1
0
mirror of https://github.com/node-red/node-red.git synced 2023-10-10 13:36:53 +02:00
node-red/test/unit/@node-red/editor-api/lib/admin/index_spec.js

459 lines
18 KiB
JavaScript
Raw Permalink Normal View History

/**
* Copyright JS Foundation and other contributors, http://js.foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
var should = require("should");
var sinon = require("sinon");
var request = require("supertest");
var express = require("express");
2018-08-20 17:17:24 +02:00
var NR_TEST_UTILS = require("nr-test-utils");
var adminApi = NR_TEST_UTILS.require("@node-red/editor-api/lib/admin");
var auth = NR_TEST_UTILS.require("@node-red/editor-api/lib/auth");
var nodes = NR_TEST_UTILS.require("@node-red/editor-api/lib/admin/nodes");
var flows = NR_TEST_UTILS.require("@node-red/editor-api/lib/admin/flows");
var flow = NR_TEST_UTILS.require("@node-red/editor-api/lib/admin/flow");
var context = NR_TEST_UTILS.require("@node-red/editor-api/lib/admin/context");
/**
* Ensure all API routes are correctly mounted, with the expected permissions checks
*/
describe("api/admin/index", function() {
describe("Ensure all API routes are correctly mounted, with the expected permissions checks", function() {
var app;
var mockList = [
flows,flow,nodes,context
];
var permissionChecks = {};
var lastRequest;
var stubApp = function(req,res,next) {
lastRequest = req;
res.status(200).end();
};
before(function() {
mockList.forEach(function(m) {
2021-04-09 12:22:57 +02:00
sinon.stub(m,"init").callsFake(function(){});
});
2021-04-09 12:22:57 +02:00
sinon.stub(auth,"needsPermission").callsFake(function(permission) {
return function(req,res,next) {
permissionChecks[permission] = (permissionChecks[permission]||0)+1;
next();
};
});
2021-04-09 12:22:57 +02:00
sinon.stub(flows,"get").callsFake(stubApp);
sinon.stub(flows,"post").callsFake(stubApp);
2021-04-09 12:22:57 +02:00
sinon.stub(flow,"get").callsFake(stubApp);
sinon.stub(flow,"post").callsFake(stubApp);
sinon.stub(flow,"delete").callsFake(stubApp);
sinon.stub(flow,"put").callsFake(stubApp);
2021-04-09 12:22:57 +02:00
sinon.stub(nodes,"getAll").callsFake(stubApp);
sinon.stub(nodes,"post").callsFake(stubApp);
sinon.stub(nodes,"getModule").callsFake(stubApp);
sinon.stub(nodes,"putModule").callsFake(stubApp);
sinon.stub(nodes,"delete").callsFake(stubApp);
sinon.stub(nodes,"getSet").callsFake(stubApp);
sinon.stub(nodes,"putSet").callsFake(stubApp);
sinon.stub(nodes,"getModuleCatalog").callsFake(stubApp);
sinon.stub(nodes,"getModuleCatalogs").callsFake(stubApp);
2021-04-09 12:22:57 +02:00
sinon.stub(context,"get").callsFake(stubApp);
sinon.stub(context,"delete").callsFake(stubApp);
});
after(function() {
mockList.forEach(function(m) {
m.init.restore();
});
auth.needsPermission.restore();
flows.get.restore();
flows.post.restore();
flow.get.restore();
flow.post.restore();
flow.delete.restore();
flow.put.restore();
nodes.getAll.restore();
nodes.post.restore();
nodes.getModule.restore();
nodes.putModule.restore();
nodes.delete.restore();
nodes.getSet.restore();
nodes.putSet.restore();
nodes.getModuleCatalog.restore();
nodes.getModuleCatalogs.restore();
context.get.restore();
context.delete.restore();
});
before(function() {
app = adminApi.init({},{});
});
beforeEach(function() {
permissionChecks = {};
});
it('GET /flows', function(done) {
request(app).get("/flows").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('flows.read',1);
done();
});
});
it('POST /flows', function(done) {
request(app).post("/flows").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('flows.write',1);
done();
});
});
it('GET /flow/1234', function(done) {
request(app).get("/flow/1234").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('flows.read',1);
lastRequest.params.should.have.property('id','1234');
done();
});
});
it('POST /flow', function(done) {
request(app).post("/flow").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('flows.write',1);
done();
});
});
it('DELETE /flow/1234', function(done) {
request(app).del("/flow/1234").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('flows.write',1);
lastRequest.params.should.have.property('id','1234');
done();
});
});
it('PUT /flow/1234', function(done) {
request(app).put("/flow/1234").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('flows.write',1);
lastRequest.params.should.have.property('id','1234');
done();
});
});
it('GET /nodes', function(done) {
request(app).get("/nodes").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.read',1);
done();
});
});
it('POST /nodes', function(done) {
request(app).post("/nodes").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
done();
});
});
it('GET /nodes/module', function(done) {
request(app).get("/nodes/module").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.read',1);
lastRequest.params.should.have.property(0,'module');
done();
});
});
it('GET /nodes/@scope/module', function(done) {
request(app).get("/nodes/@scope/module").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.read',1);
lastRequest.params.should.have.property(0,'@scope/module');
done();
});
});
it('PUT /nodes/module', function(done) {
request(app).put("/nodes/module").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
lastRequest.params.should.have.property(0,'module');
done();
});
});
it('PUT /nodes/@scope/module', function(done) {
request(app).put("/nodes/@scope/module").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
lastRequest.params.should.have.property(0,'@scope/module');
done();
});
});
it('DELETE /nodes/module', function(done) {
request(app).del("/nodes/module").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
lastRequest.params.should.have.property(0,'module');
done();
});
});
it('DELETE /nodes/@scope/module', function(done) {
request(app).del("/nodes/@scope/module").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
lastRequest.params.should.have.property(0,'@scope/module');
done();
});
});
it('GET /nodes/module/set', function(done) {
request(app).get("/nodes/module/set").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.read',1);
lastRequest.params.should.have.property(0,'module');
lastRequest.params.should.have.property(2,'set');
done();
});
});
it('GET /nodes/@scope/module/set', function(done) {
request(app).get("/nodes/@scope/module/set").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.read',1);
lastRequest.params.should.have.property(0,'@scope/module');
lastRequest.params.should.have.property(2,'set');
done();
});
});
it('PUT /nodes/module/set', function(done) {
request(app).put("/nodes/module/set").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
lastRequest.params.should.have.property(0,'module');
lastRequest.params.should.have.property(2,'set');
done();
});
});
it('PUT /nodes/@scope/module/set', function(done) {
request(app).put("/nodes/@scope/module/set").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
lastRequest.params.should.have.property(0,'@scope/module');
lastRequest.params.should.have.property(2,'set');
done();
});
});
it('GET /nodes/messages', function(done) {
request(app).get("/nodes/messages").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.read',1);
done();
});
});
it('GET /nodes/module/set/messages', function(done) {
request(app).get("/nodes/module/set/messages").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.read',1);
lastRequest.params.should.have.property(0,'module/set');
done();
});
});
it('GET /nodes/@scope/module/set/messages', function(done) {
request(app).get("/nodes/@scope/module/set/messages").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.read',1);
lastRequest.params.should.have.property(0,'@scope/module/set');
done();
});
});
it('GET /context/global', function(done) {
request(app).get("/context/global").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('context.read',1);
lastRequest.params.should.have.property('scope','global');
done();
});
});
it('GET /context/global/key?store=memory', function(done) {
request(app).get("/context/global/key?store=memory").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('context.read',1);
lastRequest.params.should.have.property('scope','global');
lastRequest.params.should.have.property(0,'key');
lastRequest.query.should.have.property('store','memory');
done();
});
});
it('GET /context/flow/1234', function(done) {
request(app).get("/context/flow/1234").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('context.read',1);
lastRequest.params.should.have.property('scope','flow');
lastRequest.params.should.have.property('id','1234');
done();
});
});
it('GET /context/flow/1234/key?store=memory', function(done) {
request(app).get("/context/flow/1234/key?store=memory").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('context.read',1);
lastRequest.params.should.have.property('scope','flow');
lastRequest.params.should.have.property('id','1234');
lastRequest.params.should.have.property(0,'key');
lastRequest.query.should.have.property('store','memory');
done();
});
});
it('GET /context/node/5678', function(done) {
request(app).get("/context/node/5678").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('context.read',1);
lastRequest.params.should.have.property('scope','node');
lastRequest.params.should.have.property('id','5678');
done();
});
});
it('GET /context/node/5678/foo?store=memory', function(done) {
request(app).get("/context/node/5678/foo?store=memory").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('context.read',1);
lastRequest.params.should.have.property('scope','node');
lastRequest.params.should.have.property('id','5678');
lastRequest.params.should.have.property(0,'foo');
lastRequest.query.should.have.property('store','memory');
done();
});
});
it('DELETE /context/global/key?store=memory', function(done) {
request(app).del("/context/global/key?store=memory").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('context.write',1);
lastRequest.params.should.have.property('scope','global');
lastRequest.params.should.have.property(0,'key');
lastRequest.query.should.have.property('store','memory');
done();
});
});
it('DELETE /context/flow/1234/key?store=memory', function(done) {
request(app).del("/context/flow/1234/key?store=memory").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('context.write',1);
lastRequest.params.should.have.property('scope','flow');
lastRequest.params.should.have.property('id','1234');
lastRequest.params.should.have.property(0,'key');
lastRequest.query.should.have.property('store','memory');
done();
});
});
it('DELETE /context/node/5678/foo?store=memory', function(done) {
request(app).del("/context/node/5678/foo?store=memory").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('context.write',1);
lastRequest.params.should.have.property('scope','node');
lastRequest.params.should.have.property('id','5678');
lastRequest.params.should.have.property(0,'foo');
lastRequest.query.should.have.property('store','memory');
done();
});
});
});
});