UNPKG

unleash-server

Version:

Unleash is an enterprise ready feature flag service. It provides different strategies for handling feature flags.

github.com/unleash/unleash

unleash/unleash

112 lines 3.97 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
import supertest from 'supertest'; import { createServices } from '../../../services/index.js'; import { createTestConfig } from '../../../../test/config/test-config.js'; import createStores from '../../../../test/fixtures/store.js'; import getApp from '../../../app.js'; import User from '../../../types/user.js'; import bcrypt from 'bcryptjs'; const currentUser = new User({ id: 1337, email: 'test@mail.com' }); const oldPassword = 'old-pass'; async function getSetup() { const base = `/random${Math.round(Math.random() * 1000)}`; const stores = createStores(); await stores.userStore.insert(currentUser); await stores.userStore.setPasswordHash(currentUser.id, await bcrypt.hash(oldPassword, 10), 5); const config = createTestConfig({ preHook: (a) => { a.use((req, res, next) => { req.user = currentUser; next(); }); }, server: { baseUriPath: base }, }); const services = createServices(stores, config); const app = await getApp(config, stores, services); return { base, userStore: stores.userStore, sessionStore: stores.sessionStore, request: supertest(app), }; } test('should return current user', async () => { expect.assertions(1); const { request, base } = await getSetup(); return request .get(`${base}/api/admin/user`) .expect(200) .expect('Content-Type', /json/) .expect((res) => { expect(res.body.user.email).toBe(currentUser.email); }); }); const owaspPassword = 't7GTx&$Y9pcsnxRv6'; test('should return current profile', async () => { expect.assertions(1); const { request, base } = await getSetup(); return request .get(`${base}/api/admin/user/profile`) .expect(200) .expect('Content-Type', /json/) .expect((res) => { expect(res.body).toMatchObject({ projects: [], rootRole: { id: -1, name: 'Viewer', type: 'root' }, subscriptions: ['productivity-report'], features: [], }); }); }); test('should allow user to change password', async () => { const { request, base, userStore } = await getSetup(); await request .post(`${base}/api/admin/user/change-password`) .send({ password: owaspPassword, confirmPassword: owaspPassword, oldPassword, }) .expect(200); const updated = await userStore.get(currentUser.id); // @ts-ignore expect(updated.passwordHash).toBeTruthy(); }); test('should not allow user to change password with incorrect old password', async () => { const { request, base } = await getSetup(); await request .post(`${base}/api/admin/user/change-password`) .send({ password: owaspPassword, confirmPassword: owaspPassword, oldPassword: 'incorrect', }) .expect(401); }); test('should not allow user to change password without providing old password', async () => { const { request, base } = await getSetup(); await request .post(`${base}/api/admin/user/change-password`) .send({ password: owaspPassword, confirmPassword: owaspPassword, }) .expect(400); }); test('should deny if password and confirmPassword are not equal', async () => { expect.assertions(0); const { request, base } = await getSetup(); return request .post(`${base}/api/admin/user/change-password`) .send({ password: owaspPassword, confirmPassword: 'somethingelse' }) .expect(400); }); test('should deny if password does not fulfill owasp criteria', async () => { expect.assertions(0); const { request, base } = await getSetup(); return request .post(`${base}/api/admin/user/change-password`) .send({ password: 'hunter123', confirmPassword: 'hunter123' }) .expect(400); }); //# sourceMappingURL=user.test.js.map