agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-05-30 12:24:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2104 from overleaf/ta-user-membership-acceptance-tests

Browse Source 
Acceptance Tests for UserMembership Authorization

GitOrigin-RevId: caad99727fd2fedc91f2b2063ed83a1e02d9ea1d
This commit is contained in:
Eric Mc Sween
2019-08-28 08:58:54 -04:00
committed by sharelatex
parent 6f2b4d3da3
commit 3791b8d288
7 changed files with 565 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

412
services/web/test/acceptance/src/UserMembershipAuthorizationTests.js Normal file
View File

@@ -0,0 +1,412 @@
const { expect } = require('chai')
const async = require('async')
const { ObjectId } = require('../../../app/src/infrastructure/mongojs')
const User = require('./helpers/User')
const Institution = require('./helpers/Institution')
const Subscription = require('./helpers/Subscription')
const Publisher = require('./helpers/Publisher')
const MockV1Api = require('./helpers/MockV1Api')
describe('UserMembershipAuthorization', function() {
beforeEach(function(done) {
this.user = new User()
async.series([this.user.ensureUserExists.bind(this.user)], done)
})
describe('team', function() {
beforeEach(function(done) {
this.subscription = new Subscription({
groupPlan: true,
overleaf: { id: 123 }
})
async.series(
[
this.subscription.ensureExists.bind(this.subscription),
cb => this.user.login(cb)
],
done
)
})
describe('metrics', function() {
it('should allow managers only', function(done) {
const url = `/metrics/teams/123`
async.series(
[
expectAccess(this.user, url, 302, /\/restricted/),
cb => this.subscription.setManagerIds([this.user._id], cb),
expectAccess(this.user, url, 200)
],
done
)
})
})
})
describe('group', function() {
beforeEach(function(done) {
this.subscription = new Subscription({
groupPlan: true
})
async.series(
[
this.subscription.ensureExists.bind(this.subscription),
cb => this.user.login(cb)
],
done
)
})
describe('users management', function() {
it('should allow managers only', function(done) {
const url = `/manage/groups/${this.subscription._id}/members`
async.series(
[
expectAccess(this.user, url, 302, /\/restricted/),
cb => this.subscription.setManagerIds([this.user._id], cb),
expectAccess(this.user, url, 200)
],
done
)
})
})
describe('metrics', function() {
it('should allow managers only', function(done) {
const url = `/metrics/groups/${this.subscription._id}`
async.series(
[
expectAccess(this.user, url, 302, /\/restricted/),
cb => this.subscription.setManagerIds([this.user._id], cb),
expectAccess(this.user, url, 200)
],
done
)
})
it('should handle groups not found', function(done) {
const url = `/metrics/groups/${ObjectId()}`
async.series([expectAccess(this.user, url, 404)], done)
})
})
describe('managers management', function() {
it('should allow managers only', function(done) {
const url = `/manage/groups/${this.subscription._id}/managers`
async.series(
[
expectAccess(this.user, url, 302, /\/restricted/),
cb => this.subscription.setManagerIds([this.user._id], cb),
expectAccess(this.user, url, 200)
],
done
)
})
})
})
describe('institution', function() {
beforeEach(function(done) {
this.institution = new Institution()
async.series([this.institution.ensureExists.bind(this.institution)], done)
})
describe('metrics', function() {
it('should allow users with staff access', function(done) {
const url = `/metrics/institutions/${this.institution.v1Id}`
async.series(
[
cb => this.user.ensureStaffAccess('institutionMetrics', cb),
this.user.login.bind(this.user),
expectAccess(this.user, url, 200)
],
done
)
})
it('should allow admins', function(done) {
const url = `/metrics/institutions/${this.institution.v1Id}`
async.series(
[
this.user.ensure_admin.bind(this.user),
this.user.login.bind(this.user),
expectAccess(this.user, url, 200)
],
done
)
})
it('should allow managers', function(done) {
const url = `/metrics/institutions/${this.institution.v1Id}`
async.series(
[
this.user.login.bind(this.user),
cb => this.institution.setManagerIds([this.user._id], cb),
expectAccess(this.user, url, 200)
],
done
)
})
it('should not allow users without access', function(done) {
const url = `/metrics/institutions/${this.institution.v1Id}`
async.series(
[
this.user.login.bind(this.user),
expectAccess(this.user, url, 302, /\/restricted/)
],
done
)
})
})
describe('users management', function() {
it('should allow managers only', function(done) {
const url = `/manage/institutions/${this.institution.v1Id}/managers`
async.series(
[
this.user.login.bind(this.user),
expectAccess(this.user, url, 302, /\/restricted/),
cb => this.institution.setManagerIds([this.user._id], cb),
expectAccess(this.user, url, 200)
],
done
)
})
})
describe('hub', function() {
it('should allow managers only', function(done) {
const url = `/institutions/${this.institution.v1Id}/hub`
async.series(
[
this.user.login.bind(this.user),
expectAccess(this.user, url, 302, /\/restricted/),
cb => this.institution.setManagerIds([this.user._id], cb),
expectAccess(this.user, url, 200)
],
done
)
})
})
describe('creation', function() {
it('should allow staff only', function(done) {
const url = `/entities/institution/create/foo`
async.series(
[
this.user.login.bind(this.user),
expectAccess(this.user, url, 302, /\/restricted/),
cb => this.user.ensureStaffAccess('institutionManagement', cb),
this.user.login.bind(this.user),
expectAccess(this.user, url, 200)
],
done
)
})
})
})
describe('publisher', function() {
beforeEach(function(done) {
this.publisher = new Publisher({})
async.series(
[
this.publisher.ensureExists.bind(this.publisher),
cb => this.user.login(cb)
],
done
)
})
describe('conversion metrics', function() {
it('should allow managers only', function(done) {
const url = `/metrics/conversions/${this.publisher.slug}`
async.series(
[
expectAccess(this.user, url, 302, /\/restricted/),
cb => this.publisher.setManagerIds([this.user._id], cb),
expectAccess(this.user, url, 200)
],
done
)
})
})
describe('managers management', function() {
it('should allow managers only', function(done) {
const url = `/manage/publishers/${this.publisher.slug}/managers`
async.series(
[
expectAccess(this.user, url, 302, /\/restricted/),
cb => this.publisher.setManagerIds([this.user._id], cb),
expectAccess(this.user, url, 200)
],
done
)
})
})
describe('creation', function() {
it('should redirect staff only', function(done) {
const url = `/publishers/foo/hub`
async.series(
[
this.user.login.bind(this.user),
expectAccess(this.user, url, 404),
cb => this.user.ensureStaffAccess('publisherManagement', cb),
this.user.login.bind(this.user),
expectAccess(this.user, url, 302, /\/create/)
],
done
)
})
it('should allow staff only', function(done) {
const url = `/entities/publisher/create/foo`
async.series(
[
expectAccess(this.user, url, 302, /\/restricted/),
cb => this.user.ensureStaffAccess('publisherManagement', cb),
this.user.login.bind(this.user),
expectAccess(this.user, url, 200)
],
done
)
})
})
})
describe('template', function() {
beforeEach(function(done) {
this.publisher = new Publisher({})
async.series(
[
this.publisher.ensureExists.bind(this.publisher),
cb => this.user.login(cb)
],
done
)
})
it('allow publisher managers only', function(done) {
MockV1Api.setTemplates({
123: {
id: 123,
title: '123 title',
brand: { slug: this.publisher.slug }
}
})
const url = '/metrics/templates/123'
async.series(
[
expectAccess(this.user, url, 302, /\/restricted/),
cb => this.publisher.setManagerIds([this.user._id], cb),
expectAccess(this.user, url, 200)
],
done
)
})
it('handle templates without publisher', function(done) {
MockV1Api.setTemplates({
456: {
id: 456,
title: '456 title',
brand: { slug: null }
}
})
const url = '/metrics/templates/456'
async.series(
[
expectAccess(this.user, url, 302, /\/restricted/),
this.user.ensure_admin.bind(this.user),
this.user.login.bind(this.user),
expectAccess(this.user, url, 200)
],
done
)
})
it('handle templates not found', function(done) {
const url = '/metrics/templates/789'
async.series(
[
this.user.ensure_admin.bind(this.user),
this.user.login.bind(this.user),
expectAccess(this.user, url, 404)
],
done
)
})
})
describe('graph', function() {
it('allow admins only', function(done) {
const url = '/graphs/foo?resource_type=admin'
async.series(
[
this.user.login.bind(this.user),
expectAccess(this.user, url, 302, /\/restricted/),
this.user.ensure_admin.bind(this.user),
this.user.login.bind(this.user),
expectAccess(this.user, url, 200)
],
done
)
})
})
describe('admin metrics', function() {
it('should not allow anonymous users', function(done) {
expectAccess(this.user, '/metrics/admin', 302, /\/restricted/)(done)
})
it('should not allow all users', function(done) {
async.series(
[
this.user.login.bind(this.user),
expectAccess(this.user, '/metrics/admin', 302, /\/restricted/)
],
done
)
})
it('should allow admin users', function(done) {
async.series(
[
this.user.ensure_admin.bind(this.user),
this.user.login.bind(this.user),
expectAccess(this.user, '/metrics/admin', 200)
],
done
)
})
it('should allow users with staff access', function(done) {
async.series(
[
cb => this.user.ensureStaffAccess('adminMetrics', cb),
this.user.login.bind(this.user),
expectAccess(this.user, '/metrics/admin', 200)
],
done
)
})
})
})
function expectAccess(user, url, status, pattern) {
return callback => {
user.request.get({ url }, (error, response, body) => {
if (error) {
return callback(error)
}
expect(response.statusCode).to.equal(status)
if (pattern) {
expect(body).to.match(pattern)
}
callback()
})
}
}

38
services/web/test/acceptance/src/helpers/Institution.js Normal file
View File

@@ -0,0 +1,38 @@
const { ObjectId } = require('../../../../app/src/infrastructure/mongojs')
const InstitutionModel = require('../../../../app/src/models/Institution')
.Institution
let count = parseInt(Math.random() * 999999)
class Institution {
constructor(options = {}) {
this.v1Id = options.v1Id || count
this.managerIds = []
count += 1
}
ensureExists(callback) {
const filter = { v1Id: this.v1Id }
const options = { upsert: true, new: true, setDefaultsOnInsert: true }
InstitutionModel.findOneAndUpdate(
filter,
{},
options,
(error, institution) => {
this._id = institution._id
callback(error)
}
)
}
setManagerIds(managerIds, callback) {
return InstitutionModel.findOneAndUpdate(
{ _id: ObjectId(this._id) },
{ managerIds: managerIds },
callback
)
}
}
module.exports = Institution

26
services/web/test/acceptance/src/helpers/MockAnalyticsApi.js Normal file
View File

@@ -0,0 +1,26 @@
let MockAnalyticsApi
const express = require('express')
const app = express()
module.exports = MockAnalyticsApi = {
updates: {},
run() {
app.get('/graphs/:graph', (req, res, next) => {
return res.json({})
})
app
.listen(3050, error => {
if (error) {
throw error
}
})
.on('error', error => {
console.error('error starting MockAnalyticsApi:', error.message)
return process.exit(1)
})
}
}
MockAnalyticsApi.run()

14
services/web/test/acceptance/src/helpers/MockV1Api.js
View File

@@ -73,6 +73,12 @@ module.exports = MockV1Api = {
return (this.doc_exported[token] = info)
},
templates: {},
setTemplates(templates) {
this.templates = templates
},
run() {
app.get(
'/api/v1/sharelatex/users/:v1_user_id/plan_code',
@@ -259,6 +265,14 @@ module.exports = MockV1Api = {
}
)
app.get('/api/v2/templates/:templateId', (req, res, next) => {
const template = this.templates[req.params.templateId]
if (!template) {
res.sendStatus(404)
}
return res.json(template)
})
return app
.listen(5000, error => {
if (error != null) {

32
services/web/test/acceptance/src/helpers/Publisher.js Normal file
View File

@@ -0,0 +1,32 @@
const { ObjectId } = require('../../../../app/src/infrastructure/mongojs')
const PublisherModel = require('../../../../app/src/models/Publisher').Publisher
let count = parseInt(Math.random() * 999999)
class Publisher {
constructor(options = {}) {
this.slug = options.slug || `publisher-slug-${count}`
this.managerIds = []
count += 1
}
ensureExists(callback) {
const filter = { slug: this.slug }
const options = { upsert: true, new: true, setDefaultsOnInsert: true }
PublisherModel.findOneAndUpdate(filter, {}, options, (error, publisher) => {
this._id = publisher._id
callback(error)
})
}
setManagerIds(managerIds, callback) {
return PublisherModel.findOneAndUpdate(
{ _id: ObjectId(this._id) },
{ managerIds: managerIds },
callback
)
}
}
module.exports = Publisher

37
services/web/test/acceptance/src/helpers/Subscription.js Normal file
View File

@@ -0,0 +1,37 @@
const { ObjectId } = require('../../../../app/src/infrastructure/mongojs')
const SubscriptionModel = require('../../../../app/src/models/Subscription')
.Subscription
class Subscription {
constructor(options = {}) {
this.overleaf = options.overleaf || {}
this.groupPlan = options.groupPlan
this.manager_ids = []
}
ensureExists(callback) {
if (this._id) {
return callback(null)
}
const options = { upsert: true, new: true, setDefaultsOnInsert: true }
SubscriptionModel.findOneAndUpdate(
{},
this,
options,
(error, subscription) => {
this._id = subscription._id
callback(error)
}
)
}
setManagerIds(managerIds, callback) {
return SubscriptionModel.findOneAndUpdate(
{ _id: ObjectId(this._id) },
{ manager_ids: managerIds },
callback
)
}
}
module.exports = Subscription

6
services/web/test/acceptance/src/helpers/User.js
View File

@@ -264,6 +264,12 @@ class User {
)
}
ensureStaffAccess(flag, callback) {
const update = { $set: {} }
update.$set[`staffAccess.${flag}`] = true
return db.users.update({ _id: ObjectId(this.id) }, update, callback)
}
upgradeFeatures(callback) {
if (callback == null) {
callback = function(error) {}