2023-02-17 01:59:09 -08:00
|
|
|
import type { CookieOptions, Response } from 'express';
|
|
|
|
import { anyObject, captor, mock } from 'jest-mock-extended';
|
|
|
|
import type { ILogger } from 'n8n-workflow';
|
|
|
|
import jwt from 'jsonwebtoken';
|
2023-04-12 01:59:14 -07:00
|
|
|
import type { IInternalHooksClass } from '@/Interfaces';
|
2023-02-17 01:59:09 -08:00
|
|
|
import type { User } from '@db/entities/User';
|
2023-08-22 06:58:05 -07:00
|
|
|
import type { SettingsRepository } from '@db/repositories';
|
2023-02-17 01:59:09 -08:00
|
|
|
import type { Config } from '@/config';
|
|
|
|
import { BadRequestError } from '@/ResponseHelper';
|
|
|
|
import type { OwnerRequest } from '@/requests';
|
|
|
|
import { OwnerController } from '@/controllers';
|
|
|
|
import { badPasswords } from '../shared/testData';
|
|
|
|
import { AUTH_COOKIE_NAME } from '@/constants';
|
2023-08-22 06:58:05 -07:00
|
|
|
import { UserService } from '@/services/user.service';
|
|
|
|
import Container from 'typedi';
|
|
|
|
import { mockInstance } from '../../integration/shared/utils';
|
2023-02-17 01:59:09 -08:00
|
|
|
|
|
|
|
describe('OwnerController', () => {
|
|
|
|
const config = mock<Config>();
|
|
|
|
const logger = mock<ILogger>();
|
|
|
|
const internalHooks = mock<IInternalHooksClass>();
|
2023-08-22 06:58:05 -07:00
|
|
|
const userService = mockInstance(UserService);
|
|
|
|
Container.set(UserService, userService);
|
2023-04-12 01:59:14 -07:00
|
|
|
const settingsRepository = mock<SettingsRepository>();
|
2023-02-17 01:59:09 -08:00
|
|
|
const controller = new OwnerController({
|
|
|
|
config,
|
|
|
|
logger,
|
|
|
|
internalHooks,
|
|
|
|
repositories: {
|
|
|
|
Settings: settingsRepository,
|
|
|
|
},
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('setupOwner', () => {
|
|
|
|
it('should throw a BadRequestError if the instance owner is already setup', async () => {
|
|
|
|
config.getEnv.calledWith('userManagement.isInstanceOwnerSetUp').mockReturnValue(true);
|
2023-05-23 17:01:45 -07:00
|
|
|
await expect(controller.setupOwner(mock(), mock())).rejects.toThrowError(
|
2023-02-17 01:59:09 -08:00
|
|
|
new BadRequestError('Instance owner already setup'),
|
|
|
|
);
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should throw a BadRequestError if the email is invalid', async () => {
|
|
|
|
config.getEnv.calledWith('userManagement.isInstanceOwnerSetUp').mockReturnValue(false);
|
|
|
|
const req = mock<OwnerRequest.Post>({ body: { email: 'invalid email' } });
|
2023-05-23 17:01:45 -07:00
|
|
|
await expect(controller.setupOwner(req, mock())).rejects.toThrowError(
|
2023-02-17 01:59:09 -08:00
|
|
|
new BadRequestError('Invalid email address'),
|
|
|
|
);
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('should throw if the password is invalid', () => {
|
|
|
|
Object.entries(badPasswords).forEach(([password, errorMessage]) => {
|
|
|
|
it(password, async () => {
|
|
|
|
config.getEnv.calledWith('userManagement.isInstanceOwnerSetUp').mockReturnValue(false);
|
|
|
|
const req = mock<OwnerRequest.Post>({ body: { email: 'valid@email.com', password } });
|
2023-05-23 17:01:45 -07:00
|
|
|
await expect(controller.setupOwner(req, mock())).rejects.toThrowError(
|
2023-02-17 01:59:09 -08:00
|
|
|
new BadRequestError(errorMessage),
|
|
|
|
);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should throw a BadRequestError if firstName & lastName are missing ', async () => {
|
|
|
|
config.getEnv.calledWith('userManagement.isInstanceOwnerSetUp').mockReturnValue(false);
|
|
|
|
const req = mock<OwnerRequest.Post>({
|
|
|
|
body: { email: 'valid@email.com', password: 'NewPassword123', firstName: '', lastName: '' },
|
|
|
|
});
|
2023-05-23 17:01:45 -07:00
|
|
|
await expect(controller.setupOwner(req, mock())).rejects.toThrowError(
|
2023-02-17 01:59:09 -08:00
|
|
|
new BadRequestError('First and last names are mandatory'),
|
|
|
|
);
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should setup the instance owner successfully', async () => {
|
|
|
|
const user = mock<User>({
|
|
|
|
id: 'userId',
|
|
|
|
globalRole: { scope: 'global', name: 'owner' },
|
|
|
|
authIdentities: [],
|
|
|
|
});
|
|
|
|
const req = mock<OwnerRequest.Post>({
|
|
|
|
body: {
|
|
|
|
email: 'valid@email.com',
|
|
|
|
password: 'NewPassword123',
|
|
|
|
firstName: 'Jane',
|
|
|
|
lastName: 'Doe',
|
|
|
|
},
|
|
|
|
user,
|
|
|
|
});
|
|
|
|
const res = mock<Response>();
|
|
|
|
config.getEnv.calledWith('userManagement.isInstanceOwnerSetUp').mockReturnValue(false);
|
2023-08-22 06:58:05 -07:00
|
|
|
userService.save.calledWith(anyObject()).mockResolvedValue(user);
|
2023-02-17 01:59:09 -08:00
|
|
|
jest.spyOn(jwt, 'sign').mockImplementation(() => 'signed-token');
|
|
|
|
|
|
|
|
await controller.setupOwner(req, res);
|
|
|
|
|
2023-08-22 06:58:05 -07:00
|
|
|
expect(userService.save).toHaveBeenCalledWith(user);
|
2023-02-17 01:59:09 -08:00
|
|
|
|
|
|
|
const cookieOptions = captor<CookieOptions>();
|
|
|
|
expect(res.cookie).toHaveBeenCalledWith(AUTH_COOKIE_NAME, 'signed-token', cookieOptions);
|
|
|
|
expect(cookieOptions.value.httpOnly).toBe(true);
|
|
|
|
expect(cookieOptions.value.sameSite).toBe('lax');
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|