2024-09-12 09:07:18 -07:00
|
|
|
import Container from 'typedi';
|
|
|
|
|
|
|
|
import { CredentialsService } from '@/credentials/credentials.service';
|
2024-08-27 07:44:32 -07:00
|
|
|
import type { CredentialsEntity } from '@/databases/entities/credentials-entity';
|
2024-09-12 09:07:18 -07:00
|
|
|
import type { User } from '@/databases/entities/user';
|
|
|
|
import { SharedCredentialsRepository } from '@/databases/repositories/shared-credentials.repository';
|
|
|
|
import { createTeamProject, linkUserToProject } from '@test-integration/db/projects';
|
|
|
|
|
2024-05-17 01:53:15 -07:00
|
|
|
import { saveCredential, shareCredentialWithUsers } from '../shared/db/credentials';
|
|
|
|
import { createMember } from '../shared/db/users';
|
|
|
|
import { randomCredentialPayload } from '../shared/random';
|
2024-08-28 04:59:27 -07:00
|
|
|
import * as testDb from '../shared/test-db';
|
2024-05-17 01:53:15 -07:00
|
|
|
|
|
|
|
const credentialPayload = randomCredentialPayload();
|
|
|
|
let memberWhoOwnsCredential: User;
|
|
|
|
let memberWhoDoesNotOwnCredential: User;
|
|
|
|
let credential: CredentialsEntity;
|
|
|
|
|
|
|
|
beforeAll(async () => {
|
|
|
|
await testDb.init();
|
|
|
|
|
|
|
|
memberWhoOwnsCredential = await createMember();
|
|
|
|
memberWhoDoesNotOwnCredential = await createMember();
|
|
|
|
credential = await saveCredential(credentialPayload, {
|
|
|
|
user: memberWhoOwnsCredential,
|
|
|
|
role: 'credential:owner',
|
|
|
|
});
|
|
|
|
|
|
|
|
await shareCredentialWithUsers(credential, [memberWhoDoesNotOwnCredential]);
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('credentials service', () => {
|
|
|
|
describe('replaceCredentialContentsForSharee', () => {
|
|
|
|
it('should replace the contents of the credential for sharee', async () => {
|
|
|
|
const storedCredential = await Container.get(
|
|
|
|
SharedCredentialsRepository,
|
|
|
|
).findCredentialForUser(credential.id, memberWhoDoesNotOwnCredential, ['credential:read']);
|
|
|
|
|
|
|
|
const decryptedData = Container.get(CredentialsService).decrypt(storedCredential!);
|
|
|
|
|
|
|
|
const mergedCredentials = {
|
|
|
|
id: credential.id,
|
|
|
|
name: credential.name,
|
|
|
|
type: credential.type,
|
|
|
|
data: { accessToken: '' },
|
|
|
|
};
|
|
|
|
|
2024-08-15 01:39:48 -07:00
|
|
|
await Container.get(CredentialsService).replaceCredentialContentsForSharee(
|
2024-05-17 01:53:15 -07:00
|
|
|
memberWhoDoesNotOwnCredential,
|
|
|
|
storedCredential!,
|
|
|
|
decryptedData,
|
|
|
|
mergedCredentials,
|
|
|
|
);
|
|
|
|
|
|
|
|
expect(mergedCredentials.data).toEqual({ accessToken: credentialPayload.data.accessToken });
|
|
|
|
});
|
2024-08-15 01:39:48 -07:00
|
|
|
|
|
|
|
it('should replace the contents of the credential for project viewer', async () => {
|
|
|
|
const [project, viewerMember] = await Promise.all([createTeamProject(), createMember()]);
|
|
|
|
await linkUserToProject(viewerMember, project, 'project:viewer');
|
|
|
|
const projectCredential = await saveCredential(credentialPayload, {
|
|
|
|
project,
|
|
|
|
role: 'credential:owner',
|
|
|
|
});
|
|
|
|
|
|
|
|
const storedProjectCredential = await Container.get(
|
|
|
|
SharedCredentialsRepository,
|
|
|
|
).findCredentialForUser(projectCredential.id, viewerMember, ['credential:read']);
|
|
|
|
|
|
|
|
const decryptedData = Container.get(CredentialsService).decrypt(storedProjectCredential!);
|
|
|
|
|
|
|
|
const mergedCredentials = {
|
|
|
|
id: projectCredential.id,
|
|
|
|
name: projectCredential.name,
|
|
|
|
type: projectCredential.type,
|
|
|
|
data: { accessToken: '' },
|
|
|
|
};
|
|
|
|
|
|
|
|
await Container.get(CredentialsService).replaceCredentialContentsForSharee(
|
|
|
|
viewerMember,
|
|
|
|
storedProjectCredential!,
|
|
|
|
decryptedData,
|
|
|
|
mergedCredentials,
|
|
|
|
);
|
|
|
|
|
|
|
|
expect(mergedCredentials.data).toEqual({ accessToken: credentialPayload.data.accessToken });
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should not replace the contents of the credential for project editor', async () => {
|
|
|
|
const [project, editorMember] = await Promise.all([createTeamProject(), createMember()]);
|
|
|
|
await linkUserToProject(editorMember, project, 'project:editor');
|
|
|
|
const projectCredential = await saveCredential(credentialPayload, {
|
|
|
|
project,
|
|
|
|
role: 'credential:owner',
|
|
|
|
});
|
|
|
|
|
|
|
|
const storedProjectCredential = await Container.get(
|
|
|
|
SharedCredentialsRepository,
|
|
|
|
).findCredentialForUser(projectCredential.id, editorMember, ['credential:read']);
|
|
|
|
|
|
|
|
const decryptedData = Container.get(CredentialsService).decrypt(storedProjectCredential!);
|
|
|
|
|
|
|
|
const originalData = { accessToken: '' };
|
|
|
|
const mergedCredentials = {
|
|
|
|
id: projectCredential.id,
|
|
|
|
name: projectCredential.name,
|
|
|
|
type: projectCredential.type,
|
|
|
|
data: originalData,
|
|
|
|
};
|
|
|
|
|
|
|
|
await Container.get(CredentialsService).replaceCredentialContentsForSharee(
|
|
|
|
editorMember,
|
|
|
|
storedProjectCredential!,
|
|
|
|
decryptedData,
|
|
|
|
mergedCredentials,
|
|
|
|
);
|
|
|
|
|
|
|
|
expect(mergedCredentials.data).toBe(originalData);
|
|
|
|
});
|
2024-05-17 01:53:15 -07:00
|
|
|
});
|
|
|
|
});
|