2023-01-05 04:28:40 -08:00
|
|
|
import { v4 as uuid } from 'uuid';
|
2023-10-25 07:35:22 -07:00
|
|
|
import { Container } from 'typedi';
|
2024-08-22 02:10:37 -07:00
|
|
|
import { SecurityAuditService } from '@/security-audit/security-audit.service';
|
2023-11-13 02:50:43 -08:00
|
|
|
import { OFFICIAL_RISKY_NODE_TYPES, NODES_REPORT } from '@/security-audit/constants';
|
|
|
|
import { toReportTitle } from '@/security-audit/utils';
|
2024-08-22 02:10:37 -07:00
|
|
|
import { LoadNodesAndCredentials } from '@/load-nodes-and-credentials';
|
|
|
|
import { NodeTypes } from '@/node-types';
|
2023-10-09 07:09:23 -07:00
|
|
|
import { CommunityPackagesService } from '@/services/communityPackages.service';
|
2023-11-10 06:04:26 -08:00
|
|
|
import { WorkflowRepository } from '@db/repositories/workflow.repository';
|
|
|
|
|
|
|
|
import { mockInstance } from '../../shared/mocking';
|
|
|
|
import { getRiskSection, MOCK_PACKAGE, saveManualTriggerWorkflow } from './utils';
|
|
|
|
import * as testDb from '../shared/testDb';
|
2023-09-20 06:21:42 -07:00
|
|
|
|
2023-02-21 10:21:56 -08:00
|
|
|
const nodesAndCredentials = mockInstance(LoadNodesAndCredentials);
|
|
|
|
nodesAndCredentials.getCustomDirectories.mockReturnValue([]);
|
|
|
|
mockInstance(NodeTypes);
|
2023-10-09 07:09:23 -07:00
|
|
|
const communityPackagesService = mockInstance(CommunityPackagesService);
|
|
|
|
Container.set(CommunityPackagesService, communityPackagesService);
|
2023-01-05 04:28:40 -08:00
|
|
|
|
2023-11-13 02:50:43 -08:00
|
|
|
let securityAuditService: SecurityAuditService;
|
|
|
|
|
2023-01-05 04:28:40 -08:00
|
|
|
beforeAll(async () => {
|
2023-01-13 09:12:22 -08:00
|
|
|
await testDb.init();
|
2023-11-13 02:50:43 -08:00
|
|
|
|
|
|
|
securityAuditService = new SecurityAuditService(Container.get(WorkflowRepository));
|
2023-01-05 04:28:40 -08:00
|
|
|
});
|
|
|
|
|
|
|
|
beforeEach(async () => {
|
2023-01-13 09:12:22 -08:00
|
|
|
await testDb.truncate(['Workflow']);
|
2023-01-05 04:28:40 -08:00
|
|
|
});
|
|
|
|
|
|
|
|
afterAll(async () => {
|
2023-01-13 09:12:22 -08:00
|
|
|
await testDb.terminate();
|
2023-09-01 06:13:19 -07:00
|
|
|
jest.resetAllMocks();
|
2023-01-05 04:28:40 -08:00
|
|
|
});
|
|
|
|
|
|
|
|
test('should report risky official nodes', async () => {
|
2023-10-09 07:09:23 -07:00
|
|
|
communityPackagesService.getAllInstalledPackages.mockResolvedValue(MOCK_PACKAGE);
|
2023-01-05 04:28:40 -08:00
|
|
|
const map = [...OFFICIAL_RISKY_NODE_TYPES].reduce<{ [nodeType: string]: string }>((acc, cur) => {
|
|
|
|
return (acc[cur] = uuid()), acc;
|
|
|
|
}, {});
|
|
|
|
|
|
|
|
const promises = Object.entries(map).map(async ([nodeType, nodeId]) => {
|
2023-11-10 06:04:26 -08:00
|
|
|
const details = Container.get(WorkflowRepository).create({
|
2023-01-05 04:28:40 -08:00
|
|
|
name: 'My Test Workflow',
|
|
|
|
active: false,
|
|
|
|
connections: {},
|
|
|
|
nodes: [
|
|
|
|
{
|
|
|
|
id: nodeId,
|
|
|
|
name: 'My Node',
|
|
|
|
type: nodeType,
|
|
|
|
typeVersion: 1,
|
|
|
|
position: [0, 0] as [number, number],
|
2023-06-20 10:13:18 -07:00
|
|
|
parameters: {},
|
2023-01-05 04:28:40 -08:00
|
|
|
},
|
|
|
|
],
|
2023-06-20 10:13:18 -07:00
|
|
|
});
|
2023-01-05 04:28:40 -08:00
|
|
|
|
2024-01-17 07:08:50 -08:00
|
|
|
return await Container.get(WorkflowRepository).save(details);
|
2023-01-05 04:28:40 -08:00
|
|
|
});
|
|
|
|
|
|
|
|
await Promise.all(promises);
|
|
|
|
|
2023-11-13 02:50:43 -08:00
|
|
|
const testAudit = await securityAuditService.run(['nodes']);
|
2023-01-05 04:28:40 -08:00
|
|
|
|
|
|
|
const section = getRiskSection(
|
|
|
|
testAudit,
|
|
|
|
NODES_REPORT.RISK,
|
|
|
|
NODES_REPORT.SECTIONS.OFFICIAL_RISKY_NODES,
|
|
|
|
);
|
|
|
|
|
|
|
|
expect(section.location).toHaveLength(OFFICIAL_RISKY_NODE_TYPES.size);
|
|
|
|
|
|
|
|
for (const loc of section.location) {
|
|
|
|
if (loc.kind === 'node') {
|
|
|
|
expect(loc.nodeId).toBe(map[loc.nodeType]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should not report non-risky official nodes', async () => {
|
2023-10-09 07:09:23 -07:00
|
|
|
communityPackagesService.getAllInstalledPackages.mockResolvedValue(MOCK_PACKAGE);
|
2023-01-05 04:28:40 -08:00
|
|
|
await saveManualTriggerWorkflow();
|
|
|
|
|
2023-11-13 02:50:43 -08:00
|
|
|
const testAudit = await securityAuditService.run(['nodes']);
|
|
|
|
|
2023-01-23 08:41:55 -08:00
|
|
|
if (Array.isArray(testAudit)) return;
|
2023-01-05 04:28:40 -08:00
|
|
|
|
2023-01-23 08:41:55 -08:00
|
|
|
const report = testAudit[toReportTitle('nodes')];
|
2023-11-13 02:50:43 -08:00
|
|
|
|
2023-01-05 04:28:40 -08:00
|
|
|
if (!report) return;
|
|
|
|
|
|
|
|
for (const section of report.sections) {
|
|
|
|
expect(section.title).not.toBe(NODES_REPORT.SECTIONS.OFFICIAL_RISKY_NODES);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
|
|
|
test('should report community nodes', async () => {
|
2023-10-09 07:09:23 -07:00
|
|
|
communityPackagesService.getAllInstalledPackages.mockResolvedValue(MOCK_PACKAGE);
|
2023-01-05 04:28:40 -08:00
|
|
|
|
2023-11-13 02:50:43 -08:00
|
|
|
const testAudit = await securityAuditService.run(['nodes']);
|
2023-01-05 04:28:40 -08:00
|
|
|
|
|
|
|
const section = getRiskSection(
|
|
|
|
testAudit,
|
|
|
|
NODES_REPORT.RISK,
|
|
|
|
NODES_REPORT.SECTIONS.COMMUNITY_NODES,
|
|
|
|
);
|
|
|
|
|
|
|
|
expect(section.location).toHaveLength(1);
|
|
|
|
|
|
|
|
if (section.location[0].kind === 'community') {
|
|
|
|
expect(section.location[0].nodeType).toBe(MOCK_PACKAGE[0].installedNodes[0].type);
|
|
|
|
}
|
|
|
|
});
|