UNPKG

17.2 kBJavaScriptView Raw
1'use strict'
2
3// get required node modules
4const Fastify = require('fastify')
5const fastifyGuard = require('./src/index')
6
7// fastify server generator
8const generateServer = async (pluginOpts) => {
9 // initialize fastify server
10 const fastify = new Fastify()
11
12 // register the plugin
13 await fastify.register(fastifyGuard, pluginOpts)
14
15 // simulation for user authentication process
16 fastify.addHook('onRequest', (req, reply, done) => {
17 req.user = {
18 id: 306,
19 name: 'Huseyin',
20 role: ['user', 'admin', 'editor'],
21 scope: ['profile', 'email', 'openid'],
22 location: 'Istanbul'
23 }
24
25 // all done
26 done()
27 })
28
29 // return the instance
30 return fastify
31}
32
33// test cases
34
35// eslint-disable-next-line
36test('sufficient hasRole check', async done => {
37 // initialize a fastify server
38 const fastify = await generateServer()
39
40 // define a route
41 fastify.get('/', (req, reply) => {
42 // check if the user has the role
43 const isOk = fastify.guard.hasRole(req, 'user')
44
45 // send response
46 reply.send(isOk)
47 })
48
49 // test
50 fastify.inject(
51 { method: 'GET', url: '/' },
52 // eslint-disable-next-line
53 (err, res) => {
54 // eslint-disable-next-line
55 expect(res.payload).toBe('true')
56 done()
57
58 // close fastify server
59 fastify.close()
60 }
61 )
62})
63
64// eslint-disable-next-line
65test('insufficient hasRole check', async done => {
66 // initialize a fastify server
67 const fastify = await generateServer()
68
69 // define a route
70 fastify.get('/', (req, reply) => {
71 // check if the user has the role
72 const isOk = fastify.guard.hasRole(req, 'cmo')
73
74 // send response
75 reply.send(isOk)
76 })
77
78 // test
79 fastify.inject(
80 { method: 'GET', url: '/' },
81 // eslint-disable-next-line
82 (err, res) => {
83 // eslint-disable-next-line
84 expect(res.payload).toBe('false')
85 done()
86
87 // close fastify server
88 fastify.close()
89 }
90 )
91})
92
93// eslint-disable-next-line
94test('hasRole argument validations', async done => {
95 // initialize a fastify server
96 const fastify = await generateServer()
97
98 // define a route
99 fastify.get('/', (req, reply) => {
100 // check if the user has the role
101 const isOk =
102 fastify.guard.hasRole(req, '') || fastify.guard.hasRole(null, 'user') || fastify.guard.hasRole()
103
104 // send response
105 reply.send(isOk)
106 })
107
108 // test
109 fastify.inject(
110 { method: 'GET', url: '/' },
111 // eslint-disable-next-line
112 (err, res) => {
113 // eslint-disable-next-line
114 expect(res.statusCode).toBe(500)
115 done()
116
117 // close fastify server
118 fastify.close()
119 }
120 )
121})
122
123// eslint-disable-next-line
124test('sufficient hasScope check', async done => {
125 // initialize a fastify server
126 const fastify = await generateServer()
127
128 // define a route
129 fastify.get('/', (req, reply) => {
130 // check if the user has the role
131 const isOk = fastify.guard.hasScope(req, 'profile')
132
133 // send response
134 reply.send(isOk)
135 })
136
137 // test
138 fastify.inject(
139 { method: 'GET', url: '/' },
140 // eslint-disable-next-line
141 (err, res) => {
142 // eslint-disable-next-line
143 expect(res.payload).toBe('true')
144 done()
145
146 // close fastify server
147 fastify.close()
148 }
149 )
150})
151
152// eslint-disable-next-line
153test('insufficient hasScope check', async done => {
154 // initialize a fastify server
155 const fastify = await generateServer()
156
157 // define a route
158 fastify.get('/', (req, reply) => {
159 // check if the user has the role
160 const isOk = fastify.guard.hasScope(req, 'base')
161
162 // send response
163 reply.send(isOk)
164 })
165
166 // test
167 fastify.inject(
168 { method: 'GET', url: '/' },
169 // eslint-disable-next-line
170 (err, res) => {
171 // eslint-disable-next-line
172 expect(res.payload).toBe('false')
173 done()
174
175 // close fastify server
176 fastify.close()
177 }
178 )
179})
180
181// eslint-disable-next-line
182test('hasScope argument validations', async done => {
183 // initialize a fastify server
184 const fastify = await generateServer()
185
186 // define a route
187 fastify.get('/', (req, reply) => {
188 // check if the user has the role
189 const isOk =
190 fastify.guard.hasScope(req, '') || fastify.guard.hasScope(null, 'profile') || fastify.guard.hasScope()
191
192 // send response
193 reply.send(isOk)
194 })
195
196 // test
197 fastify.inject(
198 { method: 'GET', url: '/' },
199 // eslint-disable-next-line
200 (err, res) => {
201 // eslint-disable-next-line
202 expect(res.statusCode).toBe(500)
203 done()
204
205 // close fastify server
206 fastify.close()
207 }
208 )
209})
210
211// eslint-disable-next-line
212test('sufficient role permission (check OR case by providing two roles as arguments)', async done => {
213 // initialize a fastify server
214 const fastify = await generateServer()
215
216 // define a route
217 fastify.get('/', { preHandler: [fastify.guard.role('admin', ['author'])] }, (req, reply) => {
218 // send response
219 reply.send()
220 })
221
222 // test
223 fastify.inject(
224 { method: 'GET', url: '/' },
225 // eslint-disable-next-line
226 (err, res) => {
227 // eslint-disable-next-line
228 expect(res.payload).toBe('')
229 done()
230
231 // close fastify server
232 fastify.close()
233 }
234 )
235})
236
237// eslint-disable-next-line
238test('insufficient role permission (check OR case by providing two roles as arguments)', async done => {
239 // initialize a fastify server
240 const fastify = await generateServer()
241
242 // define a route
243 fastify.get('/', { preHandler: [fastify.guard.role('author', ['ceo'])] }, (req, reply) => {
244 // send response
245 reply.send()
246 })
247
248 // test
249 fastify.inject(
250 { method: 'GET', url: '/' },
251 // eslint-disable-next-line
252 (err, res) => {
253 // eslint-disable-next-line
254 expect(res.statusCode).toBe(403)
255 done()
256
257 // close fastify server
258 fastify.close()
259 }
260 )
261})
262
263// eslint-disable-next-line
264test('sufficient scope permission (check OR case by providing two scopes as arguments)', async done => {
265 // initialize a fastify server
266 const fastify = await generateServer()
267
268 // define a route
269 fastify.get('/', { preHandler: [fastify.guard.scope('email', ['user:read'])] }, (req, reply) => {
270 // send response
271 reply.send()
272 })
273
274 // test
275 fastify.inject(
276 { method: 'GET', url: '/' },
277 // eslint-disable-next-line
278 (err, res) => {
279 // eslint-disable-next-line
280 expect(res.payload).toBe('')
281 done()
282
283 // close fastify server
284 fastify.close()
285 }
286 )
287})
288
289// eslint-disable-next-line
290test('insufficient scope permission (check OR case by providing two scopes as arguments)', async done => {
291 // initialize a fastify server
292 const fastify = await generateServer()
293
294 // define a route
295 fastify.get('/', { preHandler: [fastify.guard.scope('user:read', ['user:write'])] }, (req, reply) => {
296 // send response
297 reply.send()
298 })
299
300 // test
301 fastify.inject(
302 { method: 'GET', url: '/' },
303 // eslint-disable-next-line
304 (err, res) => {
305 // eslint-disable-next-line
306 expect(res.statusCode).toBe(403)
307 done()
308
309 // close fastify server
310 fastify.close()
311 }
312 )
313})
314
315// eslint-disable-next-line
316test('sufficient role permission (only string as the argument)', async done => {
317 // initialize a fastify server
318 const fastify = await generateServer()
319
320 // define a route
321 fastify.get('/', { preHandler: [fastify.guard.role('admin')] }, (req, reply) => {
322 // send response
323 reply.send()
324 })
325
326 // test
327 fastify.inject(
328 { method: 'GET', url: '/' },
329 // eslint-disable-next-line
330 (err, res) => {
331 // eslint-disable-next-line
332 expect(res.payload).toBe('')
333 done()
334
335 // close fastify server
336 fastify.close()
337 }
338 )
339})
340
341// eslint-disable-next-line
342test('insufficient role permission (only string as the argument)', async done => {
343 // initialize a fastify server
344 const fastify = await generateServer()
345
346 // define a route
347 fastify.get('/', { preHandler: [fastify.guard.role('author')] }, (req, reply) => {
348 // send response
349 reply.send()
350 })
351
352 // test
353 fastify.inject(
354 { method: 'GET', url: '/' },
355 // eslint-disable-next-line
356 (err, res) => {
357 // eslint-disable-next-line
358 expect(res.statusCode).toBe(403)
359 done()
360
361 // close fastify server
362 fastify.close()
363 }
364 )
365})
366
367// eslint-disable-next-line
368test('sufficient scope permission (only string as the argument)', async done => {
369 // initialize a fastify server
370 const fastify = await generateServer()
371
372 // define a route
373 fastify.get('/', { preHandler: [fastify.guard.scope('email')] }, (req, reply) => {
374 // send response
375 reply.send()
376 })
377
378 // test
379 fastify.inject(
380 { method: 'GET', url: '/' },
381 // eslint-disable-next-line
382 (err, res) => {
383 // eslint-disable-next-line
384 expect(res.payload).toBe('')
385 done()
386
387 // close fastify server
388 fastify.close()
389 }
390 )
391})
392
393// eslint-disable-next-line
394test('insufficient scope permission (only string as the argument)', async done => {
395 // initialize a fastify server
396 const fastify = await generateServer()
397
398 // define a route
399 fastify.get('/', { preHandler: [fastify.guard.scope('user:read')] }, (req, reply) => {
400 // send response
401 reply.send()
402 })
403
404 // test
405 fastify.inject(
406 { method: 'GET', url: '/' },
407 // eslint-disable-next-line
408 (err, res) => {
409 // eslint-disable-next-line
410 expect(res.statusCode).toBe(403)
411 done()
412
413 // close fastify server
414 fastify.close()
415 }
416 )
417})
418
419// eslint-disable-next-line
420test('sufficient role permission', async done => {
421 // initialize a fastify server
422 const fastify = await generateServer()
423
424 // define a route
425 fastify.get('/', { preHandler: [fastify.guard.role(['admin'])] }, (req, reply) => {
426 // send response
427 reply.send()
428 })
429
430 // test
431 fastify.inject(
432 { method: 'GET', url: '/' },
433 // eslint-disable-next-line
434 (err, res) => {
435 // eslint-disable-next-line
436 expect(res.payload).toBe('')
437 done()
438
439 // close fastify server
440 fastify.close()
441 }
442 )
443})
444
445// eslint-disable-next-line
446test('insufficient role permission', async done => {
447 // initialize a fastify server
448 const fastify = await generateServer()
449
450 // define a route
451 fastify.get('/', { preHandler: [fastify.guard.role(['author'])] }, (req, reply) => {
452 // send response
453 reply.send()
454 })
455
456 // test
457 fastify.inject(
458 { method: 'GET', url: '/' },
459 // eslint-disable-next-line
460 (err, res) => {
461 // eslint-disable-next-line
462 expect(res.statusCode).toBe(403)
463 done()
464
465 // close fastify server
466 fastify.close()
467 }
468 )
469})
470
471// eslint-disable-next-line
472test('sufficient scope permission', async done => {
473 // initialize a fastify server
474 const fastify = await generateServer()
475
476 // define a route
477 fastify.get('/', { preHandler: [fastify.guard.scope(['email'])] }, (req, reply) => {
478 // send response
479 reply.send()
480 })
481
482 // test
483 fastify.inject(
484 { method: 'GET', url: '/' },
485 // eslint-disable-next-line
486 (err, res) => {
487 // eslint-disable-next-line
488 expect(res.payload).toBe('')
489 done()
490
491 // close fastify server
492 fastify.close()
493 }
494 )
495})
496
497// eslint-disable-next-line
498test('insufficient scope permission', async done => {
499 // initialize a fastify server
500 const fastify = await generateServer()
501
502 // define a route
503 fastify.get('/', { preHandler: [fastify.guard.scope(['user:read'])] }, (req, reply) => {
504 // send response
505 reply.send()
506 })
507
508 // test
509 fastify.inject(
510 { method: 'GET', url: '/' },
511 // eslint-disable-next-line
512 (err, res) => {
513 // eslint-disable-next-line
514 expect(res.statusCode).toBe(403)
515 done()
516
517 // close fastify server
518 fastify.close()
519 }
520 )
521})
522
523// eslint-disable-next-line
524test('sufficient role and scope permissions', async done => {
525 // initialize a fastify server
526 const fastify = await generateServer()
527
528 // define a route
529 fastify.get(
530 '/',
531 {
532 preHandler: [
533 fastify.guard.role(['admin']),
534 fastify.guard.scope(['email'])
535 ]
536 },
537 (req, reply) => {
538 // send response
539 reply.send()
540 }
541 )
542
543 // test
544 fastify.inject(
545 { method: 'GET', url: '/' },
546 // eslint-disable-next-line
547 (err, res) => {
548 // eslint-disable-next-line
549 expect(res.payload).toBe('')
550 done()
551
552 // close fastify server
553 fastify.close()
554 }
555 )
556})
557
558// eslint-disable-next-line
559test('insufficient role and scope permissions', async done => {
560 // initialize a fastify server
561 const fastify = await generateServer()
562
563 // define a route
564 fastify.get(
565 '/',
566 {
567 preHandler: [
568 fastify.guard.role(['author']),
569 fastify.guard.scope(['user:read'])
570 ]
571 },
572 (req, reply) => {
573 // send response
574 reply.send()
575 }
576 )
577
578 // test
579 fastify.inject(
580 { method: 'GET', url: '/' },
581 // eslint-disable-next-line
582 (err, res) => {
583 // eslint-disable-next-line
584 expect(res.statusCode).toBe(403)
585 done()
586
587 // close fastify server
588 fastify.close()
589 }
590 )
591})
592
593// eslint-disable-next-line
594test('sufficient role and insufficient scope permissions', async done => {
595 // initialize a fastify server
596 const fastify = await generateServer()
597
598 // define a route
599 fastify.get(
600 '/',
601 {
602 preHandler: [
603 fastify.guard.role(['admin']),
604 fastify.guard.scope(['user:read'])
605 ]
606 },
607 (req, reply) => {
608 // send response
609 reply.send()
610 }
611 )
612
613 // test
614 fastify.inject(
615 { method: 'GET', url: '/' },
616 // eslint-disable-next-line
617 (err, res) => {
618 // eslint-disable-next-line
619 expect(res.statusCode).toBe(403)
620 done()
621
622 // close fastify server
623 fastify.close()
624 }
625 )
626})
627
628// eslint-disable-next-line
629test('insufficient role and sufficient scope permissions', async done => {
630 // initialize a fastify server
631 const fastify = await generateServer()
632
633 // define a route
634 fastify.get(
635 '/',
636 {
637 preHandler: [
638 fastify.guard.role(['author']),
639 fastify.guard.scope(['email'])
640 ]
641 },
642 (req, reply) => {
643 // send response
644 reply.send()
645 }
646 )
647
648 // test
649 fastify.inject(
650 { method: 'GET', url: '/' },
651 // eslint-disable-next-line
652 (err, res) => {
653 // eslint-disable-next-line
654 expect(res.statusCode).toBe(403)
655 done()
656
657 // close fastify server
658 fastify.close()
659 }
660 )
661})
662
663// eslint-disable-next-line
664test('wrong argument error', async done => {
665 // initialize a fastify server
666 const fastify = await generateServer()
667
668 // define a route
669 fastify.get('/', { preHandler: [fastify.guard.role(true)] }, (req, reply) => {
670 // send response
671 reply.send()
672 })
673
674 // test
675 fastify.inject(
676 { method: 'GET', url: '/' },
677 // eslint-disable-next-line
678 (err, res) => {
679 // eslint-disable-next-line
680 expect(res.statusCode).toBe(500)
681 done()
682
683 // close fastify server
684 fastify.close()
685 }
686 )
687})
688
689// eslint-disable-next-line
690test('custom error handler (sufficient case)', async done => {
691 // initialize a fastify server
692 const fastify = await generateServer({
693 errorHandler: (result, req, reply) => {
694 return reply.send('custom error handler works!')
695 }
696 })
697
698 // define a route
699 fastify.get('/', { preHandler: [fastify.guard.role(['admin'])] }, (req, reply) => {
700 // send response
701 reply.send()
702 })
703
704 // test
705 fastify.inject(
706 { method: 'GET', url: '/' },
707 // eslint-disable-next-line
708 (err, res) => {
709 // eslint-disable-next-line
710 expect(res.payload).toBe('')
711 done()
712
713 // close fastify server
714 fastify.close()
715 }
716 )
717})
718
719// eslint-disable-next-line
720test('custom error handler (insufficient case)', async done => {
721 // initialize a fastify server
722 const fastify = await generateServer({
723 errorHandler: (result, req, reply) => {
724 return reply.send('custom error handler works!')
725 }
726 })
727
728 // define a route
729 fastify.get('/', { preHandler: [fastify.guard.scope(['user:read'])] }, (req, reply) => {
730 // send response
731 reply.send()
732 })
733
734 // test
735 fastify.inject(
736 { method: 'GET', url: '/' },
737 // eslint-disable-next-line
738 (err, res) => {
739 // eslint-disable-next-line
740 expect(res.payload).toBe('custom error handler works!')
741 done()
742
743 // close fastify server
744 fastify.close()
745 }
746 )
747})