diff --git a/database/test/db-admin-persona.test.js b/database/test/db-admin-persona.test.js index fd83344..dd89bdb 100644 --- a/database/test/db-admin-persona.test.js +++ b/database/test/db-admin-persona.test.js @@ -1,29 +1,29 @@ const { describe, it } = require('mocha') const assert = require('assert') -const postPersonas = require('../layer/admin-persona.js') +const adminPersonas = require('../layer/admin-persona.js') const { usherDb } = require('../layer/knex') describe('Admin persona view', () => { describe('Test INSERT personas', () => { it('Should insert persona without an exception', async () => { - const insertResult = await postPersonas.insertPersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-1@dmgtoocto.com', '') + const insertResult = await adminPersonas.insertPersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-1@dmgtoocto.com', '') assert.strictEqual(insertResult, 'Insert successful') - await postPersonas.deletePersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-1@dmgtoocto.com', '') + await adminPersonas.deletePersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-1@dmgtoocto.com', '') }) it('Should fail to insert for a nonexistent tenant', async () => { - const insertResult = await postPersonas.insertPersona('test-tenant1 Non-existent', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-3@dmgtoocto.com', '') + const insertResult = await adminPersonas.insertPersona('test-tenant1 Non-existent', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-3@dmgtoocto.com', '') assert.strictEqual(insertResult, 'Insert failed: Tenant does not exist matching tenantname test-tenant1 Non-existent iss_claim http://idp.dmgt.com.mock.localhost:3002/') }) it('Should fail to insert duplicate tenant/persona combination - check tenantname', async () => { - await postPersonas.insertPersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-x@dmgtoocto.com', '') - const result = await postPersonas.insertPersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-x@dmgtoocto.com', '') + await adminPersonas.insertPersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-x@dmgtoocto.com', '') + const result = await adminPersonas.insertPersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-x@dmgtoocto.com', '') assert.strictEqual(result, 'Insert failed: A persona (sub_claim = test-dmgt-oocto-x@dmgtoocto.com; user_context = ) already exists on tenantname test-tenant1 iss_claim http://idp.dmgt.com.mock.localhost:3002/') - await postPersonas.deletePersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-x@dmgtoocto.com', '') + await adminPersonas.deletePersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-x@dmgtoocto.com', '') }) it('Should insert persona by tenant key without an exception', async () => { const subClaim = 'test-user@the-usher.com' const [tenant] = await usherDb('tenants').select('*').limit(1) - const persona = await postPersonas.insertPersonaByTenantKey(tenant.key, subClaim) + const persona = await adminPersonas.insertPersonaByTenantKey(tenant.key, subClaim) assert.strictEqual(persona.sub_claim, subClaim) await usherDb('personas').where({ key: persona.key }).del() }) @@ -31,25 +31,53 @@ describe('Admin persona view', () => { describe('Test UPDATE personas', () => { it('Should update persona without an exception by tenantname', async () => { - await postPersonas.insertPersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-5@dmgtoocto.com', '') - const resultTenantname = await postPersonas.updatePersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-5@dmgtoocto.com', 'test-dmgt-oocto-7@dmgtoocto.com', '', '') + await adminPersonas.insertPersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-5@dmgtoocto.com', '') + const resultTenantname = await adminPersonas.updatePersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-5@dmgtoocto.com', 'test-dmgt-oocto-7@dmgtoocto.com', '', '') assert.strictEqual(resultTenantname, 'Update successful') - await postPersonas.deletePersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-7@dmgtoocto.com', '') + await adminPersonas.deletePersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'test-dmgt-oocto-7@dmgtoocto.com', '') }) it('Should fail to update for a nonexistent tenant', async () => { - const resultTenantname = await postPersonas.updatePersona('test-tenant1 Non-existent', 'http://idp.dmgt.com.mock.localhost:3002/', 'auth0|test-persona2-REPLACE', 'should_not_replace_sub_claim', '', '') + const resultTenantname = await adminPersonas.updatePersona('test-tenant1 Non-existent', 'http://idp.dmgt.com.mock.localhost:3002/', 'auth0|test-persona2-REPLACE', 'should_not_replace_sub_claim', '', '') assert.strictEqual(resultTenantname, 'Update failed: A persona (sub_claim = auth0|test-persona2-REPLACE; user_context = ) does not exist on tenantname test-tenant1 Non-existent iss_claim http://idp.dmgt.com.mock.localhost:3002/') }) it('Should fail to update for a nonexistent persona', async () => { - const resultTenantname = await postPersonas.updatePersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'does-not-exist@dmgtoocto.com', 'should_not_replace_sub_claim', '', '') + const resultTenantname = await adminPersonas.updatePersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'does-not-exist@dmgtoocto.com', 'should_not_replace_sub_claim', '', '') assert.strictEqual(resultTenantname, 'Update failed: A persona (sub_claim = does-not-exist@dmgtoocto.com; user_context = ) does not exist on tenantname test-tenant1 iss_claim http://idp.dmgt.com.mock.localhost:3002/') }) }) describe('Test DELETE personas', () => { it('Should fail to delete a persona not linked to a tenant', async () => { - const resultDelete = await postPersonas.deletePersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'no-persona@dmgtoocto.com', '') + const resultDelete = await adminPersonas.deletePersona('test-tenant1', 'http://idp.dmgt.com.mock.localhost:3002/', 'no-persona@dmgtoocto.com', '') assert.strictEqual(resultDelete, 'Delete failed: A persona (sub_claim = no-persona@dmgtoocto.com; user_context = ) does not exist on tenantname test-tenant1 iss_claim http://idp.dmgt.com.mock.localhost:3002/') }) }) + + describe('Test GET personas', () => { + const invalidPersonaKey = 0; + it('Should return a valid persona', async () => { + const persona = await adminPersonas.getPersona(1) + assert.strictEqual(persona.key, 1) + }) + it('Should return undefined for invalid persona key', async () => { + const persona = await adminPersonas.getPersona(invalidPersonaKey) + assert.strictEqual(persona, undefined) + }) + }) + + describe('Test GET personas permissions', () => { + const invalidPersonaKey = 0; + it('Should return an array of permissions for the persona', async function () { + const { personakey } = await usherDb('personapermissions').select('*').first() || {} + if (!personakey) { + this.skip() + } + const personaPermissions = await adminPersonas.getPersonaPermissions(personakey) + assert.equal(!!personaPermissions.length, true) + }) + it('Should return an empty array', async function () { + const personaPermissions = await adminPersonas.getPersonaPermissions(invalidPersonaKey) + assert.equal(personaPermissions.length, 0) + }) + }) }) diff --git a/server/test/endpoint_admin_personas_permissions.test.js b/server/test/endpoint_admin_personas_permissions.test.js new file mode 100644 index 0000000..cc54cea --- /dev/null +++ b/server/test/endpoint_admin_personas_permissions.test.js @@ -0,0 +1,58 @@ +const { describe, it, before } = require('mocha') +const fetch = require('node-fetch') +const assert = require('assert') + +const { getAdmin1IdPToken } = require('./lib/tokens') +const { getServerUrl } = require('./lib/urls') +const { usherDb } = require('../../database/layer/knex') + + +describe('Admin Personas Permissions', () => { + let requestHeaders + const url = `${getServerUrl()}` + + before(async () => { + const userAccessToken = await getAdmin1IdPToken() + requestHeaders = { + 'Content-Type': 'application/json', + Authorization: `Bearer ${userAccessToken}`, + } + }) + + describe('GET:/personas/{persona_key}/permissions', () => { + const invalidPersona = 0; + const validPersonaWithNoPermissions = 1 + + it('should return 200 and a list of permissions for the persona', async function () { + const { personakey } = await usherDb('personapermissions').select('*').first() || {} + if (!personakey) { + this.skip() + } + const response = await fetch(`${url}/personas/${personakey}/permissions`, { + method: 'GET', + headers: requestHeaders, + }) + assert.equal(response.status, 200) + const personaPermissions = await response.json() + assert.equal(personaPermissions.length > 0, true) + }) + + it('should return 200 and an empty array', async () => { + const response = await fetch(`${url}/personas/${validPersonaWithNoPermissions}/permissions`, { + method: 'GET', + headers: requestHeaders, + }) + assert.equal(response.status, 200) + const personaPermissions = await response.json() + assert.equal(personaPermissions.length, 0) + }) + + it('should return 404 and fail to get permissions for an invalid persona', async () => { + const response = await fetch(`${url}/personas/${invalidPersona}/permissions`, { + method: 'GET', + headers: requestHeaders, + }) + assert.equal(response.status, 404) + }) + }) +})