mirror of
https://github.com/node-red/node-red.git
synced 2025-03-01 10:36:34 +00:00
few more tests for permissions and strategies
reset log flags at end of log test
This commit is contained in:
dceejay
@@ -29,6 +29,9 @@ function hasPermission(user,permission) {
|
|||||||
if (user.permissions == "read") {
|
if (user.permissions == "read") {
|
||||||
return readRE.test(permission);
|
return readRE.test(permission);
|
||||||
}
|
}
|
||||||
|
else {
|
||||||
|
return false; // anything not allowed is disallowed
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
module.exports = {
|
module.exports = {
|
||||||
|
|||||||
@@ -66,6 +66,7 @@ var passwordTokenExchange = function(client, username, password, scope, done) {
|
|||||||
loginAttempts.push({time:now, user:username});
|
loginAttempts.push({time:now, user:username});
|
||||||
var attemptCount = 0;
|
var attemptCount = 0;
|
||||||
loginAttempts.forEach(function(logEntry) {
|
loginAttempts.forEach(function(logEntry) {
|
||||||
|
/* istanbul ignore else */
|
||||||
if (logEntry.user == username) {
|
if (logEntry.user == username) {
|
||||||
attemptCount++;
|
attemptCount++;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -15,10 +15,8 @@
|
|||||||
**/
|
**/
|
||||||
|
|
||||||
var should = require("should");
|
var should = require("should");
|
||||||
|
|
||||||
var permissions = require("../../../../red/api/auth/permissions");
|
var permissions = require("../../../../red/api/auth/permissions");
|
||||||
|
|
||||||
|
|
||||||
describe("Auth permissions", function() {
|
describe("Auth permissions", function() {
|
||||||
describe("hasPermission", function() {
|
describe("hasPermission", function() {
|
||||||
it('a user with no permissions',function() {
|
it('a user with no permissions',function() {
|
||||||
@@ -34,5 +32,8 @@ describe("Auth permissions", function() {
|
|||||||
permissions.hasPermission({permissions:"read"},"write").should.be.false;
|
permissions.hasPermission({permissions:"read"},"write").should.be.false;
|
||||||
permissions.hasPermission({permissions:"read"},"node.write").should.be.false;
|
permissions.hasPermission({permissions:"read"},"node.write").should.be.false;
|
||||||
});
|
});
|
||||||
|
it('a user with foo permissions',function() {
|
||||||
|
permissions.hasPermission({permissions:"foo"},"foo").should.be.false;
|
||||||
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|||||||
@@ -18,13 +18,11 @@ var should = require("should");
|
|||||||
var when = require('when');
|
var when = require('when');
|
||||||
var sinon = require('sinon');
|
var sinon = require('sinon');
|
||||||
|
|
||||||
|
|
||||||
var strategies = require("../../../../red/api/auth/strategies");
|
var strategies = require("../../../../red/api/auth/strategies");
|
||||||
var Users = require("../../../../red/api/auth/users");
|
var Users = require("../../../../red/api/auth/users");
|
||||||
var Tokens = require("../../../../red/api/auth/tokens");
|
var Tokens = require("../../../../red/api/auth/tokens");
|
||||||
var Clients = require("../../../../red/api/auth/clients");
|
var Clients = require("../../../../red/api/auth/clients");
|
||||||
|
|
||||||
|
|
||||||
describe("Auth strategies", function() {
|
describe("Auth strategies", function() {
|
||||||
describe("Password Token Exchange", function() {
|
describe("Password Token Exchange", function() {
|
||||||
|
|
||||||
@@ -152,6 +150,28 @@ describe("Auth strategies", function() {
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
it('Fail if no user for token',function(done) {
|
||||||
|
var getToken = sinon.stub(Tokens,"get",function(token) {
|
||||||
|
return when.resolve({user:"user",scope:"scope"});
|
||||||
|
});
|
||||||
|
var getUser = sinon.stub(Users,"get",function(username) {
|
||||||
|
return when.resolve(null);
|
||||||
|
});
|
||||||
|
|
||||||
|
strategies.bearerStrategy("1234",function(err,user,opts) {
|
||||||
|
try {
|
||||||
|
should.not.exist(err);
|
||||||
|
user.should.equal(false);
|
||||||
|
should.not.exist(opts);
|
||||||
|
done();
|
||||||
|
} catch(e) {
|
||||||
|
done(e);
|
||||||
|
} finally {
|
||||||
|
getToken.restore();
|
||||||
|
getUser.restore();
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe("Client Password Strategy", function() {
|
describe("Client Password Strategy", function() {
|
||||||
@@ -192,11 +212,9 @@ describe("Auth strategies", function() {
|
|||||||
});
|
});
|
||||||
});
|
});
|
||||||
it('Rejects invalid client id',function(done) {
|
it('Rejects invalid client id',function(done) {
|
||||||
var testClient = {id:"node-red-editor",secret:"not_available"};
|
|
||||||
var getClient = sinon.stub(Clients,"get",function(client) {
|
var getClient = sinon.stub(Clients,"get",function(client) {
|
||||||
return when.resolve(null);
|
return when.resolve(null);
|
||||||
});
|
});
|
||||||
|
|
||||||
strategies.clientPasswordStrategy("invalid_id","invalid_secret",function(err,client) {
|
strategies.clientPasswordStrategy("invalid_id","invalid_secret",function(err,client) {
|
||||||
try {
|
try {
|
||||||
should.not.exist(err);
|
should.not.exist(err);
|
||||||
@@ -209,6 +227,28 @@ describe("Auth strategies", function() {
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
var userAuthentication;
|
||||||
|
it('Blocks after 5 failures',function(done) {
|
||||||
|
userAuthentication = sinon.stub(Users,"authenticate",function(username,password) {
|
||||||
|
return when.resolve(null);
|
||||||
|
});
|
||||||
|
for (var z=0; z<5; z++) {
|
||||||
|
strategies.passwordTokenExchange({},"user","badpassword","scope",function(err,token) {
|
||||||
|
});
|
||||||
|
}
|
||||||
|
strategies.passwordTokenExchange({},"user","badpassword","scope",function(err,token) {
|
||||||
|
try {
|
||||||
|
err.toString().should.equal("Error: Too many login attempts. Wait 10 minutes and try again");
|
||||||
|
token.should.be.false;
|
||||||
|
done();
|
||||||
|
} catch(e) {
|
||||||
|
done(e);
|
||||||
|
} finally {
|
||||||
|
userAuthentication.restore();
|
||||||
|
}
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|||||||
@@ -51,5 +51,8 @@ describe("red/log", function() {
|
|||||||
|
|
||||||
it('it checks level of metrics', function() {
|
it('it checks level of metrics', function() {
|
||||||
log.metric().should.equal(true);
|
log.metric().should.equal(true);
|
||||||
|
var sett = {logging: { console: { level: 'info', metrics: false } } };
|
||||||
|
log.init(sett);
|
||||||
});
|
});
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|||||||
@@ -19,7 +19,6 @@ var sinon = require('sinon');
|
|||||||
var RedNode = require("../../../red/nodes/Node");
|
var RedNode = require("../../../red/nodes/Node");
|
||||||
var Log = require("../../../red/log");
|
var Log = require("../../../red/log");
|
||||||
var flows = require("../../../red/nodes/flows");
|
var flows = require("../../../red/nodes/flows");
|
||||||
|
|
||||||
var comms = require('../../../red/comms');
|
var comms = require('../../../red/comms');
|
||||||
|
|
||||||
describe('Node', function() {
|
describe('Node', function() {
|
||||||
@@ -359,8 +358,6 @@ describe('Node', function() {
|
|||||||
var receiver2 = new RedNode({id:'n3',type:'abc'});
|
var receiver2 = new RedNode({id:'n3',type:'abc'});
|
||||||
sender.send({"some": "message"});
|
sender.send({"some": "message"});
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
@@ -457,7 +454,7 @@ describe('Node', function() {
|
|||||||
});
|
});
|
||||||
var msg = {payload:"foo", _msgid:"987654321"};
|
var msg = {payload:"foo", _msgid:"987654321"};
|
||||||
var m = n.metric(undefined,msg,"15mb");
|
var m = n.metric(undefined,msg,"15mb");
|
||||||
m.should.equal(true);
|
m.should.be.a.boolean;
|
||||||
Log.log.restore();
|
Log.log.restore();
|
||||||
done();
|
done();
|
||||||
});
|
});
|
||||||
|
|||||||
Reference in New Issue
Block a user