realm-object-server/dist/integration-tests/user-metadata-integration.spec.js

Realm Object Server

"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
Object.defineProperty(exports, "__esModule", { value: true });
const TestServer_1 = require("../TestServer");
const Token_1 = require("../shared/Token");
const chai_1 = require("chai");
const chai = require("chai");
chai.use(require("chai-as-promised"));
const superagent = require("superagent");
const faker = require("faker");
describe("User Metadata", function () {
    let server;
    let authService;
    let adminToken;
    let userToken;
    let userId;
    before(() => __awaiter(this, void 0, void 0, function* () {
        server = new TestServer_1.TestServer();
        yield server.start();
        authService = server.getService("auth");
        adminToken = yield server.createSignedAdminToken();
        userId = faker.internet.userName();
        yield authService.createOrUpdateUser(userId, "password", false, { email: faker.internet.email() }, userId);
        userToken = new Token_1.RefreshToken({ identity: userId, isAdmin: false, appId: "io.realm.Test" }).sign(server.privateKey);
    }));
    after(() => __awaiter(this, void 0, void 0, function* () {
        yield server.shutdown();
    }));
    describe("GET /auth/users/:userId (getUserById)", () => {
        describe("as an admin", () => {
            it("should be able get a user", () => __awaiter(this, void 0, void 0, function* () {
                const username = faker.internet.userName();
                const email = faker.internet.email();
                const user = yield authService.createOrUpdateUser(username, "password", false, { email });
                const response = yield chai_1.assert.isFulfilled(superagent.get(`${server.url}/auth/users/${user.userId}`).set({ Authorization: adminToken }));
                chai_1.assert.equal(response.body.user_id, user.userId);
                chai_1.assert.isFalse(response.body.is_admin);
                chai_1.assert.equal(response.body.accounts[0].provider, "password");
                chai_1.assert.equal(response.body.accounts[0].provider_id, username);
                chai_1.assert.equal(response.body.metadata[0].key, "email");
                chai_1.assert.equal(response.body.metadata[0].value, email);
            }));
            it("rejects when the user is not found", () => __awaiter(this, void 0, void 0, function* () {
                yield chai_1.assert.isRejected(superagent.get(`${server.url}/auth/users/Trevor.Siemian`).set({ Authorization: adminToken }), "Not Found");
            }));
        });
        describe("as a regular user", () => {
            it("when getting another user should reject with error", () => __awaiter(this, void 0, void 0, function* () {
                yield chai_1.assert.isRejected(superagent.get(`${server.url}/auth/users/Aqib.Talib`).set({ Authorization: userToken }), "Forbidden");
            }));
            it("when getting self should return a user", () => __awaiter(this, void 0, void 0, function* () {
                yield chai_1.assert.isFulfilled(superagent.get(`${server.url}/auth/users/${userId}`).set({ Authorization: userToken }));
            }));
        });
        describe("without authorization header", () => {
            it("should reject with error", () => __awaiter(this, void 0, void 0, function* () {
                yield chai_1.assert.isRejected(superagent.get(`${server.url}/auth/users/Aqib.Talib`), "Unauthorized");
            }));
        });
    });
    describe("GET /auth/users/:provider/:provider_id (getUserByProviderId)", () => {
        describe("as an admin", () => {
            it("should be able get a user", () => __awaiter(this, void 0, void 0, function* () {
                const username = faker.internet.userName();
                const email = faker.internet.email();
                const user = yield authService.createOrUpdateUser(username, "password", false, { email });
                const response = yield chai_1.assert.isFulfilled(superagent.get(`${server.url}/auth/users/password/${username}`).set({ Authorization: adminToken }));
                chai_1.assert.equal(response.body.user_id, user.userId);
                chai_1.assert.isFalse(response.body.is_admin);
                chai_1.assert.equal(response.body.accounts[0].provider, "password");
                chai_1.assert.equal(response.body.accounts[0].provider_id, username);
                chai_1.assert.equal(response.body.metadata[0].key, "email");
                chai_1.assert.equal(response.body.metadata[0].value, email);
            }));
            it("rejects when the provider is not found", () => __awaiter(this, void 0, void 0, function* () {
                yield chai_1.assert.isRejected(superagent.get(`${server.url}/auth/users/foo/Matt.Paradis`).set({ Authorization: adminToken }), "Not Found");
            }));
            it("rejects when the user is not found", () => __awaiter(this, void 0, void 0, function* () {
                yield chai_1.assert.isRejected(superagent.get(`${server.url}/auth/users/password/Paxton.Lynch`).set({ Authorization: adminToken }), "Not Found");
            }));
        });
        describe("as a regular user", () => {
            describe("when accessing own user", () => {
                it("should return the user info", () => __awaiter(this, void 0, void 0, function* () {
                    yield chai_1.assert.isFulfilled(superagent.get(`${server.url}/auth/users/password/${userId}`).set({ Authorization: userToken }));
                }));
            });
            describe("when accessing another user", () => {
                it("should reject with error", () => __awaiter(this, void 0, void 0, function* () {
                    yield chai_1.assert.isRejected(superagent.get(`${server.url}/auth/users/password/Aqib.Talib`).set({ Authorization: userToken }), "Not Found");
                }));
            });
        });
        describe("without authorization header", () => {
            it("should reject with error", () => __awaiter(this, void 0, void 0, function* () {
                yield chai_1.assert.isRejected(superagent.get(`${server.url}/auth/users/password/Aqib.Talib`), "Unauthorized");
            }));
        });
    });
    describe("PUT /users (createOrUpdateUser)", () => {
        describe("as an admin user", () => {
            it("should create and then update a user", () => __awaiter(this, void 0, void 0, function* () {
                const username = faker.internet.userName();
                const email = faker.internet.email();
                let response = yield chai_1.assert.isFulfilled(superagent.put(`${server.url}/auth/users`).set({ Authorization: adminToken })
                    .send({
                    provider_id: username,
                    provider: "password",
                    is_admin: true,
                    metadata: { email }
                }));
                chai_1.assert.isDefined(response.body.user_id);
                chai_1.assert.isTrue(response.body.is_admin);
                chai_1.assert.equal(response.body.accounts[0].provider, "password");
                chai_1.assert.equal(response.body.accounts[0].provider_id, username);
                chai_1.assert.equal(response.body.metadata[0].key, "email");
                chai_1.assert.equal(response.body.metadata[0].value, email);
                response = (yield chai_1.assert.isFulfilled(superagent.put(`${server.url}/auth/users`).set({ Authorization: adminToken })
                    .send({
                    provider_id: username,
                    provider: "password",
                    is_admin: true,
                    metadata: { email: "elway@denverbroncos.com" }
                })));
                chai_1.assert.isDefined(response.body.user_id);
                chai_1.assert.isTrue(response.body.is_admin);
                chai_1.assert.equal(response.body.accounts[0].provider, "password");
                chai_1.assert.equal(response.body.accounts[0].provider_id, username);
                chai_1.assert.equal(response.body.metadata[0].key, "email");
                chai_1.assert.equal(response.body.metadata[0].value, "elway@denverbroncos.com");
            }));
            describe("when provider_id and provider are not passed", () => {
                it("should reject with error", () => __awaiter(this, void 0, void 0, function* () {
                    yield chai_1.assert.isRejected(superagent.put(`${server.url}/auth/users`).set({ Authorization: adminToken }).send({}), "Bad Request");
                }));
            });
            describe("when provider_id is not passed", () => {
                it("should reject with error", () => __awaiter(this, void 0, void 0, function* () {
                    yield chai_1.assert.isRejected(superagent.put(`${server.url}/auth/users`).set({ Authorization: adminToken }).send({
                        provider: "password",
                    }), "Bad Request");
                }));
            });
            describe("when provider is not passed", () => {
                it("should reject with error", () => __awaiter(this, void 0, void 0, function* () {
                    yield chai_1.assert.isRejected(superagent.put(`${server.url}/auth/users`).set({ Authorization: adminToken }).send({
                        provider_id: "Adam.Gotsis",
                    }), "Bad Request");
                }));
            });
            describe("when userId requires URL encoding", () => {
                it("should reject with error", () => __awaiter(this, void 0, void 0, function* () {
                    yield chai_1.assert.isRejected(superagent.put(`${server.url}/auth/users`).set({ Authorization: adminToken }).send({
                        provider_id: "Adam.Gotsis",
                        provider: "password",
                        user_id: "adam.gotsis@denverbroncos.com",
                    }), "Bad Request");
                }));
            });
            describe("when updating a user", () => {
                let username;
                let response;
                beforeEach(() => __awaiter(this, void 0, void 0, function* () {
                    username = faker.internet.userName();
                    response = (yield chai_1.assert.isFulfilled(superagent.put(`${server.url}/auth/users`).set({ Authorization: adminToken })
                        .send({
                        provider_id: username,
                        provider: "password",
                        is_admin: true
                    })));
                }));
                describe("when userId does not match existing userId", () => {
                    it("should reject with error", () => __awaiter(this, void 0, void 0, function* () {
                        yield chai_1.assert.isRejected(superagent.put(`${server.url}/auth/users`).set({ Authorization: adminToken }).send({
                            provider_id: username,
                            provider: "password",
                            user_id: "some-bogus-userId",
                        }), "Bad Request");
                    }));
                });
                describe("when userId matches existing userId", () => {
                    it("should reject with error", () => __awaiter(this, void 0, void 0, function* () {
                        const r = yield chai_1.assert.isFulfilled(superagent.put(`${server.url}/auth/users`).set({ Authorization: adminToken }).send({
                            provider_id: username,
                            provider: "password",
                            userId: response.body.userId,
                            is_admin: true
                        }));
                        chai_1.assert.isTrue(r.body.is_admin);
                    }));
                });
            });
        });
        describe("as a regular user", () => {
            it("should reject with error", () => __awaiter(this, void 0, void 0, function* () {
                yield chai_1.assert.isRejected(superagent.put(`${server.url}/auth/users`).set({ Authorization: userToken })
                    .send({
                    provider_id: "Cody.Latimer",
                    provider: "password",
                    is_admin: false,
                }), "Forbidden");
            }));
        });
        describe("without a token", () => {
            it("should reject with error", () => __awaiter(this, void 0, void 0, function* () {
                yield chai_1.assert.isRejected(superagent.put(`${server.url}/auth/users`)
                    .send({
                    provider_id: "Cody.Latimer",
                    provider: "password",
                    is_admin: false,
                }), "Unauthorized");
            }));
        });
    });
});
//# sourceMappingURL=user-metadata-integration.spec.js.map