import { ActiveWorkflowManager } from '@/ActiveWorkflowManager'; import * as utils from './shared/utils/'; import { createUser } from './shared/db/users'; import { mockInstance } from '../shared/mocking'; import type { SuperAgentTest } from './shared/types'; describe('Auth Middleware', () => { mockInstance(ActiveWorkflowManager); const testServer = utils.setupTestServer({ endpointGroups: ['me', 'auth', 'owner', 'users', 'invitations'], }); /** Routes requiring a valid `n8n-auth` cookie for a user, either owner or member. */ const ROUTES_REQUIRING_AUTHENTICATION = [ ['patch', '/me'], ['patch', '/me/password'], ['post', '/me/survey'], ] as const; /** Routes requiring a valid `n8n-auth` cookie for an owner. */ const ROUTES_REQUIRING_AUTHORIZATION = [ ['post', '/invitations'], ['delete', '/users/123'], ] as const; describe('Routes requiring Authentication', () => { [...ROUTES_REQUIRING_AUTHENTICATION, ...ROUTES_REQUIRING_AUTHORIZATION].forEach( ([method, endpoint]) => { test(`${method} ${endpoint} should return 401 Unauthorized if no cookie`, async () => { const { statusCode } = await testServer.authlessAgent[method](endpoint); expect(statusCode).toBe(401); }); }, ); }); describe('Routes requiring Authorization', () => { let authMemberAgent: SuperAgentTest; beforeAll(async () => { const member = await createUser({ role: 'global:member' }); authMemberAgent = testServer.authAgentFor(member); }); ROUTES_REQUIRING_AUTHORIZATION.forEach(async ([method, endpoint]) => { test(`${method} ${endpoint} should return 403 Forbidden for member`, async () => { const { statusCode } = await authMemberAgent[method](endpoint); expect(statusCode).toBe(403); }); }); }); });