2020-10-29 09:35:06 +13:00
|
|
|
const {
|
2020-05-15 02:12:30 +12:00
|
|
|
createApplication,
|
|
|
|
supertest,
|
|
|
|
defaultHeaders,
|
|
|
|
createUser,
|
2020-05-28 04:23:01 +12:00
|
|
|
testPermissionsForEndpoint,
|
2020-05-15 02:12:30 +12:00
|
|
|
} = require("./couchTestUtils")
|
2020-11-13 06:06:55 +13:00
|
|
|
const {
|
2020-12-03 02:20:56 +13:00
|
|
|
BUILTIN_ROLE_IDS,
|
|
|
|
} = require("../../../utilities/security/roles")
|
2020-12-03 06:08:25 +13:00
|
|
|
const { cloneDeep } = require("lodash/fp")
|
|
|
|
|
|
|
|
const baseBody = {
|
|
|
|
password: "yeeooo",
|
|
|
|
roleId: BUILTIN_ROLE_IDS.POWER
|
|
|
|
}
|
2020-04-10 03:53:48 +12:00
|
|
|
|
|
|
|
describe("/users", () => {
|
2020-05-15 02:12:30 +12:00
|
|
|
let request
|
|
|
|
let server
|
|
|
|
let app
|
2020-10-29 23:28:27 +13:00
|
|
|
let appId
|
2020-04-10 03:53:48 +12:00
|
|
|
|
|
|
|
beforeAll(async () => {
|
2020-05-15 02:12:30 +12:00
|
|
|
({ request, server } = await supertest(server))
|
2020-12-03 06:08:25 +13:00
|
|
|
})
|
2020-05-15 02:12:30 +12:00
|
|
|
|
|
|
|
beforeEach(async () => {
|
2020-10-29 09:35:06 +13:00
|
|
|
app = await createApplication(request)
|
2020-10-29 23:28:27 +13:00
|
|
|
appId = app.instance._id
|
2020-12-03 06:08:25 +13:00
|
|
|
})
|
2020-04-10 03:53:48 +12:00
|
|
|
|
2020-10-29 11:37:58 +13:00
|
|
|
afterAll(() => {
|
|
|
|
server.close()
|
|
|
|
server.destroy()
|
|
|
|
})
|
|
|
|
|
2020-10-29 09:35:06 +13:00
|
|
|
describe("fetch", () => {
|
2020-05-15 02:12:30 +12:00
|
|
|
it("returns a list of users from an instance db", async () => {
|
2020-12-05 01:22:45 +13:00
|
|
|
await createUser(request, appId, "brenda@brenda.com", "brendas_password")
|
|
|
|
await createUser(request, appId, "pam@pam.com", "pam_password")
|
2020-05-15 02:12:30 +12:00
|
|
|
const res = await request
|
2020-06-19 03:59:31 +12:00
|
|
|
.get(`/api/users`)
|
2020-10-29 23:28:27 +13:00
|
|
|
.set(defaultHeaders(appId))
|
2020-04-11 03:37:59 +12:00
|
|
|
.expect('Content-Type', /json/)
|
|
|
|
.expect(200)
|
2020-05-15 02:12:30 +12:00
|
|
|
|
|
|
|
expect(res.body.length).toBe(2)
|
2020-12-05 01:22:45 +13:00
|
|
|
expect(res.body.find(u => u.email === "brenda@brenda.com")).toBeDefined()
|
|
|
|
expect(res.body.find(u => u.email === "pam@pam.com")).toBeDefined()
|
2020-05-15 02:12:30 +12:00
|
|
|
})
|
2020-04-25 05:02:51 +12:00
|
|
|
|
2020-05-28 04:23:01 +12:00
|
|
|
it("should apply authorization to endpoint", async () => {
|
2020-10-29 23:28:27 +13:00
|
|
|
await createUser(request, appId, "brenda", "brendas_password")
|
2020-05-28 04:23:01 +12:00
|
|
|
await testPermissionsForEndpoint({
|
|
|
|
request,
|
|
|
|
method: "GET",
|
2020-06-19 07:41:37 +12:00
|
|
|
url: `/api/users`,
|
2020-10-29 23:28:27 +13:00
|
|
|
appId: appId,
|
2020-12-03 06:08:25 +13:00
|
|
|
passRole: BUILTIN_ROLE_IDS.ADMIN,
|
|
|
|
failRole: BUILTIN_ROLE_IDS.PUBLIC,
|
2020-05-28 04:23:01 +12:00
|
|
|
})
|
|
|
|
})
|
|
|
|
|
2020-05-15 02:12:30 +12:00
|
|
|
})
|
2020-04-11 03:37:59 +12:00
|
|
|
|
2020-05-15 02:12:30 +12:00
|
|
|
describe("create", () => {
|
|
|
|
it("returns a success message when a user is successfully created", async () => {
|
2020-12-03 06:08:25 +13:00
|
|
|
const body = cloneDeep(baseBody)
|
2020-12-08 07:08:20 +13:00
|
|
|
body.email = "bill@budibase.com"
|
2020-05-15 02:12:30 +12:00
|
|
|
const res = await request
|
2020-06-19 07:41:37 +12:00
|
|
|
.post(`/api/users`)
|
2020-10-29 23:28:27 +13:00
|
|
|
.set(defaultHeaders(appId))
|
2020-12-03 06:08:25 +13:00
|
|
|
.send(body)
|
2020-04-10 03:53:48 +12:00
|
|
|
.expect(200)
|
2020-05-15 02:12:30 +12:00
|
|
|
.expect('Content-Type', /json/)
|
|
|
|
|
2020-12-03 06:08:25 +13:00
|
|
|
expect(res.res.statusMessage).toEqual("User created successfully.")
|
2020-05-15 02:12:30 +12:00
|
|
|
expect(res.body._id).toBeUndefined()
|
|
|
|
})
|
2020-05-28 04:23:01 +12:00
|
|
|
|
|
|
|
it("should apply authorization to endpoint", async () => {
|
2020-12-03 06:08:25 +13:00
|
|
|
const body = cloneDeep(baseBody)
|
2020-12-08 07:08:20 +13:00
|
|
|
body.email = "brandNewUser@user.com"
|
2020-05-28 04:23:01 +12:00
|
|
|
await testPermissionsForEndpoint({
|
|
|
|
request,
|
|
|
|
method: "POST",
|
2020-12-03 06:08:25 +13:00
|
|
|
body,
|
2020-06-19 07:41:37 +12:00
|
|
|
url: `/api/users`,
|
2020-10-29 23:28:27 +13:00
|
|
|
appId: appId,
|
2020-12-03 06:08:25 +13:00
|
|
|
passRole: BUILTIN_ROLE_IDS.ADMIN,
|
|
|
|
failRole: BUILTIN_ROLE_IDS.PUBLIC,
|
2020-05-28 04:23:01 +12:00
|
|
|
})
|
|
|
|
})
|
2020-12-03 06:08:25 +13:00
|
|
|
})
|
2020-05-15 02:12:30 +12:00
|
|
|
})
|