mirror of
https://github.com/n8n-io/n8n.git
synced 2025-03-05 20:50:17 -08:00
f4e59499fc
* feat(editor): SSO settings page * feat(editor): SSO settings page * feat(editor): SSO settings page * feat(editor): SSO settings page * feat(editor): SSO settings page * feat(editor): SSO settings page * Merge remote-tracking branch 'origin/master' into pay-170-sso-set-up-page # Conflicts: # packages/cli/src/sso/saml/routes/saml.controller.ee.ts * feat(editor): Prevent SSO settings page route * feat(editor): some UI improvements * fix(editor): SSO settings saml config optional chaining * fix return values saml controller * fix(editor): drop dompurify * fix(editor): save xml as is * return authenticationMethod with settings * fix(editor): add missing prop to server * chore(editor): code formatting * fix ldap/saml enable toggle endpoint * fix missing import * prevent faulty ldap setting from breaking startup * remove sso fake-door from users page * fix(editor): update SSO settings route permissions + unit testing * fix(editor): update vite config for test * fix(editor): add paddings to SSO settings page buttons, add translation * fix(editor): fix saml unit test * fix(core): Improve saml test connection function (#5899) improve-saml-test-connection return --------- Co-authored-by: Michael Auerswald <michael.auerswald@gmail.com> Co-authored-by: Romain Minaud <romain.minaud@gmail.com>
136 lines
3.6 KiB
TypeScript
136 lines
3.6 KiB
TypeScript
import Container from 'typedi';
|
|
import type { SuperAgentTest } from 'supertest';
|
|
import type { User } from '@db/entities/User';
|
|
import { setSamlLoginEnabled } from '@/sso/saml/samlHelpers';
|
|
import { getCurrentAuthenticationMethod, setCurrentAuthenticationMethod } from '@/sso/ssoHelpers';
|
|
import { License } from '@/License';
|
|
import { randomEmail, randomName, randomValidPassword } from '../shared/random';
|
|
import * as testDb from '../shared/testDb';
|
|
import * as utils from '../shared/utils';
|
|
import { sampleConfig } from './sampleMetadata';
|
|
|
|
let owner: User;
|
|
let authOwnerAgent: SuperAgentTest;
|
|
|
|
async function enableSaml(enable: boolean) {
|
|
await setSamlLoginEnabled(enable);
|
|
}
|
|
|
|
beforeAll(async () => {
|
|
Container.get(License).isSamlEnabled = () => true;
|
|
const app = await utils.initTestServer({ endpointGroups: ['me', 'saml'] });
|
|
owner = await testDb.createOwner();
|
|
authOwnerAgent = utils.createAuthAgent(app)(owner);
|
|
});
|
|
|
|
afterAll(async () => {
|
|
Container.reset();
|
|
await testDb.terminate();
|
|
});
|
|
|
|
describe('Instance owner', () => {
|
|
describe('PATCH /me', () => {
|
|
test('should succeed with valid inputs', async () => {
|
|
await enableSaml(false);
|
|
await authOwnerAgent
|
|
.patch('/me')
|
|
.send({
|
|
email: randomEmail(),
|
|
firstName: randomName(),
|
|
lastName: randomName(),
|
|
password: randomValidPassword(),
|
|
})
|
|
.expect(200);
|
|
});
|
|
|
|
test('should throw BadRequestError if email is changed when SAML is enabled', async () => {
|
|
await enableSaml(true);
|
|
await authOwnerAgent
|
|
.patch('/me')
|
|
.send({
|
|
email: randomEmail(),
|
|
firstName: randomName(),
|
|
lastName: randomName(),
|
|
})
|
|
.expect(400, { code: 400, message: 'SAML user may not change their email' });
|
|
});
|
|
});
|
|
|
|
describe('PATCH /password', () => {
|
|
test('should throw BadRequestError if password is changed when SAML is enabled', async () => {
|
|
await enableSaml(true);
|
|
await authOwnerAgent
|
|
.patch('/me/password')
|
|
.send({
|
|
password: randomValidPassword(),
|
|
})
|
|
.expect(400, {
|
|
code: 400,
|
|
message: 'With SAML enabled, users need to use their SAML provider to change passwords',
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('POST /sso/saml/config', () => {
|
|
test('should post saml config', async () => {
|
|
await authOwnerAgent
|
|
.post('/sso/saml/config')
|
|
.send({
|
|
...sampleConfig,
|
|
loginEnabled: true,
|
|
})
|
|
.expect(200);
|
|
expect(getCurrentAuthenticationMethod()).toBe('saml');
|
|
});
|
|
});
|
|
|
|
describe('POST /sso/saml/config/toggle', () => {
|
|
test('should toggle saml as default authentication method', async () => {
|
|
await enableSaml(true);
|
|
expect(getCurrentAuthenticationMethod()).toBe('saml');
|
|
|
|
await authOwnerAgent
|
|
.post('/sso/saml/config/toggle')
|
|
.send({
|
|
loginEnabled: false,
|
|
})
|
|
.expect(200);
|
|
expect(getCurrentAuthenticationMethod()).toBe('email');
|
|
|
|
await authOwnerAgent
|
|
.post('/sso/saml/config/toggle')
|
|
.send({
|
|
loginEnabled: true,
|
|
})
|
|
.expect(200);
|
|
expect(getCurrentAuthenticationMethod()).toBe('saml');
|
|
});
|
|
});
|
|
|
|
describe('POST /sso/saml/config/toggle', () => {
|
|
test('should fail enable saml if default authentication is not email', async () => {
|
|
await enableSaml(true);
|
|
|
|
await authOwnerAgent
|
|
.post('/sso/saml/config/toggle')
|
|
.send({
|
|
loginEnabled: false,
|
|
})
|
|
.expect(200);
|
|
expect(getCurrentAuthenticationMethod()).toBe('email');
|
|
|
|
await setCurrentAuthenticationMethod('ldap');
|
|
expect(getCurrentAuthenticationMethod()).toBe('ldap');
|
|
|
|
await authOwnerAgent
|
|
.post('/sso/saml/config/toggle')
|
|
.send({
|
|
loginEnabled: true,
|
|
})
|
|
.expect(500);
|
|
|
|
expect(getCurrentAuthenticationMethod()).toBe('ldap');
|
|
});
|
|
});
|
|
});
|