Support bypassing authorization within the testing environment
This also adds some basic test coverage for the authorize hook, which I should
have added in the first place. 💩
This commit is contained in:
parent
327920b660
commit
777540fc31
8
Makefile
8
Makefile
|
@ -30,7 +30,9 @@ build: depends
|
|||
check: build depends migrate
|
||||
# Running with docker-compose since our tests require a database to be
|
||||
# present
|
||||
$(COMPOSE) run --rm node \
|
||||
$(COMPOSE) run --rm \
|
||||
-e NODE_ENV=test \
|
||||
node \
|
||||
/usr/local/bin/node $(JEST) $(JEST_ARGS)
|
||||
|
||||
clean:
|
||||
|
@ -60,7 +62,9 @@ migrate: depends
|
|||
watch: migrate
|
||||
# Running with docker-compose since our tests require a database to be
|
||||
# present
|
||||
$(COMPOSE) run --rm node \
|
||||
$(COMPOSE) run --rm \
|
||||
-e NODE_ENV=test \
|
||||
node \
|
||||
/usr/local/bin/node $(JEST) $(JEST_ARGS) --watch
|
||||
|
||||
watch-compile:
|
||||
|
|
|
@ -0,0 +1,33 @@
|
|||
'use strict';
|
||||
|
||||
module.exports = {
|
||||
up: (queryInterface, Sequelize) => {
|
||||
return queryInterface.createTable('types', {
|
||||
id: {
|
||||
allowNull: false,
|
||||
autoIncrement: true,
|
||||
primaryKey: true,
|
||||
type: Sequelize.INTEGER
|
||||
},
|
||||
type: {
|
||||
unique: true,
|
||||
allowNull: false,
|
||||
type: Sequelize.STRING,
|
||||
},
|
||||
createdAt: {
|
||||
allowNull: false,
|
||||
defaultValue: Sequelize.literal('NOW()'),
|
||||
type: Sequelize.DATE
|
||||
},
|
||||
updatedAt: {
|
||||
allowNull: false,
|
||||
defaultValue: Sequelize.literal('NOW()'),
|
||||
type: Sequelize.DATE
|
||||
}
|
||||
});
|
||||
},
|
||||
|
||||
down: (queryInterface, Sequelize) => {
|
||||
return queryInterface.dropTable('types');
|
||||
}
|
||||
};
|
|
@ -6,14 +6,26 @@ import logger from '../logger';
|
|||
|
||||
export default () => {
|
||||
return async context => {
|
||||
if ((process.env.NODE_ENV == 'test') &&
|
||||
(context.params.query.testing_access_token)) {
|
||||
// Remove the property to make sure it's not used in the DB query
|
||||
delete context.params.query.testing_access_token;
|
||||
return SKIP;
|
||||
}
|
||||
|
||||
context = await authentication.hooks.authenticate(['jwt'])(context);
|
||||
|
||||
if (context == SKIP) {
|
||||
return SKIP;
|
||||
}
|
||||
|
||||
if (!context.params.user) {
|
||||
throw new Forbidden('No GitHub information, sorry');
|
||||
}
|
||||
|
||||
const name : string = context.params.user.github.profile.username;
|
||||
const type : string = context.params.query.type;
|
||||
|
||||
return context.app.service('grants').find({
|
||||
query: {
|
||||
name: name,
|
||||
|
|
|
@ -0,0 +1,34 @@
|
|||
import { SKIP } from '@feathersjs/feathers';
|
||||
import { Forbidden } from '@feathersjs/errors';
|
||||
|
||||
import authorize from '../../src/hooks/authorize';
|
||||
|
||||
describe('The `authorize` hook', () => {
|
||||
let context = null;
|
||||
let mockServices = {};
|
||||
const mockApp = {
|
||||
service: (name) => { return mockServices; },
|
||||
};
|
||||
|
||||
beforeEach(() => {
|
||||
context = {
|
||||
app: mockApp,
|
||||
params: {
|
||||
query: {},
|
||||
},
|
||||
data: {
|
||||
},
|
||||
};
|
||||
})
|
||||
|
||||
describe('in testing mode', () => {
|
||||
it('should not skip when a `testing_access_token` is omitted', () => {
|
||||
return expect(authorize()(context)).rejects.toThrow(Forbidden);
|
||||
});
|
||||
|
||||
it('should SKIP when a `testing_access_token` is provided', () => {
|
||||
context.params.query.testing_access_token = true;
|
||||
return expect(authorize()(context)).resolves.toEqual(SKIP);
|
||||
});
|
||||
});
|
||||
});
|
|
@ -1,12 +0,0 @@
|
|||
import { TypesService } from '../src/services/types';
|
||||
|
||||
describe('Unit tests for /types', () => {
|
||||
describe('find', () => {
|
||||
let service = new TypesService();
|
||||
|
||||
it('should return an Array', async () => {
|
||||
const result = await service.find();
|
||||
expect(result.length).toBeGreaterThan(0);
|
||||
});
|
||||
});
|
||||
});
|
Loading…
Reference in New Issue