mirror of
https://github.com/ToolJet/ToolJet
synced 2026-04-21 21:47:17 +00:00
c9265f950f
- Add Python package management E2E tests - Update workflow-bundles.e2e-spec.ts for language parameter - Update related E2E tests with test helper changes 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
664 lines
24 KiB
TypeScript
664 lines
24 KiB
TypeScript
import * as request from 'supertest';
|
|
import { INestApplication } from '@nestjs/common';
|
|
import {
|
|
clearDB,
|
|
createUser,
|
|
createNestAppInstance,
|
|
createDataQuery,
|
|
createAppGroupPermission,
|
|
generateAppDefaults,
|
|
authenticateUser,
|
|
createDatasourceGroupPermission,
|
|
} from '../test.helper';
|
|
import { getManager, getRepository } from 'typeorm';
|
|
import { GroupPermission } from 'src/entities/group_permission.entity';
|
|
import { AuditLog } from 'src/entities/audit_log.entity';
|
|
import { AppGroupPermission } from 'src/entities/app_group_permission.entity';
|
|
import { MODULES } from 'src/modules/app/constants/modules';
|
|
|
|
describe('data queries controller', () => {
|
|
let app: INestApplication;
|
|
|
|
beforeEach(async () => {
|
|
await clearDB();
|
|
});
|
|
|
|
beforeAll(async () => {
|
|
app = await createNestAppInstance();
|
|
});
|
|
|
|
it('should be able to update queries of an app only if group is admin or group has app update permission or the user is a super admin', async () => {
|
|
const adminUserData = await createUser(app, {
|
|
email: 'admin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
let loggedUser = await authenticateUser(app, adminUserData.user.email);
|
|
adminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
const developerUserData = await createUser(app, {
|
|
email: 'developer@tooljet.io',
|
|
groups: ['all_users', 'developer'],
|
|
organization: adminUserData.organization,
|
|
});
|
|
loggedUser = await authenticateUser(app, developerUserData.user.email);
|
|
developerUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
const viewerUserData = await createUser(app, {
|
|
email: 'viewer@tooljet.io',
|
|
groups: ['all_users', 'viewer'],
|
|
organization: adminUserData.organization,
|
|
});
|
|
loggedUser = await authenticateUser(app, viewerUserData.user.email);
|
|
viewerUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
const anotherOrgAdminUserData = await createUser(app, {
|
|
email: 'another@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
loggedUser = await authenticateUser(app, anotherOrgAdminUserData.user.email);
|
|
anotherOrgAdminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
|
|
const { application, dataQuery, dataSource } = await generateAppDefaults(app, adminUserData.user, {});
|
|
|
|
// setup app permissions for developer
|
|
const developerUserGroup = await getRepository(GroupPermission).findOneOrFail({
|
|
where: {
|
|
group: 'developer',
|
|
},
|
|
});
|
|
await createAppGroupPermission(app, application, developerUserGroup.id, {
|
|
read: true,
|
|
update: true,
|
|
delete: false,
|
|
});
|
|
|
|
await createDatasourceGroupPermission(app, dataSource.id, developerUserGroup.id, {
|
|
read: true,
|
|
update: true,
|
|
delete: false,
|
|
});
|
|
|
|
// setup app permissions for viewer
|
|
const viewerUserGroup = await getRepository(GroupPermission).findOneOrFail({
|
|
where: {
|
|
group: 'viewer',
|
|
},
|
|
});
|
|
await createAppGroupPermission(app, application, viewerUserGroup.id, {
|
|
read: true,
|
|
update: false,
|
|
delete: false,
|
|
});
|
|
|
|
for (const userData of [adminUserData, developerUserData]) {
|
|
const newOptions = { method: userData.user.email };
|
|
const response = await request(app.getHttpServer())
|
|
.patch(`/api/data_queries/${dataQuery.id}`)
|
|
.set('tj-workspace-id', userData.user.defaultOrganizationId)
|
|
.set('Cookie', userData['tokenCookie'])
|
|
.send({
|
|
options: newOptions,
|
|
});
|
|
|
|
expect(response.statusCode).toBe(200);
|
|
await dataQuery.reload();
|
|
expect(dataQuery.options.method).toBe(newOptions.method);
|
|
}
|
|
|
|
// Should not update if viewer or if user of another org
|
|
for (const userData of [anotherOrgAdminUserData, viewerUserData]) {
|
|
const oldOptions = dataQuery.options;
|
|
const response = await request(app.getHttpServer())
|
|
.patch(`/api/data_queries/${dataQuery.id}`)
|
|
.set('tj-workspace-id', userData.user.defaultOrganizationId)
|
|
.set('Cookie', userData['tokenCookie'])
|
|
.send({
|
|
options: { method: '' },
|
|
});
|
|
|
|
expect(response.statusCode).toBe(403);
|
|
await dataQuery.reload();
|
|
expect(dataQuery.options.method).toBe(oldOptions.method);
|
|
}
|
|
});
|
|
|
|
it('should be able to delete queries of an app only if admin/developer of same organization or super admin', async () => {
|
|
const adminUserData = await createUser(app, {
|
|
email: 'admin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
const superAdminUserData = await createUser(app, {
|
|
email: 'superadmin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
userType: 'instance',
|
|
});
|
|
let loggedUser = await authenticateUser(app, adminUserData.user.email);
|
|
adminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
const developerUserData = await createUser(app, {
|
|
email: 'developer@tooljet.io',
|
|
groups: ['all_users', 'developer'],
|
|
organization: adminUserData.organization,
|
|
});
|
|
const viewerUserData = await createUser(app, {
|
|
email: 'viewer@tooljet.io',
|
|
groups: ['all_users', 'viewer'],
|
|
organization: adminUserData.organization,
|
|
});
|
|
const anotherOrgAdminUserData = await createUser(app, {
|
|
email: 'another@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
const { application, dataSource, appVersion } = await generateAppDefaults(app, adminUserData.user, {
|
|
isQueryNeeded: false,
|
|
});
|
|
|
|
loggedUser = await authenticateUser(app, developerUserData.user.email);
|
|
developerUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
loggedUser = await authenticateUser(app, viewerUserData.user.email);
|
|
viewerUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
loggedUser = await authenticateUser(app, anotherOrgAdminUserData.user.email);
|
|
anotherOrgAdminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
loggedUser = await authenticateUser(app, superAdminUserData.user.email, 'password', adminUserData.organization.id);
|
|
superAdminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
|
|
// setup app permissions for developer
|
|
const developerUserGroup = await getRepository(GroupPermission).findOneOrFail({
|
|
where: {
|
|
group: 'developer',
|
|
},
|
|
});
|
|
await createAppGroupPermission(app, application, developerUserGroup.id, {
|
|
read: true,
|
|
update: true,
|
|
delete: true,
|
|
});
|
|
|
|
await createDatasourceGroupPermission(app, dataSource.id, developerUserGroup.id, {
|
|
read: true,
|
|
update: true,
|
|
delete: true,
|
|
});
|
|
|
|
for (const userData of [adminUserData, developerUserData, superAdminUserData]) {
|
|
const dataQuery = await createDataQuery(app, {
|
|
dataSource,
|
|
appVersion,
|
|
options: {
|
|
method: 'get',
|
|
url: 'https://api.github.com/repos/tooljet/tooljet/stargazers',
|
|
url_params: [],
|
|
headers: [],
|
|
body: [],
|
|
},
|
|
});
|
|
const newOptions = { method: userData.user.email };
|
|
|
|
const response = await request(app.getHttpServer())
|
|
.delete(`/api/data_queries/${dataQuery.id}`)
|
|
.set('tj-workspace-id', adminUserData.user.defaultOrganizationId)
|
|
.set('Cookie', userData['tokenCookie'])
|
|
.send({
|
|
options: newOptions,
|
|
});
|
|
|
|
expect(response.statusCode).toBe(200);
|
|
}
|
|
|
|
// Should not update if viewer or if user of another org
|
|
for (const userData of [anotherOrgAdminUserData, viewerUserData]) {
|
|
const dataQuery = await createDataQuery(app, {
|
|
dataSource,
|
|
appVersion,
|
|
options: {
|
|
method: 'get',
|
|
url: 'https://api.github.com/repos/tooljet/tooljet/stargazers',
|
|
url_params: [],
|
|
headers: [],
|
|
body: [],
|
|
},
|
|
});
|
|
const oldOptions = dataQuery.options;
|
|
|
|
const response = await request(app.getHttpServer())
|
|
.delete(`/api/data_queries/${dataQuery.id}`)
|
|
.set('tj-workspace-id', userData.user.defaultOrganizationId)
|
|
.set('Cookie', userData['tokenCookie'])
|
|
.send({
|
|
options: { method: '' },
|
|
});
|
|
|
|
expect(response.statusCode).toBe(403);
|
|
await dataQuery.reload();
|
|
expect(dataQuery.options.method).toBe(oldOptions.method);
|
|
}
|
|
});
|
|
|
|
it('should be able to get queries only if the user has app read permission and belongs to the same organization or user is a super admin', async () => {
|
|
const adminUserData = await createUser(app, {
|
|
email: 'admin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
const superAdminUserData = await createUser(app, {
|
|
email: 'superadmin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
userType: 'instance',
|
|
organization: adminUserData.organization,
|
|
});
|
|
const developerUserData = await createUser(app, {
|
|
email: 'developer@tooljet.io',
|
|
groups: ['all_users', 'developer'],
|
|
organization: adminUserData.organization,
|
|
});
|
|
const viewerUserData = await createUser(app, {
|
|
email: 'viewer@tooljet.io',
|
|
groups: ['all_users', 'viewer'],
|
|
organization: adminUserData.organization,
|
|
});
|
|
const { application, dataSource, appVersion } = await generateAppDefaults(app, adminUserData.user, {
|
|
isQueryNeeded: false,
|
|
});
|
|
|
|
let loggedUser = await authenticateUser(app, adminUserData.user.email);
|
|
adminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
loggedUser = await authenticateUser(app, developerUserData.user.email);
|
|
developerUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
loggedUser = await authenticateUser(app, viewerUserData.user.email);
|
|
viewerUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
loggedUser = await authenticateUser(app, superAdminUserData.user.email, 'password', adminUserData.organization.id);
|
|
superAdminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
|
|
const anotherOrgAdminUserData = await createUser(app, {
|
|
email: 'another@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
loggedUser = await authenticateUser(app, anotherOrgAdminUserData.user.email);
|
|
anotherOrgAdminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
|
|
const allUserGroup = await getManager().findOneOrFail(GroupPermission, {
|
|
where: { group: 'all_users', organization: adminUserData.organization },
|
|
});
|
|
await getManager().update(
|
|
AppGroupPermission,
|
|
{ app: application, groupPermissionId: allUserGroup },
|
|
{ read: true }
|
|
);
|
|
|
|
// setup app permissions for developer
|
|
const developerUserGroup = await getRepository(GroupPermission).findOneOrFail({
|
|
where: {
|
|
group: 'developer',
|
|
},
|
|
});
|
|
await createAppGroupPermission(app, application, developerUserGroup.id, {
|
|
read: true,
|
|
update: true,
|
|
delete: false,
|
|
});
|
|
|
|
await createDataQuery(app, {
|
|
dataSource,
|
|
appVersion,
|
|
kind: 'restapi',
|
|
options: { method: 'get' },
|
|
});
|
|
|
|
for (const userData of [adminUserData, developerUserData, superAdminUserData]) {
|
|
const response = await request(app.getHttpServer())
|
|
.get(`/api/data_queries?app_version_id=${appVersion.id}`)
|
|
.set('tj-workspace-id', adminUserData.user.defaultOrganizationId)
|
|
.set('Cookie', userData['tokenCookie']);
|
|
|
|
expect(response.statusCode).toBe(200);
|
|
expect(response.body.data_queries.length).toBe(1);
|
|
}
|
|
|
|
let response = await request(app.getHttpServer())
|
|
.get(`/api/data_queries?app_version_id=${appVersion.id}`)
|
|
.set('tj-workspace-id', viewerUserData.user.defaultOrganizationId)
|
|
.set('Cookie', viewerUserData['tokenCookie']);
|
|
|
|
expect(response.statusCode).toBe(200);
|
|
|
|
// Forbidden if user of another organization
|
|
response = await request(app.getHttpServer())
|
|
.get(`/api/data_queries?app_version_id=${appVersion.id}`)
|
|
.set('tj-workspace-id', anotherOrgAdminUserData.user.defaultOrganizationId)
|
|
.set('Cookie', anotherOrgAdminUserData['tokenCookie']);
|
|
|
|
expect(response.statusCode).toBe(403);
|
|
});
|
|
|
|
it('should be able to search queries with application version id', async () => {
|
|
const adminUserData = await createUser(app, {
|
|
email: 'admin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
const { dataSource, appVersion } = await generateAppDefaults(app, adminUserData.user, {
|
|
isQueryNeeded: false,
|
|
});
|
|
|
|
await createDataQuery(app, {
|
|
dataSource,
|
|
appVersion,
|
|
kind: 'restapi',
|
|
options: { method: 'get' },
|
|
});
|
|
|
|
const loggedUser = await authenticateUser(app, adminUserData.user.email);
|
|
adminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
|
|
let response = await request(app.getHttpServer())
|
|
.get(`/api/data_queries?app_version_id=${appVersion.id}`)
|
|
.set('tj-workspace-id', adminUserData.user.defaultOrganizationId)
|
|
.set('Cookie', adminUserData['tokenCookie']);
|
|
|
|
expect(response.statusCode).toBe(200);
|
|
expect(response.body.data_queries.length).toBe(1);
|
|
|
|
response = await request(app.getHttpServer())
|
|
.get(`/api/data_queries?app_version_id=62929ad6-11ae-4655-bb3e-2d2465b58950`)
|
|
.set('tj-workspace-id', adminUserData.user.defaultOrganizationId)
|
|
.set('Cookie', adminUserData['tokenCookie']);
|
|
|
|
expect(response.statusCode).toBe(500);
|
|
});
|
|
|
|
it('should be able to create queries for an app only if the user has relevant permissions(admin or update permission) or instance user type', async () => {
|
|
const adminUserData = await createUser(app, {
|
|
email: 'admin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
const superAdminUserData = await createUser(app, {
|
|
email: 'superadmin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
userType: 'instance',
|
|
});
|
|
const developerUserData = await createUser(app, {
|
|
email: 'developer@tooljet.io',
|
|
groups: ['all_users', 'developer'],
|
|
organization: adminUserData.organization,
|
|
});
|
|
const viewerUserData = await createUser(app, {
|
|
email: 'viewer@tooljet.io',
|
|
groups: ['all_users', 'viewer'],
|
|
organization: adminUserData.organization,
|
|
});
|
|
const {
|
|
application,
|
|
dataSource,
|
|
appVersion: applicationVersion,
|
|
} = await generateAppDefaults(app, adminUserData.user, {
|
|
isQueryNeeded: false,
|
|
});
|
|
const anotherOrgAdminUserData = await createUser(app, {
|
|
email: 'another@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
|
|
let loggedUser = await authenticateUser(app, adminUserData.user.email);
|
|
adminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
loggedUser = await authenticateUser(app, developerUserData.user.email);
|
|
developerUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
loggedUser = await authenticateUser(app, viewerUserData.user.email);
|
|
viewerUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
loggedUser = await authenticateUser(app, anotherOrgAdminUserData.user.email);
|
|
anotherOrgAdminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
loggedUser = await authenticateUser(app, superAdminUserData.user.email, 'password', adminUserData.organization.id);
|
|
superAdminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
|
|
// setup app permissions for developer
|
|
const developerUserGroup = await getRepository(GroupPermission).findOneOrFail({
|
|
where: {
|
|
group: 'developer',
|
|
},
|
|
});
|
|
await createAppGroupPermission(app, application, developerUserGroup.id, {
|
|
read: true,
|
|
update: true,
|
|
delete: false,
|
|
});
|
|
|
|
const requestBody = {
|
|
name: 'get query',
|
|
data_source_id: dataSource.id,
|
|
kind: 'restapi',
|
|
options: { method: 'get' },
|
|
app_version_id: applicationVersion.id,
|
|
};
|
|
|
|
for (const userData of [adminUserData, developerUserData, superAdminUserData]) {
|
|
const response = await request(app.getHttpServer())
|
|
.post(`/api/data_queries`)
|
|
.set('tj-workspace-id', adminUserData.user.defaultOrganizationId)
|
|
.set('Cookie', userData['tokenCookie'])
|
|
.send(requestBody);
|
|
|
|
expect(response.statusCode).toBe(201);
|
|
expect(response.body.id).toBeDefined();
|
|
expect(response.body.data_source_id).toBe(dataSource.id);
|
|
expect(response.body.options).toBeDefined();
|
|
expect(response.body.created_at).toBeDefined();
|
|
expect(response.body.updated_at).toBeDefined();
|
|
}
|
|
|
|
// Forbidden if a viewer or a user of another organization
|
|
for (const userData of [anotherOrgAdminUserData, viewerUserData]) {
|
|
const response = await request(app.getHttpServer())
|
|
.post(`/api/data_queries`)
|
|
.set('tj-workspace-id', userData.user.defaultOrganizationId)
|
|
.set('Cookie', userData['tokenCookie'])
|
|
.send(requestBody);
|
|
|
|
expect(response.statusCode).toBe(403);
|
|
}
|
|
});
|
|
|
|
it('should be able to get queries sorted created wise', async () => {
|
|
const adminUserData = await createUser(app, {
|
|
email: 'admin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
|
|
const { dataSource, appVersion } = await generateAppDefaults(app, adminUserData.user, {
|
|
isQueryNeeded: false,
|
|
});
|
|
|
|
const options = {
|
|
method: 'get',
|
|
url: null,
|
|
url_params: [['', '']],
|
|
headers: [['', '']],
|
|
body: [['', '']],
|
|
json_body: null,
|
|
body_toggle: false,
|
|
};
|
|
|
|
const createdQueries = [];
|
|
const totalQueries = 15;
|
|
|
|
const loggedUser = await authenticateUser(app, adminUserData.user.email);
|
|
adminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
|
|
for (let i = 1; i <= totalQueries; i++) {
|
|
const queryParams = {
|
|
name: `restapi${i}`,
|
|
data_source_id: dataSource.id,
|
|
kind: 'restapi',
|
|
options,
|
|
plugin_id: null,
|
|
app_version_id: appVersion.id,
|
|
};
|
|
|
|
const response = await request(app.getHttpServer())
|
|
.post(`/api/data_queries`)
|
|
.set('tj-workspace-id', adminUserData.user.defaultOrganizationId)
|
|
.set('Cookie', adminUserData['tokenCookie'])
|
|
.send(queryParams);
|
|
|
|
response.body['plugin'] = null;
|
|
createdQueries.push(response.body);
|
|
}
|
|
|
|
// Latest query should be on top
|
|
createdQueries.reverse();
|
|
|
|
const response = await request(app.getHttpServer())
|
|
.get(`/api/data_queries?app_version_id=${appVersion.id}`)
|
|
.set('tj-workspace-id', adminUserData.user.defaultOrganizationId)
|
|
.set('Cookie', adminUserData['tokenCookie']);
|
|
|
|
expect(response.statusCode).toBe(200);
|
|
expect(response.body.data_queries.length).toBe(totalQueries);
|
|
for (let i = 0; i < totalQueries; i++) {
|
|
const responseObject = response.body.data_queries[i];
|
|
const createdObject = createdQueries[i];
|
|
expect(responseObject.id).toEqual(createdObject.id);
|
|
expect(responseObject.name).toEqual(createdObject.name);
|
|
expect(responseObject.options).toMatchObject(createdObject.options);
|
|
expect(responseObject.created_at).toEqual(createdObject.created_at);
|
|
expect(responseObject.updated_at).toEqual(createdObject.updated_at);
|
|
}
|
|
});
|
|
|
|
it('should be able to run queries of an app if the user belongs to the same organization or has instance user type', async () => {
|
|
const adminUserData = await createUser(app, {
|
|
email: 'admin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
const superAdminUserData = await createUser(app, {
|
|
email: 'superadmin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
userType: 'instance',
|
|
});
|
|
const developerUserData = await createUser(app, {
|
|
email: 'developer@tooljet.io',
|
|
groups: ['all_users', 'developer'],
|
|
organization: adminUserData.organization,
|
|
});
|
|
const viewerUserData = await createUser(app, {
|
|
email: 'viewer@tooljet.io',
|
|
groups: ['all_users', 'viewer'],
|
|
organization: adminUserData.organization,
|
|
});
|
|
|
|
const { application, dataQuery } = await generateAppDefaults(app, adminUserData.user, {});
|
|
|
|
let loggedUser = await authenticateUser(app, adminUserData.user.email);
|
|
adminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
loggedUser = await authenticateUser(app, developerUserData.user.email);
|
|
developerUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
loggedUser = await authenticateUser(app, viewerUserData.user.email);
|
|
viewerUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
loggedUser = await authenticateUser(app, superAdminUserData.user.email, 'password', adminUserData.organization.id);
|
|
superAdminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
|
|
// setup app permissions for developer
|
|
const developerUserGroup = await getRepository(GroupPermission).findOneOrFail({
|
|
where: {
|
|
group: 'developer',
|
|
},
|
|
});
|
|
await createAppGroupPermission(app, application, developerUserGroup.id, {
|
|
read: true,
|
|
update: true,
|
|
delete: false,
|
|
});
|
|
|
|
// setup app permissions for viewer
|
|
const viewerUserGroup = await getRepository(GroupPermission).findOneOrFail({
|
|
where: {
|
|
group: 'viewer',
|
|
},
|
|
});
|
|
await createAppGroupPermission(app, application, viewerUserGroup.id, {
|
|
read: true,
|
|
update: false,
|
|
delete: false,
|
|
});
|
|
|
|
for (const userData of [adminUserData, developerUserData, viewerUserData, superAdminUserData]) {
|
|
const response = await request(app.getHttpServer())
|
|
.post(`/api/data_queries/${dataQuery.id}/run`)
|
|
.set('tj-workspace-id', adminUserData.user.defaultOrganizationId)
|
|
.set('Cookie', userData['tokenCookie']);
|
|
|
|
expect(response.statusCode).toBe(201);
|
|
expect(response.body.data.length).toBe(30);
|
|
|
|
// should create audit log
|
|
const auditLog = await AuditLog.findOne({
|
|
where: {
|
|
userId: userData.user.id,
|
|
resourceType: MODULES.DATA_QUERY,
|
|
},
|
|
});
|
|
|
|
const organizationId =
|
|
userData.user.userType === 'instance' ? adminUserData.user.organizationId : userData.user.organizationId;
|
|
|
|
expect(auditLog.organizationId).toEqual(organizationId);
|
|
expect(auditLog.resourceId).toEqual(dataQuery.id);
|
|
expect(auditLog.resourceType).toEqual(MODULES.DATA_QUERY);
|
|
expect(auditLog.resourceName).toEqual(dataQuery.name);
|
|
expect(auditLog.actionType).toEqual('DATA_QUERY_RUN');
|
|
expect(auditLog.metadata).toEqual({
|
|
parsedQueryOptions: {
|
|
body: [],
|
|
headers: [],
|
|
method: 'get',
|
|
url: 'https://api.github.com/repos/tooljet/tooljet/stargazers',
|
|
url_params: [],
|
|
},
|
|
});
|
|
expect(auditLog.createdAt).toBeDefined();
|
|
}
|
|
});
|
|
|
|
it('should not be able to run queries of an app if the user belongs to another organization', async () => {
|
|
const adminUserData = await createUser(app, {
|
|
email: 'admin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
const anotherOrgAdminUserData = await createUser(app, {
|
|
email: 'another@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
|
|
const loggedUser = await authenticateUser(app, anotherOrgAdminUserData.user.email);
|
|
anotherOrgAdminUserData['tokenCookie'] = loggedUser.tokenCookie;
|
|
|
|
const { dataQuery } = await generateAppDefaults(app, adminUserData.user, {});
|
|
const response = await request(app.getHttpServer())
|
|
.post(`/api/data_queries/${dataQuery.id}/run`)
|
|
.set('tj-workspace-id', anotherOrgAdminUserData.user.defaultOrganizationId)
|
|
.set('Cookie', anotherOrgAdminUserData['tokenCookie']);
|
|
|
|
expect(response.statusCode).toBe(403);
|
|
});
|
|
|
|
it('should be able to run queries of an app if a public app ( even if an unauthenticated user )', async () => {
|
|
const adminUserData = await createUser(app, {
|
|
email: 'admin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
const { dataQuery } = await generateAppDefaults(app, adminUserData.user, { isAppPublic: true });
|
|
|
|
const response = await request(app.getHttpServer()).post(`/api/data_queries/${dataQuery.id}/run`);
|
|
|
|
expect(response.statusCode).toBe(201);
|
|
expect(response.body.data.length).toBe(30);
|
|
});
|
|
|
|
it('should not be able to run queries if app not not public and user is not authenticated', async () => {
|
|
const adminUserData = await createUser(app, {
|
|
email: 'admin@tooljet.io',
|
|
groups: ['all_users', 'admin'],
|
|
});
|
|
const { dataQuery } = await generateAppDefaults(app, adminUserData.user, {});
|
|
|
|
const response = await request(app.getHttpServer()).post(`/api/data_queries/${dataQuery.id}/run`);
|
|
|
|
expect(response.statusCode).toBe(401);
|
|
});
|
|
|
|
afterAll(async () => {
|
|
await app.close();
|
|
});
|
|
});
|