2018-11-18 12:41:05 -05:00
|
|
|
import path from 'path';
|
2022-01-09 14:51:50 -05:00
|
|
|
import rimraf from 'rimraf';
|
|
|
|
import request from 'supertest';
|
2018-11-18 12:41:05 -05:00
|
|
|
|
2023-07-20 17:32:14 -05:00
|
|
|
import { buildToken } from '@verdaccio/utils';
|
|
|
|
|
2019-05-19 16:07:17 -05:00
|
|
|
import endPointAPI from '../../../../src/api';
|
2023-01-18 16:49:28 -05:00
|
|
|
import {
|
|
|
|
API_ERROR,
|
|
|
|
DIST_TAGS,
|
|
|
|
HEADERS,
|
|
|
|
HEADER_TYPE,
|
|
|
|
HTTP_STATUS,
|
2023-07-20 17:32:14 -05:00
|
|
|
TOKEN_BEARER,
|
2023-01-18 16:49:28 -05:00
|
|
|
} from '../../../../src/lib/constants';
|
2021-03-14 02:42:46 -05:00
|
|
|
import { DOMAIN_SERVERS } from '../../../functional/config.functional';
|
2023-07-20 17:32:14 -05:00
|
|
|
import { generatePackageMetadata } from '../../../helpers/generatePackageMetadata';
|
2021-03-14 02:42:46 -05:00
|
|
|
import { addUser } from '../../__helper/api';
|
2022-01-09 14:51:50 -05:00
|
|
|
import { mockServer } from '../../__helper/mock';
|
|
|
|
import configDefault from '../../partials/config';
|
|
|
|
import forbiddenPlace from '../../partials/forbidden-place';
|
|
|
|
import publishMetadata from '../../partials/publish-api';
|
2023-07-20 17:32:14 -05:00
|
|
|
import { getNewToken } from '../api/_helper';
|
2018-11-18 12:41:05 -05:00
|
|
|
|
2019-05-19 16:07:17 -05:00
|
|
|
require('../../../../src/lib/logger').setup([]);
|
2018-11-18 12:41:05 -05:00
|
|
|
|
|
|
|
const credentials = { name: 'user-web', password: 'secretPass' };
|
|
|
|
describe('endpoint web unit test', () => {
|
2019-07-16 01:40:01 -05:00
|
|
|
jest.setTimeout(20000);
|
2018-11-18 12:41:05 -05:00
|
|
|
let app;
|
|
|
|
let mockRegistry;
|
|
|
|
|
2021-03-14 02:42:46 -05:00
|
|
|
beforeAll(function (done) {
|
2019-05-19 16:07:17 -05:00
|
|
|
const store = path.join(__dirname, '../../partials/store/web-api-storage');
|
2018-11-18 12:41:05 -05:00
|
|
|
const mockServerPort = 55544;
|
|
|
|
rimraf(store, async () => {
|
2021-03-14 02:42:46 -05:00
|
|
|
const configForTest = configDefault(
|
|
|
|
{
|
|
|
|
auth: {
|
|
|
|
htpasswd: {
|
2021-12-20 17:11:17 -05:00
|
|
|
file: './web-api-storage/.htpasswd-web-api',
|
|
|
|
},
|
2021-03-14 02:42:46 -05:00
|
|
|
},
|
|
|
|
storage: store,
|
|
|
|
uplinks: {
|
|
|
|
npmjs: {
|
2021-12-20 17:11:17 -05:00
|
|
|
url: `http://${DOMAIN_SERVERS}:${mockServerPort}`,
|
|
|
|
},
|
2021-03-14 02:42:46 -05:00
|
|
|
},
|
2021-12-20 17:11:17 -05:00
|
|
|
self_path: store,
|
2019-02-24 17:20:25 -05:00
|
|
|
},
|
2021-03-14 02:42:46 -05:00
|
|
|
'api.web.spec.yaml'
|
|
|
|
);
|
2019-02-24 17:20:25 -05:00
|
|
|
app = await endPointAPI(configForTest);
|
2018-11-18 12:41:05 -05:00
|
|
|
mockRegistry = await mockServer(mockServerPort).init();
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
2021-03-14 02:42:46 -05:00
|
|
|
afterAll(function (done) {
|
2018-11-18 12:41:05 -05:00
|
|
|
mockRegistry[0].stop();
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('Registry WebUI endpoints', () => {
|
2019-02-24 17:20:25 -05:00
|
|
|
beforeAll(async () => {
|
2023-01-18 16:49:28 -05:00
|
|
|
await request(app)
|
|
|
|
.put('/@scope%2fpk1-test')
|
|
|
|
.set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
|
|
|
|
.send(JSON.stringify(publishMetadata))
|
|
|
|
.expect(HTTP_STATUS.CREATED);
|
2021-12-20 17:11:17 -05:00
|
|
|
|
2023-01-18 16:49:28 -05:00
|
|
|
await request(app)
|
|
|
|
.put('/forbidden-place')
|
|
|
|
.set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
|
|
|
|
.send(JSON.stringify(forbiddenPlace))
|
|
|
|
.expect(HTTP_STATUS.CREATED);
|
2023-07-20 17:32:14 -05:00
|
|
|
await request(app)
|
|
|
|
.put('/@protected/pk1')
|
|
|
|
.set(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON)
|
|
|
|
.send(JSON.stringify(generatePackageMetadata('@protected/pk1')))
|
|
|
|
.expect(HTTP_STATUS.CREATED);
|
2018-11-18 12:41:05 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
describe('Packages', () => {
|
2023-07-20 17:32:14 -05:00
|
|
|
test('should display packages without login', async () => {
|
|
|
|
// this packages is protected at the yaml file
|
|
|
|
const res = await request(app).get('/-/verdaccio/data/packages').expect(HTTP_STATUS.OK);
|
|
|
|
expect(res.body).toHaveLength(1);
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should display all packages logged', async () => {
|
|
|
|
const token = await getNewToken(app, { name: 'jota_token', password: 'secretPass' });
|
|
|
|
// this packages is protected at the yaml file
|
|
|
|
const res = await request(app)
|
2021-12-24 13:04:15 -05:00
|
|
|
.get('/-/verdaccio/data/packages')
|
2023-07-20 17:32:14 -05:00
|
|
|
.set(HEADERS.AUTHORIZATION, buildToken(TOKEN_BEARER, token))
|
|
|
|
.expect(HTTP_STATUS.OK);
|
|
|
|
expect(res.body).toHaveLength(2);
|
2018-11-18 12:41:05 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
test.skip('should display scoped readme', (done) => {
|
|
|
|
request(app)
|
2021-12-24 13:04:15 -05:00
|
|
|
.get('/-/verdaccio/data/package/readme/@scope/pk1-test')
|
2018-11-18 12:41:05 -05:00
|
|
|
.expect(HTTP_STATUS.OK)
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.TEXT_CHARSET)
|
2021-03-14 02:42:46 -05:00
|
|
|
.end(function (err, res) {
|
2018-11-18 12:41:05 -05:00
|
|
|
expect(res.text).toMatch('<h1 id="test">test</h1>\n');
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
2019-12-23 03:29:27 -05:00
|
|
|
// FIXME: disabled, we need to inspect why fails randomly
|
2018-11-18 12:41:05 -05:00
|
|
|
test.skip('should display scoped readme 404', (done) => {
|
|
|
|
request(app)
|
2021-12-24 13:04:15 -05:00
|
|
|
.get('/-/verdaccio/data/package/readme/@scope/404')
|
2018-11-18 12:41:05 -05:00
|
|
|
.expect(HTTP_STATUS.OK)
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.TEXT_CHARSET)
|
2021-03-14 02:42:46 -05:00
|
|
|
.end(function (err, res) {
|
2018-11-18 12:41:05 -05:00
|
|
|
expect(res.body.error).toMatch(API_ERROR.NO_PACKAGE);
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should display sidebar info', (done) => {
|
|
|
|
request(app)
|
2021-12-24 13:04:15 -05:00
|
|
|
.get('/-/verdaccio/data/sidebar/@scope/pk1-test')
|
2018-11-18 12:41:05 -05:00
|
|
|
.expect(HTTP_STATUS.OK)
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON_CHARSET)
|
2021-03-14 02:42:46 -05:00
|
|
|
.end(function (err, res) {
|
2018-11-18 12:41:05 -05:00
|
|
|
const sideBarInfo = res.body;
|
|
|
|
const latestVersion = publishMetadata.versions[publishMetadata[DIST_TAGS].latest];
|
|
|
|
|
|
|
|
expect(sideBarInfo.latest.author).toBeDefined();
|
|
|
|
expect(sideBarInfo.latest.author.avatar).toMatch(/www.gravatar.com/);
|
|
|
|
expect(sideBarInfo.latest.author.name).toBe(latestVersion.author.name);
|
|
|
|
expect(sideBarInfo.latest.author.email).toBe(latestVersion.author.email);
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
2019-09-05 14:12:10 -05:00
|
|
|
test('should display sidebar info by version', (done) => {
|
|
|
|
request(app)
|
2021-12-24 13:04:15 -05:00
|
|
|
.get('/-/verdaccio/data/sidebar/@scope/pk1-test?v=1.0.6')
|
2019-09-05 14:12:10 -05:00
|
|
|
.expect(HTTP_STATUS.OK)
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON_CHARSET)
|
2021-03-14 02:42:46 -05:00
|
|
|
.end(function (err, res) {
|
2019-09-05 14:12:10 -05:00
|
|
|
const sideBarInfo = res.body;
|
|
|
|
const latestVersion = publishMetadata.versions[publishMetadata[DIST_TAGS].latest];
|
|
|
|
|
|
|
|
expect(sideBarInfo.latest.author).toBeDefined();
|
|
|
|
expect(sideBarInfo.latest.author.avatar).toMatch(/www.gravatar.com/);
|
|
|
|
expect(sideBarInfo.latest.author.name).toBe(latestVersion.author.name);
|
|
|
|
expect(sideBarInfo.latest.author.email).toBe(latestVersion.author.email);
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
2018-11-18 12:41:05 -05:00
|
|
|
test('should display sidebar info 404', (done) => {
|
|
|
|
request(app)
|
2021-12-24 13:04:15 -05:00
|
|
|
.get('/-/verdaccio/data/sidebar/@scope/404')
|
2018-11-18 12:41:05 -05:00
|
|
|
.expect(HTTP_STATUS.NOT_FOUND)
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON_CHARSET)
|
2021-03-14 02:42:46 -05:00
|
|
|
.end(function () {
|
2018-11-18 12:41:05 -05:00
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
2019-09-05 14:12:10 -05:00
|
|
|
|
|
|
|
test('should display sidebar info 404 with version', (done) => {
|
|
|
|
request(app)
|
2021-12-24 13:04:15 -05:00
|
|
|
.get('/-/verdaccio/data/sidebar/@scope/pk1-test?v=0.0.0-not-found')
|
2019-09-05 14:12:10 -05:00
|
|
|
.expect(HTTP_STATUS.NOT_FOUND)
|
|
|
|
.expect(HEADER_TYPE.CONTENT_TYPE, HEADERS.JSON_CHARSET)
|
2021-03-14 02:42:46 -05:00
|
|
|
.end(function () {
|
2019-09-05 14:12:10 -05:00
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
2018-11-18 12:41:05 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
describe('Search', () => {
|
|
|
|
test('should search pk1-test', (done) => {
|
|
|
|
request(app)
|
2021-12-24 13:04:15 -05:00
|
|
|
.get('/-/verdaccio/data/search/scope')
|
2018-11-18 12:41:05 -05:00
|
|
|
.expect(HTTP_STATUS.OK)
|
2021-03-14 02:42:46 -05:00
|
|
|
.end(function (err, res) {
|
2018-11-18 12:41:05 -05:00
|
|
|
expect(res.body).toHaveLength(1);
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
2023-08-26 09:30:54 -05:00
|
|
|
test('should search with 404', async () => {
|
|
|
|
const res = await request(app).get('/-/verdaccio/data/search/%40').expect(HTTP_STATUS.OK);
|
|
|
|
expect(res.body).toEqual([]);
|
2018-11-18 12:41:05 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
test('should not find forbidden-place', (done) => {
|
|
|
|
request(app)
|
2021-12-24 13:04:15 -05:00
|
|
|
.get('/-/verdaccio/data/search/forbidden-place')
|
2018-11-18 12:41:05 -05:00
|
|
|
.expect(HTTP_STATUS.OK)
|
2021-03-14 02:42:46 -05:00
|
|
|
.end(function (err, res) {
|
2019-12-23 03:29:27 -05:00
|
|
|
// this is expected since we are not logged
|
2018-11-18 12:41:05 -05:00
|
|
|
// and forbidden-place is allow_access: 'nobody'
|
|
|
|
expect(res.body).toHaveLength(0);
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('User', () => {
|
|
|
|
beforeAll(async () => {
|
2019-07-16 01:40:01 -05:00
|
|
|
await addUser(request(app), credentials.name, credentials);
|
2018-11-18 12:41:05 -05:00
|
|
|
});
|
|
|
|
|
|
|
|
describe('login webui', () => {
|
|
|
|
test('should log successfully', (done) => {
|
|
|
|
request(app)
|
2021-12-24 13:04:15 -05:00
|
|
|
.post('/-/verdaccio/sec/login')
|
2018-11-18 12:41:05 -05:00
|
|
|
.send({
|
|
|
|
username: credentials.name,
|
2021-12-20 17:11:17 -05:00
|
|
|
password: credentials.password,
|
2018-11-18 12:41:05 -05:00
|
|
|
})
|
|
|
|
.expect(HTTP_STATUS.OK)
|
2021-03-14 02:42:46 -05:00
|
|
|
.end(function (err, res) {
|
2018-11-18 12:41:05 -05:00
|
|
|
expect(res.body.error).toBeUndefined();
|
|
|
|
expect(res.body.token).toBeDefined();
|
|
|
|
expect(res.body.token).toBeTruthy();
|
|
|
|
expect(res.body.username).toMatch(credentials.name);
|
2021-12-20 17:11:17 -05:00
|
|
|
expect(res.get(HEADERS.CACHE_CONTROL)).toEqual('no-cache, no-store');
|
2018-11-18 12:41:05 -05:00
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should fails on log unvalid user', (done) => {
|
|
|
|
request(app)
|
2021-12-24 13:04:15 -05:00
|
|
|
.post('/-/verdaccio/sec/login')
|
2021-12-23 11:35:31 -05:00
|
|
|
.send({
|
|
|
|
username: 'fake',
|
|
|
|
password: 'fake',
|
|
|
|
})
|
2018-11-18 12:41:05 -05:00
|
|
|
// FIXME: there should be 401
|
|
|
|
.expect(HTTP_STATUS.OK)
|
2021-03-14 02:42:46 -05:00
|
|
|
.end(function (err, res) {
|
2018-11-18 12:41:05 -05:00
|
|
|
expect(res.body.error).toMatch(/bad username\/password, access denied/);
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|