0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-01-20 22:52:46 -05:00
verdaccio/packages/plugins/active-directory/tests/active-directory.test.ts

161 lines
5.8 KiB
TypeScript

import ActiveDirectory from 'activedirectory2';
import { HTTP_STATUS } from '@verdaccio/commons-api';
import ActiveDirectoryPlugin, { NotAuthMessage } from '../src/active-directory';
// eslint-disable-next-line jest/no-mocks-import
import logger from './__mocks__/Logger';
describe('Active Directory Plugin', () => {
let adPlugin;
let adPluginSingleGroup;
let adPluginMultiGroups;
const config = {
url: 'ldap://localhost',
baseDN: 'dc=local,dc=host',
domainSuffix: 'local.host',
};
const configSingleGroup = {
...config,
groupName: 'singleGroup',
};
const configMultiGroups = {
...config,
groupName: ['group1', 'group2', 'group3'],
};
beforeAll(() => {
adPlugin = new ActiveDirectoryPlugin(config, { logger });
adPluginSingleGroup = new ActiveDirectoryPlugin(configSingleGroup, { logger });
adPluginMultiGroups = new ActiveDirectoryPlugin(configMultiGroups, { logger });
});
beforeEach(() => {
jest.resetModules();
});
test('get error when connection fails', (done) => {
const errorMessage = 'Unknown error';
ActiveDirectory.prototype.authenticate = jest.fn((_1, _2, cb) => cb(errorMessage, undefined));
adPlugin.authenticate('', '', (error, authUser) => {
expect(ActiveDirectory.prototype.authenticate).toHaveBeenCalled();
expect(logger.warn).toHaveBeenCalled();
expect(error.code).toBe(HTTP_STATUS.INTERNAL_ERROR);
expect(error.message).toBe(errorMessage);
expect(authUser).toBeUndefined();
done();
});
});
test('get error when not authenticated satisfactory', (done) => {
ActiveDirectory.prototype.authenticate = jest.fn((_1, _2, cb) => cb(null, false));
adPlugin.authenticate('', '', (error, authUser) => {
expect(ActiveDirectory.prototype.authenticate).toHaveBeenCalled();
expect(logger.warn).toHaveBeenCalledWith(NotAuthMessage);
expect(error.code).toBe(HTTP_STATUS.UNAUTHORIZED);
expect(error.message).toBe(NotAuthMessage);
expect(authUser).toBeUndefined();
done();
});
});
test('connect satisfactory without groups', (done) => {
const user = 'user';
const password = 'password';
ActiveDirectory.prototype.authenticate = jest.fn((_1, _2, cb) => cb(null, true));
adPlugin.authenticate(user, password, (error, authUser) => {
expect(ActiveDirectory.prototype.authenticate).toHaveBeenCalled();
expect(logger.info).toHaveBeenCalled();
expect(error).toBeNull();
expect(authUser).toStrictEqual([user]);
done();
});
});
test('get error when getting groups for user', (done) => {
const errorMessage = 'Unknown error retrieving groups';
ActiveDirectory.prototype.authenticate = jest.fn((_1, _2, cb) => cb(null, true));
ActiveDirectory.prototype.getGroupMembershipForUser = jest.fn((_, cb) =>
cb((errorMessage as unknown) as object, null)
) as jest.Mock;
adPluginSingleGroup.authenticate('', '', (error, authUser) => {
expect(ActiveDirectory.prototype.authenticate).toHaveBeenCalled();
expect(ActiveDirectory.prototype.getGroupMembershipForUser).toHaveBeenCalled();
expect(logger.warn).toHaveBeenCalled();
expect(error.code).toBe(HTTP_STATUS.INTERNAL_ERROR);
expect(error.message).toBe(errorMessage);
expect(authUser).toBeUndefined();
done();
});
});
test('get error when user groups do not match', (done) => {
const user = 'user';
const password = 'password';
ActiveDirectory.prototype.authenticate = jest.fn((_1, _2, cb) => cb(null, true));
ActiveDirectory.prototype.getGroupMembershipForUser = jest.fn((_, cb) =>
cb(null, [{ cn: 'notMatchGroup' }])
) as jest.Mock;
adPluginSingleGroup.authenticate(user, password, (error, authUser) => {
expect(ActiveDirectory.prototype.authenticate).toHaveBeenCalled();
expect(ActiveDirectory.prototype.getGroupMembershipForUser).toHaveBeenCalled();
expect(logger.warn).toHaveBeenCalled();
expect(error.code).toBe(HTTP_STATUS.FORBIDDEN);
expect(error.message).toBe(
`AD - User ${user} is not member of group(s): ${configSingleGroup.groupName}`
);
expect(authUser).toBeUndefined();
done();
});
});
test('connect satisfactory when connection has only one group defined', (done) => {
const { groupName } = configSingleGroup;
const user = 'user';
const password = 'password';
ActiveDirectory.prototype.authenticate = jest.fn((_1, _2, cb) => cb(null, true));
ActiveDirectory.prototype.getGroupMembershipForUser = jest.fn((_, cb) =>
cb(null, [{ cn: groupName }])
) as jest.Mock;
adPluginSingleGroup.authenticate(user, password, (error, authUser) => {
expect(ActiveDirectory.prototype.authenticate).toHaveBeenCalled();
expect(ActiveDirectory.prototype.getGroupMembershipForUser).toHaveBeenCalled();
expect(logger.info).toHaveBeenCalled();
expect(error).toBeNull();
expect(authUser).toStrictEqual([groupName, user]);
done();
});
});
test('connect satisfactory when connection has multiple groups defined', (done) => {
const [, group2, group3] = configMultiGroups.groupName;
const user = 'user';
const password = 'password';
ActiveDirectory.prototype.authenticate = jest.fn((_1, _2, cb) => cb(null, true));
ActiveDirectory.prototype.getGroupMembershipForUser = jest.fn((_, cb) =>
cb(null, [{ cn: group2 }, { dn: group3 }])
) as jest.Mock;
adPluginMultiGroups.authenticate(user, password, (error, authUser) => {
expect(ActiveDirectory.prototype.authenticate).toHaveBeenCalled();
expect(ActiveDirectory.prototype.getGroupMembershipForUser).toHaveBeenCalled();
expect(logger.info).toHaveBeenCalled();
expect(error).toBeNull();
expect(authUser).toStrictEqual([group2, group3, user]);
done();
});
});
});