] = [];
|
|
|
|
const response = await userRequest.patch('/users/foo').send({ roleNames });
|
|
expect(response.status).toEqual(200);
|
|
expect(response.body).toEqual({
|
|
...mockUserResponse,
|
|
roleNames,
|
|
});
|
|
});
|
|
|
|
it('PATCH /users/:userId/password', async () => {
|
|
const mockedUserId = 'foo';
|
|
const password = '123456';
|
|
const response = await userRequest.patch(`/users/${mockedUserId}/password`).send({ password });
|
|
expect(encryptUserPassword).toHaveBeenCalledWith(password);
|
|
expect(updateUserById).toHaveBeenCalledTimes(1);
|
|
expect(response.status).toEqual(200);
|
|
expect(response.body).toEqual({
|
|
...mockUserResponse,
|
|
});
|
|
});
|
|
|
|
it('PATCH /users/:userId/password throw if user not found', async () => {
|
|
const notExistedUserId = 'notExistedUserId';
|
|
const dummyPassword = '123456';
|
|
const mockedFindUserById = findUserById as jest.Mock;
|
|
mockedFindUserById.mockImplementationOnce((userId) => {
|
|
if (userId === notExistedUserId) {
|
|
throw new Error(' ');
|
|
}
|
|
});
|
|
|
|
await expect(
|
|
userRequest.patch(`/users/${notExistedUserId}/password`).send({ password: dummyPassword })
|
|
).resolves.toHaveProperty('status', 500);
|
|
expect(encryptUserPassword).not.toHaveBeenCalled();
|
|
expect(updateUserById).not.toHaveBeenCalled();
|
|
});
|
|
|
|
it('DELETE /users/:userId', async () => {
|
|
const userId = 'fooUser';
|
|
const response = await userRequest.delete(`/users/${userId}`);
|
|
expect(response.status).toEqual(204);
|
|
});
|
|
|
|
it('DELETE /users/:userId should throw if user is deleting self', async () => {
|
|
const userId = 'foo';
|
|
const response = await userRequest.delete(`/users/${userId}`);
|
|
expect(response.status).toEqual(400);
|
|
expect(deleteUserIdentity).not.toHaveBeenCalled();
|
|
});
|
|
|
|
it('DELETE /users/:userId should throw if user not found', async () => {
|
|
const notExistedUserId = 'notExisitedUserId';
|
|
const mockedFindUserById = findUserById as jest.Mock;
|
|
mockedFindUserById.mockImplementationOnce((userId) => {
|
|
if (userId === notExistedUserId) {
|
|
throw new Error(' ');
|
|
}
|
|
});
|
|
await expect(userRequest.delete(`/users/${notExistedUserId}`)).resolves.toHaveProperty(
|
|
'status',
|
|
500
|
|
);
|
|
expect(deleteUserById).not.toHaveBeenCalled();
|
|
});
|
|
|
|
it('DELETE /users/:userId/identities/:target should throw if user not found', async () => {
|
|
const notExistedUserId = 'notExisitedUserId';
|
|
const arbitraryTarget = 'arbitraryTarget';
|
|
const mockedFindUserById = findUserById as jest.Mock;
|
|
mockedFindUserById.mockImplementationOnce((userId) => {
|
|
if (userId === notExistedUserId) {
|
|
throw new Error(' ');
|
|
}
|
|
});
|
|
await expect(
|
|
userRequest.delete(`/users/${notExistedUserId}/identities/${arbitraryTarget}`)
|
|
).resolves.toHaveProperty('status', 500);
|
|
expect(deleteUserIdentity).not.toHaveBeenCalled();
|
|
});
|
|
|
|
it('DELETE /users/:userId/identities/:target should throw if user found and connector is not found', async () => {
|
|
const arbitraryUserId = 'arbitraryUserId';
|
|
const nonexistentTarget = 'nonexistentTarget';
|
|
const mockedFindUserById = findUserById as jest.Mock;
|
|
mockedFindUserById.mockImplementationOnce((userId) => {
|
|
if (userId === arbitraryUserId) {
|
|
return { identities: { connector1: {}, connector2: {} } };
|
|
}
|
|
});
|
|
await expect(
|
|
userRequest.delete(`/users/${arbitraryUserId}/identities/${nonexistentTarget}`)
|
|
).resolves.toHaveProperty('status', 404);
|
|
expect(deleteUserIdentity).not.toHaveBeenCalled();
|
|
});
|
|
|
|
it('DELETE /users/:userId/identities/:target', async () => {
|
|
const arbitraryUserId = 'arbitraryUserId';
|
|
const arbitraryTarget = 'arbitraryTarget';
|
|
const mockedFindUserById = findUserById as jest.Mock;
|
|
mockedFindUserById.mockImplementationOnce((userId) => {
|
|
if (userId === arbitraryUserId) {
|
|
return { identities: { connectorTarget1: {}, connectorTarget2: {}, arbitraryTarget: {} } };
|
|
}
|
|
});
|
|
await userRequest.delete(`/users/${arbitraryUserId}/identities/${arbitraryTarget}`);
|
|
expect(deleteUserIdentity).toHaveBeenCalledWith(arbitraryUserId, arbitraryTarget);
|
|
});
|
|
});
|