From 1ca50eeb9890c93b730cc205c8da0f6c11d5b37e Mon Sep 17 00:00:00 2001 From: Jessica Lawshe Date: Tue, 6 Oct 2020 08:49:50 -0500 Subject: [PATCH] Merge pull request #3179 from overleaf/jel-remove-sudo-mode Remove SudoMode GitOrigin-RevId: 9419f9b28e5051a1c5abd29f498f72448d1afd33 --- .../AuthenticationController.js | 13 +- .../Features/SudoMode/SudoModeController.js | 118 ----- .../src/Features/SudoMode/SudoModeHandler.js | 79 --- .../Features/SudoMode/SudoModeMiddleware.js | 52 -- .../app/src/Features/User/UserController.js | 2 - services/web/app/src/router.js | 19 - .../app/views/sudo_mode/sudo_mode_prompt.pug | 48 -- .../web/test/acceptance/src/DeletionTests.js | 3 +- .../web/test/acceptance/src/SessionTests.js | 28 +- .../web/test/acceptance/src/SettingsTests.js | 3 +- .../web/test/acceptance/src/helpers/User.js | 17 - .../AuthenticationControllerTests.js | 3 - .../src/SudoMode/SudoModeControllerTests.js | 457 ------------------ .../unit/src/SudoMode/SudoModeHandlerTests.js | 329 ------------- .../src/SudoMode/SudoModeMiddlewareTests.js | 233 --------- .../test/unit/src/User/UserControllerTests.js | 20 - 16 files changed, 5 insertions(+), 1419 deletions(-) delete mode 100644 services/web/app/src/Features/SudoMode/SudoModeController.js delete mode 100644 services/web/app/src/Features/SudoMode/SudoModeHandler.js delete mode 100644 services/web/app/src/Features/SudoMode/SudoModeMiddleware.js delete mode 100644 services/web/app/views/sudo_mode/sudo_mode_prompt.pug delete mode 100644 services/web/test/unit/src/SudoMode/SudoModeControllerTests.js delete mode 100644 services/web/test/unit/src/SudoMode/SudoModeHandlerTests.js delete mode 100644 services/web/test/unit/src/SudoMode/SudoModeMiddlewareTests.js diff --git a/services/web/app/src/Features/Authentication/AuthenticationController.js b/services/web/app/src/Features/Authentication/AuthenticationController.js index 509d0b4f0d..ca1e232967 100644 --- a/services/web/app/src/Features/Authentication/AuthenticationController.js +++ b/services/web/app/src/Features/Authentication/AuthenticationController.js @@ -16,7 +16,6 @@ const passport = require('passport') const NotificationsBuilder = require('../Notifications/NotificationsBuilder') const UrlHelper = require('../Helpers/UrlHelper') const AsyncFormHelper = require('../Helpers/AsyncFormHelper') -const SudoModeHandler = require('../SudoMode/SudoModeHandler') const _ = require('lodash') const { acceptsJson @@ -103,16 +102,8 @@ const AuthenticationController = { if (err) { return next(err) } - SudoModeHandler.activateSudoMode(user._id, function(err) { - if (err) { - logger.err( - { err, user_id: user._id }, - 'Error activating Sudo Mode on login, continuing' - ) - } - AuthenticationController._clearRedirectFromSession(req) - AsyncFormHelper.redirect(req, res, redir) - }) + AuthenticationController._clearRedirectFromSession(req) + AsyncFormHelper.redirect(req, res, redir) }) }) }, diff --git a/services/web/app/src/Features/SudoMode/SudoModeController.js b/services/web/app/src/Features/SudoMode/SudoModeController.js deleted file mode 100644 index 7f82b48171..0000000000 --- a/services/web/app/src/Features/SudoMode/SudoModeController.js +++ /dev/null @@ -1,118 +0,0 @@ -/* eslint-disable - max-len, - no-unused-vars, - no-use-before-define, -*/ -// TODO: This file was created by bulk-decaffeinate. -// Fix any style issues and re-enable lint. -/* - * decaffeinate suggestions: - * DS102: Remove unnecessary code created because of implicit returns - * DS207: Consider shorter variations of null checks - * Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md - */ -let SudoModeController -const OError = require('@overleaf/o-error') -const logger = require('logger-sharelatex') -const SudoModeHandler = require('./SudoModeHandler') -const AuthenticationController = require('../Authentication/AuthenticationController') -const { ObjectId } = require('mongodb') -const UserGetter = require('../User/UserGetter') -const Settings = require('settings-sharelatex') - -module.exports = SudoModeController = { - sudoModePrompt(req, res, next) { - if (req.externalAuthenticationSystemUsed() && Settings.overleaf == null) { - // TODO: maybe we should have audit logging on sudo mode, but if so, it - // probably belongs in an internal database and not stackdriver - logger.log({ userId }, '[SudoMode] using external auth, redirecting') - return res.redirect('/project') - } - var userId = AuthenticationController.getLoggedInUserId(req) - logger.log({ userId }, '[SudoMode] rendering sudo mode password page') - return SudoModeHandler.isSudoModeActive(userId, function(err, isActive) { - if (err != null) { - OError.tag(err, '[SudoMode] error checking if sudo mode is active', { - userId - }) - return next(err) - } - if (isActive) { - logger.log( - { userId }, - '[SudoMode] sudo mode already active, redirecting' - ) - return res.redirect('/project') - } - return res.render('sudo_mode/sudo_mode_prompt', { - title: 'confirm_password_to_continue' - }) - }) - }, - - submitPassword(req, res, next) { - const userId = AuthenticationController.getLoggedInUserId(req) - const redir = - AuthenticationController._getRedirectFromSession(req) || '/project' - const { password } = req.body - if (!password) { - logger.log( - { userId }, - '[SudoMode] no password supplied, failed authentication' - ) - return next(new Error('no password supplied')) - } - logger.log({ userId, redir }, '[SudoMode] checking user password') - return UserGetter.getUser(ObjectId(userId), { email: 1 }, function( - err, - userRecord - ) { - if (err != null) { - OError.tag(err, '[SudoMode] error getting user', { - userId - }) - return next(err) - } - if (userRecord == null) { - err = new OError('[SudoMode] user not found', { userId }) - return next(err) - } - return SudoModeHandler.authenticate(userRecord.email, password, function( - err, - user - ) { - if (err != null) { - OError.tag(err, '[SudoMode] error authenticating user', { - userId - }) - return next(err) - } - if (user != null) { - logger.log( - { userId }, - '[SudoMode] authenticated user, activating sudo mode' - ) - return SudoModeHandler.activateSudoMode(userId, function(err) { - if (err != null) { - OError.tag(err, '[SudoMode] error activating sudo mode', { - userId - }) - return next(err) - } - return res.json({ - redir - }) - }) - } else { - logger.log({ userId }, '[SudoMode] authentication failed for user') - return res.json({ - message: { - text: req.i18n.translate('invalid_password'), - type: 'error' - } - }) - } - }) - }) - } -} diff --git a/services/web/app/src/Features/SudoMode/SudoModeHandler.js b/services/web/app/src/Features/SudoMode/SudoModeHandler.js deleted file mode 100644 index d2b59d0f40..0000000000 --- a/services/web/app/src/Features/SudoMode/SudoModeHandler.js +++ /dev/null @@ -1,79 +0,0 @@ -/* eslint-disable - handle-callback-err, - max-len, -*/ -// TODO: This file was created by bulk-decaffeinate. -// Fix any style issues and re-enable lint. -/* - * decaffeinate suggestions: - * DS102: Remove unnecessary code created because of implicit returns - * DS207: Consider shorter variations of null checks - * Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md - */ -let SudoModeHandler -const RedisWrapper = require('../../infrastructure/RedisWrapper') -const rclient = RedisWrapper.client('sudomode') -const logger = require('logger-sharelatex') -const AuthenticationManager = require('../Authentication/AuthenticationManager') - -const TIMEOUT_IN_SECONDS = 60 * 60 - -module.exports = SudoModeHandler = { - _buildKey(userId) { - return `SudoMode:{${userId}}` - }, - - authenticate(email, password, callback) { - if (callback == null) { - callback = function() {} - } - AuthenticationManager.authenticate({ email }, password, callback) - }, - - activateSudoMode(userId, callback) { - if (callback == null) { - callback = function(err) {} - } - if (userId == null) { - return callback(new Error('[SudoMode] user must be supplied')) - } - const duration = TIMEOUT_IN_SECONDS - logger.log({ userId, duration }, '[SudoMode] activating sudo mode for user') - return rclient.set( - SudoModeHandler._buildKey(userId), - '1', - 'EX', - duration, - callback - ) - }, - - clearSudoMode(userId, callback) { - if (callback == null) { - callback = function(err) {} - } - if (userId == null) { - return callback(new Error('[SudoMode] user must be supplied')) - } - logger.log({ userId }, '[SudoMode] clearing sudo mode for user') - return rclient.del(SudoModeHandler._buildKey(userId), callback) - }, - - isSudoModeActive(userId, callback) { - if (callback == null) { - callback = function(err, isActive) {} - } - if (userId == null) { - return callback(new Error('[SudoMode] user must be supplied')) - } - return rclient.get(SudoModeHandler._buildKey(userId), function( - err, - result - ) { - if (err != null) { - return callback(err) - } - return callback(null, result === '1') - }) - } -} diff --git a/services/web/app/src/Features/SudoMode/SudoModeMiddleware.js b/services/web/app/src/Features/SudoMode/SudoModeMiddleware.js deleted file mode 100644 index acf80b224b..0000000000 --- a/services/web/app/src/Features/SudoMode/SudoModeMiddleware.js +++ /dev/null @@ -1,52 +0,0 @@ -/* eslint-disable - max-len, - no-unused-vars, - no-use-before-define, -*/ -// TODO: This file was created by bulk-decaffeinate. -// Fix any style issues and re-enable lint. -/* - * decaffeinate suggestions: - * DS102: Remove unnecessary code created because of implicit returns - * DS207: Consider shorter variations of null checks - * Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md - */ -let SudoModeMiddleware -const OError = require('@overleaf/o-error') -const logger = require('logger-sharelatex') -const SudoModeHandler = require('./SudoModeHandler') -const AuthenticationController = require('../Authentication/AuthenticationController') -const Settings = require('settings-sharelatex') - -module.exports = SudoModeMiddleware = { - protectPage(req, res, next) { - if (req.externalAuthenticationSystemUsed() && Settings.overleaf == null) { - logger.log( - { userId }, - '[SudoMode] using external auth, skipping sudo-mode check' - ) - return next() - } - var userId = AuthenticationController.getLoggedInUserId(req) - logger.log( - { userId }, - '[SudoMode] protecting endpoint, checking if sudo mode is active' - ) - return SudoModeHandler.isSudoModeActive(userId, function(err, isActive) { - if (err != null) { - OError.tag(err, '[SudoMode] error checking if sudo mode is active', { - userId - }) - return next(err) - } - if (isActive) { - logger.log({ userId }, '[SudoMode] sudo mode active, continuing') - return next() - } else { - logger.log({ userId }, '[SudoMode] sudo mode not active, redirecting') - AuthenticationController.setRedirectInSession(req) - return res.redirect('/confirm-password') - } - }) - } -} diff --git a/services/web/app/src/Features/User/UserController.js b/services/web/app/src/Features/User/UserController.js index ef278276eb..e85c071147 100644 --- a/services/web/app/src/Features/User/UserController.js +++ b/services/web/app/src/Features/User/UserController.js @@ -12,7 +12,6 @@ const Features = require('../../infrastructure/Features') const UserAuditLogHandler = require('./UserAuditLogHandler') const UserSessionsManager = require('./UserSessionsManager') const UserUpdater = require('./UserUpdater') -const SudoModeHandler = require('../SudoMode/SudoModeHandler') const Errors = require('../Errors/Errors') const HttpErrorHandler = require('../Errors/HttpErrorHandler') const OError = require('@overleaf/o-error') @@ -420,7 +419,6 @@ const UserController = { } if (user != null) { UserSessionsManager.untrackSession(user, sessionId) - SudoModeHandler.clearSudoMode(user._id) } cb() }) diff --git a/services/web/app/src/router.js b/services/web/app/src/router.js index f610e6cd6d..edb45b6f70 100644 --- a/services/web/app/src/router.js +++ b/services/web/app/src/router.js @@ -40,8 +40,6 @@ const ContactRouter = require('./Features/Contacts/ContactRouter') const ReferencesController = require('./Features/References/ReferencesController') const AuthorizationMiddleware = require('./Features/Authorization/AuthorizationMiddleware') const BetaProgramController = require('./Features/BetaProgram/BetaProgramController') -const SudoModeController = require('./Features/SudoMode/SudoModeController') -const SudoModeMiddleware = require('./Features/SudoMode/SudoModeMiddleware') const AnalyticsRouter = require('./Features/Analytics/AnalyticsRouter') const MetaController = require('./Features/Metadata/MetaController') const TokenAccessController = require('./Features/TokenAccess/TokenAccessController') @@ -113,7 +111,6 @@ function initialize(webRouter, privateApiRouter, publicApiRouter) { webRouter.get( '/user/settings', AuthenticationController.requireLogin(), - SudoModeMiddleware.protectPage, UserPagesController.settingsPage ) webRouter.post( @@ -199,7 +196,6 @@ function initialize(webRouter, privateApiRouter, publicApiRouter) { webRouter.get( '/user/sessions', AuthenticationController.requireLogin(), - SudoModeMiddleware.protectPage, UserPagesController.sessionsPage ) webRouter.post( @@ -860,21 +856,6 @@ function initialize(webRouter, privateApiRouter, publicApiRouter) { AuthenticationController.requireLogin(), BetaProgramController.optOut ) - webRouter.get( - '/confirm-password', - AuthenticationController.requireLogin(), - SudoModeController.sudoModePrompt - ) - webRouter.post( - '/confirm-password', - AuthenticationController.requireLogin(), - RateLimiterMiddleware.rateLimit({ - endpointName: 'confirm-password', - maxRequests: 10, - timeInterval: 60 - }), - SudoModeController.submitPassword - ) // New "api" endpoints. Started as a way for v1 to call over to v2 (for // long-term features, as opposed to the nominally temporary ones in the diff --git a/services/web/app/views/sudo_mode/sudo_mode_prompt.pug b/services/web/app/views/sudo_mode/sudo_mode_prompt.pug deleted file mode 100644 index 63c20fc33a..0000000000 --- a/services/web/app/views/sudo_mode/sudo_mode_prompt.pug +++ /dev/null @@ -1,48 +0,0 @@ -extends ../layout - -block content - .content.content-alt - .container - .row - .col-md-8.col-md-offset-2.col-lg-6.col-lg-offset-3 - .card - .page-header.text-centered - h2 #{translate('confirm_password_to_continue')} - div - .container-fluid - .row - .col-md-12 - form(async-form="confirmPassword", name="confirmPassword", - action='/confirm-password', method="POST", ng-cloak) - input(name='_csrf', type='hidden', value=csrfToken) - form-messages(for="confirmPassword") - .form-group - label - | #{translate('password')} - input.form-control( - type='password', - name='password', - required, - placeholder='********', - ng-model="password" - ) - span.small.text-primary( - ng-show="confirmPassword.password.$invalid && confirmPassword.password.$dirty" - ) - | #{translate("required")} - .actions - button.btn-primary.btn( - style="width: 100%", - type='submit', - ng-disabled="confirmPassword.inflight" - ) - span #{translate("confirm")} - - .row.row-spaced-small - .col-md-12 - p.text-centered - small - | #{translate('confirm_password_footer')} - - p.text-centered - small #[a(href='/user/password/reset' target="_blank") Set or reset password] diff --git a/services/web/test/acceptance/src/DeletionTests.js b/services/web/test/acceptance/src/DeletionTests.js index 635f728789..7be10bca76 100644 --- a/services/web/test/acceptance/src/DeletionTests.js +++ b/services/web/test/acceptance/src/DeletionTests.js @@ -17,8 +17,7 @@ describe('Deleting a user', function() { async.series( [ this.user.ensureUserExists.bind(this.user), - this.user.login.bind(this.user), - this.user.activateSudoMode.bind(this.user) + this.user.login.bind(this.user) ], done ) diff --git a/services/web/test/acceptance/src/SessionTests.js b/services/web/test/acceptance/src/SessionTests.js index 24206d0da1..e86320abff 100644 --- a/services/web/test/acceptance/src/SessionTests.js +++ b/services/web/test/acceptance/src/SessionTests.js @@ -325,13 +325,7 @@ describe('Sessions', function() { this.user3 = new User() this.user3.email = this.user1.email this.user3.password = this.user1.password - async.series( - [ - this.user2.login.bind(this.user2), - this.user2.activateSudoMode.bind(this.user2) - ], - done - ) + async.series([this.user2.login.bind(this.user2)], done) }) it('should allow the user to erase the other two sessions', function(done) { @@ -385,26 +379,6 @@ describe('Sessions', function() { }) }, - // enter sudo-mode - next => { - this.user2.getCsrfToken(err => { - expect(err).to.be.oneOf([null, undefined]) - this.user2.request.post( - { - uri: '/confirm-password', - json: { - password: this.user2.password - } - }, - (err, response, body) => { - expect(err).to.be.oneOf([null, undefined]) - expect(response.statusCode).to.equal(200) - next() - } - ) - }) - }, - // check the sessions page next => { this.user2.request.get( diff --git a/services/web/test/acceptance/src/SettingsTests.js b/services/web/test/acceptance/src/SettingsTests.js index 1e869334c9..5a816d0886 100644 --- a/services/web/test/acceptance/src/SettingsTests.js +++ b/services/web/test/acceptance/src/SettingsTests.js @@ -34,8 +34,7 @@ describe('SettingsPage', function() { cb => { MockV1Api.setUser(this.v1Id, this.v1User) return cb() - }, - this.user.activateSudoMode.bind(this.user) + } ], done ) diff --git a/services/web/test/acceptance/src/helpers/User.js b/services/web/test/acceptance/src/helpers/User.js index 403cad7c9d..2a08c1bf45 100644 --- a/services/web/test/acceptance/src/helpers/User.js +++ b/services/web/test/acceptance/src/helpers/User.js @@ -573,23 +573,6 @@ class User { }) } - activateSudoMode(callback) { - this.getCsrfToken(error => { - if (error != null) { - return callback(error) - } - this.request.post( - { - uri: '/confirm-password', - json: { - password: this.password - } - }, - callback - ) - }) - } - updateSettings(newSettings, callback) { this.getCsrfToken(error => { if (error != null) { diff --git a/services/web/test/unit/src/Authentication/AuthenticationControllerTests.js b/services/web/test/unit/src/Authentication/AuthenticationControllerTests.js index 4bab5961a2..00f04fda4a 100644 --- a/services/web/test/unit/src/Authentication/AuthenticationControllerTests.js +++ b/services/web/test/unit/src/Authentication/AuthenticationControllerTests.js @@ -67,9 +67,6 @@ describe('AuthenticationController', function() { '../../infrastructure/Modules': (this.Modules = { hooks: { fire: sinon.stub().yields(null, []) } }), - '../SudoMode/SudoModeHandler': (this.SudoModeHandler = { - activateSudoMode: sinon.stub().callsArgWith(1, null) - }), '../Notifications/NotificationsBuilder': (this.NotificationsBuilder = { ipMatcherAffiliation: sinon.stub() }), diff --git a/services/web/test/unit/src/SudoMode/SudoModeControllerTests.js b/services/web/test/unit/src/SudoMode/SudoModeControllerTests.js deleted file mode 100644 index 4438e23c6c..0000000000 --- a/services/web/test/unit/src/SudoMode/SudoModeControllerTests.js +++ /dev/null @@ -1,457 +0,0 @@ -/* eslint-disable - max-len, - no-return-assign, - no-unused-vars, -*/ -// TODO: This file was created by bulk-decaffeinate. -// Fix any style issues and re-enable lint. -/* - * decaffeinate suggestions: - * DS102: Remove unnecessary code created because of implicit returns - * Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md - */ -const SandboxedModule = require('sandboxed-module') -const sinon = require('sinon') -const should = require('chai').should() -const { expect } = require('chai') -const MockRequest = require('../helpers/MockRequest') -const MockResponse = require('../helpers/MockResponse') -const modulePath = '../../../../app/src/Features/SudoMode/SudoModeController' - -describe('SudoModeController', function() { - beforeEach(function() { - this.user = { - _id: 'abcd', - email: 'user@example.com' - } - this.UserGetter = { getUser: sinon.stub().callsArgWith(2, null, this.user) } - this.SudoModeHandler = { - authenticate: sinon.stub(), - isSudoModeActive: sinon.stub(), - activateSudoMode: sinon.stub() - } - this.AuthenticationController = { - getLoggedInUserId: sinon.stub().returns(this.user._id), - _getRediretFromSession: sinon.stub() - } - this.UserGetter = { getUser: sinon.stub() } - return (this.SudoModeController = SandboxedModule.require(modulePath, { - globals: { - console: console - }, - requires: { - 'logger-sharelatex': { - log: sinon.stub(), - warn: sinon.stub(), - err: sinon.stub() - }, - './SudoModeHandler': this.SudoModeHandler, - '../Authentication/AuthenticationController': this - .AuthenticationController, - mongodb: { - ObjectId() { - return 'some_object_id' - } - }, - '../User/UserGetter': this.UserGetter, - 'settings-sharelatex': (this.Settings = {}) - } - })) - }) - - describe('sudoModePrompt', function() { - beforeEach(function() { - this.SudoModeHandler.isSudoModeActive = sinon - .stub() - .callsArgWith(1, null, false) - this.req = { - externalAuthenticationSystemUsed: sinon.stub().returns(false) - } - this.res = { redirect: sinon.stub(), render: sinon.stub() } - return (this.next = sinon.stub()) - }) - - it('should get the logged in user id', function() { - this.SudoModeController.sudoModePrompt(this.req, this.res, this.next) - this.AuthenticationController.getLoggedInUserId.callCount.should.equal(1) - return this.AuthenticationController.getLoggedInUserId - .calledWith(this.req) - .should.equal(true) - }) - - it('should check if sudo-mode is active', function() { - this.SudoModeController.sudoModePrompt(this.req, this.res, this.next) - this.SudoModeHandler.isSudoModeActive.callCount.should.equal(1) - return this.SudoModeHandler.isSudoModeActive - .calledWith(this.user._id) - .should.equal(true) - }) - - it('should redirect when sudo-mode is active', function() { - this.SudoModeHandler.isSudoModeActive = sinon - .stub() - .callsArgWith(1, null, true) - this.SudoModeController.sudoModePrompt(this.req, this.res, this.next) - this.res.redirect.callCount.should.equal(1) - return this.res.redirect.calledWith('/project').should.equal(true) - }) - - it('should render the sudo_mode_prompt page when sudo mode is not active', function() { - this.SudoModeHandler.isSudoModeActive = sinon - .stub() - .callsArgWith(1, null, false) - this.SudoModeController.sudoModePrompt(this.req, this.res, this.next) - this.res.render.callCount.should.equal(1) - return this.res.render - .calledWith('sudo_mode/sudo_mode_prompt') - .should.equal(true) - }) - - describe('when isSudoModeActive produces an error', function() { - beforeEach(function() { - this.SudoModeHandler.isSudoModeActive = sinon - .stub() - .callsArgWith(1, new Error('woops')) - return (this.next = sinon.stub()) - }) - - it('should call next with an error', function() { - this.SudoModeController.sudoModePrompt(this.req, this.res, this.next) - this.next.callCount.should.equal(1) - return expect(this.next.lastCall.args[0]).to.be.instanceof(Error) - }) - - it('should not render page', function() { - this.SudoModeController.sudoModePrompt(this.req, this.res, this.next) - return this.res.render.callCount.should.equal(0) - }) - }) - - describe('when external auth system is used', function() { - beforeEach(function() { - return (this.req.externalAuthenticationSystemUsed = sinon - .stub() - .returns(true)) - }) - - it('should redirect', function() { - this.SudoModeController.sudoModePrompt(this.req, this.res, this.next) - this.res.redirect.callCount.should.equal(1) - return this.res.redirect.calledWith('/project').should.equal(true) - }) - - it('should not check if sudo mode is active', function() { - this.SudoModeController.sudoModePrompt(this.req, this.res, this.next) - return this.SudoModeHandler.isSudoModeActive.callCount.should.equal(0) - }) - - it('should not render page', function() { - this.SudoModeController.sudoModePrompt(this.req, this.res, this.next) - return this.res.render.callCount.should.equal(0) - }) - }) - }) - - describe('submitPassword', function() { - beforeEach(function() { - this.AuthenticationController._getRedirectFromSession = sinon - .stub() - .returns('/somewhere') - this.UserGetter.getUser = sinon.stub().callsArgWith(2, null, this.user) - this.SudoModeHandler.authenticate = sinon - .stub() - .callsArgWith(2, null, this.user) - this.SudoModeHandler.activateSudoMode = sinon.stub().callsArgWith(1, null) - this.password = 'a_terrible_secret' - this.req = { body: { password: this.password } } - this.res = { json: sinon.stub() } - return (this.next = sinon.stub()) - }) - - describe('when all goes well', function() { - beforeEach(function() {}) - - it('should get the logged in user id', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.AuthenticationController.getLoggedInUserId.callCount.should.equal( - 1 - ) - return this.AuthenticationController.getLoggedInUserId - .calledWith(this.req) - .should.equal(true) - }) - - it('should get redirect from session', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.AuthenticationController._getRedirectFromSession.callCount.should.equal( - 1 - ) - return this.AuthenticationController._getRedirectFromSession - .calledWith(this.req) - .should.equal(true) - }) - - it('should get the user from storage', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.UserGetter.getUser.callCount.should.equal(1) - return this.UserGetter.getUser - .calledWith('some_object_id', { email: 1 }) - .should.equal(true) - }) - - it('should try to authenticate the user with the password', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.SudoModeHandler.authenticate.callCount.should.equal(1) - return this.SudoModeHandler.authenticate - .calledWith(this.user.email, this.password) - .should.equal(true) - }) - - it('should activate sudo mode', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.SudoModeHandler.activateSudoMode.callCount.should.equal(1) - return this.SudoModeHandler.activateSudoMode - .calledWith(this.user._id) - .should.equal(true) - }) - - it('should send back a json response', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.res.json.callCount.should.equal(1) - return this.res.json - .calledWith({ redir: '/somewhere' }) - .should.equal(true) - }) - - it('should not call next', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - return this.next.callCount.should.equal(0) - }) - - describe('when no password is supplied', function() { - beforeEach(function() { - this.req.body.password = '' - return (this.next = sinon.stub()) - }) - - it('should return next with an error', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.next.callCount.should.equal(1) - return expect(this.next.lastCall.args[0]).to.be.instanceof(Error) - }) - - it('should not get the user from storage', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - return this.UserGetter.getUser.callCount.should.equal(0) - }) - - it('should not try to authenticate the user with the password', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - return this.SudoModeHandler.authenticate.callCount.should.equal(0) - }) - - it('should not activate sudo mode', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - return this.SudoModeHandler.activateSudoMode.callCount.should.equal(0) - }) - - it('should not send back a json response', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - return this.res.json.callCount.should.equal(0) - }) - }) - - describe('when getUser produces an error', function() { - beforeEach(function() { - this.UserGetter.getUser = sinon - .stub() - .callsArgWith(2, new Error('woops')) - return (this.next = sinon.stub()) - }) - - it('should return next with an error', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.next.callCount.should.equal(1) - return expect(this.next.lastCall.args[0]).to.be.instanceof(Error) - }) - - it('should get the user from storage', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.UserGetter.getUser.callCount.should.equal(1) - return this.UserGetter.getUser - .calledWith('some_object_id', { email: 1 }) - .should.equal(true) - }) - - it('should not try to authenticate the user with the password', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - return this.SudoModeHandler.authenticate.callCount.should.equal(0) - }) - - it('should not activate sudo mode', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - return this.SudoModeHandler.activateSudoMode.callCount.should.equal(0) - }) - - it('should not send back a json response', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - return this.res.json.callCount.should.equal(0) - }) - }) - - describe('when getUser does not find a user', function() { - beforeEach(function() { - this.UserGetter.getUser = sinon.stub().callsArgWith(2, null, null) - return (this.next = sinon.stub()) - }) - - it('should return next with an error', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.next.callCount.should.equal(1) - return expect(this.next.lastCall.args[0]).to.be.instanceof(Error) - }) - - it('should get the user from storage', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.UserGetter.getUser.callCount.should.equal(1) - return this.UserGetter.getUser - .calledWith('some_object_id', { email: 1 }) - .should.equal(true) - }) - - it('should not try to authenticate the user with the password', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - return this.SudoModeHandler.authenticate.callCount.should.equal(0) - }) - - it('should not activate sudo mode', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - return this.SudoModeHandler.activateSudoMode.callCount.should.equal(0) - }) - - it('should not send back a json response', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - return this.res.json.callCount.should.equal(0) - }) - }) - - describe('when authentication fails', function() { - beforeEach(function() { - this.SudoModeHandler.authenticate = sinon - .stub() - .callsArgWith(2, null, null) - this.res.json = sinon.stub() - return (this.req.i18n = { translate: sinon.stub() }) - }) - - it('should send back a failure message', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.res.json.callCount.should.equal(1) - expect(this.res.json.lastCall.args[0]).to.have.keys(['message']) - expect(this.res.json.lastCall.args[0].message).to.have.keys([ - 'text', - 'type' - ]) - this.req.i18n.translate.callCount.should.equal(1) - return this.req.i18n.translate.calledWith('invalid_password') - }) - - it('should get the user from storage', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.UserGetter.getUser.callCount.should.equal(1) - return this.UserGetter.getUser - .calledWith('some_object_id', { email: 1 }) - .should.equal(true) - }) - - it('should try to authenticate the user with the password', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.SudoModeHandler.authenticate.callCount.should.equal(1) - return this.SudoModeHandler.authenticate - .calledWith(this.user.email, this.password) - .should.equal(true) - }) - - it('should not activate sudo mode', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - return this.SudoModeHandler.activateSudoMode.callCount.should.equal(0) - }) - }) - - describe('when authentication produces an error', function() { - beforeEach(function() { - this.SudoModeHandler.authenticate = sinon - .stub() - .callsArgWith(2, new Error('woops')) - return (this.next = sinon.stub()) - }) - - it('should return next with an error', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.next.callCount.should.equal(1) - return expect(this.next.lastCall.args[0]).to.be.instanceof(Error) - }) - - it('should get the user from storage', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.UserGetter.getUser.callCount.should.equal(1) - return this.UserGetter.getUser - .calledWith('some_object_id', { email: 1 }) - .should.equal(true) - }) - - it('should try to authenticate the user with the password', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.SudoModeHandler.authenticate.callCount.should.equal(1) - return this.SudoModeHandler.authenticate - .calledWith(this.user.email, this.password) - .should.equal(true) - }) - - it('should not activate sudo mode', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - return this.SudoModeHandler.activateSudoMode.callCount.should.equal(0) - }) - }) - - describe('when sudo mode activation produces an error', function() { - beforeEach(function() { - this.SudoModeHandler.activateSudoMode = sinon - .stub() - .callsArgWith(1, new Error('woops')) - return (this.next = sinon.stub()) - }) - - it('should return next with an error', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.next.callCount.should.equal(1) - return expect(this.next.lastCall.args[0]).to.be.instanceof(Error) - }) - - it('should get the user from storage', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.UserGetter.getUser.callCount.should.equal(1) - return this.UserGetter.getUser - .calledWith('some_object_id', { email: 1 }) - .should.equal(true) - }) - - it('should try to authenticate the user with the password', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.SudoModeHandler.authenticate.callCount.should.equal(1) - return this.SudoModeHandler.authenticate - .calledWith(this.user.email, this.password) - .should.equal(true) - }) - - it('should have tried to activate sudo mode', function() { - this.SudoModeController.submitPassword(this.req, this.res, this.next) - this.SudoModeHandler.activateSudoMode.callCount.should.equal(1) - return this.SudoModeHandler.activateSudoMode - .calledWith(this.user._id) - .should.equal(true) - }) - }) - }) - }) -}) diff --git a/services/web/test/unit/src/SudoMode/SudoModeHandlerTests.js b/services/web/test/unit/src/SudoMode/SudoModeHandlerTests.js deleted file mode 100644 index cc9b6c808c..0000000000 --- a/services/web/test/unit/src/SudoMode/SudoModeHandlerTests.js +++ /dev/null @@ -1,329 +0,0 @@ -/* eslint-disable - handle-callback-err, - max-len, - no-return-assign, - no-unused-vars, -*/ -// TODO: This file was created by bulk-decaffeinate. -// Fix any style issues and re-enable lint. -/* - * decaffeinate suggestions: - * DS102: Remove unnecessary code created because of implicit returns - * Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md - */ -const SandboxedModule = require('sandboxed-module') -const assert = require('assert') -require('chai').should() -const { expect } = require('chai') -const sinon = require('sinon') -const modulePath = require('path').join( - __dirname, - '../../../../app/src/Features/SudoMode/SudoModeHandler' -) - -describe('SudoModeHandler', function() { - beforeEach(function() { - this.userId = 'some_user_id' - this.email = 'someuser@example.com' - this.user = { - _id: this.userId, - email: this.email - } - this.rclient = { get: sinon.stub(), set: sinon.stub(), del: sinon.stub() } - this.RedisWrapper = { client: () => this.rclient } - return (this.SudoModeHandler = SandboxedModule.require(modulePath, { - globals: { - console: console - }, - requires: { - '../../infrastructure/RedisWrapper': this.RedisWrapper, - 'logger-sharelatex': (this.logger = { - log: sinon.stub(), - err: sinon.stub() - }), - '../Authentication/AuthenticationManager': (this.AuthenticationManager = {}), - 'settings-sharelatex': (this.Settings = {}), - '../V1/V1Handler': (this.V1Handler = { authWithV1: sinon.stub() }), - '../User/UserGetter': (this.UserGetter = { getUser: sinon.stub() }) - } - })) - }) - - describe('_buildKey', function() { - it('should build a properly formed key', function() { - return expect(this.SudoModeHandler._buildKey('123')).to.equal( - 'SudoMode:{123}' - ) - }) - }) - - describe('activateSudoMode', function() { - beforeEach(function() { - return (this.call = cb => { - return this.SudoModeHandler.activateSudoMode(this.userId, cb) - }) - }) - - describe('when all goes well', function() { - beforeEach(function() { - return (this.rclient.set = sinon.stub().callsArgWith(4, null)) - }) - - it('should not produce an error', function(done) { - return this.call(err => { - expect(err).to.equal(null) - return done() - }) - }) - - it('should set a value in redis', function(done) { - return this.call(err => { - expect(this.rclient.set.callCount).to.equal(1) - expect( - this.rclient.set.calledWith( - 'SudoMode:{some_user_id}', - '1', - 'EX', - 60 * 60 - ) - ).to.equal(true) - return done() - }) - }) - }) - - describe('when user id is not supplied', function() { - beforeEach(function() { - return (this.call = cb => { - return this.SudoModeHandler.activateSudoMode(null, cb) - }) - }) - - it('should produce an error', function(done) { - return this.call(err => { - expect(err).to.not.equal(null) - expect(err).to.be.instanceof(Error) - return done() - }) - }) - - it('should not set value in redis', function(done) { - return this.call(err => { - expect(this.rclient.set.callCount).to.equal(0) - return done() - }) - }) - }) - - describe('when rclient.set produces an error', function() { - beforeEach(function() { - return (this.rclient.set = sinon - .stub() - .callsArgWith(4, new Error('woops'))) - }) - - it('should produce an error', function(done) { - return this.call(err => { - expect(err).to.not.equal(null) - expect(err).to.be.instanceof(Error) - return done() - }) - }) - }) - }) - - describe('clearSudoMode', function() { - beforeEach(function() { - this.rclient.del = sinon.stub().callsArgWith(1, null) - return (this.call = cb => { - return this.SudoModeHandler.clearSudoMode(this.userId, cb) - }) - }) - - it('should not produce an error', function(done) { - return this.call(err => { - expect(err).to.equal(null) - return done() - }) - }) - - it('should delete key from redis', function(done) { - return this.call(err => { - expect(this.rclient.del.callCount).to.equal(1) - expect(this.rclient.del.calledWith('SudoMode:{some_user_id}')).to.equal( - true - ) - return done() - }) - }) - - describe('when rclient.del produces an error', function() { - beforeEach(function() { - return (this.rclient.del = sinon - .stub() - .callsArgWith(1, new Error('woops'))) - }) - - it('should produce an error', function(done) { - return this.call(err => { - expect(err).to.not.equal(null) - expect(err).to.be.instanceof(Error) - return done() - }) - }) - }) - - describe('when user id is not supplied', function() { - beforeEach(function() { - return (this.call = cb => { - return this.SudoModeHandler.clearSudoMode(null, cb) - }) - }) - - it('should produce an error', function(done) { - return this.call(err => { - expect(err).to.not.equal(null) - expect(err).to.be.instanceof(Error) - return done() - }) - }) - - it('should not delete value in redis', function(done) { - return this.call(err => { - expect(this.rclient.del.callCount).to.equal(0) - return done() - }) - }) - }) - }) - - describe('authenticate', function() { - beforeEach(function() { - return (this.AuthenticationManager.authenticate = sinon - .stub() - .callsArgWith(2, null, this.user)) - }) - - it('should call AuthenticationManager.authenticate', function(done) { - return this.SudoModeHandler.authenticate( - this.email, - 'password', - (err, user) => { - expect(err).to.not.exist - expect(user).to.exist - expect(user).to.deep.equal(this.user) - expect(this.AuthenticationManager.authenticate.callCount).to.equal(1) - return done() - } - ) - }) - }) - - describe('isSudoModeActive', function() { - beforeEach(function() { - return (this.call = cb => { - return this.SudoModeHandler.isSudoModeActive(this.userId, cb) - }) - }) - - describe('when sudo-mode is active for that user', function() { - beforeEach(function() { - return (this.rclient.get = sinon.stub().callsArgWith(1, null, '1')) - }) - - it('should not produce an error', function(done) { - return this.call((err, isActive) => { - expect(err).to.equal(null) - return done() - }) - }) - - it('should get the value from redis', function(done) { - return this.call((err, isActive) => { - expect(this.rclient.get.callCount).to.equal(1) - expect( - this.rclient.get.calledWith('SudoMode:{some_user_id}') - ).to.equal(true) - return done() - }) - }) - - it('should produce a true result', function(done) { - return this.call((err, isActive) => { - expect(isActive).to.equal(true) - return done() - }) - }) - }) - - describe('when sudo-mode is not active for that user', function() { - beforeEach(function() { - return (this.rclient.get = sinon.stub().callsArgWith(1, null, null)) - }) - - it('should not produce an error', function(done) { - return this.call((err, isActive) => { - expect(err).to.equal(null) - return done() - }) - }) - - it('should get the value from redis', function(done) { - return this.call((err, isActive) => { - expect(this.rclient.get.callCount).to.equal(1) - expect( - this.rclient.get.calledWith('SudoMode:{some_user_id}') - ).to.equal(true) - return done() - }) - }) - - it('should produce a false result', function(done) { - return this.call((err, isActive) => { - expect(isActive).to.equal(false) - return done() - }) - }) - }) - - describe('when rclient.get produces an error', function() { - beforeEach(function() { - return (this.rclient.get = sinon - .stub() - .callsArgWith(1, new Error('woops'))) - }) - - it('should produce an error', function(done) { - return this.call((err, isActive) => { - expect(err).to.not.equal(null) - expect(err).to.be.instanceof(Error) - expect(isActive).to.be.oneOf([null, undefined]) - return done() - }) - }) - }) - - describe('when user id is not supplied', function() { - beforeEach(function() { - return (this.call = cb => { - return this.SudoModeHandler.isSudoModeActive(null, cb) - }) - }) - - it('should produce an error', function(done) { - return this.call(err => { - expect(err).to.not.equal(null) - expect(err).to.be.instanceof(Error) - return done() - }) - }) - - it('should not get value in redis', function(done) { - return this.call(err => { - expect(this.rclient.get.callCount).to.equal(0) - return done() - }) - }) - }) - }) -}) diff --git a/services/web/test/unit/src/SudoMode/SudoModeMiddlewareTests.js b/services/web/test/unit/src/SudoMode/SudoModeMiddlewareTests.js deleted file mode 100644 index 14ebdf8b97..0000000000 --- a/services/web/test/unit/src/SudoMode/SudoModeMiddlewareTests.js +++ /dev/null @@ -1,233 +0,0 @@ -/* eslint-disable - max-len, - no-return-assign, - no-unused-vars, -*/ -// TODO: This file was created by bulk-decaffeinate. -// Fix any style issues and re-enable lint. -/* - * decaffeinate suggestions: - * DS102: Remove unnecessary code created because of implicit returns - * Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md - */ -const SandboxedModule = require('sandboxed-module') -const assert = require('assert') -require('chai').should() -const { expect } = require('chai') -const sinon = require('sinon') -const modulePath = require('path').join( - __dirname, - '../../../../app/src/Features/SudoMode/SudoModeMiddleware' -) - -describe('SudoModeMiddleware', function() { - beforeEach(function() { - this.userId = 'some_user_id' - this.SudoModeHandler = { isSudoModeActive: sinon.stub() } - this.AuthenticationController = { - getLoggedInUserId: sinon.stub().returns(this.userId), - setRedirectInSession: sinon.stub() - } - return (this.SudoModeMiddleware = SandboxedModule.require(modulePath, { - globals: { - console: console - }, - requires: { - './SudoModeHandler': this.SudoModeHandler, - '../Authentication/AuthenticationController': this - .AuthenticationController, - 'logger-sharelatex': { - log: sinon.stub(), - warn: sinon.stub(), - err: sinon.stub() - }, - 'settings-sharelatex': (this.Settings = {}) - } - })) - }) - - describe('protectPage', function() { - beforeEach(function() { - this.externalAuth = false - return (this.call = cb => { - this.req = { - externalAuthenticationSystemUsed: sinon - .stub() - .returns(this.externalAuth) - } - this.res = { redirect: sinon.stub() } - this.next = sinon.stub() - this.SudoModeMiddleware.protectPage(this.req, this.res, this.next) - return cb() - }) - }) - - describe('when sudo mode is active', function() { - beforeEach(function() { - this.AuthenticationController.getLoggedInUserId = sinon - .stub() - .returns(this.userId) - return (this.SudoModeHandler.isSudoModeActive = sinon - .stub() - .callsArgWith(1, null, true)) - }) - - it('should get the current user id', function(done) { - return this.call(() => { - this.AuthenticationController.getLoggedInUserId.callCount.should.equal( - 1 - ) - return done() - }) - }) - - it('should check if sudo-mode is active', function(done) { - return this.call(() => { - this.SudoModeHandler.isSudoModeActive.callCount.should.equal(1) - this.SudoModeHandler.isSudoModeActive - .calledWith(this.userId) - .should.equal(true) - return done() - }) - }) - - it('should call next', function(done) { - return this.call(() => { - this.next.callCount.should.equal(1) - expect(this.next.lastCall.args[0]).to.equal(undefined) - return done() - }) - }) - }) - - describe('when sudo mode is not active', function() { - beforeEach(function() { - this.AuthenticationController.setRedirectInSession = sinon.stub() - this.AuthenticationController.getLoggedInUserId = sinon - .stub() - .returns(this.userId) - return (this.SudoModeHandler.isSudoModeActive = sinon - .stub() - .callsArgWith(1, null, false)) - }) - - it('should get the current user id', function(done) { - return this.call(() => { - this.AuthenticationController.getLoggedInUserId.callCount.should.equal( - 1 - ) - return done() - }) - }) - - it('should check if sudo-mode is active', function(done) { - return this.call(() => { - this.SudoModeHandler.isSudoModeActive.callCount.should.equal(1) - this.SudoModeHandler.isSudoModeActive - .calledWith(this.userId) - .should.equal(true) - return done() - }) - }) - - it('should set redirect in session', function(done) { - return this.call(() => { - this.AuthenticationController.setRedirectInSession.callCount.should.equal( - 1 - ) - this.AuthenticationController.setRedirectInSession - .calledWith(this.req) - .should.equal(true) - return done() - }) - }) - - it('should redirect to the password-prompt page', function(done) { - return this.call(() => { - this.res.redirect.callCount.should.equal(1) - this.res.redirect.calledWith('/confirm-password').should.equal(true) - return done() - }) - }) - }) - - describe('when isSudoModeActive produces an error', function() { - beforeEach(function() { - this.AuthenticationController.getLoggedInUserId = sinon - .stub() - .returns(this.userId) - return (this.SudoModeHandler.isSudoModeActive = sinon - .stub() - .callsArgWith(1, new Error('woops'))) - }) - - it('should get the current user id', function(done) { - return this.call(() => { - this.AuthenticationController.getLoggedInUserId.callCount.should.equal( - 1 - ) - return done() - }) - }) - - it('should check if sudo-mode is active', function(done) { - return this.call(() => { - this.SudoModeHandler.isSudoModeActive.callCount.should.equal(1) - this.SudoModeHandler.isSudoModeActive - .calledWith(this.userId) - .should.equal(true) - return done() - }) - }) - - it('should call next with an error', function(done) { - return this.call(() => { - this.next.callCount.should.equal(1) - expect(this.next.lastCall.args[0]).to.be.instanceof(Error) - return done() - }) - }) - }) - - describe('when external auth is being used', function() { - beforeEach(function() { - this.externalAuth = true - return (this.call = cb => { - this.req = { - externalAuthenticationSystemUsed: sinon - .stub() - .returns(this.externalAuth) - } - this.res = { redirect: sinon.stub() } - this.next = sinon.stub() - this.SudoModeMiddleware.protectPage(this.req, this.res, this.next) - return cb() - }) - }) - - it('should immediately return next with no args', function(done) { - return this.call(() => { - this.next.callCount.should.equal(1) - expect(this.next.lastCall.args[0]).to.not.exist - return done() - }) - }) - - it('should not get the current user id', function(done) { - return this.call(() => { - this.AuthenticationController.getLoggedInUserId.callCount.should.equal( - 0 - ) - return done() - }) - }) - - it('should not check if sudo-mode is active', function(done) { - return this.call(() => { - this.SudoModeHandler.isSudoModeActive.callCount.should.equal(0) - return done() - }) - }) - }) - }) -}) diff --git a/services/web/test/unit/src/User/UserControllerTests.js b/services/web/test/unit/src/User/UserControllerTests.js index 0509d77ef5..f073ab2bc8 100644 --- a/services/web/test/unit/src/User/UserControllerTests.js +++ b/services/web/test/unit/src/User/UserControllerTests.js @@ -77,7 +77,6 @@ describe('UserController', function() { revokeAllUserSessions: sinon.stub().resolves() } } - this.SudoModeHandler = { clearSudoMode: sinon.stub() } this.HttpErrorHandler = { badRequest: sinon.stub(), conflict: sinon.stub(), @@ -113,7 +112,6 @@ describe('UserController', function() { }), './UserHandler': this.UserHandler, './UserSessionsManager': this.UserSessionsManager, - '../SudoMode/SudoModeHandler': this.SudoModeHandler, '../Errors/HttpErrorHandler': this.HttpErrorHandler, 'settings-sharelatex': this.settings, 'logger-sharelatex': (this.logger = { @@ -495,24 +493,8 @@ describe('UserController', function() { this.UserController.logout(this.req, this.res) }) - it('should clear sudo-mode', function(done) { - this.req.session.destroy = sinon.stub().callsArgWith(0) - this.SudoModeHandler.clearSudoMode = sinon.stub() - this.res.redirect = url => { - url.should.equal('/login') - this.SudoModeHandler.clearSudoMode.callCount.should.equal(1) - this.SudoModeHandler.clearSudoMode - .calledWith(this.user._id) - .should.equal(true) - done() - } - - this.UserController.logout(this.req, this.res) - }) - it('should untrack session', function(done) { this.req.session.destroy = sinon.stub().callsArgWith(0) - this.SudoModeHandler.clearSudoMode = sinon.stub() this.res.redirect = url => { url.should.equal('/login') this.UserSessionsManager.untrackSession.callCount.should.equal(1) @@ -528,7 +510,6 @@ describe('UserController', function() { it('should redirect after logout', function(done) { this.req.body.redirect = '/institutional-login' this.req.session.destroy = sinon.stub().callsArgWith(0) - this.SudoModeHandler.clearSudoMode = sinon.stub() this.res.redirect = url => { url.should.equal(this.req.body.redirect) done() @@ -538,7 +519,6 @@ describe('UserController', function() { it('should redirect to login after logout when no redirect set', function(done) { this.req.session.destroy = sinon.stub().callsArgWith(0) - this.SudoModeHandler.clearSudoMode = sinon.stub() this.res.redirect = url => { url.should.equal('/login') done()