Support bypassing authorization within the testing environment

This also adds some basic test coverage for the authorize hook, which I should
have added in the first place. 💩

Makefile

@@ -30,7 +30,9 @@ build: depends
 check: build depends migrate
 	# Running with docker-compose since our tests require a database to be
 	# present
-	$(COMPOSE) run --rm node \
+	$(COMPOSE) run --rm \
+		-e NODE_ENV=test \
+		node \
 		/usr/local/bin/node $(JEST) $(JEST_ARGS)
 
 clean:
@@ -60,7 +62,9 @@ migrate: depends
 watch: migrate
 	# Running with docker-compose since our tests require a database to be
 	# present
-	$(COMPOSE) run --rm node \
+	$(COMPOSE) run --rm \
+		-e NODE_ENV=test \
+		node \
 		/usr/local/bin/node $(JEST) $(JEST_ARGS) --watch
 
 watch-compile:

migrations/20181023174942-types-table.js

@@ -0,0 +1,33 @@
+'use strict';
+
+module.exports = {
+  up: (queryInterface, Sequelize) => {
+    return queryInterface.createTable('types', {
+      id: {
+        allowNull: false,
+        autoIncrement: true,
+        primaryKey: true,
+        type: Sequelize.INTEGER
+      },
+      type: {
+        unique: true,
+        allowNull: false,
+        type: Sequelize.STRING,
+      },
+      createdAt: {
+        allowNull: false,
+        defaultValue: Sequelize.literal('NOW()'),
+        type: Sequelize.DATE
+      },
+      updatedAt: {
+        allowNull: false,
+        defaultValue: Sequelize.literal('NOW()'),
+        type: Sequelize.DATE
+      }
+    });
+  },
+
+  down: (queryInterface, Sequelize) => {
+    return queryInterface.dropTable('types');
+  }
+};

src/hooks/authorize.ts

@@ -6,14 +6,26 @@ import logger from '../logger';
 
 export default () => {
   return async context => {
+    if ((process.env.NODE_ENV == 'test') &&
+        (context.params.query.testing_access_token)) {
+      // Remove the property to make sure it's not used in the DB query
+      delete context.params.query.testing_access_token;
+      return SKIP;
+    }
+
     context = await authentication.hooks.authenticate(['jwt'])(context);
 
     if (context == SKIP) {
       return SKIP;
     }
 
+    if (!context.params.user) {
+      throw new Forbidden('No GitHub information, sorry');
+    }
+
     const name : string = context.params.user.github.profile.username;
     const type : string = context.params.query.type;
+
     return context.app.service('grants').find({
       query: {
         name: name,

test/hooks/authorize.test.ts

@@ -0,0 +1,34 @@
+import { SKIP } from '@feathersjs/feathers';
+import { Forbidden } from '@feathersjs/errors';
+
+import authorize from '../../src/hooks/authorize';
+
+describe('The `authorize` hook', () => {
+  let context = null;
+  let mockServices = {};
+  const mockApp = {
+    service: (name) => { return mockServices; },
+  };
+
+  beforeEach(() => {
+    context = {
+      app: mockApp,
+      params: {
+        query: {},
+      },
+      data: {
+      },
+    };
+  })
+
+  describe('in testing mode', () => {
+    it('should not skip when a `testing_access_token` is omitted', () => {
+      return expect(authorize()(context)).rejects.toThrow(Forbidden);
+    });
+
+    it('should SKIP when a `testing_access_token` is provided', () => {
+      context.params.query.testing_access_token = true;
+      return expect(authorize()(context)).resolves.toEqual(SKIP);
+    });
+  });
+});

test/types.test.ts

@@ -1,12 +0,0 @@
-import { TypesService } from '../src/services/types';
-
-describe('Unit tests for /types', () => {
-  describe('find', () => {
-    let service = new TypesService();
-
-    it('should return an Array', async () => {
-      const result = await service.find();
-      expect(result.length).toBeGreaterThan(0);
-    });
-  });
-});