budibase/packages/core/test/authApi.authenticate.spec.js

import {setupApphierarchy, 
    basicAppHierarchyCreator_WithFields} from "./specHelpers";
import { permissionTypes, 
    userAuthFile} from "../src/authApi/authCommon";
import {permission} from "../src/authApi/permissions";


describe("authApi > authenticate", () => {

    it("should return user + access when correct password supplied", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "password");
        const result = await authApi.authenticate(u.name, "password");
        expect(result).not.toBeNull();
        expect(result.name).toBe("bob");
        expect(result.temp).toBe(false);
        expect(result.passwordHash).toBeUndefined();
        expect(result.temporaryAccessId).toBeUndefined();
        expect(result.permissions.length).toBe(1);
        expect(result.permissions[0]).toEqual({type:permissionTypes.SET_PASSWORD});
    });

    it("should return null when password incorrect", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "password");
        const result = await authApi.authenticate(u.name, "letmein");
        expect(result).toBeNull();
    });

    it("should return null when non existing user", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const result = await authApi.authenticate("nobody", "password");
        expect(result).toBeNull();
    });

    it("should return null when user not enabled", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "password", false);
        const result = await authApi.authenticate(u.name, "password");
        expect(result).toBeNull();
    });

    it("should return null when password not set", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "", false);
        const result = await authApi.authenticate(u.name, "");
        expect(result).toBeNull();
    });

    it("authenticate should be allowed wit no permissions", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        app.withNoPermissions();
        await authApi.authenticate("", "");
    });

});

describe("authApi > authenticateTemporaryAccess", () => {

    it("should return user with no permissions", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "");
        const result = await authApi.authenticateTemporaryAccess(u.tempCode);
        expect(result).not.toBeNull();
        expect(result.name).toBe("bob");
        expect(result.passwordHash).toBeUndefined();
        expect(result.permissions.length).toBe(0);
        expect(result.temp).toBe(true);
    });

    it("should return null when blank code suplied", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const result = await authApi.authenticateTemporaryAccess("");
        expect(result).toBeNull();
    });

    it("should return null when invalid code supplied", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const result = await authApi.authenticateTemporaryAccess("incorrect");
        expect(result).toBeNull();
    });

    it("should return null when user disabled", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "", false);
        const result = await authApi.authenticateTemporaryAccess(u.tempCode);
        expect(result).toBeNull();
    });

    it("should return null when temporary access code is expired", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        const u = await validUser(app, authApi, "");
        const userAuth = await app.datastore.loadJson(
            userAuthFile(u.name)
        );
        userAuth.temporaryAccessExpiryEpoch = 0;
        await app.datastore.updateJson(
            userAuthFile(u.name), userAuth
        );
        const result = await authApi.authenticateTemporaryAccess(u.tempCode);
        expect(result).toBeNull();
    });

    
    it("authenticate should be allowed wit no permissions", async () => {
        const {authApi, app} = await setupApphierarchy(basicAppHierarchyCreator_WithFields);
        app.withNoPermissions();
        await authApi.authenticateTemporaryAccess("");
    });

});

const validUser = async (app, authApi, password, enabled=true) => {
    const access = await authApi.getNewAccessLevel(app);
    access.name = "admin";
    permission.setPassword.add(access);

    await authApi.saveAccessLevels({version:0, levels:[access]});
    
    const u = authApi.getNewUser(app);
    u.name = "bob";
    u.accessLevels = ["admin"];
    u.enabled = enabled;
    
    await authApi.createUser(u, password);
    return u;
};