openhim-core/coverage/lcov-report/src/middleware/authorisation.coffee.html

The OpenHIM core application that provides logging and routing of http requests

<!doctype html>
<html lang="en">
<head>
    <title>Code coverage report for src/middleware/authorisation.coffee</title>
    <meta charset="utf-8" />
    <link rel="stylesheet" href="../../prettify.css" />
    <link rel="stylesheet" href="../../base.css" />
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <style type='text/css'>
        .coverage-summary .sorter {
            background-image: url(../../sort-arrow-sprite.png);
        }
    </style>
</head>
<body>
<div class='wrapper'>
  <div class='pad1'>
    <h1>
      <a href="../../index.html">All files</a> / <a href="index.html">src/middleware</a> authorisation.coffee
    </h1>
    <div class='clearfix'>
      <div class='fl pad1y space-right2'>
        <span class="strong">48.84% </span>
        <span class="quiet">Statements</span>
        <span class='fraction'>21/43</span>
      </div>
      <div class='fl pad1y space-right2'>
        <span class="strong">8.33% </span>
        <span class="quiet">Branches</span>
        <span class='fraction'>1/12</span>
      </div>
      <div class='fl pad1y space-right2'>
        <span class="strong">0% </span>
        <span class="quiet">Functions</span>
        <span class='fraction'>0/7</span>
      </div>
      <div class='fl pad1y space-right2'>
        <span class="strong">48.78% </span>
        <span class="quiet">Lines</span>
        <span class='fraction'>20/41</span>
      </div>
    </div>
  </div>
  <div class='status-line low'></div>
<pre><table class="coverage">
<tr><td class="line-count quiet">1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70</td><td class="line-coverage quiet"><span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-no">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-neutral">&nbsp;</span>
<span class="cline-any cline-yes">2x</span>
<span class="cline-any cline-neutral">&nbsp;</span></td><td class="text"><pre class="prettyprint lang-js"><span class="fstat-no" title="function not covered" ><span class="branch-1 cbranch-no" title="branch not covered" >Q = require "q"</span></span>
logger = require "winston"
atna = require 'atna-audit'
config = require '../config/config'
config.authentication = config.get('authentication')
utils = require '../utils'
auditing = require '../auditing'
&nbsp;
statsdServer = config.get 'statsd'
application = config.get 'application'
himSourceID = config.get('auditing').auditEvents.auditSourceID
SDC = require 'statsd-client'
os = require 'os'
&nbsp;
domain = "#{os.hostname()}.#{application.name}.appMetrics"
sdc = new SDC statsdServer
&nbsp;
genAuthAudit = <span class="fstat-no" title="function not covered" >(</span>remoteAddress) -&gt;
<span class="cstat-no" title="statement not covered" >  audit = a</span>tna.nodeAuthentication remoteAddress, himSourceID, os.hostname(), atna.OUTCOME_MINOR_FAILURE
<span class="cstat-no" title="statement not covered" >  audit = a</span>tna.wrapInSyslog audit
<span class="cstat-no" title="statement not covered" >  return a</span>udit
&nbsp;
authoriseClient = <span class="fstat-no" title="function not covered" >(</span>channel, ctx) -&gt;
  if ctx.authenticated? and channel.allow?
    if ctx.authenticated.roles?
<span class="cstat-no" title="statement not covered" ><span class="cstat-no" title="statement not covered" >      for role in channel.allow</span></span>
        if role in ctx.authenticated.roles
<span class="cstat-no" title="statement not covered" >          return true</span>
<span class="cstat-no" title="statement not covered" >    if ctx.authenticated.clientID in channel.allow</span>
<span class="cstat-no" title="statement not covered" >      return true</span>
&nbsp;
<span class="cstat-no" title="statement not covered" >  return f</span>alse
&nbsp;
authoriseIP = <span class="fstat-no" title="function not covered" >(</span>channel, ctx) -&gt;
  if channel.whitelist?.length &gt; 0
<span class="cstat-no" title="statement not covered" >    return ctx.ip in channel.whitelist</span>
  else
<span class="cstat-no" title="statement not covered" >    return true # whitelist auth not required</span>
&nbsp;
exports.authorise = <span class="fstat-no" title="function not covered" >(</span>ctx, done) -&gt;
&nbsp;
<span class="cstat-no" title="statement not covered" >  channel = ctx.m</span>atchingChannel
&nbsp;
  if channel? and authoriseIP(channel, ctx) and (channel.authType is 'public' or authoriseClient(channel, ctx))
    # authorisation succeeded
<span class="cstat-no" title="statement not covered" >    ctx.authorisedChannel = c</span>hannel
<span class="cstat-no" title="statement not covered" >    logger.info "The request, '#{ctx.request.path}' is authorised to access #{ctx.authorisedChannel.name}"</span>
  else
    # authorisation failed
<span class="cstat-no" title="statement not covered" >    ctx.response.status = 4</span>01
    if config.authentication.enableBasicAuthentication
<span class="cstat-no" title="statement not covered" >      ctx.set "WWW-Authenticate", "Basic"</span>
<span class="cstat-no" title="statement not covered" >    logger.info "The request, '#{ctx.request.path}', is not authorised to access any channels."</span>
<span class="cstat-no" title="statement not covered" >    auditing.sendAuditEvent genAuthAudit(ctx.ip), <span class="fstat-no" title="function not covered" ></span>-&gt; logger.debug 'Processed nodeAuthentication audit'</span>
&nbsp;
  done()
&nbsp;
exports.koaMiddleware = <span class="fstat-no" title="function not covered" >(</span>next) -&gt;
<span class="cstat-no" title="statement not covered" ></span>  startTime = new Date() if statsdServer.enabled
<span class="cstat-no" title="statement not covered" >  authorise = Q</span>.denodeify exports.authorise
<span class="cstat-no" title="statement not covered" >  yield authorise this</span>
  if this.authorisedChannel?
<span class="cstat-no" title="statement not covered" ></span>    sdc.timing "#{domain}.authorisationMiddleware", startTime if statsdServer.enabled
    yield next
&nbsp;
# export private functions for unit testing
# note: you cant spy on these method because of this :(
if process.env.NODE_ENV == "test"
  exports.genAuthAudit = genAuthAudit
&nbsp;</pre></td></tr>
</table></pre>
<div class='push'></div><!-- for sticky footer -->
</div><!-- /wrapper -->
<div class='footer quiet pad2 space-top1 center small'>
  Code coverage
  generated by <a href="http://istanbul-js.org/" target="_blank">istanbul</a> at Mon Oct 10 2016 13:39:22 GMT+0200 (SAST)
</div>
</div>
<script src="../../prettify.js"></script>
<script>
window.onload = function () {
        if (typeof prettyPrint === 'function') {
            prettyPrint();
        }
};
</script>
<script src="../../sorter.js"></script>
</body>
</html>