mudhorn/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2024-11-10 22:54:05 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity
n8n/packages/cli/test/integration/publicApi/users.ee.test.ts

344 lines
8.8 KiB
TypeScript
Raw Blame History

import type express from 'express';
import validator from 'validator';
import { v4 as uuid } from 'uuid';
import config from '@/config';
import type { Role } from '@/databases/entities/Role';
import { randomApiKey } from '../shared/random';
import * as utils from '../shared/utils';
import * as testDb from '../shared/testDb';
import { License } from '@/License';
let app: express.Application;
let globalOwnerRole: Role;
let globalMemberRole: Role;
const licenseLike = {
getUsersLimit: jest.fn().mockReturnValue(-1),
};
utils.mockInstance(License, licenseLike);
beforeAll(async () => {
app = await utils.initTestServer({
endpointGroups: ['publicApi'],
applyAuth: false,
enablePublicAPI: true,
});
await testDb.init();
const [fetchedGlobalOwnerRole, fetchedGlobalMemberRole] = await testDb.getAllRoles();
globalOwnerRole = fetchedGlobalOwnerRole;
globalMemberRole = fetchedGlobalMemberRole;
});
beforeEach(async () => {
// do not combine calls - shared tables must be cleared first and separately
await testDb.truncate(['SharedCredentials', 'SharedWorkflow']);
await testDb.truncate(['User', 'Workflow', 'Credentials']);
config.set('userManagement.disabled', false);
config.set('userManagement.isInstanceOwnerSetUp', true);
config.set('userManagement.emails.mode', 'smtp');
});
afterAll(async () => {
await testDb.terminate();
});
describe('With license unlimited quota:users', () => {
test('GET /users should fail due to missing API Key', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const authOwnerAgent = utils.createAgent(app, {
apiPath: 'public',
version: 1,
auth: true,
user: owner,
});
await testDb.createUser();
const response = await authOwnerAgent.get('/users');
expect(response.statusCode).toBe(401);
});
test('GET /users should fail due to invalid API Key', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole, apiKey: randomApiKey() });
owner.apiKey = null;
const authOwnerAgent = utils.createAgent(app, {
apiPath: 'public',
version: 1,
auth: true,
user: owner,
});
const response = await authOwnerAgent.get('/users');
expect(response.statusCode).toBe(401);
});
test('GET /users should fail due to member trying to access owner only endpoint', async () => {
const member = await testDb.createUser({ apiKey: randomApiKey() });
const authOwnerAgent = utils.createAgent(app, {
apiPath: 'public',
version: 1,
auth: true,
user: member,
});
const response = await authOwnerAgent.get('/users');
expect(response.statusCode).toBe(403);
});
test('GET /users should return all users', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole, apiKey: randomApiKey() });
const authOwnerAgent = utils.createAgent(app, {
apiPath: 'public',
version: 1,
auth: true,
user: owner,
});
await testDb.createUser();
const response = await authOwnerAgent.get('/users');
expect(response.statusCode).toBe(200);
expect(response.body.data.length).toBe(2);
expect(response.body.nextCursor).toBeNull();
for (const user of response.body.data) {
const {
id,
email,
firstName,
lastName,
personalizationAnswers,
globalRole,
password,
resetPasswordToken,
isPending,
createdAt,
updatedAt,
} = user;
expect(validator.isUUID(id)).toBe(true);
expect(email).toBeDefined();
expect(firstName).toBeDefined();
expect(lastName).toBeDefined();
expect(personalizationAnswers).toBeUndefined();
expect(password).toBeUndefined();
expect(resetPasswordToken).toBeUndefined();
expect(isPending).toBe(false);
expect(globalRole).toBeUndefined();
expect(createdAt).toBeDefined();
expect(updatedAt).toBeDefined();
}
});
test('GET /users/:identifier should fail due to missing API Key', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const authOwnerAgent = utils.createAgent(app, {
apiPath: 'public',
version: 1,
auth: true,
user: owner,
});
await testDb.createUser();
const response = await authOwnerAgent.get(`/users/${owner.id}`);
expect(response.statusCode).toBe(401);
});
test('GET /users/:identifier should fail due to invalid API Key', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole, apiKey: randomApiKey() });
owner.apiKey = null;
const authOwnerAgent = utils.createAgent(app, {
apiPath: 'public',
version: 1,
auth: true,
user: owner,
});
const response = await authOwnerAgent.get(`/users/${owner.id}`);
expect(response.statusCode).toBe(401);
});
test('GET /users/:identifier should fail due to member trying to access owner only endpoint', async () => {
const member = await testDb.createUser({ apiKey: randomApiKey() });
const authOwnerAgent = utils.createAgent(app, {
apiPath: 'public',
version: 1,
auth: true,
user: member,
});
const response = await authOwnerAgent.get(`/users/${member.id}`);
expect(response.statusCode).toBe(403);
});
test('GET /users/:email with non-existing email should return 404', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole, apiKey: randomApiKey() });
const authOwnerAgent = utils.createAgent(app, {
apiPath: 'public',
version: 1,
auth: true,
user: owner,
});
const response = await authOwnerAgent.get('/users/jhondoe@gmail.com');
expect(response.statusCode).toBe(404);
});
test('GET /users/:id with non-existing id should return 404', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole, apiKey: randomApiKey() });
const authOwnerAgent = utils.createAgent(app, {
apiPath: 'public',
version: 1,
auth: true,
user: owner,
});
const response = await authOwnerAgent.get(`/users/${uuid()}`);
expect(response.statusCode).toBe(404);
});
test('GET /users/:email should return a user', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole, apiKey: randomApiKey() });
const authOwnerAgent = utils.createAgent(app, {
apiPath: 'public',
version: 1,
auth: true,
user: owner,
});
const response = await authOwnerAgent.get(`/users/${owner.email}`);
expect(response.statusCode).toBe(200);
const {
id,
email,
firstName,
lastName,
personalizationAnswers,
globalRole,
password,
resetPasswordToken,
isPending,
createdAt,
updatedAt,
} = response.body;
expect(validator.isUUID(id)).toBe(true);
expect(email).toBeDefined();
expect(firstName).toBeDefined();
expect(lastName).toBeDefined();
expect(personalizationAnswers).toBeUndefined();
expect(password).toBeUndefined();
expect(resetPasswordToken).toBeUndefined();
expect(isPending).toBe(false);
expect(globalRole).toBeUndefined();
expect(createdAt).toBeDefined();
expect(updatedAt).toBeDefined();
});
test('GET /users/:id should return a pending user', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole, apiKey: randomApiKey() });
const { id: memberId } = await testDb.createUserShell(globalMemberRole);
const authOwnerAgent = utils.createAgent(app, {
apiPath: 'public',
version: 1,
auth: true,
user: owner,
});
const response = await authOwnerAgent.get(`/users/${memberId}`);
expect(response.statusCode).toBe(200);
const {
id,
email,
firstName,
lastName,
personalizationAnswers,
globalRole,
password,
resetPasswordToken,
isPending,
createdAt,
updatedAt,
} = response.body;
expect(validator.isUUID(id)).toBe(true);
expect(email).toBeDefined();
expect(firstName).toBeDefined();
expect(lastName).toBeDefined();
expect(personalizationAnswers).toBeUndefined();
expect(password).toBeUndefined();
expect(resetPasswordToken).toBeUndefined();
expect(globalRole).toBeUndefined();
expect(createdAt).toBeDefined();
expect(isPending).toBeDefined();
expect(isPending).toBeTruthy();
expect(updatedAt).toBeDefined();
});
});
describe('With license without quota:users', () => {
beforeEach(async () => {
utils.mockInstance(License, { getUsersLimit: jest.fn().mockReturnValue(null) });
});
test('GET /users should fail due to invalid license', async () => {
const member = await testDb.createUser({ apiKey: randomApiKey() });
const authOwnerAgent = utils.createAgent(app, {
apiPath: 'public',
version: 1,
auth: true,
user: member,
});
const response = await authOwnerAgent.get('/users');
expect(response.statusCode).toBe(403);
});
test('GET /users/:id should fail due to invalid license', async () => {
const member = await testDb.createUser({ apiKey: randomApiKey() });
const authOwnerAgent = utils.createAgent(app, {
apiPath: 'public',
version: 1,
auth: true,
user: member,
});
const response = await authOwnerAgent.get(`/users/${member.id}`);
expect(response.statusCode).toBe(403);
});
});
Reference in a new issue View git blame Copy permalink