2017-10-03 05:02:26 -04:00
|
|
|
should = require('chai').should()
|
|
|
|
SandboxedModule = require('sandboxed-module')
|
|
|
|
assert = require('assert')
|
|
|
|
path = require('path')
|
|
|
|
sinon = require('sinon')
|
|
|
|
modulePath = path.join __dirname, "../../../../app/js/Features/TokenAccess/TokenAccessHandler"
|
|
|
|
expect = require("chai").expect
|
|
|
|
ObjectId = require("mongojs").ObjectId
|
|
|
|
|
|
|
|
describe "TokenAccessHandler", ->
|
|
|
|
|
|
|
|
beforeEach ->
|
|
|
|
@token = 'sometokenthing'
|
|
|
|
@projectId = ObjectId()
|
|
|
|
@project =
|
|
|
|
_id: @projectId
|
|
|
|
publicAccesLevel: 'tokenBased'
|
|
|
|
@userId = ObjectId()
|
|
|
|
@req = {}
|
|
|
|
@TokenAccessHandler = SandboxedModule.require modulePath, requires:
|
|
|
|
'../../models/Project': {Project: @Project = {}}
|
2018-09-25 05:42:04 -04:00
|
|
|
'settings-sharelatex': @settings = {}
|
2017-11-01 07:50:04 -04:00
|
|
|
'../Collaborators/CollaboratorsHandler': @CollaboratorsHandler = {}
|
2018-12-20 06:50:58 -05:00
|
|
|
'../User/UserGetter': @UserGetter = {}
|
2018-09-25 05:42:04 -04:00
|
|
|
'../V1/V1Api': @V1Api = {
|
|
|
|
request: sinon.stub()
|
|
|
|
}
|
2017-10-03 05:02:26 -04:00
|
|
|
|
|
|
|
describe 'findProjectWithReadOnlyToken', ->
|
|
|
|
beforeEach ->
|
|
|
|
@Project.findOne = sinon.stub().callsArgWith(2, null, @project)
|
|
|
|
|
|
|
|
it 'should call Project.findOne', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken @token, (err, project) =>
|
|
|
|
expect(@Project.findOne.callCount).to.equal 1
|
|
|
|
expect(@Project.findOne.calledWith({
|
2018-09-24 12:06:11 -04:00
|
|
|
'tokens.readOnly': @token
|
2017-10-03 05:02:26 -04:00
|
|
|
})).to.equal true
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should produce a project object with no error', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken @token, (err, project) =>
|
|
|
|
expect(err).to.not.exist
|
|
|
|
expect(project).to.exist
|
|
|
|
expect(project).to.deep.equal @project
|
|
|
|
done()
|
|
|
|
|
2018-09-24 12:06:11 -04:00
|
|
|
it 'should return projectExists flag as true', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken @token, (err, project, projectExists) ->
|
|
|
|
expect(projectExists).to.equal true
|
|
|
|
done()
|
|
|
|
|
2017-10-03 05:02:26 -04:00
|
|
|
describe 'when Project.findOne produces an error', ->
|
|
|
|
beforeEach ->
|
|
|
|
@Project.findOne = sinon.stub().callsArgWith(2, new Error('woops'))
|
|
|
|
|
|
|
|
it 'should produce an error', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken @token, (err, project) =>
|
|
|
|
expect(err).to.exist
|
|
|
|
expect(project).to.not.exist
|
|
|
|
expect(err).to.be.instanceof Error
|
|
|
|
done()
|
|
|
|
|
2018-09-24 13:16:30 -04:00
|
|
|
describe 'when project does not have tokenBased access level', ->
|
2018-09-24 12:06:11 -04:00
|
|
|
beforeEach ->
|
|
|
|
@project.publicAccesLevel = 'private'
|
|
|
|
@Project.findOne = sinon.stub().callsArgWith(2, null, @project, true)
|
|
|
|
|
|
|
|
it 'should not return a project', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken @token, (err, project) ->
|
|
|
|
expect(err).to.not.exist
|
|
|
|
expect(project).to.not.exist
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should return projectExists flag as true', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken @token, (err, project, projectExists) ->
|
|
|
|
expect(projectExists).to.equal true
|
|
|
|
done()
|
|
|
|
|
|
|
|
describe 'when project does not exist', ->
|
|
|
|
beforeEach ->
|
|
|
|
@Project.findOne = sinon.stub().callsArgWith(2, null, null)
|
|
|
|
|
|
|
|
it 'should not return a project', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken @token, (err, project) ->
|
|
|
|
expect(err).to.not.exist
|
|
|
|
expect(project).to.not.exist
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should return projectExists flag as false', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken @token, (err, project, projectExists) ->
|
|
|
|
expect(projectExists).to.equal false
|
|
|
|
done()
|
|
|
|
|
2017-10-03 05:02:26 -04:00
|
|
|
describe 'findProjectWithReadAndWriteToken', ->
|
|
|
|
beforeEach ->
|
|
|
|
@Project.findOne = sinon.stub().callsArgWith(2, null, @project)
|
|
|
|
|
|
|
|
it 'should call Project.findOne', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadAndWriteToken @token, (err, project) =>
|
|
|
|
expect(@Project.findOne.callCount).to.equal 1
|
|
|
|
expect(@Project.findOne.calledWith({
|
2018-09-24 13:16:30 -04:00
|
|
|
'tokens.readAndWrite': @token
|
2017-10-03 05:02:26 -04:00
|
|
|
})).to.equal true
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should produce a project object with no error', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadAndWriteToken @token, (err, project) =>
|
|
|
|
expect(err).to.not.exist
|
|
|
|
expect(project).to.exist
|
|
|
|
expect(project).to.deep.equal @project
|
|
|
|
done()
|
|
|
|
|
2018-09-24 13:16:30 -04:00
|
|
|
it 'should return projectExists flag as true', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadAndWriteToken @token, (err, project, projectExists) ->
|
|
|
|
expect(projectExists).to.equal true
|
|
|
|
done()
|
|
|
|
|
2017-10-03 05:02:26 -04:00
|
|
|
describe 'when Project.findOne produces an error', ->
|
|
|
|
beforeEach ->
|
|
|
|
@Project.findOne = sinon.stub().callsArgWith(2, new Error('woops'))
|
|
|
|
|
|
|
|
it 'should produce an error', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadAndWriteToken @token, (err, project) =>
|
|
|
|
expect(err).to.exist
|
|
|
|
expect(project).to.not.exist
|
|
|
|
expect(err).to.be.instanceof Error
|
|
|
|
done()
|
|
|
|
|
2018-09-24 13:16:30 -04:00
|
|
|
describe 'when project does not have tokenBased access level', ->
|
|
|
|
beforeEach ->
|
|
|
|
@project.publicAccesLevel = 'private'
|
|
|
|
@Project.findOne = sinon.stub().callsArgWith(2, null, @project, true)
|
|
|
|
|
|
|
|
it 'should not return a project', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadAndWriteToken @token, (err, project) ->
|
|
|
|
expect(err).to.not.exist
|
|
|
|
expect(project).to.not.exist
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should return projectExists flag as true', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadAndWriteToken @token, (err, project, projectExists) ->
|
|
|
|
expect(projectExists).to.equal true
|
|
|
|
done()
|
|
|
|
|
2017-10-03 05:02:26 -04:00
|
|
|
|
2017-11-01 07:50:04 -04:00
|
|
|
describe 'findProjectWithHigherAccess', ->
|
|
|
|
describe 'when user does have higher access', ->
|
|
|
|
beforeEach ->
|
|
|
|
@Project.findOne = sinon.stub().callsArgWith(2, null, @project)
|
|
|
|
@CollaboratorsHandler.isUserInvitedMemberOfProject = sinon.stub()
|
|
|
|
.callsArgWith(2, null, true)
|
|
|
|
|
|
|
|
it 'should call Project.findOne', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithHigherAccess @token, @userId, (err, project) =>
|
|
|
|
expect(@Project.findOne.callCount).to.equal 1
|
|
|
|
expect(@Project.findOne.calledWith($or: [
|
|
|
|
{'tokens.readAndWrite': @token},
|
|
|
|
{'tokens.readOnly': @token}
|
|
|
|
])).to.equal true
|
|
|
|
done()
|
2017-10-16 08:20:15 -04:00
|
|
|
|
2017-11-01 07:50:04 -04:00
|
|
|
it 'should call isUserInvitedMemberOfProject', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithHigherAccess @token, @userId, (err, project) =>
|
|
|
|
expect(@CollaboratorsHandler.isUserInvitedMemberOfProject.callCount)
|
|
|
|
.to.equal 1
|
|
|
|
expect(@CollaboratorsHandler.isUserInvitedMemberOfProject.calledWith(
|
|
|
|
@userId, @project._id
|
|
|
|
)).to.equal true
|
|
|
|
done()
|
2017-10-16 08:20:15 -04:00
|
|
|
|
2017-11-01 07:50:04 -04:00
|
|
|
it 'should produce a project object', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithHigherAccess @token, @userId, (err, project) =>
|
|
|
|
expect(err).to.not.exist
|
|
|
|
expect(project).to.exist
|
|
|
|
expect(project).to.deep.equal @project
|
|
|
|
done()
|
|
|
|
|
|
|
|
describe 'when user does not have higher access', ->
|
|
|
|
beforeEach ->
|
|
|
|
@Project.findOne = sinon.stub().callsArgWith(2, null, @project)
|
|
|
|
@CollaboratorsHandler.isUserInvitedMemberOfProject = sinon.stub()
|
|
|
|
.callsArgWith(2, null, false)
|
|
|
|
|
|
|
|
it 'should call Project.findOne', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithHigherAccess @token, @userId, (err, project) =>
|
|
|
|
expect(@Project.findOne.callCount).to.equal 1
|
|
|
|
expect(@Project.findOne.calledWith($or: [
|
|
|
|
{'tokens.readAndWrite': @token},
|
|
|
|
{'tokens.readOnly': @token}
|
|
|
|
])).to.equal true
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should call isUserInvitedMemberOfProject', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithHigherAccess @token, @userId, (err, project) =>
|
|
|
|
expect(@CollaboratorsHandler.isUserInvitedMemberOfProject.callCount)
|
|
|
|
.to.equal 1
|
|
|
|
expect(@CollaboratorsHandler.isUserInvitedMemberOfProject.calledWith(
|
|
|
|
@userId, @project._id
|
|
|
|
)).to.equal true
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should not produce a project', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithHigherAccess @token, @userId, (err, project) =>
|
|
|
|
expect(err).to.not.exist
|
|
|
|
expect(project).to.not.exist
|
|
|
|
done()
|
2017-10-16 08:20:15 -04:00
|
|
|
|
|
|
|
describe 'when Project.findOne produces an error', ->
|
|
|
|
beforeEach ->
|
|
|
|
@Project.findOne = sinon.stub().callsArgWith(2, new Error('woops'))
|
|
|
|
|
|
|
|
it 'should produce an error', (done) ->
|
2017-11-01 07:50:04 -04:00
|
|
|
@TokenAccessHandler.findProjectWithHigherAccess @token, @userId, (err, project) =>
|
2017-10-16 08:20:15 -04:00
|
|
|
expect(err).to.exist
|
|
|
|
expect(project).to.not.exist
|
|
|
|
expect(err).to.be.instanceof Error
|
|
|
|
done()
|
|
|
|
|
2017-11-01 07:50:04 -04:00
|
|
|
describe 'when isUserInvitedMemberOfProject produces an error', ->
|
|
|
|
beforeEach ->
|
|
|
|
@Project.findOne = sinon.stub().callsArgWith(2, null, @project)
|
|
|
|
@CollaboratorsHandler.isUserInvitedMemberOfProject = sinon.stub()
|
|
|
|
.callsArgWith(2, new Error('woops'))
|
|
|
|
|
|
|
|
it 'should produce an error', (done) ->
|
|
|
|
@TokenAccessHandler.findProjectWithHigherAccess @token, @userId, (err, project) =>
|
|
|
|
expect(err).to.exist
|
|
|
|
expect(project).to.not.exist
|
|
|
|
expect(err).to.be.instanceof Error
|
|
|
|
done()
|
2017-10-16 08:20:15 -04:00
|
|
|
|
2017-10-03 05:02:26 -04:00
|
|
|
describe 'addReadOnlyUserToProject', ->
|
|
|
|
beforeEach ->
|
|
|
|
@Project.update = sinon.stub().callsArgWith(2, null)
|
|
|
|
|
|
|
|
it 'should call Project.update', (done) ->
|
|
|
|
@TokenAccessHandler.addReadOnlyUserToProject @userId, @projectId, (err) =>
|
|
|
|
expect(@Project.update.callCount).to.equal 1
|
|
|
|
expect(@Project.update.calledWith({
|
|
|
|
_id: @projectId
|
|
|
|
})).to.equal true
|
|
|
|
expect(@Project.update.lastCall.args[1]['$addToSet'])
|
|
|
|
.to.have.keys 'tokenAccessReadOnly_refs'
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should not produce an error', (done) ->
|
|
|
|
@TokenAccessHandler.addReadOnlyUserToProject @userId, @projectId, (err) =>
|
|
|
|
expect(err).to.not.exist
|
|
|
|
done()
|
|
|
|
|
|
|
|
describe 'when Project.update produces an error', ->
|
|
|
|
beforeEach ->
|
|
|
|
@Project.update = sinon.stub().callsArgWith(2, new Error('woops'))
|
|
|
|
|
|
|
|
it 'should produce an error', (done) ->
|
|
|
|
@TokenAccessHandler.addReadOnlyUserToProject @userId, @projectId, (err) =>
|
|
|
|
expect(err).to.exist
|
|
|
|
done()
|
|
|
|
|
|
|
|
|
|
|
|
describe 'addReadAndWriteUserToProject', ->
|
|
|
|
beforeEach ->
|
|
|
|
@Project.update = sinon.stub().callsArgWith(2, null)
|
|
|
|
|
|
|
|
it 'should call Project.update', (done) ->
|
|
|
|
@TokenAccessHandler.addReadAndWriteUserToProject @userId, @projectId, (err) =>
|
|
|
|
expect(@Project.update.callCount).to.equal 1
|
|
|
|
expect(@Project.update.calledWith({
|
|
|
|
_id: @projectId
|
|
|
|
})).to.equal true
|
|
|
|
expect(@Project.update.lastCall.args[1]['$addToSet'])
|
|
|
|
.to.have.keys 'tokenAccessReadAndWrite_refs'
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should not produce an error', (done) ->
|
|
|
|
@TokenAccessHandler.addReadAndWriteUserToProject @userId, @projectId, (err) =>
|
|
|
|
expect(err).to.not.exist
|
|
|
|
done()
|
|
|
|
|
|
|
|
describe 'when Project.update produces an error', ->
|
|
|
|
beforeEach ->
|
|
|
|
@Project.update = sinon.stub().callsArgWith(2, new Error('woops'))
|
|
|
|
|
|
|
|
it 'should produce an error', (done) ->
|
|
|
|
@TokenAccessHandler.addReadAndWriteUserToProject @userId, @projectId, (err) =>
|
|
|
|
expect(err).to.exist
|
|
|
|
done()
|
|
|
|
|
|
|
|
|
2017-10-18 08:04:37 -04:00
|
|
|
describe 'grantSessionTokenAccess', ->
|
2017-10-03 05:02:26 -04:00
|
|
|
beforeEach ->
|
|
|
|
@req = {session: {}, headers: {}}
|
|
|
|
|
|
|
|
it 'should add the token to the session', (done) ->
|
2017-10-18 08:04:37 -04:00
|
|
|
@TokenAccessHandler.grantSessionTokenAccess(@req, @projectId, @token)
|
|
|
|
expect(@req.session.anonTokenAccess[@projectId.toString()])
|
2017-10-03 05:02:26 -04:00
|
|
|
.to.equal @token
|
|
|
|
done()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2017-10-18 08:04:37 -04:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
describe 'isValidToken', ->
|
|
|
|
|
|
|
|
describe 'when a read-only project is found', ->
|
|
|
|
|
|
|
|
beforeEach ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadAndWriteToken = sinon.stub()
|
|
|
|
.callsArgWith(1, null, null)
|
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken = sinon.stub()
|
|
|
|
.callsArgWith(1, null, @project)
|
|
|
|
|
|
|
|
it 'should try to find projects with both kinds of token', (done) ->
|
|
|
|
@TokenAccessHandler.isValidToken @projectId, @token, (err, allowed) =>
|
|
|
|
expect(@TokenAccessHandler.findProjectWithReadAndWriteToken.callCount)
|
|
|
|
.to.equal 1
|
|
|
|
expect(@TokenAccessHandler.findProjectWithReadOnlyToken.callCount)
|
|
|
|
.to.equal 1
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should allow read-only access', (done) ->
|
|
|
|
@TokenAccessHandler.isValidToken @projectId, @token, (err, rw, ro) =>
|
|
|
|
expect(err).to.not.exist
|
|
|
|
expect(rw).to.equal false
|
|
|
|
expect(ro).to.equal true
|
|
|
|
done()
|
|
|
|
|
|
|
|
describe 'when a read-and-write project is found', ->
|
|
|
|
|
|
|
|
beforeEach ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadAndWriteToken = sinon.stub()
|
|
|
|
.callsArgWith(1, null, @project)
|
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken = sinon.stub()
|
|
|
|
.callsArgWith(1, null, null)
|
|
|
|
|
|
|
|
it 'should try to find projects with both kinds of token', (done) ->
|
|
|
|
@TokenAccessHandler.isValidToken @projectId, @token, (err, allowed) =>
|
|
|
|
expect(@TokenAccessHandler.findProjectWithReadAndWriteToken.callCount)
|
|
|
|
.to.equal 1
|
|
|
|
expect(@TokenAccessHandler.findProjectWithReadOnlyToken.callCount)
|
|
|
|
.to.equal 1
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should allow read-and-write access', (done) ->
|
|
|
|
@TokenAccessHandler.isValidToken @projectId, @token, (err, rw, ro) =>
|
|
|
|
expect(err).to.not.exist
|
|
|
|
expect(rw).to.equal true
|
|
|
|
expect(ro).to.equal false
|
|
|
|
done()
|
2017-10-03 05:02:26 -04:00
|
|
|
|
|
|
|
describe 'when no project is found', ->
|
|
|
|
beforeEach ->
|
2017-10-18 08:04:37 -04:00
|
|
|
@TokenAccessHandler.findProjectWithReadAndWriteToken = sinon.stub()
|
|
|
|
.callsArgWith(1, null, null)
|
2017-10-03 05:02:26 -04:00
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken = sinon.stub()
|
|
|
|
.callsArgWith(1, null, null)
|
|
|
|
|
2017-10-18 08:04:37 -04:00
|
|
|
it 'should try to find projects with both kinds of token', (done) ->
|
|
|
|
@TokenAccessHandler.isValidToken @projectId, @token, (err, allowed) =>
|
|
|
|
expect(@TokenAccessHandler.findProjectWithReadAndWriteToken.callCount)
|
|
|
|
.to.equal 1
|
2017-10-03 05:02:26 -04:00
|
|
|
expect(@TokenAccessHandler.findProjectWithReadOnlyToken.callCount)
|
|
|
|
.to.equal 1
|
|
|
|
done()
|
|
|
|
|
2017-10-18 08:04:37 -04:00
|
|
|
it 'should not allow any access', (done) ->
|
|
|
|
@TokenAccessHandler.isValidToken @projectId, @token, (err, rw, ro) =>
|
2017-10-03 05:02:26 -04:00
|
|
|
expect(err).to.not.exist
|
2017-10-18 08:04:37 -04:00
|
|
|
expect(rw).to.equal false
|
|
|
|
expect(ro).to.equal false
|
2017-10-03 05:02:26 -04:00
|
|
|
done()
|
|
|
|
|
2017-10-18 08:04:37 -04:00
|
|
|
describe 'when findProject produces an error', ->
|
2017-10-03 05:02:26 -04:00
|
|
|
beforeEach ->
|
2017-10-18 08:04:37 -04:00
|
|
|
@TokenAccessHandler.findProjectWithReadAndWriteToken = sinon.stub()
|
|
|
|
.callsArgWith(1, null, null)
|
2017-10-03 05:02:26 -04:00
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken = sinon.stub()
|
|
|
|
.callsArgWith(1, new Error('woops'))
|
|
|
|
|
2017-10-18 08:04:37 -04:00
|
|
|
it 'should try to find projects with both kinds of token', (done) ->
|
|
|
|
@TokenAccessHandler.isValidToken @projectId, @token, (err, allowed) =>
|
|
|
|
expect(@TokenAccessHandler.findProjectWithReadAndWriteToken.callCount)
|
|
|
|
.to.equal 1
|
2017-10-03 05:02:26 -04:00
|
|
|
expect(@TokenAccessHandler.findProjectWithReadOnlyToken.callCount)
|
|
|
|
.to.equal 1
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should produce an error and not allow access', (done) ->
|
2017-10-18 08:04:37 -04:00
|
|
|
@TokenAccessHandler.isValidToken @projectId, @token, (err, rw, ro) =>
|
2017-10-03 05:02:26 -04:00
|
|
|
expect(err).to.exist
|
|
|
|
expect(err).to.be.instanceof Error
|
2017-10-18 08:04:37 -04:00
|
|
|
expect(rw).to.equal undefined
|
|
|
|
expect(ro).to.equal undefined
|
2017-10-03 05:02:26 -04:00
|
|
|
done()
|
|
|
|
|
|
|
|
describe 'when project is not set to token-based access', ->
|
|
|
|
beforeEach ->
|
|
|
|
@project.publicAccesLevel = 'private'
|
|
|
|
|
2017-10-18 08:04:37 -04:00
|
|
|
describe 'for read-and-write project', ->
|
|
|
|
beforeEach ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadAndWriteToken = sinon.stub()
|
|
|
|
.callsArgWith(1, null, @project)
|
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken = sinon.stub()
|
|
|
|
.callsArgWith(1, null, null)
|
|
|
|
|
|
|
|
it 'should try to find projects with both kinds of token', (done) ->
|
|
|
|
@TokenAccessHandler.isValidToken @projectId, @token, (err, allowed) =>
|
|
|
|
expect(@TokenAccessHandler.findProjectWithReadAndWriteToken.callCount)
|
|
|
|
.to.equal 1
|
|
|
|
expect(@TokenAccessHandler.findProjectWithReadOnlyToken.callCount)
|
|
|
|
.to.equal 1
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should not allow any access', (done) ->
|
|
|
|
@TokenAccessHandler.isValidToken @projectId, @token, (err, rw, ro) =>
|
|
|
|
expect(err).to.not.exist
|
|
|
|
expect(rw).to.equal false
|
|
|
|
expect(ro).to.equal false
|
|
|
|
done()
|
|
|
|
|
|
|
|
describe 'for read-only project', ->
|
|
|
|
beforeEach ->
|
|
|
|
@TokenAccessHandler.findProjectWithReadAndWriteToken = sinon.stub()
|
|
|
|
.callsArgWith(1, null, null)
|
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken = sinon.stub()
|
|
|
|
.callsArgWith(1, null, @project)
|
|
|
|
|
|
|
|
it 'should try to find projects with both kinds of token', (done) ->
|
|
|
|
@TokenAccessHandler.isValidToken @projectId, @token, (err, allowed) =>
|
|
|
|
expect(@TokenAccessHandler.findProjectWithReadAndWriteToken.callCount)
|
|
|
|
.to.equal 1
|
|
|
|
expect(@TokenAccessHandler.findProjectWithReadOnlyToken.callCount)
|
|
|
|
.to.equal 1
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should not allow any access', (done) ->
|
|
|
|
@TokenAccessHandler.isValidToken @projectId, @token, (err, rw, ro) =>
|
|
|
|
expect(err).to.not.exist
|
|
|
|
expect(rw).to.equal false
|
|
|
|
expect(ro).to.equal false
|
|
|
|
done()
|
2017-10-03 05:02:26 -04:00
|
|
|
|
|
|
|
describe 'with nothing', ->
|
|
|
|
beforeEach ->
|
2017-10-18 08:04:37 -04:00
|
|
|
@TokenAccessHandler.findProjectWithReadAndWriteToken = sinon.stub()
|
|
|
|
.callsArgWith(1, null, @project)
|
|
|
|
@TokenAccessHandler.findProjectWithReadOnlyToken = sinon.stub()
|
|
|
|
.callsArgWith(1, null, null)
|
2017-10-03 05:02:26 -04:00
|
|
|
|
|
|
|
it 'should not call findProjectWithReadOnlyToken', (done) ->
|
2017-10-18 08:04:37 -04:00
|
|
|
@TokenAccessHandler.isValidToken @projectId, null, (err, allowed) =>
|
|
|
|
expect(@TokenAccessHandler.findProjectWithReadOnlyToken.callCount)
|
|
|
|
.to.equal 0
|
|
|
|
done()
|
|
|
|
|
|
|
|
it 'should try to find projects with both kinds of token', (done) ->
|
|
|
|
@TokenAccessHandler.isValidToken @projectId, null, (err, allowed) =>
|
|
|
|
expect(@TokenAccessHandler.findProjectWithReadAndWriteToken.callCount)
|
|
|
|
.to.equal 0
|
2017-10-03 05:02:26 -04:00
|
|
|
expect(@TokenAccessHandler.findProjectWithReadOnlyToken.callCount)
|
|
|
|
.to.equal 0
|
|
|
|
done()
|
|
|
|
|
2017-10-18 08:04:37 -04:00
|
|
|
it 'should not allow any access', (done) ->
|
|
|
|
@TokenAccessHandler.isValidToken @projectId, null, (err, rw, ro) =>
|
2017-10-03 05:02:26 -04:00
|
|
|
expect(err).to.not.exist
|
2017-10-18 08:04:37 -04:00
|
|
|
expect(rw).to.equal false
|
|
|
|
expect(ro).to.equal false
|
2017-10-03 05:02:26 -04:00
|
|
|
done()
|
2017-10-19 11:26:01 -04:00
|
|
|
|
|
|
|
describe 'protectTokens', ->
|
|
|
|
beforeEach ->
|
|
|
|
@project = {tokens: {readAndWrite: 'rw', readOnly: 'ro'}}
|
|
|
|
|
|
|
|
it 'should hide write token from read-only user', ->
|
|
|
|
@TokenAccessHandler.protectTokens(@project, 'readOnly')
|
|
|
|
expect(@project.tokens.readAndWrite).to.equal ''
|
|
|
|
expect(@project.tokens.readOnly).to.equal 'ro'
|
|
|
|
|
|
|
|
it 'should hide read token from read-write user', ->
|
|
|
|
@TokenAccessHandler.protectTokens(@project, 'readAndWrite')
|
|
|
|
expect(@project.tokens.readAndWrite).to.equal 'rw'
|
|
|
|
expect(@project.tokens.readOnly).to.equal ''
|
|
|
|
|
|
|
|
it 'should leave tokens in place for owner', ->
|
|
|
|
@TokenAccessHandler.protectTokens(@project, 'owner')
|
|
|
|
expect(@project.tokens.readAndWrite).to.equal 'rw'
|
|
|
|
expect(@project.tokens.readOnly).to.equal 'ro'
|
2018-09-25 05:42:04 -04:00
|
|
|
|
2018-12-20 06:50:58 -05:00
|
|
|
describe 'getDocPublishedInfo', ->
|
2018-09-25 05:42:04 -04:00
|
|
|
beforeEach ->
|
|
|
|
@callback = sinon.stub()
|
|
|
|
|
|
|
|
describe 'when v1 api not set', ->
|
|
|
|
beforeEach ->
|
2018-12-20 06:50:58 -05:00
|
|
|
@TokenAccessHandler.getV1DocPublishedInfo @token, @callback
|
2018-09-25 05:42:04 -04:00
|
|
|
|
2018-10-02 11:16:46 -04:00
|
|
|
it 'should not check access and return default info', ->
|
2018-09-25 05:42:04 -04:00
|
|
|
expect(@V1Api.request.called).to.equal false
|
2018-10-02 11:16:46 -04:00
|
|
|
expect(@callback.calledWith null, {
|
|
|
|
allow: true
|
2018-12-20 06:50:58 -05:00
|
|
|
}).to.equal true
|
|
|
|
|
|
|
|
describe 'when v1 api is set', ->
|
|
|
|
beforeEach ->
|
|
|
|
@settings.apis = { v1: 'v1' }
|
|
|
|
|
|
|
|
describe 'on V1Api.request success', ->
|
|
|
|
beforeEach ->
|
|
|
|
@V1Api.request = sinon.stub().callsArgWith(1, null, null, 'mock-data')
|
|
|
|
@TokenAccessHandler.getV1DocPublishedInfo @token, @callback
|
|
|
|
|
|
|
|
it 'should return response body', ->
|
|
|
|
expect(@V1Api.request.calledWith { url: "/api/v1/sharelatex/docs/#{@token}/is_published" }).to.equal true
|
|
|
|
expect(@callback.calledWith null, 'mock-data').to.equal true
|
|
|
|
|
|
|
|
describe 'on V1Api.request error', ->
|
|
|
|
beforeEach ->
|
|
|
|
@V1Api.request = sinon.stub().callsArgWith(1, 'error')
|
|
|
|
@TokenAccessHandler.getV1DocPublishedInfo @token, @callback
|
|
|
|
|
|
|
|
it 'should callback with error', ->
|
|
|
|
expect(@callback.calledWith 'error').to.equal true
|
|
|
|
|
|
|
|
describe 'getV1DocInfo', ->
|
|
|
|
beforeEach ->
|
|
|
|
@v2UserId = 123
|
|
|
|
@callback = sinon.stub()
|
|
|
|
|
|
|
|
describe 'when v1 api not set', ->
|
|
|
|
beforeEach ->
|
|
|
|
@TokenAccessHandler.getV1DocInfo @token, @v2UserId, @callback
|
|
|
|
|
|
|
|
it 'should not check access and return default info', ->
|
|
|
|
expect(@V1Api.request.called).to.equal false
|
|
|
|
expect(@callback.calledWith null, {
|
2018-10-02 11:16:46 -04:00
|
|
|
exists: true
|
|
|
|
exported: false
|
|
|
|
}).to.equal true
|
2018-09-25 05:42:04 -04:00
|
|
|
|
|
|
|
describe 'when v1 api is set', ->
|
|
|
|
beforeEach ->
|
|
|
|
@settings.apis = { v1: 'v1' }
|
|
|
|
|
2018-12-20 06:50:58 -05:00
|
|
|
describe 'on UserGetter.getUser success', ->
|
|
|
|
beforeEach ->
|
|
|
|
@UserGetter.getUser = sinon.stub().yields(null, {
|
|
|
|
overleaf: { id: 1 }
|
|
|
|
})
|
|
|
|
@TokenAccessHandler.getV1DocInfo @token, @v2UserId, @callback
|
|
|
|
|
|
|
|
it 'should get user', ->
|
|
|
|
expect(@UserGetter.getUser.calledWith(@v2UserId)).to.equal true
|
|
|
|
|
|
|
|
describe 'on UserGetter.getUser error', ->
|
|
|
|
beforeEach ->
|
|
|
|
@error = new Error('failed to get user')
|
|
|
|
@UserGetter.getUser = sinon.stub().yields(@error)
|
|
|
|
@TokenAccessHandler.getV1DocInfo @token, @v2UserId, @callback
|
|
|
|
|
|
|
|
it 'should callback with error', ->
|
|
|
|
expect(@callback.calledWith @error).to.equal true
|
|
|
|
|
|
|
|
describe 'on V1Api.request success', ->
|
2018-09-25 05:42:04 -04:00
|
|
|
beforeEach ->
|
2018-12-20 06:50:58 -05:00
|
|
|
@v1UserId = 1
|
|
|
|
@UserGetter.getUser = sinon.stub().yields(null, {
|
|
|
|
overleaf: { id: @v1UserId }
|
|
|
|
})
|
2018-10-02 11:16:46 -04:00
|
|
|
@V1Api.request = sinon.stub().callsArgWith(1, null, null, 'mock-data')
|
2018-12-20 06:50:58 -05:00
|
|
|
@TokenAccessHandler.getV1DocInfo @token, @v2UserId, @callback
|
2018-09-25 05:42:04 -04:00
|
|
|
|
2018-10-02 11:16:46 -04:00
|
|
|
it 'should return response body', ->
|
2018-12-20 06:50:58 -05:00
|
|
|
expect(@V1Api.request.calledWith { url: "/api/v1/sharelatex/users/#{@v1UserId}/docs/#{@token}/info" }).to.equal true
|
2018-10-02 11:16:46 -04:00
|
|
|
expect(@callback.calledWith null, 'mock-data').to.equal true
|
2018-09-25 05:42:04 -04:00
|
|
|
|
2018-12-20 06:50:58 -05:00
|
|
|
describe 'on V1Api.request error', ->
|
2018-09-25 05:42:04 -04:00
|
|
|
beforeEach ->
|
2018-12-20 06:50:58 -05:00
|
|
|
@UserGetter.getUser = sinon.stub().yields(null, {
|
|
|
|
overleaf: { id: 1 }
|
|
|
|
})
|
2018-09-25 05:42:04 -04:00
|
|
|
@V1Api.request = sinon.stub().callsArgWith(1, 'error')
|
2018-12-20 06:50:58 -05:00
|
|
|
@TokenAccessHandler.getV1DocInfo @token, @v2UserId, @callback
|
2018-09-25 05:42:04 -04:00
|
|
|
|
|
|
|
it 'should callback with error', ->
|
|
|
|
expect(@callback.calledWith 'error').to.equal true
|