overleaf/services/web/test/acceptance/src/AdminPrivilegeAvailableTests.js

const Settings = require('@overleaf/settings')
const { expect } = require('chai')
const User = require('./helpers/User').promises

describe('AdminPrivilegeAvailable', function () {
  let adminUser, otherUser
  const flagBefore = Settings.adminPrivilegeAvailable
  after(function () {
    Settings.adminPrivilegeAvailable = flagBefore
  })

  beforeEach('create admin user', async function () {
    adminUser = new User()
    await adminUser.ensureUserExists()
    await adminUser.ensureAdmin()
    await adminUser.login()
  })

  let projectIdOwned, otherUsersProjectId, otherUsersProjectTokenAccessURL
  beforeEach('create owned project', async function () {
    projectIdOwned = await adminUser.createProject('owned project')
  })

  beforeEach('create other user and project', async function () {
    otherUser = new User()
    await otherUser.login()

    otherUsersProjectId = await otherUser.createProject('other users project')
    await otherUser.makeTokenBased(otherUsersProjectId)
    const {
      tokens: { readOnly: readOnlyToken },
    } = await otherUser.getProject(otherUsersProjectId)
    otherUsersProjectTokenAccessURL = `/read/${readOnlyToken}`
  })

  async function hasAccess(projectId) {
    const { response } = await adminUser.doRequest(
      'GET',
      `/project/${projectId}`
    )
    return response.statusCode === 200
  }

  async function displayTokenAccessPage(user) {
    const { response } = await user.doRequest(
      'GET',
      otherUsersProjectTokenAccessURL
    )
    expect(response.statusCode).to.equal(200)
    expect(response.body).to.include(otherUsersProjectTokenAccessURL)
  }

  describe('adminPrivilegeAvailable=true', function () {
    beforeEach(function () {
      Settings.adminPrivilegeAvailable = true
    })
    it('should grant the admin access to owned project', async function () {
      expect(await hasAccess(projectIdOwned)).to.equal(true)
    })
    it('should grant the admin access to non-owned project', async function () {
      expect(await hasAccess(otherUsersProjectId)).to.equal(true)
    })
    it('should display token access page for admin', async function () {
      await displayTokenAccessPage(adminUser)
    })
    it('should display token access page for regular user', async function () {
      await displayTokenAccessPage(otherUser)
    })
  })

  describe('adminPrivilegeAvailable=false', function () {
    beforeEach(function () {
      Settings.adminPrivilegeAvailable = false
    })
    it('should grant the admin access to owned project', async function () {
      expect(await hasAccess(projectIdOwned)).to.equal(true)
    })
    it('should block the admin from non-owned project', async function () {
      expect(await hasAccess(otherUsersProjectId)).to.equal(false)
    })
    it('should redirect a token access request to admin panel', async function () {
      const { response } = await adminUser.doRequest(
        'GET',
        otherUsersProjectTokenAccessURL
      )
      expect(response.statusCode).to.equal(302)
      expect(response.headers.location).to.equal(
        Settings.adminUrl + otherUsersProjectTokenAccessURL
      )
    })
    it('should display token access page for regular user', async function () {
      await displayTokenAccessPage(otherUser)
    })
  })
})
Merge pull request #6614 from overleaf/jpa-msm-separate-admin-app [misc] move admin capability from www. to admin. subdomain GitOrigin-RevId: e0daeacf3c06b856ffb9fd35dce76e71f14e8459 2022-03-31 06:34:49 -04:00			`const Settings = require('@overleaf/settings')`
			`const { expect } = require('chai')`
			`const User = require('./helpers/User').promises`

			`describe('AdminPrivilegeAvailable', function () {`
Merge pull request #6712 from overleaf/jpa-redirect-token-access [web] redirect admin users from token access gateway to admin panel GitOrigin-RevId: b39c9b4bcad5d376b720a6718df7ef01cd89938f 2022-03-31 06:35:16 -04:00			`let adminUser, otherUser`
Merge pull request #6614 from overleaf/jpa-msm-separate-admin-app [misc] move admin capability from www. to admin. subdomain GitOrigin-RevId: e0daeacf3c06b856ffb9fd35dce76e71f14e8459 2022-03-31 06:34:49 -04:00			`const flagBefore = Settings.adminPrivilegeAvailable`
			`after(function () {`
			`Settings.adminPrivilegeAvailable = flagBefore`
			`})`

			`beforeEach('create admin user', async function () {`
			`adminUser = new User()`
			`await adminUser.ensureUserExists()`
			`await adminUser.ensureAdmin()`
			`await adminUser.login()`
			`})`

Merge pull request #6712 from overleaf/jpa-redirect-token-access [web] redirect admin users from token access gateway to admin panel GitOrigin-RevId: b39c9b4bcad5d376b720a6718df7ef01cd89938f 2022-03-31 06:35:16 -04:00			`let projectIdOwned, otherUsersProjectId, otherUsersProjectTokenAccessURL`
Merge pull request #6614 from overleaf/jpa-msm-separate-admin-app [misc] move admin capability from www. to admin. subdomain GitOrigin-RevId: e0daeacf3c06b856ffb9fd35dce76e71f14e8459 2022-03-31 06:34:49 -04:00			`beforeEach('create owned project', async function () {`
			`projectIdOwned = await adminUser.createProject('owned project')`
			`})`

			`beforeEach('create other user and project', async function () {`
Merge pull request #6712 from overleaf/jpa-redirect-token-access [web] redirect admin users from token access gateway to admin panel GitOrigin-RevId: b39c9b4bcad5d376b720a6718df7ef01cd89938f 2022-03-31 06:35:16 -04:00			`otherUser = new User()`
Merge pull request #6614 from overleaf/jpa-msm-separate-admin-app [misc] move admin capability from www. to admin. subdomain GitOrigin-RevId: e0daeacf3c06b856ffb9fd35dce76e71f14e8459 2022-03-31 06:34:49 -04:00			`await otherUser.login()`

			`otherUsersProjectId = await otherUser.createProject('other users project')`
Merge pull request #6712 from overleaf/jpa-redirect-token-access [web] redirect admin users from token access gateway to admin panel GitOrigin-RevId: b39c9b4bcad5d376b720a6718df7ef01cd89938f 2022-03-31 06:35:16 -04:00			`await otherUser.makeTokenBased(otherUsersProjectId)`
			`const {`
			`tokens: { readOnly: readOnlyToken },`
			`} = await otherUser.getProject(otherUsersProjectId)`
			otherUsersProjectTokenAccessURL = `/read/${readOnlyToken}`
Merge pull request #6614 from overleaf/jpa-msm-separate-admin-app [misc] move admin capability from www. to admin. subdomain GitOrigin-RevId: e0daeacf3c06b856ffb9fd35dce76e71f14e8459 2022-03-31 06:34:49 -04:00			`})`

			`async function hasAccess(projectId) {`
			`const { response } = await adminUser.doRequest(`
			`'GET',`
			`/project/${projectId}`
			`)`
			`return response.statusCode === 200`
			`}`

Merge pull request #6712 from overleaf/jpa-redirect-token-access [web] redirect admin users from token access gateway to admin panel GitOrigin-RevId: b39c9b4bcad5d376b720a6718df7ef01cd89938f 2022-03-31 06:35:16 -04:00			`async function displayTokenAccessPage(user) {`
			`const { response } = await user.doRequest(`
			`'GET',`
			`otherUsersProjectTokenAccessURL`
			`)`
			`expect(response.statusCode).to.equal(200)`
			`expect(response.body).to.include(otherUsersProjectTokenAccessURL)`
			`}`

Merge pull request #6614 from overleaf/jpa-msm-separate-admin-app [misc] move admin capability from www. to admin. subdomain GitOrigin-RevId: e0daeacf3c06b856ffb9fd35dce76e71f14e8459 2022-03-31 06:34:49 -04:00			`describe('adminPrivilegeAvailable=true', function () {`
			`beforeEach(function () {`
			`Settings.adminPrivilegeAvailable = true`
			`})`
			`it('should grant the admin access to owned project', async function () {`
			`expect(await hasAccess(projectIdOwned)).to.equal(true)`
			`})`
			`it('should grant the admin access to non-owned project', async function () {`
			`expect(await hasAccess(otherUsersProjectId)).to.equal(true)`
			`})`
Merge pull request #6712 from overleaf/jpa-redirect-token-access [web] redirect admin users from token access gateway to admin panel GitOrigin-RevId: b39c9b4bcad5d376b720a6718df7ef01cd89938f 2022-03-31 06:35:16 -04:00			`it('should display token access page for admin', async function () {`
			`await displayTokenAccessPage(adminUser)`
			`})`
			`it('should display token access page for regular user', async function () {`
			`await displayTokenAccessPage(otherUser)`
			`})`
Merge pull request #6614 from overleaf/jpa-msm-separate-admin-app [misc] move admin capability from www. to admin. subdomain GitOrigin-RevId: e0daeacf3c06b856ffb9fd35dce76e71f14e8459 2022-03-31 06:34:49 -04:00			`})`

			`describe('adminPrivilegeAvailable=false', function () {`
			`beforeEach(function () {`
			`Settings.adminPrivilegeAvailable = false`
			`})`
			`it('should grant the admin access to owned project', async function () {`
			`expect(await hasAccess(projectIdOwned)).to.equal(true)`
			`})`
			`it('should block the admin from non-owned project', async function () {`
			`expect(await hasAccess(otherUsersProjectId)).to.equal(false)`
			`})`
Merge pull request #6712 from overleaf/jpa-redirect-token-access [web] redirect admin users from token access gateway to admin panel GitOrigin-RevId: b39c9b4bcad5d376b720a6718df7ef01cd89938f 2022-03-31 06:35:16 -04:00			`it('should redirect a token access request to admin panel', async function () {`
			`const { response } = await adminUser.doRequest(`
			`'GET',`
			`otherUsersProjectTokenAccessURL`
			`)`
			`expect(response.statusCode).to.equal(302)`
			`expect(response.headers.location).to.equal(`
			`Settings.adminUrl + otherUsersProjectTokenAccessURL`
			`)`
			`})`
			`it('should display token access page for regular user', async function () {`
			`await displayTokenAccessPage(otherUser)`
			`})`
Merge pull request #6614 from overleaf/jpa-msm-separate-admin-app [misc] move admin capability from www. to admin. subdomain GitOrigin-RevId: e0daeacf3c06b856ffb9fd35dce76e71f14e8459 2022-03-31 06:34:49 -04:00			`})`
			`})`