2018-06-28 18:33:37 +02:00
|
|
|
import _ from 'lodash';
|
2021-10-29 17:33:05 +02:00
|
|
|
import path from 'path';
|
2024-08-03 09:52:18 +02:00
|
|
|
import { describe, expect, test } from 'vitest';
|
2018-06-28 18:33:37 +02:00
|
|
|
|
2020-11-15 11:14:09 +01:00
|
|
|
import {
|
|
|
|
Config,
|
|
|
|
DEFAULT_REGISTRY,
|
|
|
|
DEFAULT_UPLINK,
|
|
|
|
ROLES,
|
2024-05-05 16:53:28 +02:00
|
|
|
TOKEN_VALID_LENGTH,
|
2020-11-15 11:14:09 +01:00
|
|
|
WEB_TITLE,
|
2021-10-29 17:33:05 +02:00
|
|
|
defaultSecurity,
|
2024-05-05 16:53:28 +02:00
|
|
|
generateRandomSecretKey,
|
2022-08-02 22:45:16 +02:00
|
|
|
getDefaultConfig,
|
2024-05-05 16:53:28 +02:00
|
|
|
isNodeVersionGreaterThan21,
|
2021-10-29 17:33:05 +02:00
|
|
|
parseConfigFile,
|
2020-11-15 11:14:09 +01:00
|
|
|
} from '../src';
|
2021-04-25 12:08:14 +04:00
|
|
|
import { parseConfigurationFile } from './utils';
|
2017-08-02 20:45:21 +02:00
|
|
|
|
2019-05-22 07:50:14 +02:00
|
|
|
const resolveConf = (conf) => {
|
|
|
|
const { name, ext } = path.parse(conf);
|
|
|
|
|
2020-03-03 23:59:19 +01:00
|
|
|
return path.join(__dirname, `../src/conf/${name}${ext.startsWith('.') ? ext : '.yaml'}`);
|
2019-05-22 07:50:14 +02:00
|
|
|
};
|
2020-03-03 23:59:19 +01:00
|
|
|
|
2024-08-03 09:52:18 +02:00
|
|
|
const itif = (condition) => (condition ? test : test.skip);
|
2024-05-05 16:53:28 +02:00
|
|
|
|
2018-06-28 18:33:37 +02:00
|
|
|
const checkDefaultUplink = (config) => {
|
|
|
|
expect(_.isObject(config.uplinks[DEFAULT_UPLINK])).toBeTruthy();
|
|
|
|
expect(config.uplinks[DEFAULT_UPLINK].url).toMatch(DEFAULT_REGISTRY);
|
2017-08-02 20:45:21 +02:00
|
|
|
};
|
|
|
|
|
2020-11-08 15:20:02 +01:00
|
|
|
describe('check basic content parsed file', () => {
|
2021-05-09 00:44:07 +02:00
|
|
|
const checkDefaultConfPackages = (config) => {
|
|
|
|
// auth
|
|
|
|
expect(_.isObject(config.auth)).toBeTruthy();
|
|
|
|
expect(_.isObject(config.auth.htpasswd)).toBeTruthy();
|
|
|
|
expect(config.auth.htpasswd.file).toMatch(/htpasswd/);
|
|
|
|
|
|
|
|
// web
|
|
|
|
expect(_.isObject(config.web)).toBeTruthy();
|
|
|
|
expect(config.web.title).toBe(WEB_TITLE);
|
|
|
|
expect(config.web.enable).toBeUndefined();
|
|
|
|
|
|
|
|
// packages
|
|
|
|
expect(_.isObject(config.packages)).toBeTruthy();
|
|
|
|
expect(Object.keys(config.packages).join('|')).toBe('@*/*|**');
|
|
|
|
expect(config.packages['@*/*'].access).toBeDefined();
|
|
|
|
expect(config.packages['@*/*'].access).toContainEqual(ROLES.$ALL);
|
|
|
|
expect(config.packages['@*/*'].publish).toBeDefined();
|
|
|
|
expect(config.packages['@*/*'].publish).toContainEqual(ROLES.$AUTH);
|
|
|
|
expect(config.packages['@*/*'].proxy).toBeDefined();
|
|
|
|
expect(config.packages['@*/*'].proxy).toContainEqual(DEFAULT_UPLINK);
|
|
|
|
expect(config.packages['**'].access).toBeDefined();
|
|
|
|
expect(config.packages['**'].access).toContainEqual(ROLES.$ALL);
|
|
|
|
expect(config.packages['**'].publish).toBeDefined();
|
|
|
|
expect(config.packages['**'].publish).toContainEqual(ROLES.$AUTH);
|
|
|
|
expect(config.packages['**'].proxy).toBeDefined();
|
|
|
|
expect(config.packages['**'].proxy).toContainEqual(DEFAULT_UPLINK);
|
|
|
|
// uplinks
|
|
|
|
expect(config.uplinks[DEFAULT_UPLINK]).toBeDefined();
|
|
|
|
expect(config.uplinks[DEFAULT_UPLINK].url).toEqual(DEFAULT_REGISTRY);
|
|
|
|
// audit
|
|
|
|
expect(config.middlewares).toBeDefined();
|
|
|
|
expect(config.middlewares.audit).toBeDefined();
|
|
|
|
expect(config.middlewares.audit.enabled).toBeTruthy();
|
2022-03-28 20:02:08 +02:00
|
|
|
// log
|
|
|
|
expect(config.log).toBeDefined();
|
|
|
|
expect(config.log.type).toEqual('stdout');
|
|
|
|
expect(config.log.format).toEqual('pretty');
|
|
|
|
expect(config.log.level).toEqual('http');
|
2021-05-09 00:44:07 +02:00
|
|
|
// must not be enabled by default
|
|
|
|
expect(config.notify).toBeUndefined();
|
|
|
|
expect(config.store).toBeUndefined();
|
|
|
|
expect(config.publish).toBeUndefined();
|
|
|
|
expect(config.url_prefix).toBeUndefined();
|
|
|
|
expect(config.url_prefix).toBeUndefined();
|
|
|
|
|
|
|
|
expect(config.experiments).toBeUndefined();
|
|
|
|
expect(config.security).toEqual(defaultSecurity);
|
|
|
|
};
|
|
|
|
|
2020-11-08 15:20:02 +01:00
|
|
|
test('parse default.yaml', () => {
|
2022-08-02 22:45:16 +02:00
|
|
|
const config = new Config(getDefaultConfig());
|
2020-11-08 15:20:02 +01:00
|
|
|
checkDefaultUplink(config);
|
|
|
|
expect(config.storage).toBe('./storage');
|
|
|
|
expect(config.auth.htpasswd.file).toBe('./htpasswd');
|
|
|
|
checkDefaultConfPackages(config);
|
2017-08-02 20:45:21 +02:00
|
|
|
});
|
|
|
|
|
2021-05-09 00:44:07 +02:00
|
|
|
test('parse docker.yaml', () => {
|
2022-08-02 22:45:16 +02:00
|
|
|
const config = new Config(getDefaultConfig('docker.yaml'));
|
2021-05-09 00:44:07 +02:00
|
|
|
checkDefaultUplink(config);
|
|
|
|
expect(config.storage).toBe('/verdaccio/storage/data');
|
|
|
|
expect(config.auth.htpasswd.file).toBe('/verdaccio/storage/htpasswd');
|
|
|
|
checkDefaultConfPackages(config);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('checkSecretKey', () => {
|
|
|
|
test('with default.yaml and pre selected secret', () => {
|
|
|
|
const config = new Config(parseConfigFile(resolveConf('default')));
|
2024-05-05 16:53:28 +02:00
|
|
|
expect(config.checkSecretKey(generateRandomSecretKey())).toHaveLength(TOKEN_VALID_LENGTH);
|
2021-05-09 00:44:07 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
test('with default.yaml and void secret', () => {
|
|
|
|
const config = new Config(parseConfigFile(resolveConf('default')));
|
2024-05-05 16:53:28 +02:00
|
|
|
const secret = config.checkSecretKey();
|
|
|
|
expect(typeof secret === 'string').toBeTruthy();
|
|
|
|
expect(secret).toHaveLength(TOKEN_VALID_LENGTH);
|
2021-05-09 00:44:07 +02:00
|
|
|
});
|
|
|
|
|
2024-05-05 16:53:28 +02:00
|
|
|
test('with default.yaml and empty string secret', () => {
|
2021-05-09 00:44:07 +02:00
|
|
|
const config = new Config(parseConfigFile(resolveConf('default')));
|
2024-05-05 16:53:28 +02:00
|
|
|
const secret = config.checkSecretKey('');
|
|
|
|
expect(typeof secret === 'string').toBeTruthy();
|
|
|
|
expect(secret).toHaveLength(TOKEN_VALID_LENGTH);
|
2021-05-09 00:44:07 +02:00
|
|
|
});
|
2024-01-06 11:31:32 +01:00
|
|
|
|
2024-05-05 16:53:28 +02:00
|
|
|
test('with default.yaml and valid string secret length', () => {
|
2024-01-06 11:31:32 +01:00
|
|
|
const config = new Config(parseConfigFile(resolveConf('default')));
|
2024-05-05 16:53:28 +02:00
|
|
|
expect(typeof config.checkSecretKey(generateRandomSecretKey()) === 'string').toBeTruthy();
|
|
|
|
});
|
|
|
|
|
|
|
|
test('with default.yaml migrate a valid string secret length', () => {
|
|
|
|
const config = new Config(parseConfigFile(resolveConf('default')), {
|
|
|
|
forceMigrateToSecureLegacySignature: true,
|
|
|
|
});
|
|
|
|
expect(
|
|
|
|
// 64 characters secret long
|
|
|
|
config.checkSecretKey('b4982dbb0108531fafb552374d7e83724b6458a2b3ffa97ad0edb899bdaefc4a')
|
|
|
|
).toHaveLength(TOKEN_VALID_LENGTH);
|
2024-01-06 11:31:32 +01:00
|
|
|
});
|
|
|
|
|
2024-05-05 16:53:28 +02:00
|
|
|
// only runs on Node.js 22 or higher
|
|
|
|
itif(isNodeVersionGreaterThan21())('with enhanced legacy signature Node 22 or higher', () => {
|
|
|
|
const config = new Config(parseConfigFile(resolveConf('default')), {
|
|
|
|
forceMigrateToSecureLegacySignature: false,
|
|
|
|
});
|
|
|
|
// eslint-disable-next-line jest/no-standalone-expect
|
|
|
|
expect(() =>
|
|
|
|
// 64 characters secret long
|
|
|
|
config.checkSecretKey('b4982dbb0108531fafb552374d7e83724b6458a2b3ffa97ad0edb899bdaefc4a')
|
|
|
|
).toThrow();
|
|
|
|
});
|
|
|
|
|
|
|
|
itif(isNodeVersionGreaterThan21())('with enhanced legacy signature Node 22 or higher', () => {
|
|
|
|
const config = new Config(parseConfigFile(resolveConf('default')), {
|
|
|
|
forceMigrateToSecureLegacySignature: false,
|
|
|
|
});
|
|
|
|
config.security.api.migrateToSecureLegacySignature = true;
|
|
|
|
// eslint-disable-next-line jest/no-standalone-expect
|
|
|
|
expect(
|
|
|
|
config.checkSecretKey('b4982dbb0108531fafb552374d7e83724b6458a2b3ffa97ad0edb899bdaefc4a')
|
|
|
|
).toHaveLength(TOKEN_VALID_LENGTH);
|
|
|
|
});
|
|
|
|
|
|
|
|
itif(isNodeVersionGreaterThan21() === false)(
|
|
|
|
'with old unsecure legacy signature Node 21 or lower',
|
|
|
|
() => {
|
|
|
|
const config = new Config(parseConfigFile(resolveConf('default')));
|
|
|
|
config.security.api.migrateToSecureLegacySignature = false;
|
|
|
|
// 64 characters secret long
|
|
|
|
// eslint-disable-next-line jest/no-standalone-expect
|
|
|
|
expect(
|
|
|
|
config.checkSecretKey('b4982dbb0108531fafb552374d7e83724b6458a2b3ffa97ad0edb899bdaefc4a')
|
|
|
|
).toHaveLength(64);
|
|
|
|
}
|
|
|
|
);
|
|
|
|
|
|
|
|
test('with migration to new legacy signature Node 21 or lower', () => {
|
2024-01-06 11:31:32 +01:00
|
|
|
const config = new Config(parseConfigFile(resolveConf('default')));
|
2024-05-05 16:53:28 +02:00
|
|
|
config.security.api.migrateToSecureLegacySignature = true;
|
|
|
|
// 64 characters secret long
|
|
|
|
// eslint-disable-next-line jest/no-standalone-expect
|
|
|
|
expect(
|
|
|
|
config.checkSecretKey('b4982dbb0108531fafb552374d7e83724b6458a2b3ffa97ad0edb899bdaefc4a')
|
|
|
|
).toHaveLength(TOKEN_VALID_LENGTH);
|
2024-01-06 11:31:32 +01:00
|
|
|
});
|
2024-05-05 16:53:28 +02:00
|
|
|
|
|
|
|
test.todo('test emit warning with secret key');
|
2021-05-09 00:44:07 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
describe('getMatchedPackagesSpec', () => {
|
|
|
|
test('should match with react as defined in config file', () => {
|
|
|
|
const configParsed = parseConfigFile(parseConfigurationFile('config-getMatchedPackagesSpec'));
|
|
|
|
const config = new Config(configParsed);
|
|
|
|
expect(config.getMatchedPackagesSpec('react')).toEqual({
|
|
|
|
access: ['admin'],
|
|
|
|
proxy: ['facebook'],
|
|
|
|
publish: ['admin'],
|
|
|
|
unpublish: false,
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should not match with react as defined in config file', () => {
|
|
|
|
const configParsed = parseConfigFile(parseConfigurationFile('config-getMatchedPackagesSpec'));
|
|
|
|
const config = new Config(configParsed);
|
|
|
|
expect(config.getMatchedPackagesSpec('somePackage')).toEqual({
|
|
|
|
access: [ROLES.$ALL],
|
|
|
|
proxy: ['npmjs'],
|
|
|
|
publish: [ROLES.$AUTH],
|
|
|
|
unpublish: false,
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('VERDACCIO_STORAGE_PATH', () => {
|
2021-04-25 12:08:14 +04:00
|
|
|
test('should set storage to value set in VERDACCIO_STORAGE_PATH environment variable', () => {
|
|
|
|
const storageLocation = '/tmp/verdaccio';
|
|
|
|
process.env.VERDACCIO_STORAGE_PATH = storageLocation;
|
|
|
|
const config = new Config(parseConfigFile(resolveConf('default')));
|
|
|
|
expect(config.storage).toBe(storageLocation);
|
|
|
|
delete process.env.VERDACCIO_STORAGE_PATH;
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should set storage path to VERDACCIO_STORAGE_PATH if both config and env are set', () => {
|
|
|
|
const storageLocation = '/tmp/verdaccio';
|
|
|
|
process.env.VERDACCIO_STORAGE_PATH = storageLocation;
|
|
|
|
const config = new Config(parseConfigFile(parseConfigurationFile('storage')));
|
|
|
|
expect(config.storage).toBe(storageLocation);
|
|
|
|
delete process.env.VERDACCIO_STORAGE_PATH;
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should take storage from environment variable if not exists in configs', () => {
|
|
|
|
const storageLocation = '/tmp/verdaccio';
|
|
|
|
process.env.VERDACCIO_STORAGE_PATH = storageLocation;
|
|
|
|
const defaultConfig = parseConfigFile(resolveConf('default'));
|
|
|
|
delete defaultConfig.storage;
|
|
|
|
const config = new Config(defaultConfig);
|
|
|
|
expect(config.storage).toBe(storageLocation);
|
|
|
|
delete process.env.VERDACCIO_STORAGE_PATH;
|
|
|
|
});
|
2017-08-02 20:45:21 +02:00
|
|
|
});
|
2024-01-06 11:31:32 +01:00
|
|
|
|
|
|
|
describe('configPath', () => {
|
|
|
|
test('should set configPath in config', () => {
|
|
|
|
const defaultConfig = parseConfigFile(resolveConf('default'));
|
|
|
|
const config = new Config(defaultConfig);
|
|
|
|
expect(config.getConfigPath()).toBe(path.join(__dirname, '../src/conf/default.yaml'));
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should throw an error if configPath is not provided', () => {
|
|
|
|
const defaultConfig = parseConfigFile(resolveConf('default'));
|
|
|
|
defaultConfig.configPath = '';
|
|
|
|
defaultConfig.config_path = '';
|
|
|
|
expect(() => new Config(defaultConfig)).toThrow('configPath property is required');
|
|
|
|
});
|
|
|
|
});
|