github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-10-24 21:12:38 -04:00
Code Issues Projects Releases Packages Wiki Activity
overleaf/services/web/test/acceptance/src/TokenAccessTests.js

975 lines
26 KiB
JavaScript
Raw Normal View History

Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
/* eslint-disable
camelcase,
handle-callback-err,
max-len,
no-return-assign,
*/
// TODO: This file was created by bulk-decaffeinate.
// Fix any style issues and re-enable lint.
/*
* decaffeinate suggestions:
* DS102: Remove unnecessary code created because of implicit returns
* DS207: Consider shorter variations of null checks
* Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md
*/
const { expect } = require('chai')
const async = require('async')
const MockV1Api = require('./helpers/MockV1Api')
const User = require('./helpers/User')
const request = require('./helpers/request')
const settings = require('settings-sharelatex')
const { db, ObjectId } = require('../../../app/src/infrastructure/mongojs')
const try_read_access = (user, project_id, test, callback) =>
async.series(
[
cb =>
Merge pull request #2047 from overleaf/spd-eslint-mocha-arrows Enforce consistent callback style in mocha tests GitOrigin-RevId: a64c293dae6926ef5831abe97eaf2044942a5c85
2019-08-07 10:04:04 -04:00
user.request.get(`/project/${project_id}`, (error, response, body) => {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
if (error != null) {
return cb(error)
}
test(response, body)
return cb()
}),
cb =>
Merge pull request #2047 from overleaf/spd-eslint-mocha-arrows Enforce consistent callback style in mocha tests GitOrigin-RevId: a64c293dae6926ef5831abe97eaf2044942a5c85
2019-08-07 10:04:04 -04:00
user.request.get(
`/project/${project_id}/download/zip`,
(error, response, body) => {
if (error != null) {
return cb(error)
}
test(response, body)
return cb()
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
}
Merge pull request #2047 from overleaf/spd-eslint-mocha-arrows Enforce consistent callback style in mocha tests GitOrigin-RevId: a64c293dae6926ef5831abe97eaf2044942a5c85
2019-08-07 10:04:04 -04:00
)
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
],
callback
)
const try_read_only_token_access = (user, token, test, callback) =>
async.series(
[
cb =>
Merge pull request #2047 from overleaf/spd-eslint-mocha-arrows Enforce consistent callback style in mocha tests GitOrigin-RevId: a64c293dae6926ef5831abe97eaf2044942a5c85
2019-08-07 10:04:04 -04:00
user.request.get(`/read/${token}`, (error, response, body) => {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
if (error != null) {
return cb(error)
}
test(response, body)
return cb()
})
],
callback
)
const try_read_and_write_token_access = (user, token, test, callback) =>
async.series(
[
cb =>
Merge pull request #2047 from overleaf/spd-eslint-mocha-arrows Enforce consistent callback style in mocha tests GitOrigin-RevId: a64c293dae6926ef5831abe97eaf2044942a5c85
2019-08-07 10:04:04 -04:00
user.request.get(`/${token}`, (error, response, body) => {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
if (error != null) {
return cb(error)
}
test(response, body)
return cb()
})
],
callback
)
const try_content_access = function(user, project_id, test, callback) {
// The real-time service calls this end point to determine the user's
// permissions.
let user_id
if (user.id != null) {
user_id = user.id
} else {
user_id = 'anonymous-user'
}
return request.post(
{
url: `/project/${project_id}/join`,
qs: { user_id },
auth: {
user: settings.apis.web.user,
pass: settings.apis.web.pass,
sendImmediately: true
},
json: true,
jar: false
},
Merge pull request #2047 from overleaf/spd-eslint-mocha-arrows Enforce consistent callback style in mocha tests GitOrigin-RevId: a64c293dae6926ef5831abe97eaf2044942a5c85
2019-08-07 10:04:04 -04:00
(error, response, body) => {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
if (error != null) {
return callback(error)
}
test(response, body)
return callback()
}
)
}
const try_anon_content_access = function(
user,
project_id,
token,
test,
callback
) {
// The real-time service calls this end point to determine the user's
// permissions.
let user_id
if (user.id != null) {
user_id = user.id
} else {
user_id = 'anonymous-user'
}
return request.post(
{
url: `/project/${project_id}/join`,
qs: { user_id },
auth: {
user: settings.apis.web.user,
pass: settings.apis.web.pass,
sendImmediately: true
},
headers: {
'x-sl-anonymous-access-token': token
},
json: true,
jar: false
},
Merge pull request #2047 from overleaf/spd-eslint-mocha-arrows Enforce consistent callback style in mocha tests GitOrigin-RevId: a64c293dae6926ef5831abe97eaf2044942a5c85
2019-08-07 10:04:04 -04:00
(error, response, body) => {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
if (error != null) {
return callback(error)
}
test(response, body)
return callback()
}
)
}
describe('TokenAccess', function() {
before(function(done) {
this.timeout(90000)
this.owner = new User()
this.other1 = new User()
this.other2 = new User()
this.anon = new User()
return async.parallel(
[
cb => this.owner.login(cb),
cb => this.other1.login(cb),
cb => this.other2.login(cb),
cb => this.anon.getCsrfToken(cb)
],
done
)
})
describe('no token-access', function() {
before(function(done) {
return this.owner.createProject(
`token-ro-test${Math.random()}`,
(err, project_id) => {
if (err != null) {
return done(err)
}
this.project_id = project_id
// Note, never made token-based,
// thus no tokens
return done()
}
)
})
it('should deny access ', function(done) {
return try_read_access(
this.other1,
this.project_id,
(response, body) => {
expect(response.statusCode).to.equal(302)
return expect(body).to.match(/.*\/restricted.*/)
},
done
)
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
it('should not allow the user to join the project', function(done) {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
return try_content_access(
this.other1,
this.project_id,
(response, body) => {
return expect(body.privilegeLevel).to.equal(false)
},
done
)
})
})
describe('read-only token', function() {
before(function(done) {
return this.owner.createProject(
`token-ro-test${Math.random()}`,
(err, project_id) => {
if (err != null) {
return done(err)
}
this.project_id = project_id
return this.owner.makeTokenBased(this.project_id, err => {
if (err != null) {
return done(err)
}
return this.owner.getProject(this.project_id, (err, project) => {
if (err != null) {
return done(err)
}
this.tokens = project.tokens
return done()
})
})
}
)
})
it('should deny access before the token is used', function(done) {
return try_read_access(
this.other1,
this.project_id,
(response, body) => {
expect(response.statusCode).to.equal(302)
return expect(body).to.match(/.*\/restricted.*/)
},
done
)
})
it('should allow the user to access project via read-only token url', function(done) {
return try_read_only_token_access(
this.other1,
this.tokens.readOnly,
(response, body) => {
return expect(response.statusCode).to.equal(200)
},
done
)
})
it('should allow the user to join the project with read-only access', function(done) {
return try_content_access(
this.other1,
this.project_id,
(response, body) => {
return expect(body.privilegeLevel).to.equal('readOnly')
},
done
)
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
describe('made private again', function() {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
before(function(done) {
return this.owner.makePrivate(this.project_id, () =>
setTimeout(done, 1000)
)
})
it('should deny access to project', function(done) {
return try_read_access(
this.other1,
this.project_id,
(response, body) => {
expect(response.statusCode).to.equal(302)
return expect(body).to.match(/.*\/restricted.*/)
},
done
)
})
it('should not allow the user to access read-only token', function(done) {
return try_read_only_token_access(
this.other1,
this.tokens.readOnly,
(response, body) => {
return expect(response.statusCode).to.equal(404)
},
done
)
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
it('should not allow the user to join the project', function(done) {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
return try_content_access(
this.other1,
this.project_id,
(response, body) => {
return expect(body.privilegeLevel).to.equal(false)
},
done
)
})
})
})
describe('anonymous read-only token', function() {
before(function(done) {
return this.owner.createProject(
`token-anon-ro-test${Math.random()}`,
(err, project_id) => {
if (err != null) {
return done(err)
}
this.project_id = project_id
return this.owner.makeTokenBased(this.project_id, err => {
if (err != null) {
return done(err)
}
return this.owner.getProject(this.project_id, (err, project) => {
if (err != null) {
return done(err)
}
this.tokens = project.tokens
return done()
})
})
}
)
})
it('should deny access before the token is used', function(done) {
return try_read_access(
this.anon,
this.project_id,
(response, body) => {
expect(response.statusCode).to.equal(302)
return expect(body).to.match(/.*\/restricted.*/)
},
done
)
})
it('should allow the user to access project via read-only token url', function(done) {
return try_read_only_token_access(
this.anon,
this.tokens.readOnly,
(response, body) => {
return expect(response.statusCode).to.equal(200)
},
done
)
})
it('should allow the user to anonymously join the project with read-only access', function(done) {
return try_anon_content_access(
this.anon,
this.project_id,
this.tokens.readOnly,
(response, body) => {
return expect(body.privilegeLevel).to.equal('readOnly')
},
done
)
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
describe('made private again', function() {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
before(function(done) {
return this.owner.makePrivate(this.project_id, () =>
setTimeout(done, 1000)
)
})
it('should deny access to project', function(done) {
return try_read_access(
this.anon,
this.project_id,
(response, body) => {
expect(response.statusCode).to.equal(302)
return expect(body).to.match(/.*\/restricted.*/)
},
done
)
})
it('should not allow the user to access read-only token', function(done) {
return try_read_only_token_access(
this.anon,
this.tokens.readOnly,
(response, body) => {
return expect(response.statusCode).to.equal(404)
},
done
)
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
it('should not allow the user to join the project', function(done) {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
return try_anon_content_access(
this.anon,
this.project_id,
this.tokens.readOnly,
(response, body) => {
return expect(body.privilegeLevel).to.equal(false)
},
done
)
})
})
})
describe('read-and-write token', function() {
before(function(done) {
return this.owner.createProject(
`token-rw-test${Math.random()}`,
(err, project_id) => {
if (err != null) {
return done(err)
}
this.project_id = project_id
return this.owner.makeTokenBased(this.project_id, err => {
if (err != null) {
return done(err)
}
return this.owner.getProject(this.project_id, (err, project) => {
if (err != null) {
return done(err)
}
this.tokens = project.tokens
return done()
})
})
}
)
})
it('should deny access before the token is used', function(done) {
return try_read_access(
this.other1,
this.project_id,
(response, body) => {
expect(response.statusCode).to.equal(302)
expect(response.headers.location).to.match(/\/restricted.*/)
return expect(body).to.match(/.*\/restricted.*/)
},
done
)
})
it('should allow the user to access project via read-and-write token url', function(done) {
return try_read_and_write_token_access(
this.other1,
this.tokens.readAndWrite,
(response, body) => {
return expect(response.statusCode).to.equal(200)
},
done
)
})
it('should allow the user to join the project with read-and-write access', function(done) {
return try_content_access(
this.other1,
this.project_id,
(response, body) => {
return expect(body.privilegeLevel).to.equal('readAndWrite')
},
done
)
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
describe('made private again', function() {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
before(function(done) {
return this.owner.makePrivate(this.project_id, () =>
setTimeout(done, 1000)
)
})
it('should deny access to project', function(done) {
return try_read_access(
this.other1,
this.project_id,
(response, body) => {
expect(response.statusCode).to.equal(302)
return expect(body).to.match(/.*\/restricted.*/)
},
done
)
})
it('should not allow the user to access read-and-write token', function(done) {
return try_read_and_write_token_access(
this.other1,
this.tokens.readAndWrite,
(response, body) => {
return expect(response.statusCode).to.equal(404)
},
done
)
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
it('should not allow the user to join the project', function(done) {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
return try_content_access(
this.other1,
this.project_id,
(response, body) => {
return expect(body.privilegeLevel).to.equal(false)
},
done
)
})
})
})
if (!settings.allowAnonymousReadAndWriteSharing) {
describe('anonymous read-and-write token, disabled', function() {
before(function(done) {
return this.owner.createProject(
`token-anon-rw-test${Math.random()}`,
(err, project_id) => {
if (err != null) {
return done(err)
}
this.project_id = project_id
return this.owner.makeTokenBased(this.project_id, err => {
if (err != null) {
return done(err)
}
return this.owner.getProject(this.project_id, (err, project) => {
if (err != null) {
return done(err)
}
this.tokens = project.tokens
return done()
})
})
}
)
})
it('should deny access before the token is used', function(done) {
return try_read_access(
this.anon,
this.project_id,
(response, body) => {
expect(response.statusCode).to.equal(302)
return expect(body).to.match(/.*\/restricted.*/)
},
done
)
})
it('should not allow the user to access read-and-write token', function(done) {
return try_read_and_write_token_access(
this.anon,
this.tokens.readAndWrite,
(response, body) => {
expect(response.statusCode).to.equal(302)
return expect(body).to.match(/.*\/restricted.*/)
},
done
)
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
it('should not allow the user to join the project', function(done) {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
return try_anon_content_access(
this.anon,
this.project_id,
this.tokens.readAndWrite,
(response, body) => {
return expect(body.privilegeLevel).to.equal(false)
},
done
)
})
})
} else {
describe('anonymous read-and-write token, enabled', function() {
before(function(done) {
return this.owner.createProject(
`token-anon-rw-test${Math.random()}`,
(err, project_id) => {
if (err != null) {
return done(err)
}
this.project_id = project_id
return this.owner.makeTokenBased(this.project_id, err => {
if (err != null) {
return done(err)
}
return this.owner.getProject(this.project_id, (err, project) => {
if (err != null) {
return done(err)
}
this.tokens = project.tokens
return done()
})
})
}
)
})
it('should deny access before the token is used', function(done) {
return try_read_access(
this.anon,
this.project_id,
(response, body) => {
expect(response.statusCode).to.equal(302)
return expect(body).to.match(/.*\/restricted.*/)
},
done
)
})
it('should allow the user to access project via read-and-write token url', function(done) {
return try_read_and_write_token_access(
this.anon,
this.tokens.readAndWrite,
(response, body) => {
return expect(response.statusCode).to.equal(200)
},
done
)
})
it('should allow the user to anonymously join the project with read-and-write access', function(done) {
return try_anon_content_access(
this.anon,
this.project_id,
this.tokens.readAndWrite,
(response, body) => {
return expect(body.privilegeLevel).to.equal('readAndWrite')
},
done
)
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
describe('made private again', function() {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
before(function(done) {
return this.owner.makePrivate(this.project_id, () =>
setTimeout(done, 1000)
)
})
it('should deny access to project', function(done) {
return try_read_access(
this.anon,
this.project_id,
(response, body) => {
expect(response.statusCode).to.equal(302)
return expect(body).to.match(/.*\/restricted.*/)
},
done
)
})
it('should not allow the user to access read-and-write token', function(done) {
return try_read_and_write_token_access(
this.anon,
this.tokens.readAndWrite,
(response, body) => {
return expect(response.statusCode).to.equal(404)
},
done
)
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
it('should not allow the user to join the project', function(done) {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
return try_anon_content_access(
this.anon,
this.project_id,
this.tokens.readAndWrite,
(response, body) => {
return expect(body.privilegeLevel).to.equal(false)
},
done
)
})
})
})
}
describe('private overleaf project', function() {
before(function(done) {
return this.owner.createProject('overleaf-import', (err, project_id) => {
this.project_id = project_id
return this.owner.makeTokenBased(this.project_id, err => {
return this.owner.getProject(this.project_id, (err, project) => {
this.tokens = project.tokens
return this.owner.makePrivate(this.project_id, () => {
return db.projects.update(
{ _id: project._id },
{
$set: {
overleaf: { id: 1234 }
}
},
err => {
return done()
}
)
})
})
})
})
})
it('should redirect to canonical path, when owner uses read-write token', function(done) {
return try_read_and_write_token_access(
this.owner,
this.tokens.readAndWrite,
(response, body) => {
expect(response.statusCode).to.equal(302)
return expect(response.headers.location).to.equal(
`/project/${this.project_id}`
)
},
done
)
})
it('should allow the owner access to the project', function(done) {
return try_read_access(
this.owner,
this.project_id,
(response, body) => {
return expect(response.statusCode).to.equal(200)
},
done
)
})
it('should allow owner to join the project', function(done) {
return try_content_access(
this.owner,
this.project_id,
(response, body) => {
return expect(body.privilegeLevel).to.equal('owner')
},
done
)
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
it('should not allow other user to join the project', function(done) {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
return try_content_access(
this.other2,
this.project_id,
(response, body) => {
return expect(body.privilegeLevel).to.equal(false)
},
done
)
})
})
describe('private project, with higher access', function() {
before(function(done) {
return this.owner.createProject(
`higher-access-test-${Math.random()}`,
(err, project_id) => {
this.project_id = project_id
return this.owner.addUserToProject(
this.project_id,
this.other1,
'readAndWrite',
err => {
return this.owner.makeTokenBased(this.project_id, err => {
return this.owner.getProject(
this.project_id,
(err, project) => {
this.tokens = project.tokens
return this.owner.makePrivate(this.project_id, () => {
return setTimeout(done, 1000)
})
}
)
})
}
)
}
)
})
it('should redirect to canonical path, when user uses read-write token', function(done) {
return try_read_and_write_token_access(
this.other1,
this.tokens.readAndWrite,
(response, body) => {
expect(response.statusCode).to.equal(302)
return expect(response.headers.location).to.equal(
`/project/${this.project_id}`
)
},
done
)
})
it('should redirect to canonical path, when user uses read-only token', function(done) {
return try_read_only_token_access(
this.other1,
this.tokens.readOnly,
(response, body) => {
expect(response.statusCode).to.equal(302)
return expect(response.headers.location).to.equal(
`/project/${this.project_id}`
)
},
done
)
})
it('should allow the user access to the project', function(done) {
return try_read_access(
this.other1,
this.project_id,
(response, body) => {
return expect(response.statusCode).to.equal(200)
},
done
)
})
it('should allow user to join the project', function(done) {
return try_content_access(
this.other1,
this.project_id,
(response, body) => {
return expect(body.privilegeLevel).to.equal('readAndWrite')
},
done
)
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
it('should not allow a different user to join the project', function(done) {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
return try_content_access(
this.other2,
this.project_id,
(response, body) => {
return expect(body.privilegeLevel).to.equal(false)
},
done
)
})
})
describe('unimported v1 project', function() {
Merge pull request #2047 from overleaf/spd-eslint-mocha-arrows Enforce consistent callback style in mocha tests GitOrigin-RevId: a64c293dae6926ef5831abe97eaf2044942a5c85
2019-08-07 10:04:04 -04:00
before(function() {
return (settings.overleaf = { host: 'http://localhost:5000' })
})
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
Merge pull request #2047 from overleaf/spd-eslint-mocha-arrows Enforce consistent callback style in mocha tests GitOrigin-RevId: a64c293dae6926ef5831abe97eaf2044942a5c85
2019-08-07 10:04:04 -04:00
after(function() {
return delete settings.overleaf
})
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
add custom error page for v1 project if no overleaf id GitOrigin-RevId: 538c68c568c9138f26353d5492f4aa9d66fbae19
2019-07-11 11:00:17 -04:00
it('should show error page for read and write token', function(done) {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
const unimportedV1Token = '123abc'
add custom error page for v1 project if no overleaf id GitOrigin-RevId: 538c68c568c9138f26353d5492f4aa9d66fbae19
2019-07-11 11:00:17 -04:00
try_read_and_write_token_access(
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
this.owner,
unimportedV1Token,
(response, body) => {
add custom error page for v1 project if no overleaf id GitOrigin-RevId: 538c68c568c9138f26353d5492f4aa9d66fbae19
2019-07-11 11:00:17 -04:00
expect(response.statusCode).to.equal(400)
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
},
done
)
})
add custom error page for v1 project if no overleaf id GitOrigin-RevId: 538c68c568c9138f26353d5492f4aa9d66fbae19
2019-07-11 11:00:17 -04:00
it('should show error page for read only token to v1', function(done) {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
const unimportedV1Token = 'abcd'
add custom error page for v1 project if no overleaf id GitOrigin-RevId: 538c68c568c9138f26353d5492f4aa9d66fbae19
2019-07-11 11:00:17 -04:00
try_read_only_token_access(
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
this.owner,
unimportedV1Token,
(response, body) => {
add custom error page for v1 project if no overleaf id GitOrigin-RevId: 538c68c568c9138f26353d5492f4aa9d66fbae19
2019-07-11 11:00:17 -04:00
expect(response.statusCode).to.equal(400)
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
},
done
)
})
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
describe('importing v1 project', function() {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
before(function(done) {
settings.projectImportingCheckMaxCreateDelta = 3600
settings.overleaf = { host: 'http://localhost:5000' }
return this.owner.createProject(
`token-rw-test${Math.random()}`,
(err, project_id) => {
if (err != null) {
return done(err)
}
this.project_id = project_id
return this.owner.makeTokenBased(this.project_id, err => {
if (err != null) {
return done(err)
}
return db.projects.update(
{ _id: ObjectId(project_id) },
{ $set: { overleaf: { id: 1234 } } },
err => {
if (err != null) {
return done(err)
}
return this.owner.getProject(
this.project_id,
(err, project) => {
if (err != null) {
return done(err)
}
this.tokens = project.tokens
MockV1Api.setDocExported(this.tokens.readAndWrite, {
exporting: true
})
MockV1Api.setDocExported(this.tokens.readOnly, {
exporting: true
})
return done()
}
)
}
)
})
}
)
})
after(function() {
delete settings.projectImportingCheckMaxCreateDelta
return delete settings.overleaf
})
it('should show importing page for read and write token', function(done) {
return try_read_and_write_token_access(
this.owner,
this.tokens.readAndWrite,
(response, body) => {
expect(response.statusCode).to.equal(200)
return expect(body).to.include('ImportingController')
},
done
)
})
it('should show importing page for read only token', function(done) {
return try_read_only_token_access(
this.owner,
this.tokens.readOnly,
(response, body) => {
expect(response.statusCode).to.equal(200)
return expect(body).to.include('ImportingController')
},
done
)
})
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
describe('when importing check not configured', function() {
Merge pull request #2047 from overleaf/spd-eslint-mocha-arrows Enforce consistent callback style in mocha tests GitOrigin-RevId: a64c293dae6926ef5831abe97eaf2044942a5c85
2019-08-07 10:04:04 -04:00
before(function() {
return delete settings.projectImportingCheckMaxCreateDelta
})
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
Merge pull request #1899 from overleaf/spd-implicit-return-tests Decaf cleanup: Remove implicit return from 'it' and 'describe' in tests GitOrigin-RevId: f297820e6212dddc0d60697a2fe1612ef27403b6
2019-06-21 09:46:09 -04:00
it('should load editor', function(done) {
Merge pull request #1717 from overleaf/as-decaffeinate-backend Decaffeinate backend GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 05:21:06 -04:00
return try_read_and_write_token_access(
this.owner,
this.tokens.readAndWrite,
(response, body) => {
expect(response.statusCode).to.equal(200)
return expect(body).to.include('IdeController')
},
done
)
})
})
})
})
Reference in a new issue Copy permalink