tim/autonomous.contact
1
0
Fork 0
forked from andyburke/autonomous.contact
Code Pull requests Activity

fix: clean up fixes after APP overhaul

Browse source
This commit is contained in:
Andy Burke 2025-10-25 19:44:07 -07:00
parent 52f46207ec
commit c34069066d
11 changed files with 76 additions and 88 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/03_login.test.ts
View file

@ -44,7 +44,7 @@ Deno.test({
}
});
const authed_user: USER | undefined = auth_response.user;
const _authed_user: USER | undefined = auth_response.user;
const authed_session: Record<string, any> | undefined = auth_response.session;
cookies.push({

39
tests/04_create_topic.test.ts
View file

@ -22,14 +22,34 @@ Deno.test({
port: test_server_info.port
});
const info = await get_new_user(client);
const root_user_info = await get_new_user(client);
try {
const root_user_topic = await client.fetch('/topics', {
method: 'POST',
headers: {
'x-session_id': root_user_info.session.id,
'x-totp': await generateTotp(root_user_info.session.secret)
},
json: {
name: 'this is the root user topic'
}
});
asserts.assert(root_user_topic);
} catch (error) {
const reason: string = (error as Error).cause as string ?? (error as Error).toString();
asserts.fail(reason);
}
const regular_user_info = await get_new_user(client, {}, root_user_info);
try {
const _permission_denied_topic = await client.fetch('/topics', {
method: 'POST',
headers: {
'x-session_id': info.session.id,
'x-totp': await generateTotp(info.session.secret)
'x-session_id': regular_user_info.session.id,
'x-totp': await generateTotp(regular_user_info.session.secret)
},
json: {
name: 'this should not be allowed'
@ -41,14 +61,14 @@ Deno.test({
asserts.assertEquals((error as Error).cause, 'permission_denied');
}
await set_user_permissions(client, info.user, info.session, [...info.user.permissions, 'topics.create']);
await set_user_permissions(client, regular_user_info.user, regular_user_info.session, [...regular_user_info.user.permissions, 'topics.create']);
try {
const _too_long_name_topic = await client.fetch('/topics', {
method: 'POST',
headers: {
'x-session_id': info.session.id,
'x-totp': await generateTotp(info.session.secret)
'x-session_id': regular_user_info.session.id,
'x-totp': await generateTotp(regular_user_info.session.secret)
},
json: {
name: 'X'.repeat(1024)
@ -63,8 +83,8 @@ Deno.test({
const new_topic = await client.fetch('/topics', {
method: 'POST',
headers: {
'x-session_id': info.session.id,
'x-totp': await generateTotp(info.session.secret)
'x-session_id': regular_user_info.session.id,
'x-totp': await generateTotp(regular_user_info.session.secret)
},
json: {
name: 'test topic'
@ -73,7 +93,8 @@ Deno.test({
asserts.assert(new_topic);
await delete_user(client, info);
await delete_user(client, regular_user_info);
await delete_user(client, root_user_info);
} finally {
clear_topic_events_cache();
if (test_server_info) {

67
tests/11_file_uploads.test.ts
View file

@ -1,8 +1,7 @@
import { api, API_CLIENT } from '../utils/api.ts';
import * as asserts from '@std/assert';
import { USER } from '../models/user.ts';
import { delete_user, EPHEMERAL_SERVER, get_ephemeral_listen_server, get_new_user, random_username, set_user_permissions } from './helpers.ts';
import { Cookie, getSetCookies } from '@std/http/cookie';
import { Cookie } from '@std/http/cookie';
import { generateTotp } from '../utils/totp.ts';
import * as fs from '@std/fs';
import * as path from '@std/path';
@ -136,55 +135,11 @@ Deno.test({
port: test_server_info.port
});
const username = random_username();
const password = 'password';
const root_user_info = await get_new_user(client);
asserts.assert(root_user_info);
const user_creation_response: Record<string, any> = await client.fetch('/users', {
method: 'POST',
json: {
username,
password
}
});
asserts.assert(user_creation_response?.user);
asserts.assert(user_creation_response?.session);
let cookies: Cookie[] = [];
const auth_response: any = await client.fetch('/auth', {
method: 'POST',
json: {
username,
password: 'password'
},
done: (response) => {
cookies = getSetCookies(response.headers);
}
});
const user: USER | undefined = auth_response.user;
asserts.assert(user);
asserts.assert(user.id);
const session: Record<string, any> | undefined = auth_response.session;
asserts.assert(session);
cookies.push({
name: 'totp',
value: await generateTotp(session?.secret ?? ''),
maxAge: 30,
expires: Date.now() + 30_000,
path: '/'
});
const headers_for_upload_request = new Headers();
for (const cookie of cookies) {
headers_for_upload_request.append(`x-${cookie.name}`, cookie.value);
}
headers_for_upload_request.append(
'cookie',
cookies.map((cookie) => `${cookie.name}=${cookie.value}`).join('; ')
);
const regular_user_info = await get_new_user(client, {}, root_user_info);
asserts.assert(regular_user_info);
const upload_body = new FormData();
upload_body.append(
@ -196,7 +151,10 @@ Deno.test({
`http://${test_server_info.hostname}:${test_server_info.port}/files/test_uploading_to_root_dir.txt`,
{
method: 'PUT',
headers: headers_for_upload_request,
headers: {
'x-session_id': regular_user_info.session.id,
'x-totp': await generateTotp(regular_user_info.session.secret)
},
body: upload_body
}
);
@ -204,13 +162,16 @@ Deno.test({
asserts.assert(!disallowed_upload_response.ok);
await disallowed_upload_response.text();
await set_user_permissions(client, user, session, [...user.permissions, 'files.write.all']);
await set_user_permissions(client, regular_user_info.user, regular_user_info.session, [...regular_user_info.user.permissions, 'files.write.all']);
const allowed_upload_response = await fetch(
`http://${test_server_info.hostname}:${test_server_info.port}/files/test_uploading_to_root_dir.txt`,
{
method: 'PUT',
headers: headers_for_upload_request,
headers: {
'x-session_id': regular_user_info.session.id,
'x-totp': await generateTotp(regular_user_info.session.secret)
},
body: upload_body
}
);