2017-12-02 05:19:08 -05:00
|
|
|
import assert from 'assert';
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2017-12-02 05:19:08 -05:00
|
|
|
export default function(server2){
|
2018-01-27 20:40:07 -05:00
|
|
|
const requestAuthFail = (user, pass, message, statusCode) => {
|
2017-08-06 14:54:15 -05:00
|
|
|
return server2.auth(user, pass)
|
2018-01-27 20:40:07 -05:00
|
|
|
.status(statusCode)
|
2017-08-06 14:54:15 -05:00
|
|
|
.body_error(message)
|
|
|
|
.then(function() {
|
|
|
|
return server2.whoami();
|
|
|
|
})
|
|
|
|
.then(function(username) {
|
|
|
|
assert.equal(username, null);
|
|
|
|
});
|
|
|
|
};
|
2018-01-27 20:40:07 -05:00
|
|
|
const requestAuthOk = (user, pass, regex, statusCode) => {
|
2017-08-06 14:54:15 -05:00
|
|
|
return server2.auth(user, pass)
|
2018-01-27 20:40:07 -05:00
|
|
|
.status(statusCode)
|
2017-08-06 14:54:15 -05:00
|
|
|
.body_ok(regex)
|
|
|
|
.then(function() {
|
|
|
|
return server2.whoami();
|
|
|
|
})
|
|
|
|
.then(function(username) {
|
|
|
|
assert.equal(username, user);
|
|
|
|
});
|
|
|
|
|
|
|
|
};
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2017-12-02 05:19:08 -05:00
|
|
|
describe('test default authentication', () => {
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2017-12-02 05:19:08 -05:00
|
|
|
test('should not authenticate with wrong password', () => {
|
2018-01-27 20:40:07 -05:00
|
|
|
return requestAuthFail('authtest', 'wrongpass1', 'i don\'t like your password', 401);
|
2017-04-19 14:15:28 -05:00
|
|
|
});
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2017-12-02 05:19:08 -05:00
|
|
|
test('should right password handled by plugin', () => {
|
2018-01-27 20:40:07 -05:00
|
|
|
return requestAuthOk('authtest2', 'blahblah', /'authtest2'/, 201);
|
2017-04-19 14:15:28 -05:00
|
|
|
});
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2017-04-19 14:15:28 -05:00
|
|
|
});
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2017-12-02 05:19:08 -05:00
|
|
|
describe('test access authorization', () => {
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2018-01-27 20:40:07 -05:00
|
|
|
describe('access with user authtest', () => {
|
2017-12-02 05:19:08 -05:00
|
|
|
beforeAll(function() {
|
2018-01-27 20:40:07 -05:00
|
|
|
return server2.auth('authtest', 'blahblah')
|
2015-04-11 12:11:04 -05:00
|
|
|
.status(201)
|
2017-04-19 14:15:28 -05:00
|
|
|
.body_ok(/'authtest'/);
|
|
|
|
});
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2017-12-02 05:19:08 -05:00
|
|
|
test('access test-auth-allow', () => {
|
2017-06-28 15:56:02 -05:00
|
|
|
return server2.getPackage('test-auth-allow')
|
2015-04-11 12:11:04 -05:00
|
|
|
.status(404)
|
2017-04-19 14:15:28 -05:00
|
|
|
.body_error('no such package available');
|
|
|
|
});
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2018-01-27 20:40:07 -05:00
|
|
|
test('access test-deny', () => {
|
|
|
|
return server2.getPackage('test-deny')
|
2015-04-11 12:11:04 -05:00
|
|
|
.status(403)
|
2018-01-27 20:40:07 -05:00
|
|
|
.body_error('not allowed to access package');
|
2017-04-19 14:15:28 -05:00
|
|
|
});
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2017-12-02 05:19:08 -05:00
|
|
|
test('access test-auth-regular', () => {
|
2017-06-28 15:56:02 -05:00
|
|
|
return server2.getPackage('test-auth-regular')
|
2015-04-11 12:11:04 -05:00
|
|
|
.status(404)
|
2017-04-19 14:15:28 -05:00
|
|
|
.body_error('no such package available');
|
|
|
|
});
|
|
|
|
});
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2017-12-02 05:19:08 -05:00
|
|
|
describe('access with user authtest2', () => {
|
|
|
|
beforeAll(function() {
|
2015-04-11 12:11:04 -05:00
|
|
|
return server2.auth('authtest2', 'blahblah')
|
|
|
|
.status(201)
|
2017-04-19 14:15:28 -05:00
|
|
|
.body_ok(/'authtest2'/);
|
|
|
|
});
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2017-12-02 05:19:08 -05:00
|
|
|
test('access test-auth-allow', () => {
|
2017-06-28 15:56:02 -05:00
|
|
|
return server2.getPackage('test-auth-allow')
|
2015-04-11 12:11:04 -05:00
|
|
|
.status(403)
|
2018-01-27 20:40:07 -05:00
|
|
|
.body_error('not allowed to access package');
|
2017-04-19 14:15:28 -05:00
|
|
|
});
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2017-12-02 05:19:08 -05:00
|
|
|
test('access test-auth-deny', () => {
|
2017-06-28 15:56:02 -05:00
|
|
|
return server2.getPackage('test-auth-deny')
|
2015-04-11 12:11:04 -05:00
|
|
|
.status(403)
|
2018-01-27 20:40:07 -05:00
|
|
|
.body_error('not allowed to access package');
|
2017-04-19 14:15:28 -05:00
|
|
|
});
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2017-12-02 05:19:08 -05:00
|
|
|
test('access test-auth-regular', () => {
|
2017-06-28 15:56:02 -05:00
|
|
|
return server2.getPackage('test-auth-regular')
|
2015-04-11 12:11:04 -05:00
|
|
|
.status(404)
|
2017-04-19 14:15:28 -05:00
|
|
|
.body_error('no such package available');
|
|
|
|
});
|
|
|
|
});
|
2015-04-11 08:09:19 -05:00
|
|
|
|
2017-04-19 14:15:28 -05:00
|
|
|
});
|
2017-12-02 05:19:08 -05:00
|
|
|
}
|