2014-11-04 18:05:29 +01:00
|
|
|
/**
|
2017-01-11 16:24:33 +01:00
|
|
|
* Copyright JS Foundation and other contributors, http://js.foundation
|
2014-11-04 18:05:29 +01:00
|
|
|
*
|
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
|
*
|
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
*
|
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
|
* limitations under the License.
|
|
|
|
|
**/
|
|
|
|
|
|
|
|
|
|
var should = require("should");
|
2015-11-11 23:11:02 +01:00
|
|
|
var sinon = require("sinon");
|
2014-11-04 18:05:29 +01:00
|
|
|
var request = require("supertest");
|
|
|
|
|
var express = require("express");
|
|
|
|
|
|
2018-08-20 17:17:24 +02:00
|
|
|
var NR_TEST_UTILS = require("nr-test-utils");
|
2020-12-05 16:06:18 +01:00
|
|
|
const auth = require("basic-auth");
|
2018-08-20 17:17:24 +02:00
|
|
|
|
|
|
|
|
var api = NR_TEST_UTILS.require("@node-red/editor-api");
|
|
|
|
|
|
|
|
|
|
var apiAuth = NR_TEST_UTILS.require("@node-red/editor-api/lib/auth");
|
|
|
|
|
var apiEditor = NR_TEST_UTILS.require("@node-red/editor-api/lib/editor");
|
|
|
|
|
var apiAdmin = NR_TEST_UTILS.require("@node-red/editor-api/lib/admin");
|
2015-03-06 23:58:30 +01:00
|
|
|
|
|
|
|
|
|
2017-08-22 23:26:29 +02:00
|
|
|
describe("api/index", function() {
|
|
|
|
|
var beforeEach = function() {
|
|
|
|
|
sinon.stub(apiAuth,"init",function(){});
|
|
|
|
|
sinon.stub(apiEditor,"init",function(){
|
|
|
|
|
var app = express();
|
|
|
|
|
app.get("/editor",function(req,res) { res.status(200).end(); });
|
|
|
|
|
return app;
|
|
|
|
|
});
|
|
|
|
|
sinon.stub(apiAdmin,"init",function(){
|
|
|
|
|
var app = express();
|
|
|
|
|
app.get("/admin",function(req,res) { res.status(200).end(); });
|
|
|
|
|
return app;
|
|
|
|
|
});
|
|
|
|
|
sinon.stub(apiAuth,"login",function(req,res){
|
|
|
|
|
res.status(200).end();
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
var afterEach = function() {
|
|
|
|
|
apiAuth.init.restore();
|
|
|
|
|
apiAuth.login.restore();
|
|
|
|
|
apiEditor.init.restore();
|
|
|
|
|
apiAdmin.init.restore();
|
|
|
|
|
};
|
2015-03-08 16:26:24 +01:00
|
|
|
|
2017-08-22 23:26:29 +02:00
|
|
|
beforeEach(beforeEach);
|
|
|
|
|
afterEach(afterEach);
|
2015-03-08 16:26:24 +01:00
|
|
|
|
2017-08-22 23:26:29 +02:00
|
|
|
it("does not setup admin api if httpAdminRoot is false", function(done) {
|
2018-12-04 16:59:43 +01:00
|
|
|
api.init({ httpAdminRoot: false },{},{},{});
|
|
|
|
|
should.not.exist(api.httpAdmin);
|
2017-08-22 23:26:29 +02:00
|
|
|
done();
|
2014-11-04 18:05:29 +01:00
|
|
|
});
|
2017-08-22 23:26:29 +02:00
|
|
|
describe('initalises admin api without adminAuth', function(done) {
|
2016-03-12 01:03:50 +01:00
|
|
|
before(function() {
|
2017-08-22 23:26:29 +02:00
|
|
|
beforeEach();
|
2018-04-24 16:01:49 +02:00
|
|
|
api.init({},{},{},{});
|
2016-03-12 01:03:50 +01:00
|
|
|
});
|
2017-08-22 23:26:29 +02:00
|
|
|
after(afterEach);
|
2018-01-16 17:18:18 +01:00
|
|
|
it('exposes the editor',function(done) {
|
2018-12-04 16:59:43 +01:00
|
|
|
request(api.httpAdmin).get("/editor").expect(200).end(done);
|
2017-08-22 23:26:29 +02:00
|
|
|
})
|
2018-01-16 17:18:18 +01:00
|
|
|
it('exposes the admin api',function(done) {
|
2018-12-04 16:59:43 +01:00
|
|
|
request(api.httpAdmin).get("/admin").expect(200).end(done);
|
2017-08-22 23:26:29 +02:00
|
|
|
})
|
|
|
|
|
it('exposes the auth api',function(done) {
|
2018-12-04 16:59:43 +01:00
|
|
|
request(api.httpAdmin).get("/auth/login").expect(200).end(done);
|
2017-08-22 23:26:29 +02:00
|
|
|
})
|
2016-03-12 01:03:50 +01:00
|
|
|
});
|
|
|
|
|
|
2017-08-22 23:26:29 +02:00
|
|
|
describe('initalises admin api without editor', function(done) {
|
2015-11-11 23:11:02 +01:00
|
|
|
before(function() {
|
2017-08-22 23:26:29 +02:00
|
|
|
beforeEach();
|
2018-12-04 16:59:43 +01:00
|
|
|
api.init({ disableEditor: true },{},{},{});
|
2015-03-06 23:58:30 +01:00
|
|
|
});
|
2017-08-22 23:26:29 +02:00
|
|
|
after(afterEach);
|
2018-01-16 17:18:18 +01:00
|
|
|
it('does not expose the editor',function(done) {
|
2018-12-04 16:59:43 +01:00
|
|
|
request(api.httpAdmin).get("/editor").expect(404).end(done);
|
2017-08-22 23:26:29 +02:00
|
|
|
})
|
2018-01-16 17:18:18 +01:00
|
|
|
it('exposes the admin api',function(done) {
|
2018-12-04 16:59:43 +01:00
|
|
|
request(api.httpAdmin).get("/admin").expect(200).end(done);
|
2017-08-22 23:26:29 +02:00
|
|
|
})
|
|
|
|
|
it('exposes the auth api',function(done) {
|
2018-12-04 16:59:43 +01:00
|
|
|
request(api.httpAdmin).get("/auth/login").expect(200).end(done)
|
2017-08-22 23:26:29 +02:00
|
|
|
})
|
2014-11-04 18:05:29 +01:00
|
|
|
});
|
2020-12-04 16:00:31 +01:00
|
|
|
|
|
|
|
|
describe('initialises api with admin middleware', function(done) {
|
|
|
|
|
it('ignores non-function values',function(done) {
|
|
|
|
|
api.init({ httpAdminRoot: true, httpAdminMiddleware: undefined },{},{},{});
|
|
|
|
|
const middlewareFound = api.httpAdmin._router.stack.filter((layer) => layer.name === 'testMiddleware')
|
|
|
|
|
should(middlewareFound).be.empty();
|
|
|
|
|
done();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('only accepts functions as middleware',function(done) {
|
|
|
|
|
const testMiddleware = function(req, res, next){ next(); };
|
|
|
|
|
api.init({ httpAdminRoot: true, httpAdminMiddleware: testMiddleware },{},{},{});
|
|
|
|
|
const middlewareFound = api.httpAdmin._router.stack.filter((layer) => layer.name === 'testMiddleware')
|
|
|
|
|
should(middlewareFound).be.length(1);
|
|
|
|
|
done();
|
|
|
|
|
});
|
|
|
|
|
});
|
2020-12-05 16:06:18 +01:00
|
|
|
|
|
|
|
|
describe('initialises api with authentication enabled', function(done) {
|
|
|
|
|
|
|
|
|
|
it('enables an oauth/openID based authentication mechanism',function(done) {
|
|
|
|
|
const stub = sinon.stub(apiAuth, 'genericStrategy', function(){});
|
|
|
|
|
const adminAuth = { type: 'strategy', strategy: {} }
|
|
|
|
|
api.init({ httpAdminRoot: true, adminAuth },{},{},{});
|
|
|
|
|
should(stub.called).be.ok();
|
|
|
|
|
stub.restore();
|
|
|
|
|
done();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('enables password protection',function(done) {
|
|
|
|
|
const adminAuth = { type: 'credentials' }
|
|
|
|
|
api.init({ httpAdminRoot: true, adminAuth },{},{},{});
|
|
|
|
|
|
|
|
|
|
// is the name ("initialize") of the passport middleware present
|
|
|
|
|
const middlewareFound = api.httpAdmin._router.stack.filter((layer) => layer.name === 'initialize')
|
|
|
|
|
should(middlewareFound).be.length(1);
|
|
|
|
|
done();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
2020-12-06 08:29:54 +01:00
|
|
|
describe('initialises api with custom cors config', function (done) {
|
|
|
|
|
const httpAdminCors = {
|
|
|
|
|
origin: "*",
|
|
|
|
|
methods: "GET,PUT,POST,DELETE"
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
it('uses default cors middleware when user settings absent', function(done){
|
|
|
|
|
api.init({ httpAdminRoot: true }, {}, {}, {});
|
|
|
|
|
const middlewareFound = api.httpAdmin._router.stack.filter((layer) => layer.name === 'corsMiddleware')
|
|
|
|
|
should(middlewareFound).be.length(1);
|
|
|
|
|
done();
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
it('enables custom cors middleware when settings present', function(done){
|
|
|
|
|
api.init({ httpAdminRoot: true, httpAdminCors }, {}, {}, {});
|
|
|
|
|
const middlewareFound = api.httpAdmin._router.stack.filter((layer) => layer.name === 'corsMiddleware')
|
|
|
|
|
should(middlewareFound).be.length(2);
|
|
|
|
|
done();
|
|
|
|
|
})
|
|
|
|
|
});
|
|
|
|
|
|
2020-12-16 14:53:52 +01:00
|
|
|
describe('editor start', function (done) {
|
|
|
|
|
|
|
|
|
|
it('cannot be started when editor is disabled', function (done) {
|
|
|
|
|
const stub = sinon.stub(apiEditor, 'start', function () {
|
|
|
|
|
return Promise.resolve(true);
|
|
|
|
|
});
|
|
|
|
|
api.init({ httpAdminRoot: true, disableEditor: true }, {}, {}, {});
|
|
|
|
|
should(api.start()).resolvedWith(true);
|
|
|
|
|
stub.restore();
|
|
|
|
|
done();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it('can be started when editor enabled', function (done) {
|
|
|
|
|
const stub = sinon.stub(apiEditor, 'start');
|
|
|
|
|
api.init({ httpAdminRoot: true, disableEditor: false }, {}, {}, {});
|
|
|
|
|
api.start();
|
|
|
|
|
should(stub.called).be.true();
|
|
|
|
|
stub.restore();
|
|
|
|
|
done();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
});
|
|
|
|
|
|
2015-03-06 23:58:30 +01:00
|
|
|
});
|
