Elgato_dark/ToolJet
1
0
Fork 0
mirror of https://github.com/ToolJet/ToolJet synced 2026-04-26 07:57:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
ToolJet/server/test/controllers/oauth.e2e-spec.ts
Akshay 5b30aa2007
Chore: Setup pipeline (#1539) 
* github actions for PR and push to develop branch

* test workflow

* move to workflows folder

* add setup node action

* modify build

* specify npm version

* config unit test

* specify host postgres

* specify container to run on

* add postgresql dependency

* add specify ws adapter for test

* add e2e test

* fix linting

* only log errors on tests

* update eslint config

* fix linting

* run e2e test in silent mode

* fix library app spec

* dont send email on test env

* fix org scope

* mock env vars

* remove reset modules

* force colors

* explicitly close db connection

* add eslint rule for floating promises

* update workflow

* fix floating promise

* fix lint

* update workflow

* run on all push and pulls

* update lint check files

* simplify workflow

* increase js heap size on env

* separate lint and build

Co-authored-by: arpitnath <arpitnath42@gmail.com>
2021-12-10 08:43:05 +05:30

179 lines
5.5 KiB
TypeScript
Raw Blame History

import * as request from 'supertest';
import { INestApplication } from '@nestjs/common';
import { clearDB, createUser, createNestAppInstance } from '../test.helper';
import { OAuth2Client } from 'google-auth-library';
describe('oauth controller', () => {
let app: INestApplication;
const originalEnv = process.env;
beforeEach(async () => {
await clearDB();
});
beforeAll(async () => {
app = await createNestAppInstance();
process.env = { ...originalEnv, SSO_GOOGLE_OAUTH2_CLIENT_ID: 'apps.googleusercontent.com' };
});
describe('sign in via Google OAuth', () => {
it('should return login info when the user does not exist', async () => {
const googleVerifyMock = jest.spyOn(OAuth2Client.prototype, 'verifyIdToken');
googleVerifyMock.mockImplementation(() => ({
getPayload: () => ({
sub: 'someSSOId',
email: 'ssoUser@tooljet.io',
name: 'SSO User',
hd: 'tooljet.io',
}),
}));
// Calling the createUser helper function to have an Organization created. This user is irrelevant for the test
await createUser(app, { email: 'anotherUser@tooljet.io', role: 'admin' });
const token = ['someStuff'];
const response = await request(app.getHttpServer()).post('/api/oauth/sign-in').send({ token });
expect(googleVerifyMock).toHaveBeenCalledWith({
idToken: token,
audience: expect.anything(),
});
expect(response.statusCode).toBe(201);
expect(Object.keys(response.body).sort()).toEqual(
[
'id',
'email',
'first_name',
'last_name',
'auth_token',
'admin',
'group_permissions',
'app_group_permissions',
].sort()
);
const { email, first_name, last_name, admin, group_permissions, app_group_permissions } = response.body;
expect(email).toEqual('ssoUser@tooljet.io');
expect(first_name).toEqual('SSO');
expect(last_name).toEqual('User');
expect(admin).toBeFalsy();
expect(group_permissions).toHaveLength(1);
expect(group_permissions[0].group).toEqual('all_users');
expect(Object.keys(group_permissions[0]).sort()).toEqual(
[
'id',
'organization_id',
'group',
'app_create',
'app_delete',
'updated_at',
'created_at',
'folder_create',
].sort()
);
expect(app_group_permissions).toHaveLength(0);
});
it('should be forbid logging in when the user does not exist and signups are disabled', async () => {
process.env.SSO_DISABLE_SIGNUP = 'true';
const googleVerifyMock = jest.spyOn(OAuth2Client.prototype, 'verifyIdToken');
googleVerifyMock.mockImplementation(() => ({
getPayload: () => ({
sub: 'someSSOId',
email: 'ssoUser@tooljet.io',
name: 'SSO User',
hd: 'tooljet.io',
}),
}));
// Calling the createUser helper function to have an Organization created. This user is irrelevant for the test
await createUser(app, { email: 'anotherUser@tooljet.io', role: 'admin' });
const token = ['someStuff'];
const response = await request(app.getHttpServer()).post('/api/oauth/sign-in').send({ token });
expect(googleVerifyMock).toHaveBeenCalledWith({
idToken: token,
audience: expect.anything(),
});
expect(response.statusCode).toBe(401);
process.env.SSO_DISABLE_SIGNUP = 'false';
});
it('should return login info when the user exists', async () => {
const googleVerifyMock = jest.spyOn(OAuth2Client.prototype, 'verifyIdToken');
googleVerifyMock.mockImplementation(() => ({
getPayload: () => ({
sub: 'someSSOId',
email: 'ssoUser@tooljet.io',
name: 'New name',
hd: 'tooljet.io',
}),
}));
await createUser(app, {
email: 'ssoUser@tooljet.io',
role: 'developer',
ssoId: 'someSSOId',
firstName: 'Existing',
lastName: 'Name',
groups: ['all_users', 'admin'],
});
const token = ['someStuff'];
const response = await request(app.getHttpServer()).post('/api/oauth/sign-in').send({ token });
expect(googleVerifyMock).toHaveBeenCalledWith({
idToken: token,
audience: expect.anything(),
});
expect(response.statusCode).toBe(201);
expect(new Set(Object.keys(response.body))).toEqual(
new Set([
'id',
'email',
'first_name',
'last_name',
'auth_token',
'admin',
'group_permissions',
'app_group_permissions',
])
);
const { email, first_name, last_name, admin, group_permissions, app_group_permissions } = response.body;
expect(email).toEqual('ssoUser@tooljet.io');
expect(first_name).toEqual('Existing');
expect(last_name).toEqual('Name');
expect(admin).toBeTruthy();
expect(group_permissions).toHaveLength(2);
expect(group_permissions.map((p) => p.group).sort()).toEqual(['all_users', 'admin'].sort());
expect(Object.keys(group_permissions[0]).sort()).toEqual(
[
'id',
'organization_id',
'group',
'app_create',
'app_delete',
'folder_create',
'updated_at',
'created_at',
].sort()
);
expect(app_group_permissions).toHaveLength(0);
});
});
afterAll(async () => {
await app.close();
process.env = originalEnv;
});
});
Reference in a new issue View git blame Copy permalink