From 9cd6b4e6adf96bd72ea2184085e9e6577859614e Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Thu, 2 Nov 2017 15:16:04 +0000 Subject: [PATCH] Test for when anon write access is disabled --- .../acceptance/coffee/TokenAccessTests.coffee | 31 +++++++++++++++++-- 1 file changed, 29 insertions(+), 2 deletions(-) diff --git a/services/web/test/acceptance/coffee/TokenAccessTests.coffee b/services/web/test/acceptance/coffee/TokenAccessTests.coffee index 14d099476d..d1a4f52882 100644 --- a/services/web/test/acceptance/coffee/TokenAccessTests.coffee +++ b/services/web/test/acceptance/coffee/TokenAccessTests.coffee @@ -263,9 +263,36 @@ describe 'TokenAccess', -> , done) if !settings.allowAnonymousReadAndWriteSharing - console.log ">> Skipping anonymous read-write token tests" + describe 'anonymous read-and-write token, disabled', -> + before (done) -> + @owner.createProject "token-anon-rw-test#{Math.random()}", (err, project_id) => + return done(err) if err? + @project_id = project_id + @owner.makeTokenBased @project_id, (err) => + return done(err) if err? + @owner.getProject @project_id, (err, project) => + return done(err) if err? + @tokens = project.tokens + done() + + it 'should deny access before the token is used', (done) -> + try_read_access(@anon, @project_id, (response, body) => + expect(response.statusCode).to.equal 302 + expect(body).to.match /.*\/restricted.*/ + , done) + + it 'should not allow the user to access read-and-write token', (done) -> + try_read_and_write_token_access(@anon, @tokens.readAndWrite, (response, body) => + expect(response.statusCode).to.equal 404 + , done) + + it 'should not allow the user to join the project', (done) -> + try_anon_content_access(@anon, @project_id, @tokens.readAndWrite, (response, body) => + expect(body.privilegeLevel).to.equal false + , done) + else - describe 'anonymous read-and-write token', -> + describe 'anonymous read-and-write token, enabled', -> before (done) -> @owner.createProject "token-anon-rw-test#{Math.random()}", (err, project_id) => return done(err) if err?