2023-02-17 01:59:09 -08:00
|
|
|
import type { CookieOptions, Response } from 'express';
|
|
|
|
import { anyObject, captor, mock } from 'jest-mock-extended';
|
|
|
|
import jwt from 'jsonwebtoken';
|
|
|
|
import type { User } from '@db/entities/User';
|
2023-11-10 06:04:26 -08:00
|
|
|
import type { SettingsRepository } from '@db/repositories/settings.repository';
|
2023-12-27 02:50:43 -08:00
|
|
|
import config from '@/config';
|
2023-02-17 01:59:09 -08:00
|
|
|
import type { OwnerRequest } from '@/requests';
|
2023-11-08 07:29:39 -08:00
|
|
|
import { OwnerController } from '@/controllers/owner.controller';
|
2023-02-17 01:59:09 -08:00
|
|
|
import { AUTH_COOKIE_NAME } from '@/constants';
|
2023-08-22 06:58:05 -07:00
|
|
|
import { UserService } from '@/services/user.service';
|
2023-11-10 06:04:26 -08:00
|
|
|
import { License } from '@/License';
|
|
|
|
|
|
|
|
import { mockInstance } from '../../shared/mocking';
|
|
|
|
import { badPasswords } from '../shared/testData';
|
2023-11-28 01:19:27 -08:00
|
|
|
import { BadRequestError } from '@/errors/response-errors/bad-request.error';
|
2023-12-11 09:23:42 -08:00
|
|
|
import { PasswordUtility } from '@/services/password.utility';
|
|
|
|
import Container from 'typedi';
|
2023-12-27 02:50:43 -08:00
|
|
|
import type { InternalHooks } from '@/InternalHooks';
|
2023-02-17 01:59:09 -08:00
|
|
|
|
|
|
|
describe('OwnerController', () => {
|
2023-12-27 02:50:43 -08:00
|
|
|
const configGetSpy = jest.spyOn(config, 'getEnv');
|
|
|
|
const internalHooks = mock<InternalHooks>();
|
2023-08-22 06:58:05 -07:00
|
|
|
const userService = mockInstance(UserService);
|
2023-04-12 01:59:14 -07:00
|
|
|
const settingsRepository = mock<SettingsRepository>();
|
2023-11-10 06:04:26 -08:00
|
|
|
mockInstance(License).isWithinUsersLimit.mockReturnValue(true);
|
2023-08-25 04:23:22 -07:00
|
|
|
const controller = new OwnerController(
|
2023-10-25 07:35:22 -07:00
|
|
|
mock(),
|
2023-02-17 01:59:09 -08:00
|
|
|
internalHooks,
|
2023-08-25 04:23:22 -07:00
|
|
|
settingsRepository,
|
|
|
|
userService,
|
2023-12-11 09:23:42 -08:00
|
|
|
Container.get(PasswordUtility),
|
2023-12-27 02:50:43 -08:00
|
|
|
mock(),
|
2023-08-25 04:23:22 -07:00
|
|
|
);
|
2023-02-17 01:59:09 -08:00
|
|
|
|
|
|
|
describe('setupOwner', () => {
|
|
|
|
it('should throw a BadRequestError if the instance owner is already setup', async () => {
|
2023-12-27 02:50:43 -08:00
|
|
|
configGetSpy.mockReturnValue(true);
|
2023-05-23 17:01:45 -07:00
|
|
|
await expect(controller.setupOwner(mock(), mock())).rejects.toThrowError(
|
2023-02-17 01:59:09 -08:00
|
|
|
new BadRequestError('Instance owner already setup'),
|
|
|
|
);
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should throw a BadRequestError if the email is invalid', async () => {
|
2023-12-27 02:50:43 -08:00
|
|
|
configGetSpy.mockReturnValue(false);
|
2023-02-17 01:59:09 -08:00
|
|
|
const req = mock<OwnerRequest.Post>({ body: { email: 'invalid email' } });
|
2023-05-23 17:01:45 -07:00
|
|
|
await expect(controller.setupOwner(req, mock())).rejects.toThrowError(
|
2023-02-17 01:59:09 -08:00
|
|
|
new BadRequestError('Invalid email address'),
|
|
|
|
);
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('should throw if the password is invalid', () => {
|
|
|
|
Object.entries(badPasswords).forEach(([password, errorMessage]) => {
|
|
|
|
it(password, async () => {
|
2023-12-27 02:50:43 -08:00
|
|
|
configGetSpy.mockReturnValue(false);
|
2023-02-17 01:59:09 -08:00
|
|
|
const req = mock<OwnerRequest.Post>({ body: { email: 'valid@email.com', password } });
|
2023-05-23 17:01:45 -07:00
|
|
|
await expect(controller.setupOwner(req, mock())).rejects.toThrowError(
|
2023-02-17 01:59:09 -08:00
|
|
|
new BadRequestError(errorMessage),
|
|
|
|
);
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should throw a BadRequestError if firstName & lastName are missing ', async () => {
|
2023-12-27 02:50:43 -08:00
|
|
|
configGetSpy.mockReturnValue(false);
|
2023-02-17 01:59:09 -08:00
|
|
|
const req = mock<OwnerRequest.Post>({
|
|
|
|
body: { email: 'valid@email.com', password: 'NewPassword123', firstName: '', lastName: '' },
|
|
|
|
});
|
2023-05-23 17:01:45 -07:00
|
|
|
await expect(controller.setupOwner(req, mock())).rejects.toThrowError(
|
2023-02-17 01:59:09 -08:00
|
|
|
new BadRequestError('First and last names are mandatory'),
|
|
|
|
);
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should setup the instance owner successfully', async () => {
|
|
|
|
const user = mock<User>({
|
|
|
|
id: 'userId',
|
|
|
|
globalRole: { scope: 'global', name: 'owner' },
|
|
|
|
authIdentities: [],
|
|
|
|
});
|
|
|
|
const req = mock<OwnerRequest.Post>({
|
|
|
|
body: {
|
|
|
|
email: 'valid@email.com',
|
|
|
|
password: 'NewPassword123',
|
|
|
|
firstName: 'Jane',
|
|
|
|
lastName: 'Doe',
|
|
|
|
},
|
|
|
|
user,
|
|
|
|
});
|
|
|
|
const res = mock<Response>();
|
2023-12-27 02:50:43 -08:00
|
|
|
configGetSpy.mockReturnValue(false);
|
2023-08-22 06:58:05 -07:00
|
|
|
userService.save.calledWith(anyObject()).mockResolvedValue(user);
|
2023-02-17 01:59:09 -08:00
|
|
|
jest.spyOn(jwt, 'sign').mockImplementation(() => 'signed-token');
|
|
|
|
|
|
|
|
await controller.setupOwner(req, res);
|
|
|
|
|
2023-08-22 06:58:05 -07:00
|
|
|
expect(userService.save).toHaveBeenCalledWith(user);
|
2023-02-17 01:59:09 -08:00
|
|
|
|
|
|
|
const cookieOptions = captor<CookieOptions>();
|
|
|
|
expect(res.cookie).toHaveBeenCalledWith(AUTH_COOKIE_NAME, 'signed-token', cookieOptions);
|
|
|
|
expect(cookieOptions.value.httpOnly).toBe(true);
|
|
|
|
expect(cookieOptions.value.sameSite).toBe('lax');
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|