2017-04-19 21:15:28 +02:00
|
|
|
'use strict';
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-08-06 21:54:15 +02:00
|
|
|
require('../lib/startup');
|
2017-04-19 21:15:28 +02:00
|
|
|
|
|
|
|
|
let assert = require('assert');
|
2015-04-11 15:09:19 +02:00
|
|
|
|
|
|
|
|
module.exports = function() {
|
2017-08-06 21:54:15 +02:00
|
|
|
const server2 = process.server2;
|
|
|
|
|
const requestAuthFail = (user, pass, message) => {
|
|
|
|
|
return server2.auth(user, pass)
|
|
|
|
|
.status(409)
|
|
|
|
|
.body_error(message)
|
|
|
|
|
.then(function() {
|
|
|
|
|
return server2.whoami();
|
|
|
|
|
})
|
|
|
|
|
.then(function(username) {
|
|
|
|
|
assert.equal(username, null);
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
const requestAuthOk = (user, pass, regex) => {
|
|
|
|
|
return server2.auth(user, pass)
|
|
|
|
|
.status(201)
|
|
|
|
|
.body_ok(regex)
|
|
|
|
|
.then(function() {
|
|
|
|
|
return server2.whoami();
|
|
|
|
|
})
|
|
|
|
|
.then(function(username) {
|
|
|
|
|
assert.equal(username, user);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
};
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-08-06 21:54:15 +02:00
|
|
|
describe('test default authentication', function() {
|
2017-04-19 21:15:28 +02:00
|
|
|
let authstr;
|
2015-04-11 15:09:19 +02:00
|
|
|
|
|
|
|
|
before(function() {
|
2017-04-19 21:15:28 +02:00
|
|
|
authstr = server2.authstr;
|
|
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-04-19 21:15:28 +02:00
|
|
|
it('should not authenticate with wrong password', function() {
|
2017-08-06 21:54:15 +02:00
|
|
|
return requestAuthFail('authtest', 'wrongpass', 'this user already exists');
|
2017-04-19 21:15:28 +02:00
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-08-06 21:54:15 +02:00
|
|
|
it('should be wrong password handled by plugin', function() {
|
|
|
|
|
return requestAuthFail('authtest2', 'wrongpass', 'registration is disabled');
|
2017-04-19 21:15:28 +02:00
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-08-06 21:54:15 +02:00
|
|
|
it('should right password handled by plugin', function() {
|
|
|
|
|
return requestAuthOk('authtest2', 'blahblah', /'authtest2'/);
|
2017-04-19 21:15:28 +02:00
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
|
|
|
|
after(function() {
|
2017-04-19 21:15:28 +02:00
|
|
|
server2.authstr = authstr;
|
|
|
|
|
});
|
|
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-08-06 21:54:15 +02:00
|
|
|
describe('test access authorization', function() {
|
2017-04-19 21:15:28 +02:00
|
|
|
let authstr;
|
2015-04-11 15:09:19 +02:00
|
|
|
|
|
|
|
|
before(function() {
|
2017-04-19 21:15:28 +02:00
|
|
|
authstr = server2.authstr;
|
|
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-08-06 21:54:15 +02:00
|
|
|
describe('access with user authtest', function() {
|
2017-04-19 21:15:28 +02:00
|
|
|
before(function() {
|
2015-04-11 19:11:04 +02:00
|
|
|
return server2.auth('authtest', 'test')
|
|
|
|
|
.status(201)
|
2017-04-19 21:15:28 +02:00
|
|
|
.body_ok(/'authtest'/);
|
|
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-04-19 21:15:28 +02:00
|
|
|
it('access test-auth-allow', function() {
|
2017-06-28 22:56:02 +02:00
|
|
|
return server2.getPackage('test-auth-allow')
|
2015-04-11 19:11:04 +02:00
|
|
|
.status(404)
|
2017-04-19 21:15:28 +02:00
|
|
|
.body_error('no such package available');
|
|
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-04-19 21:15:28 +02:00
|
|
|
it('access test-auth-deny', function() {
|
2017-06-28 22:56:02 +02:00
|
|
|
return server2.getPackage('test-auth-deny')
|
2015-04-11 19:11:04 +02:00
|
|
|
.status(403)
|
2017-04-19 21:15:28 +02:00
|
|
|
.body_error('you\'re not allowed here');
|
|
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-04-19 21:15:28 +02:00
|
|
|
it('access test-auth-regular', function() {
|
2017-06-28 22:56:02 +02:00
|
|
|
return server2.getPackage('test-auth-regular')
|
2015-04-11 19:11:04 +02:00
|
|
|
.status(404)
|
2017-04-19 21:15:28 +02:00
|
|
|
.body_error('no such package available');
|
|
|
|
|
});
|
|
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-08-06 21:54:15 +02:00
|
|
|
describe('access with user authtest2', function() {
|
2017-04-19 21:15:28 +02:00
|
|
|
before(function() {
|
2015-04-11 19:11:04 +02:00
|
|
|
return server2.auth('authtest2', 'blahblah')
|
|
|
|
|
.status(201)
|
2017-04-19 21:15:28 +02:00
|
|
|
.body_ok(/'authtest2'/);
|
|
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-04-19 21:15:28 +02:00
|
|
|
it('access test-auth-allow', function() {
|
2017-06-28 22:56:02 +02:00
|
|
|
return server2.getPackage('test-auth-allow')
|
2015-04-11 19:11:04 +02:00
|
|
|
.status(403)
|
2017-04-19 21:15:28 +02:00
|
|
|
.body_error('i don\'t know anything about you');
|
|
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-04-19 21:15:28 +02:00
|
|
|
it('access test-auth-deny', function() {
|
2017-06-28 22:56:02 +02:00
|
|
|
return server2.getPackage('test-auth-deny')
|
2015-04-11 19:11:04 +02:00
|
|
|
.status(403)
|
2017-04-19 21:15:28 +02:00
|
|
|
.body_error('i don\'t know anything about you');
|
|
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
2017-04-19 21:15:28 +02:00
|
|
|
it('access test-auth-regular', function() {
|
2017-06-28 22:56:02 +02:00
|
|
|
return server2.getPackage('test-auth-regular')
|
2015-04-11 19:11:04 +02:00
|
|
|
.status(404)
|
2017-04-19 21:15:28 +02:00
|
|
|
.body_error('no such package available');
|
|
|
|
|
});
|
|
|
|
|
});
|
2015-04-11 15:09:19 +02:00
|
|
|
|
|
|
|
|
after(function() {
|
2017-04-19 21:15:28 +02:00
|
|
|
server2.authstr = authstr;
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
};
|
2015-04-11 15:09:19 +02:00
|
|
|
|
