mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-30 04:25:17 -05:00
WIP: trying to get acceptance tests to pass
This commit is contained in:
parent
f9ed367148
commit
2ef23194df
11 changed files with 97 additions and 9 deletions
|
@ -12,6 +12,7 @@ UserSessionsManager = require("../User/UserSessionsManager")
|
|||
Analytics = require "../Analytics/AnalyticsManager"
|
||||
passport = require 'passport'
|
||||
NotificationsBuilder = require("../Notifications/NotificationsBuilder")
|
||||
SudoModeHandler = require '../SudoMode/SudoModeHandler'
|
||||
|
||||
module.exports = AuthenticationController =
|
||||
|
||||
|
@ -76,6 +77,7 @@ module.exports = AuthenticationController =
|
|||
AuthenticationController.afterLoginSessionSetup req, user, (err) ->
|
||||
if err?
|
||||
return next(err)
|
||||
SudoModeHandler.activateSudoMode user._id, () ->
|
||||
AuthenticationController._clearRedirectFromSession(req)
|
||||
if req.headers?['accept']?.match(/^application\/json.*$/)
|
||||
res.json {redir: redir}
|
||||
|
|
|
@ -2,6 +2,9 @@ RedisWrapper = require('../../infrastructure/RedisWrapper')
|
|||
rclient = RedisWrapper.client('sudomode')
|
||||
logger = require('logger-sharelatex')
|
||||
AuthenticationManager = require '../Authentication/AuthenticationManager'
|
||||
Settings = require 'settings-sharelatex'
|
||||
V1Handler = require '../V1/V1Handler'
|
||||
UserGetter = require '../User/UserGetter'
|
||||
|
||||
|
||||
TIMEOUT_IN_SECONDS = 60 * 60
|
||||
|
@ -13,6 +16,12 @@ module.exports = SudoModeHandler =
|
|||
"SudoMode:{#{userId}}"
|
||||
|
||||
authenticate: (email, password, callback=(err, user)->) ->
|
||||
if Settings.overleaf?
|
||||
V1Handler.authWithV1 email, password, (err, isValid, v1Profile) ->
|
||||
if !isValid
|
||||
return callback(null, null)
|
||||
UserGetter.getUser {'overleaf.id': v1Profile.id}, callback
|
||||
else
|
||||
AuthenticationManager.authenticate {email}, password, callback
|
||||
|
||||
activateSudoMode: (userId, callback=(err)->) ->
|
||||
|
|
|
@ -7,6 +7,7 @@ Settings = require 'settings-sharelatex'
|
|||
module.exports = SudoModeMiddlewear =
|
||||
|
||||
protectPage: (req, res, next) ->
|
||||
console.log ">>>>>> Settings", Settings.overleaf
|
||||
if req.externalAuthenticationSystemUsed() and !Settings.overleaf?
|
||||
logger.log {userId}, "[SudoMode] using external auth, skipping sudo-mode check"
|
||||
return next()
|
||||
|
|
27
services/web/app/coffee/Features/V1/V1Handler.coffee
Normal file
27
services/web/app/coffee/Features/V1/V1Handler.coffee
Normal file
|
@ -0,0 +1,27 @@
|
|||
V1Api = require './V1Api'
|
||||
Settings = require 'settings-sharelatex'
|
||||
logger = require 'logger-sharelatex'
|
||||
|
||||
|
||||
module.exports = V1Handler =
|
||||
|
||||
authWithV1: (email, password, callback=(err, isValid, v1Profile)->) ->
|
||||
V1Api.request {
|
||||
method: 'POST',
|
||||
url: '/api/v1/sharelatex/login',
|
||||
json: {email, password},
|
||||
expectedStatusCodes: [403]
|
||||
}, (err, response, body) ->
|
||||
if err?
|
||||
logger.err {email, err},
|
||||
"[V1Handler] error while talking to v1 login api"
|
||||
return callback(err)
|
||||
if response.statusCode in [200, 403]
|
||||
isValid = body.valid
|
||||
userProfile = body.user_profile
|
||||
logger.log {email, isValid, v1UserId: body?.user_profile?.id},
|
||||
"[V1Handler] got response from v1 login api"
|
||||
callback(null, isValid, userProfile)
|
||||
else
|
||||
err = new Error("Unexpected status from v1 login api: #{response.statusCode}")
|
||||
callback(err)
|
|
@ -4,6 +4,7 @@ User = require "./helpers/User"
|
|||
request = require "./helpers/request"
|
||||
settings = require "settings-sharelatex"
|
||||
redis = require "./helpers/redis"
|
||||
MockV1Api = require './helpers/MockV1Api'
|
||||
|
||||
describe "Sessions", ->
|
||||
before (done) ->
|
||||
|
@ -254,7 +255,7 @@ describe "Sessions", ->
|
|||
|
||||
describe 'three sessions, sessions page', ->
|
||||
|
||||
before ->
|
||||
before (done) ->
|
||||
# set up second session for this user
|
||||
@user2 = new User()
|
||||
@user2.email = @user1.email
|
||||
|
@ -262,7 +263,23 @@ describe "Sessions", ->
|
|||
@user3 = new User()
|
||||
@user3.email = @user1.email
|
||||
@user3.password = @user1.password
|
||||
|
||||
v1Id = 2345
|
||||
v1User2 = {
|
||||
id: v1Id,
|
||||
email: @user2.email,
|
||||
password: @user2.password,
|
||||
profile:
|
||||
id: v1Id,
|
||||
email: @user2.email
|
||||
}
|
||||
async.series [
|
||||
@user2.login.bind(@user2)
|
||||
(cb) => @user2.mongoUpdate {$set: {'overleaf.id': v1Id}}, cb
|
||||
(cb) =>
|
||||
MockV1Api.setUser v1Id, v1User2
|
||||
cb()
|
||||
@user2.activateSudoMode.bind(@user2)
|
||||
], done
|
||||
|
||||
it "should allow the user to erase the other two sessions", (done) ->
|
||||
async.series(
|
||||
|
|
|
@ -1,18 +1,31 @@
|
|||
should = require('chai').should()
|
||||
async = require("async")
|
||||
User = require "./helpers/User"
|
||||
MockV1Api = require './helpers/MockV1Api'
|
||||
|
||||
describe 'SettingsPage', ->
|
||||
|
||||
before (done) ->
|
||||
@user = new User()
|
||||
@v1Id = 1234
|
||||
@v1User =
|
||||
id: @v1Id
|
||||
email: @user.email
|
||||
password: @user.password
|
||||
profile:
|
||||
id: @v1Id
|
||||
email: @user.email
|
||||
async.series [
|
||||
@user.ensureUserExists.bind(@user)
|
||||
@user.login.bind(@user)
|
||||
(cb) => @user.mongoUpdate {$set: {'overleaf.id': @v1Id}}, cb
|
||||
(cb) =>
|
||||
MockV1Api.setUser @v1Id, @v1User
|
||||
cb()
|
||||
@user.activateSudoMode.bind(@user)
|
||||
], done
|
||||
|
||||
it 'load settigns page', (done) ->
|
||||
it 'load settings page', (done) ->
|
||||
@user.getUserSettingsPage (err, statusCode) ->
|
||||
statusCode.should.equal 200
|
||||
done()
|
||||
|
|
|
@ -76,6 +76,19 @@ module.exports = MockV1Api =
|
|||
@updateEmail parseInt(req.params.id), email
|
||||
return res.sendStatus 200
|
||||
|
||||
app.post "/api/v1/sharelatex/login", (req, res, next) =>
|
||||
for id, user of @users
|
||||
if user.email == req.body.email && user.password == req.body.password
|
||||
return res.json {
|
||||
email: user.email,
|
||||
valid: true,
|
||||
user_profile: user.profile
|
||||
}
|
||||
return res.status(403).json {
|
||||
email: user.email,
|
||||
valid: false
|
||||
}
|
||||
|
||||
app.listen 5000, (error) ->
|
||||
throw error if error?
|
||||
.on "error", (error) ->
|
||||
|
|
|
@ -29,6 +29,7 @@ describe "AuthenticationController", ->
|
|||
untrackSession: sinon.stub()
|
||||
revokeAllUserSessions: sinon.stub().callsArgWith(1, null)
|
||||
"../../infrastructure/Modules": @Modules = {hooks: {fire: sinon.stub().callsArgWith(2, null, [])}}
|
||||
"../SudoMode/SudoModeHandler": @SudoModeHandler = {activateSudoMode: sinon.stub().callsArgWith(1, null)}
|
||||
@user =
|
||||
_id: ObjectId()
|
||||
email: @email = "USER@example.com"
|
||||
|
|
|
@ -28,6 +28,7 @@ describe 'SudoModeController', ->
|
|||
'../Authentication/AuthenticationController': @AuthenticationController
|
||||
'../../infrastructure/Mongoose': {mongo: {ObjectId: () -> 'some_object_id'}}
|
||||
'../User/UserGetter': @UserGetter
|
||||
'settings-sharelatex': @Settings = {}
|
||||
|
||||
describe 'sudoModePrompt', ->
|
||||
beforeEach ->
|
||||
|
|
|
@ -20,6 +20,9 @@ describe 'SudoModeHandler', ->
|
|||
'../../infrastructure/RedisWrapper': @RedisWrapper
|
||||
'logger-sharelatex': @logger = {log: sinon.stub(), err: sinon.stub()}
|
||||
'../Authentication/AuthenticationManager': @AuthenticationManager = {}
|
||||
'settings-sharelatex': @Settings = {}
|
||||
'../V1/V1Handler': @V1Handler = {authWithV1: sinon.stub()}
|
||||
'../User/UserGetter': @UserGetter = {getUser: sinon.stub()}
|
||||
|
||||
describe '_buildKey', ->
|
||||
|
||||
|
|
|
@ -18,6 +18,7 @@ describe 'SudoModeMiddlewear', ->
|
|||
'./SudoModeHandler': @SudoModeHandler
|
||||
'../Authentication/AuthenticationController': @AuthenticationController
|
||||
'logger-sharelatex': {log: sinon.stub(), err: sinon.stub()}
|
||||
'settings-sharelatex': @Settings = {}
|
||||
|
||||
describe 'protectPage', ->
|
||||
beforeEach ->
|
||||
|
|
Loading…
Reference in a new issue