forked from andyburke/autonomous.contact
feature: require invites
This commit is contained in:
parent
8b70172493
commit
a3302d2eff
22 changed files with 385 additions and 482 deletions
53
tests/01_create_user.test.ts
Normal file
53
tests/01_create_user.test.ts
Normal file
|
|
@ -0,0 +1,53 @@
|
|||
import { api, API_CLIENT } from '../utils/api.ts';
|
||||
import * as asserts from '@std/assert';
|
||||
import { USER } from '../models/user.ts';
|
||||
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, random_username } from './helpers.ts';
|
||||
import { encodeBase64 } from '@std/encoding';
|
||||
import { generateTotp } from '../utils/totp.ts';
|
||||
|
||||
Deno.test({
|
||||
name: 'API - USERS - Create',
|
||||
permissions: {
|
||||
env: true,
|
||||
read: true,
|
||||
write: true,
|
||||
net: true
|
||||
},
|
||||
fn: async () => {
|
||||
let test_server_info: EPHEMERAL_SERVER | null = null;
|
||||
try {
|
||||
test_server_info = await get_ephemeral_listen_server();
|
||||
const client: API_CLIENT = api({
|
||||
prefix: '/api',
|
||||
hostname: test_server_info.hostname,
|
||||
port: test_server_info.port
|
||||
});
|
||||
|
||||
const username = random_username();
|
||||
const password = 'password';
|
||||
const password_hash = encodeBase64(
|
||||
await crypto.subtle.digest('SHA-256', new TextEncoder().encode(password))
|
||||
);
|
||||
|
||||
const info = await get_new_user(client, {
|
||||
username,
|
||||
password_hash
|
||||
});
|
||||
|
||||
asserts.assert(info);
|
||||
asserts.assert(info.user);
|
||||
asserts.assert(info.session);
|
||||
asserts.assert(info.headers);
|
||||
|
||||
const user = info.user;
|
||||
|
||||
asserts.assertEquals(user.username, username);
|
||||
|
||||
await delete_user(client, info);
|
||||
} finally {
|
||||
if (test_server_info) {
|
||||
await test_server_info?.server?.stop();
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
56
tests/02_update_user.test.ts
Normal file
56
tests/02_update_user.test.ts
Normal file
|
|
@ -0,0 +1,56 @@
|
|||
import { api, API_CLIENT } from '../utils/api.ts';
|
||||
import * as asserts from '@std/assert';
|
||||
import { USER } from '../models/user.ts';
|
||||
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, random_username } from './helpers.ts';
|
||||
import { Cookie, getSetCookies } from '@std/http/cookie';
|
||||
import { encodeBase64 } from '@std/encoding';
|
||||
import { generateTotp } from '../utils/totp.ts';
|
||||
|
||||
Deno.test({
|
||||
name: 'API - USERS - Update',
|
||||
permissions: {
|
||||
env: true,
|
||||
read: true,
|
||||
write: true,
|
||||
net: true
|
||||
},
|
||||
fn: async () => {
|
||||
let test_server_info: EPHEMERAL_SERVER | null = null;
|
||||
try {
|
||||
test_server_info = await get_ephemeral_listen_server();
|
||||
const client: API_CLIENT = api({
|
||||
prefix: '/api',
|
||||
hostname: test_server_info.hostname,
|
||||
port: test_server_info.port
|
||||
});
|
||||
|
||||
const info = await get_new_user(client);
|
||||
asserts.assert(info);
|
||||
|
||||
const user = info.user;
|
||||
asserts.assert(user);
|
||||
|
||||
const original_username = user.username;
|
||||
asserts.assertEquals(original_username, user.username);
|
||||
|
||||
const updated_user: USER = await client.fetch(`/users/${user?.id}`, {
|
||||
method: 'PUT',
|
||||
json: {
|
||||
username: random_username()
|
||||
},
|
||||
headers: info.headers
|
||||
}) as USER;
|
||||
|
||||
asserts.assert(updated_user);
|
||||
|
||||
asserts.assertNotEquals(user.username, updated_user.username);
|
||||
asserts.assertNotEquals(user.timestamps.updated, updated_user.timestamps.updated);
|
||||
|
||||
await delete_user(client, info);
|
||||
} finally {
|
||||
if (test_server_info) {
|
||||
await test_server_info?.server?.stop();
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
|
|
@ -1,10 +1,10 @@
|
|||
import { api, API_CLIENT } from '../../../utils/api.ts';
|
||||
import { api, API_CLIENT } from '../utils/api.ts';
|
||||
import * as asserts from '@std/assert';
|
||||
import { USER } from '../../../models/user.ts';
|
||||
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, random_username } from '../../helpers.ts';
|
||||
import { USER } from '../models/user.ts';
|
||||
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, random_username } from './helpers.ts';
|
||||
import { Cookie, getSetCookies } from '@std/http/cookie';
|
||||
import { encodeBase64 } from '@std/encoding';
|
||||
import { generateTotp } from '../../../utils/totp.ts';
|
||||
import { generateTotp } from '../utils/totp.ts';
|
||||
|
||||
Deno.test({
|
||||
name: 'API - USERS - Login (password)',
|
||||
|
|
@ -24,25 +24,19 @@ Deno.test({
|
|||
port: test_server_info.port
|
||||
});
|
||||
|
||||
const username = random_username();
|
||||
const password = 'password';
|
||||
|
||||
const user_creation_response: Record<string, any> = await client.fetch('/users', {
|
||||
method: 'POST',
|
||||
json: {
|
||||
username,
|
||||
password
|
||||
}
|
||||
const info = await get_new_user(client, {
|
||||
password: 'password'
|
||||
});
|
||||
asserts.assert(info);
|
||||
|
||||
asserts.assert(user_creation_response?.user);
|
||||
asserts.assert(user_creation_response?.session);
|
||||
const user = info.user;
|
||||
asserts.assert(user);
|
||||
|
||||
let cookies: Cookie[] = [];
|
||||
const auth_response: any = await client.fetch('/auth', {
|
||||
method: 'POST',
|
||||
json: {
|
||||
username,
|
||||
username: user.username,
|
||||
password: 'password'
|
||||
},
|
||||
done: (response) => {
|
||||
|
|
@ -50,12 +44,12 @@ Deno.test({
|
|||
}
|
||||
});
|
||||
|
||||
const user: USER | undefined = auth_response.user;
|
||||
const session: Record<string, any> | undefined = auth_response.session;
|
||||
const authed_user: USER | undefined = auth_response.user;
|
||||
const authed_session: Record<string, any> | undefined = auth_response.session;
|
||||
|
||||
cookies.push({
|
||||
name: 'totp',
|
||||
value: await generateTotp(session?.secret ?? ''),
|
||||
value: await generateTotp(authed_session?.secret ?? ''),
|
||||
maxAge: 30,
|
||||
expires: Date.now() + 30_000,
|
||||
path: '/'
|
||||
|
|
@ -74,7 +68,9 @@ Deno.test({
|
|||
headers: headers_for_get
|
||||
}) as USER;
|
||||
|
||||
asserts.assertObjectMatch(retrieved_user, user ?? {});
|
||||
asserts.assertObjectMatch(retrieved_user, user);
|
||||
|
||||
await delete_user(client, info);
|
||||
} finally {
|
||||
if (test_server_info) {
|
||||
await test_server_info?.server?.stop();
|
||||
|
|
@ -101,53 +97,26 @@ Deno.test({
|
|||
port: test_server_info.port
|
||||
});
|
||||
|
||||
const username = random_username();
|
||||
const password = 'hashed password!!!';
|
||||
const password_hash = encodeBase64(
|
||||
await crypto.subtle.digest('SHA-256', new TextEncoder().encode(password))
|
||||
);
|
||||
|
||||
let cookies: Cookie[] = [];
|
||||
|
||||
const user_creation_response: Record<string, any> = await client.fetch('/users', {
|
||||
method: 'POST',
|
||||
json: {
|
||||
username,
|
||||
password_hash
|
||||
},
|
||||
done: (response) => {
|
||||
cookies = getSetCookies(response.headers);
|
||||
}
|
||||
const info = await get_new_user(client, {
|
||||
password_hash
|
||||
});
|
||||
asserts.assert(info);
|
||||
|
||||
asserts.assert(user_creation_response?.user);
|
||||
asserts.assert(user_creation_response?.session);
|
||||
|
||||
const user: USER | undefined = user_creation_response.user;
|
||||
const session: Record<string, any> | undefined = user_creation_response.session;
|
||||
|
||||
cookies.push({
|
||||
name: 'totp',
|
||||
value: await generateTotp(session?.secret),
|
||||
maxAge: 30,
|
||||
expires: Date.now() + 30_000,
|
||||
path: '/'
|
||||
});
|
||||
|
||||
const headers_for_get = new Headers();
|
||||
for (const cookie of cookies) {
|
||||
headers_for_get.append(`x-${cookie.name}`, cookie.value);
|
||||
}
|
||||
headers_for_get.append(
|
||||
'cookie',
|
||||
cookies.map((cookie) => `${cookie.name}=${cookie.value}`).join('; ')
|
||||
);
|
||||
const user = info.user;
|
||||
asserts.assert(user);
|
||||
|
||||
const retrieved_user: USER = await client.fetch(`/users/${user?.id}`, {
|
||||
headers: headers_for_get
|
||||
headers: info.headers
|
||||
}) as USER;
|
||||
|
||||
asserts.assertObjectMatch(retrieved_user, user ?? {});
|
||||
|
||||
await delete_user(client, info);
|
||||
} finally {
|
||||
if (test_server_info) {
|
||||
await test_server_info?.server?.stop();
|
||||
|
|
@ -1,8 +1,8 @@
|
|||
import { api, API_CLIENT } from '../../../utils/api.ts';
|
||||
import { api, API_CLIENT } from '../utils/api.ts';
|
||||
import * as asserts from '@std/assert';
|
||||
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from '../../helpers.ts';
|
||||
import { generateTotp } from '../../../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../../../models/event.ts';
|
||||
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from './helpers.ts';
|
||||
import { generateTotp } from '../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../models/event.ts';
|
||||
|
||||
Deno.test({
|
||||
name: 'API - TOPICS - Create',
|
||||
|
|
@ -22,14 +22,14 @@ Deno.test({
|
|||
port: test_server_info.port
|
||||
});
|
||||
|
||||
const user_info = await get_new_user(client);
|
||||
const info = await get_new_user(client);
|
||||
|
||||
try {
|
||||
const _permission_denied_topic = await client.fetch('/topics', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'x-session_id': user_info.session.id,
|
||||
'x-totp': await generateTotp(user_info.session.secret)
|
||||
'x-session_id': info.session.id,
|
||||
'x-totp': await generateTotp(info.session.secret)
|
||||
},
|
||||
json: {
|
||||
name: 'this should not be allowed'
|
||||
|
|
@ -41,14 +41,14 @@ Deno.test({
|
|||
asserts.assertEquals((error as Error).cause, 'permission_denied');
|
||||
}
|
||||
|
||||
await set_user_permissions(client, user_info.user, user_info.session, [...user_info.user.permissions, 'topics.create']);
|
||||
await set_user_permissions(client, info.user, info.session, [...info.user.permissions, 'topics.create']);
|
||||
|
||||
try {
|
||||
const _too_long_name_topic = await client.fetch('/topics', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'x-session_id': user_info.session.id,
|
||||
'x-totp': await generateTotp(user_info.session.secret)
|
||||
'x-session_id': info.session.id,
|
||||
'x-totp': await generateTotp(info.session.secret)
|
||||
},
|
||||
json: {
|
||||
name: 'X'.repeat(1024)
|
||||
|
|
@ -63,8 +63,8 @@ Deno.test({
|
|||
const new_topic = await client.fetch('/topics', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'x-session_id': user_info.session.id,
|
||||
'x-totp': await generateTotp(user_info.session.secret)
|
||||
'x-session_id': info.session.id,
|
||||
'x-totp': await generateTotp(info.session.secret)
|
||||
},
|
||||
json: {
|
||||
name: 'test topic'
|
||||
|
|
@ -72,6 +72,8 @@ Deno.test({
|
|||
});
|
||||
|
||||
asserts.assert(new_topic);
|
||||
|
||||
await delete_user(client, info);
|
||||
} finally {
|
||||
clear_topic_events_cache();
|
||||
if (test_server_info) {
|
||||
|
|
@ -1,8 +1,8 @@
|
|||
import { api, API_CLIENT } from '../../../utils/api.ts';
|
||||
import { api, API_CLIENT } from '../utils/api.ts';
|
||||
import * as asserts from '@std/assert';
|
||||
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from '../../helpers.ts';
|
||||
import { generateTotp } from '../../../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../../../models/event.ts';
|
||||
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from './helpers.ts';
|
||||
import { generateTotp } from '../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../models/event.ts';
|
||||
|
||||
Deno.test({
|
||||
name: 'API - TOPICS - Update',
|
||||
|
|
@ -22,15 +22,15 @@ Deno.test({
|
|||
port: test_server_info.port
|
||||
});
|
||||
|
||||
const user_info = await get_new_user(client);
|
||||
const info = await get_new_user(client);
|
||||
|
||||
await set_user_permissions(client, user_info.user, user_info.session, [...user_info.user.permissions, 'topics.create']);
|
||||
await set_user_permissions(client, info.user, info.session, [...info.user.permissions, 'topics.create']);
|
||||
|
||||
const new_topic = await client.fetch('/topics', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'x-session_id': user_info.session.id,
|
||||
'x-totp': await generateTotp(user_info.session.secret)
|
||||
'x-session_id': info.session.id,
|
||||
'x-totp': await generateTotp(info.session.secret)
|
||||
},
|
||||
json: {
|
||||
name: 'test update topic'
|
||||
|
|
@ -39,7 +39,7 @@ Deno.test({
|
|||
|
||||
asserts.assert(new_topic);
|
||||
|
||||
const other_user_info = await get_new_user(client);
|
||||
const other_user_info = await get_new_user(client, {}, info);
|
||||
|
||||
try {
|
||||
const _permission_denied_topic = await client.fetch(`/topics/${new_topic.id}`, {
|
||||
|
|
@ -61,8 +61,8 @@ Deno.test({
|
|||
const updated_by_owner_topic = await client.fetch(`/topics/${new_topic.id}`, {
|
||||
method: 'PUT',
|
||||
headers: {
|
||||
'x-session_id': user_info.session.id,
|
||||
'x-totp': await generateTotp(user_info.session.secret)
|
||||
'x-session_id': info.session.id,
|
||||
'x-totp': await generateTotp(info.session.secret)
|
||||
},
|
||||
json: {
|
||||
topic: 'this is a new topic',
|
||||
|
|
@ -75,7 +75,7 @@ Deno.test({
|
|||
|
||||
asserts.assert(updated_by_owner_topic);
|
||||
asserts.assertEquals(updated_by_owner_topic.topic, 'this is a new topic');
|
||||
asserts.assertEquals(updated_by_owner_topic.permissions.write, [user_info.user.id, other_user_info.user.id]);
|
||||
asserts.assertEquals(updated_by_owner_topic.permissions.write, [info.user.id, other_user_info.user.id]);
|
||||
|
||||
const updated_by_other_user_topic = await client.fetch(`/topics/${new_topic.id}`, {
|
||||
method: 'PUT',
|
||||
|
|
@ -90,7 +90,10 @@ Deno.test({
|
|||
|
||||
asserts.assert(updated_by_other_user_topic);
|
||||
asserts.assertEquals(updated_by_other_user_topic.topic, 'this is a newer topic');
|
||||
asserts.assertEquals(updated_by_other_user_topic.permissions.write, [user_info.user.id, other_user_info.user.id]);
|
||||
asserts.assertEquals(updated_by_other_user_topic.permissions.write, [info.user.id, other_user_info.user.id]);
|
||||
|
||||
await delete_user(client, other_user_info);
|
||||
await delete_user(client, info);
|
||||
} finally {
|
||||
clear_topic_events_cache();
|
||||
if (test_server_info) {
|
||||
|
|
@ -1,8 +1,8 @@
|
|||
import { api, API_CLIENT } from '../../../utils/api.ts';
|
||||
import { api, API_CLIENT } from '../utils/api.ts';
|
||||
import * as asserts from '@std/assert';
|
||||
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from '../../helpers.ts';
|
||||
import { generateTotp } from '../../../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../../../models/event.ts';
|
||||
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from './helpers.ts';
|
||||
import { generateTotp } from '../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../models/event.ts';
|
||||
|
||||
Deno.test({
|
||||
name: 'API - TOPICS - Delete',
|
||||
|
|
@ -22,15 +22,15 @@ Deno.test({
|
|||
port: test_server_info.port
|
||||
});
|
||||
|
||||
const user_info = await get_new_user(client);
|
||||
const info = await get_new_user(client);
|
||||
|
||||
await set_user_permissions(client, user_info.user, user_info.session, [...user_info.user.permissions, 'topics.create']);
|
||||
await set_user_permissions(client, info.user, info.session, [...info.user.permissions, 'topics.create']);
|
||||
|
||||
const new_topic = await client.fetch('/topics', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'x-session_id': user_info.session.id,
|
||||
'x-totp': await generateTotp(user_info.session.secret)
|
||||
'x-session_id': info.session.id,
|
||||
'x-totp': await generateTotp(info.session.secret)
|
||||
},
|
||||
json: {
|
||||
name: 'test delete topic'
|
||||
|
|
@ -42,12 +42,14 @@ Deno.test({
|
|||
const deleted_topic = await client.fetch(`/topics/${new_topic.id}`, {
|
||||
method: 'DELETE',
|
||||
headers: {
|
||||
'x-session_id': user_info.session.id,
|
||||
'x-totp': await generateTotp(user_info.session.secret)
|
||||
'x-session_id': info.session.id,
|
||||
'x-totp': await generateTotp(info.session.secret)
|
||||
}
|
||||
});
|
||||
|
||||
asserts.assert(deleted_topic);
|
||||
|
||||
await delete_user(client, info);
|
||||
} finally {
|
||||
clear_topic_events_cache();
|
||||
if (test_server_info) {
|
||||
|
|
@ -1,8 +1,8 @@
|
|||
import * as asserts from '@std/assert';
|
||||
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from '../../../helpers.ts';
|
||||
import { api, API_CLIENT } from '../../../../utils/api.ts';
|
||||
import { generateTotp } from '../../../../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../../../../models/event.ts';
|
||||
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from './helpers.ts';
|
||||
import { api, API_CLIENT } from '../utils/api.ts';
|
||||
import { generateTotp } from '../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../models/event.ts';
|
||||
|
||||
Deno.test({
|
||||
name: 'API - TOPICS - EVENTS - Create',
|
||||
|
|
@ -58,7 +58,7 @@ Deno.test({
|
|||
|
||||
asserts.assert(event_from_owner);
|
||||
|
||||
const other_user_info = await get_new_user(client);
|
||||
const other_user_info = await get_new_user(client, {}, owner_info);
|
||||
|
||||
try {
|
||||
const _permission_denied_topic = await client.fetch(`/topics/${topic.id}/events`, {
|
||||
|
|
@ -113,6 +113,9 @@ Deno.test({
|
|||
});
|
||||
|
||||
asserts.assert(event_from_other_user);
|
||||
|
||||
await delete_user(client, other_user_info);
|
||||
await delete_user(client, owner_info);
|
||||
} finally {
|
||||
clear_topic_events_cache();
|
||||
if (test_server_info) {
|
||||
|
|
@ -1,8 +1,8 @@
|
|||
import * as asserts from '@std/assert';
|
||||
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from '../../../helpers.ts';
|
||||
import { api, API_CLIENT } from '../../../../utils/api.ts';
|
||||
import { generateTotp } from '../../../../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../../../../models/event.ts';
|
||||
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from './helpers.ts';
|
||||
import { api, API_CLIENT } from '../utils/api.ts';
|
||||
import { generateTotp } from '../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../models/event.ts';
|
||||
|
||||
Deno.test({
|
||||
name: 'API - TOPICS - EVENTS - Get',
|
||||
|
|
@ -67,7 +67,7 @@ Deno.test({
|
|||
|
||||
asserts.assertEquals(events_initial_batch.length, NUM_INITIAL_EVENTS);
|
||||
|
||||
const other_user_info = await get_new_user(client);
|
||||
const other_user_info = await get_new_user(client, {}, owner_info);
|
||||
|
||||
const events_from_server = await client.fetch(`/topics/${topic.id}/events`, {
|
||||
method: 'GET',
|
||||
|
|
@ -116,6 +116,9 @@ Deno.test({
|
|||
asserts.assertEquals(long_polled_events.length, 1);
|
||||
asserts.assertEquals(long_polled_events[0].data?.i, 12345);
|
||||
});
|
||||
|
||||
await delete_user(client, other_user_info);
|
||||
await delete_user(client, owner_info);
|
||||
} finally {
|
||||
clear_topic_events_cache();
|
||||
if (test_server_info) {
|
||||
|
|
@ -1,8 +1,8 @@
|
|||
import * as asserts from '@std/assert';
|
||||
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from '../../../helpers.ts';
|
||||
import { api, API_CLIENT } from '../../../../utils/api.ts';
|
||||
import { generateTotp } from '../../../../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../../../../models/event.ts';
|
||||
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from './helpers.ts';
|
||||
import { api, API_CLIENT } from '../utils/api.ts';
|
||||
import { generateTotp } from '../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../models/event.ts';
|
||||
|
||||
Deno.test({
|
||||
name: 'API - TOPICS - EVENTS - Update',
|
||||
|
|
@ -95,7 +95,7 @@ Deno.test({
|
|||
asserts.assertNotEquals(fetched_updated_event_from_owner, fetched_event_from_owner);
|
||||
asserts.assertEquals(fetched_updated_event_from_owner, updated_event_from_owner);
|
||||
|
||||
const other_user_info = await get_new_user(client);
|
||||
const other_user_info = await get_new_user(client, {}, owner_info);
|
||||
|
||||
const event_from_other_user = await client.fetch(`/topics/${topic.id}/events`, {
|
||||
method: 'POST',
|
||||
|
|
@ -235,6 +235,9 @@ Deno.test({
|
|||
});
|
||||
|
||||
asserts.assertEquals(delete_owner_event_response.deleted, true);
|
||||
|
||||
await delete_user(client, other_user_info);
|
||||
await delete_user(client, owner_info);
|
||||
} finally {
|
||||
clear_topic_events_cache();
|
||||
if (test_server_info) {
|
||||
|
|
@ -1,8 +1,8 @@
|
|||
import * as asserts from '@std/assert';
|
||||
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from '../../../helpers.ts';
|
||||
import { api, API_CLIENT } from '../../../../utils/api.ts';
|
||||
import { generateTotp } from '../../../../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../../../../models/event.ts';
|
||||
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, set_user_permissions } from './helpers.ts';
|
||||
import { api, API_CLIENT } from '../utils/api.ts';
|
||||
import { generateTotp } from '../utils/totp.ts';
|
||||
import { clear_topic_events_cache } from '../models/event.ts';
|
||||
|
||||
Deno.test({
|
||||
name: 'API - TOPICS - EVENTS - Update (APPEND_ONLY_EVENTS)',
|
||||
|
|
@ -99,7 +99,7 @@ Deno.test({
|
|||
asserts.assertEquals((error as Error).cause, 'append_only_events');
|
||||
}
|
||||
|
||||
const other_user_info = await get_new_user(client);
|
||||
const other_user_info = await get_new_user(client, {}, owner_info);
|
||||
|
||||
const event_from_other_user = await client.fetch(`/topics/${topic.id}/events`, {
|
||||
method: 'POST',
|
||||
|
|
@ -157,6 +157,9 @@ Deno.test({
|
|||
} catch (error) {
|
||||
asserts.assertEquals((error as Error).cause, 'append_only_events');
|
||||
}
|
||||
|
||||
await delete_user(client, other_user_info);
|
||||
await delete_user(client, owner_info);
|
||||
} finally {
|
||||
Deno.env.delete('APPEND_ONLY_EVENTS');
|
||||
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
import { api, API_CLIENT } from '../utils/api.ts';
|
||||
import * as asserts from '@std/assert';
|
||||
import { USER } from '../models/user.ts';
|
||||
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, random_username, set_user_permissions } from './helpers.ts';
|
||||
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, random_username, set_user_permissions } from './helpers.ts';
|
||||
import { Cookie, getSetCookies } from '@std/http/cookie';
|
||||
import { generateTotp } from '../utils/totp.ts';
|
||||
import * as fs from '@std/fs';
|
||||
|
|
@ -34,56 +34,13 @@ Deno.test({
|
|||
port: test_server_info.port
|
||||
});
|
||||
|
||||
const username = random_username();
|
||||
const password = 'password';
|
||||
const owner_info = await get_new_user(client);
|
||||
asserts.assert(owner_info);
|
||||
|
||||
const user_creation_response: Record<string, any> = await client.fetch('/users', {
|
||||
method: 'POST',
|
||||
json: {
|
||||
username,
|
||||
password
|
||||
}
|
||||
});
|
||||
|
||||
asserts.assert(user_creation_response?.user);
|
||||
asserts.assert(user_creation_response?.session);
|
||||
|
||||
let cookies: Cookie[] = [];
|
||||
const auth_response: any = await client.fetch('/auth', {
|
||||
method: 'POST',
|
||||
json: {
|
||||
username,
|
||||
password: 'password'
|
||||
},
|
||||
done: (response) => {
|
||||
cookies = getSetCookies(response.headers);
|
||||
}
|
||||
});
|
||||
|
||||
const user: USER | undefined = auth_response.user;
|
||||
const user = owner_info.user;
|
||||
asserts.assert(user);
|
||||
asserts.assert(user.id);
|
||||
|
||||
const session: Record<string, any> | undefined = auth_response.session;
|
||||
asserts.assert(session);
|
||||
|
||||
cookies.push({
|
||||
name: 'totp',
|
||||
value: await generateTotp(session?.secret ?? ''),
|
||||
maxAge: 30,
|
||||
expires: Date.now() + 30_000,
|
||||
path: '/'
|
||||
});
|
||||
|
||||
const headers_for_upload_request = new Headers();
|
||||
for (const cookie of cookies) {
|
||||
headers_for_upload_request.append(`x-${cookie.name}`, cookie.value);
|
||||
}
|
||||
headers_for_upload_request.append(
|
||||
'cookie',
|
||||
cookies.map((cookie) => `${cookie.name}=${cookie.value}`).join('; ')
|
||||
);
|
||||
|
||||
const upload_body = new FormData();
|
||||
upload_body.append(
|
||||
'file',
|
||||
|
|
@ -93,7 +50,7 @@ Deno.test({
|
|||
`http://${test_server_info.hostname}:${test_server_info.port}/files/users/${user.id}/test_uploading_to_home_dir.txt`,
|
||||
{
|
||||
method: 'PUT',
|
||||
headers: headers_for_upload_request,
|
||||
headers: owner_info.headers,
|
||||
body: upload_body
|
||||
}
|
||||
);
|
||||
|
|
@ -147,6 +104,8 @@ Deno.test({
|
|||
await Deno.remove(dir);
|
||||
dir = path.dirname(dir);
|
||||
} while (dir.length);
|
||||
|
||||
await delete_user(client, owner_info);
|
||||
} finally {
|
||||
if (test_server_info) {
|
||||
await test_server_info?.server?.stop();
|
||||
|
|
@ -1,77 +0,0 @@
|
|||
import { api, API_CLIENT } from '../../../utils/api.ts';
|
||||
import * as asserts from '@std/assert';
|
||||
import { USER } from '../../../models/user.ts';
|
||||
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, random_username } from '../../helpers.ts';
|
||||
import { Cookie, getSetCookies } from '@std/http/cookie';
|
||||
import { encodeBase64 } from '@std/encoding';
|
||||
import { generateTotp } from '../../../utils/totp.ts';
|
||||
|
||||
Deno.test({
|
||||
name: 'API - USERS - Create',
|
||||
permissions: {
|
||||
env: true,
|
||||
read: true,
|
||||
write: true,
|
||||
net: true
|
||||
},
|
||||
fn: async () => {
|
||||
let test_server_info: EPHEMERAL_SERVER | null = null;
|
||||
try {
|
||||
test_server_info = await get_ephemeral_listen_server();
|
||||
const client: API_CLIENT = api({
|
||||
prefix: '/api',
|
||||
hostname: test_server_info.hostname,
|
||||
port: test_server_info.port
|
||||
});
|
||||
|
||||
const username = random_username();
|
||||
const password = 'password';
|
||||
const password_hash = encodeBase64(
|
||||
await crypto.subtle.digest('SHA-256', new TextEncoder().encode(password))
|
||||
);
|
||||
|
||||
let cookies: Cookie[] = [];
|
||||
|
||||
const user_creation_response: Record<string, any> = await client.fetch('/users', {
|
||||
method: 'POST',
|
||||
json: {
|
||||
username,
|
||||
password_hash
|
||||
},
|
||||
done: (response) => {
|
||||
cookies = getSetCookies(response.headers);
|
||||
}
|
||||
});
|
||||
|
||||
asserts.assert(user_creation_response?.user);
|
||||
asserts.assert(user_creation_response?.session);
|
||||
|
||||
const user: USER | undefined = user_creation_response.user;
|
||||
const session: Record<string, any> | undefined = user_creation_response.session;
|
||||
|
||||
cookies.push({
|
||||
name: 'totp',
|
||||
value: await generateTotp(session?.secret),
|
||||
maxAge: 30,
|
||||
expires: Date.now() + 30_000,
|
||||
path: '/'
|
||||
});
|
||||
|
||||
const headers_for_get = new Headers();
|
||||
for (const cookie of cookies) {
|
||||
headers_for_get.append(`x-${cookie.name}`, cookie.value);
|
||||
}
|
||||
headers_for_get.append('cookie', cookies.map((cookie) => `${cookie.name}=${cookie.value}`).join('; '));
|
||||
|
||||
const retrieved_user: USER = await client.fetch(`/users/${user?.id}`, {
|
||||
headers: headers_for_get
|
||||
}) as USER;
|
||||
|
||||
asserts.assertObjectMatch(retrieved_user, user ?? {});
|
||||
} finally {
|
||||
if (test_server_info) {
|
||||
await test_server_info?.server?.stop();
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
|
|
@ -1,84 +0,0 @@
|
|||
import { api, API_CLIENT } from '../../../utils/api.ts';
|
||||
import * as asserts from '@std/assert';
|
||||
import { USER } from '../../../models/user.ts';
|
||||
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, random_username } from '../../helpers.ts';
|
||||
import { Cookie, getSetCookies } from '@std/http/cookie';
|
||||
import { encodeBase64 } from '@std/encoding';
|
||||
import { generateTotp } from '../../../utils/totp.ts';
|
||||
|
||||
Deno.test({
|
||||
name: 'API - USERS - Delete',
|
||||
permissions: {
|
||||
env: true,
|
||||
read: true,
|
||||
write: true,
|
||||
net: true
|
||||
},
|
||||
fn: async () => {
|
||||
let test_server_info: EPHEMERAL_SERVER | null = null;
|
||||
try {
|
||||
test_server_info = await get_ephemeral_listen_server();
|
||||
const client: API_CLIENT = api({
|
||||
prefix: '/api',
|
||||
hostname: test_server_info.hostname,
|
||||
port: test_server_info.port
|
||||
});
|
||||
|
||||
const username = random_username();
|
||||
const password = 'password';
|
||||
const password_hash = encodeBase64(
|
||||
await crypto.subtle.digest('SHA-256', new TextEncoder().encode(password))
|
||||
);
|
||||
|
||||
let cookies: Cookie[] = [];
|
||||
|
||||
const user_creation_response: Record<string, any> = await client.fetch('/users', {
|
||||
method: 'POST',
|
||||
json: {
|
||||
username,
|
||||
password_hash
|
||||
},
|
||||
done: (response) => {
|
||||
cookies = getSetCookies(response.headers);
|
||||
}
|
||||
});
|
||||
|
||||
asserts.assert(user_creation_response?.user);
|
||||
asserts.assert(user_creation_response?.session);
|
||||
|
||||
const user: USER | undefined = user_creation_response.user;
|
||||
const session: Record<string, any> | undefined = user_creation_response.session;
|
||||
|
||||
cookies.push({
|
||||
name: 'totp',
|
||||
value: await generateTotp(session?.secret),
|
||||
maxAge: 30,
|
||||
expires: Date.now() + 30_000,
|
||||
path: '/'
|
||||
});
|
||||
|
||||
const headers_for_get = new Headers();
|
||||
for (const cookie of cookies) {
|
||||
headers_for_get.append(`x-${cookie.name}`, cookie.value);
|
||||
}
|
||||
headers_for_get.append('cookie', cookies.map((cookie) => `${cookie.name}=${cookie.value}`).join('; '));
|
||||
|
||||
const retrieved_user: USER = await client.fetch(`/users/${user?.id}`, {
|
||||
headers: headers_for_get
|
||||
}) as USER;
|
||||
|
||||
asserts.assertObjectMatch(retrieved_user, user ?? {});
|
||||
|
||||
const deleted_user_response: Record<string, any> = await client.fetch(`/users/${user?.id}`, {
|
||||
method: 'DELETE',
|
||||
headers: headers_for_get
|
||||
}) as USER;
|
||||
|
||||
asserts.assert(deleted_user_response?.deleted);
|
||||
} finally {
|
||||
if (test_server_info) {
|
||||
await test_server_info?.server?.stop();
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
|
|
@ -1,82 +0,0 @@
|
|||
import { api, API_CLIENT } from '../../../utils/api.ts';
|
||||
import * as asserts from '@std/assert';
|
||||
import { USER } from '../../../models/user.ts';
|
||||
import { EPHEMERAL_SERVER, get_ephemeral_listen_server, random_username } from '../../helpers.ts';
|
||||
import { Cookie, getSetCookies } from '@std/http/cookie';
|
||||
import { encodeBase64 } from '@std/encoding';
|
||||
import { generateTotp } from '../../../utils/totp.ts';
|
||||
|
||||
Deno.test({
|
||||
name: 'API - USERS - Update',
|
||||
permissions: {
|
||||
env: true,
|
||||
read: true,
|
||||
write: true,
|
||||
net: true
|
||||
},
|
||||
fn: async () => {
|
||||
let test_server_info: EPHEMERAL_SERVER | null = null;
|
||||
try {
|
||||
test_server_info = await get_ephemeral_listen_server();
|
||||
const client: API_CLIENT = api({
|
||||
prefix: '/api',
|
||||
hostname: test_server_info.hostname,
|
||||
port: test_server_info.port
|
||||
});
|
||||
|
||||
const username = random_username();
|
||||
const password = 'password';
|
||||
const password_hash = encodeBase64(
|
||||
await crypto.subtle.digest('SHA-256', new TextEncoder().encode(password))
|
||||
);
|
||||
|
||||
let cookies: Cookie[] = [];
|
||||
|
||||
const user_creation_response: Record<string, any> = await client.fetch('/users', {
|
||||
method: 'POST',
|
||||
json: {
|
||||
username,
|
||||
password_hash
|
||||
},
|
||||
done: (response) => {
|
||||
cookies = getSetCookies(response.headers);
|
||||
}
|
||||
});
|
||||
|
||||
asserts.assert(user_creation_response?.user);
|
||||
asserts.assert(user_creation_response?.session);
|
||||
|
||||
const user: USER | undefined = user_creation_response.user;
|
||||
const session: Record<string, any> | undefined = user_creation_response.session;
|
||||
|
||||
cookies.push({
|
||||
name: 'totp',
|
||||
value: await generateTotp(session?.secret),
|
||||
maxAge: 30,
|
||||
expires: Date.now() + 30_000,
|
||||
path: '/'
|
||||
});
|
||||
|
||||
const headers_for_put = new Headers();
|
||||
for (const cookie of cookies) {
|
||||
headers_for_put.append(`x-${cookie.name}`, cookie.value);
|
||||
}
|
||||
headers_for_put.append('cookie', cookies.map((cookie) => `${cookie.name}=${cookie.value}`).join('; '));
|
||||
|
||||
const updated_user: USER = await client.fetch(`/users/${user?.id}`, {
|
||||
method: 'PUT',
|
||||
json: {
|
||||
username: random_username()
|
||||
},
|
||||
headers: headers_for_put
|
||||
}) as USER;
|
||||
|
||||
asserts.assertNotEquals(user?.username ?? '', updated_user?.username ?? '');
|
||||
asserts.assertNotEquals(user?.timestamps.updated ?? '', updated_user?.timestamps.updated ?? '');
|
||||
} finally {
|
||||
if (test_server_info) {
|
||||
await test_server_info?.server?.stop();
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
|
|
@ -3,6 +3,8 @@ import { convert_to_words } from '@andyburke/lurid/word_bytes';
|
|||
import { API_CLIENT } from '../utils/api.ts';
|
||||
import { Cookie, getSetCookies } from '@std/http/cookie';
|
||||
import { generateTotp } from '../utils/totp.ts';
|
||||
import { USER } from '../models/user.ts';
|
||||
import { SESSION } from '../models/session.ts';
|
||||
|
||||
const TLDs: string[] = [
|
||||
'com',
|
||||
|
|
@ -98,50 +100,74 @@ export async function get_ephemeral_listen_server(options?: SERVER_OPTIONS): Pro
|
|||
return ephemeral_server;
|
||||
}
|
||||
|
||||
type NEW_USER_INFO = {
|
||||
username: string;
|
||||
password: string;
|
||||
export type TEST_USER_INFO = {
|
||||
user: USER;
|
||||
session: SESSION;
|
||||
headers: Headers;
|
||||
};
|
||||
|
||||
export async function get_new_user(client: API_CLIENT, user_info?: Record<string, any>): Promise<Record<string, any>> {
|
||||
const info: Record<string, any> = {
|
||||
export async function get_new_user(client: API_CLIENT, user_info?: Record<string, any>, inviting_user_info?: TEST_USER_INFO): Promise<TEST_USER_INFO> {
|
||||
const new_user_request_json: Record<string, any> = {
|
||||
username: random_username(),
|
||||
password: `${random_username()} ! ${random_username()}`,
|
||||
...user_info
|
||||
};
|
||||
|
||||
if (
|
||||
!((typeof new_user_request_json.password === 'string' && new_user_request_json.password.length) ||
|
||||
(typeof new_user_request_json.password_hash === 'string' && new_user_request_json.password_hash.length))
|
||||
) {
|
||||
new_user_request_json.password = `${Math.round(Math.random() * 10)} - ${random_username()} ! ${random_username()}`;
|
||||
}
|
||||
|
||||
if (inviting_user_info) {
|
||||
const invite_code = await client.fetch(`/users/${inviting_user_info.user?.id}/invites`, {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'x-session_id': inviting_user_info.session.id,
|
||||
'x-totp': await generateTotp(inviting_user_info.session.secret)
|
||||
},
|
||||
json: {
|
||||
code: random_username()
|
||||
}
|
||||
});
|
||||
|
||||
new_user_request_json.invite_code = invite_code.code;
|
||||
}
|
||||
|
||||
await client.fetch('/users', {
|
||||
method: 'POST',
|
||||
json: info
|
||||
json: new_user_request_json
|
||||
});
|
||||
|
||||
const cookies: Cookie[] = [];
|
||||
const auth_response: any = await client.fetch('/auth', {
|
||||
method: 'POST',
|
||||
json: info,
|
||||
json: new_user_request_json,
|
||||
done: (response) => {
|
||||
cookies.push(...getSetCookies(response.headers));
|
||||
}
|
||||
});
|
||||
|
||||
info.user = auth_response.user;
|
||||
info.session = auth_response.session;
|
||||
const test_user_info: TEST_USER_INFO = {
|
||||
user: auth_response.user,
|
||||
session: auth_response.session,
|
||||
headers: new Headers()
|
||||
};
|
||||
|
||||
cookies.push({
|
||||
name: 'totp',
|
||||
value: await generateTotp(info.session?.secret),
|
||||
value: await generateTotp(test_user_info.session?.secret),
|
||||
maxAge: 30,
|
||||
expires: Date.now() + 30_000,
|
||||
path: '/'
|
||||
});
|
||||
|
||||
info.headers_for_get = new Headers();
|
||||
for (const cookie of cookies) {
|
||||
info.headers_for_get.append(`x-${cookie.name}`, cookie.value);
|
||||
test_user_info.headers.append(`x-${cookie.name}`, cookie.value);
|
||||
}
|
||||
info.headers_for_get.append('cookie', cookies.map((cookie) => `${cookie.name}=${cookie.value}`).join('; '));
|
||||
test_user_info.headers.append('cookie', cookies.map((cookie) => `${cookie.name}=${cookie.value}`).join('; '));
|
||||
|
||||
return info;
|
||||
return test_user_info;
|
||||
}
|
||||
|
||||
export async function set_user_permissions(client: API_CLIENT, user: any, session: any, permissions: string[]): Promise<any> {
|
||||
|
|
@ -157,3 +183,13 @@ export async function set_user_permissions(client: API_CLIENT, user: any, sessio
|
|||
}
|
||||
});
|
||||
}
|
||||
|
||||
export async function delete_user(client: API_CLIENT, user_info: any): Promise<undefined> {
|
||||
await client.fetch(`/users/${user_info.user.id}`, {
|
||||
method: 'DELETE',
|
||||
headers: {
|
||||
'x-session_id': user_info.session.id,
|
||||
'x-totp': await generateTotp(user_info.session.secret)
|
||||
}
|
||||
});
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue