joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add master key override to live query ACL checks (#4133)

Browse Source 
* Add master key override to live query ACL checks

* Fix mockClient so masterKey tests work correctly
This commit is contained in:
Jeremy May
2017-09-09 13:26:18 -04:00
committed by Florent Vilmart
parent 52c4dd3704
commit 121d151af9
3 changed files with 103 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

86
spec/ParseLiveQueryServer.spec.js
View File

@@ -12,7 +12,7 @@ describe('ParseLiveQueryServer', function() {
var mockParseWebSocketServer = jasmine.createSpy('ParseWebSocketServer');
jasmine.mockLibrary('../src/LiveQuery/ParseWebSocketServer', 'ParseWebSocketServer', mockParseWebSocketServer);
// Mock Client
var mockClient = function() {
var mockClient = function(id, socket, hasMasterKey) {
this.pushConnect = jasmine.createSpy('pushConnect');
this.pushSubscribe = jasmine.createSpy('pushSubscribe');
this.pushUnsubscribe = jasmine.createSpy('pushUnsubscribe');
@@ -24,6 +24,7 @@ describe('ParseLiveQueryServer', function() {
this.addSubscriptionInfo = jasmine.createSpy('addSubscriptionInfo');
this.getSubscriptionInfo = jasmine.createSpy('getSubscriptionInfo');
this.deleteSubscriptionInfo = jasmine.createSpy('deleteSubscriptionInfo');
this.hasMasterKey = hasMasterKey;
}
mockClient.pushError = jasmine.createSpy('pushError');
jasmine.mockLibrary('../src/LiveQuery/Client', 'Client', mockClient);
@@ -1018,6 +1019,89 @@ describe('ParseLiveQueryServer', function() {
expect(parseLiveQueryServer._validateKeys(request, parseLiveQueryServer.keyPairs)).toBeTruthy();
});
it('can validate client has master key when valid', function() {
var parseLiveQueryServer = new ParseLiveQueryServer({}, {
keyPairs: {
masterKey: 'test'
}
});
var request = {
masterKey: 'test'
};
expect(parseLiveQueryServer._hasMasterKey(request, parseLiveQueryServer.keyPairs)).toBeTruthy();
});
it('can validate client doesn\'t have master key when invalid', function() {
var parseLiveQueryServer = new ParseLiveQueryServer({}, {
keyPairs: {
masterKey: 'test'
}
});
var request = {
masterKey: 'notValid'
};
expect(parseLiveQueryServer._hasMasterKey(request, parseLiveQueryServer.keyPairs)).not.toBeTruthy();
});
it('can validate client doesn\'t have master key when not provided', function() {
var parseLiveQueryServer = new ParseLiveQueryServer({}, {
keyPairs: {
masterKey: 'test'
}
});
expect(parseLiveQueryServer._hasMasterKey({}, parseLiveQueryServer.keyPairs)).not.toBeTruthy();
});
it('can validate client doesn\'t have master key when validKeyPairs is empty', function() {
var parseLiveQueryServer = new ParseLiveQueryServer({}, {});
var request = {
masterKey: 'test'
};
expect(parseLiveQueryServer._hasMasterKey(request, parseLiveQueryServer.keyPairs)).not.toBeTruthy();
});
it('will match non-public ACL when client has master key', function(done){
var parseLiveQueryServer = new ParseLiveQueryServer(10, 10, {});
var acl = new Parse.ACL();
acl.setPublicReadAccess(false);
var client = {
getSubscriptionInfo: jasmine.createSpy('getSubscriptionInfo').and.returnValue({
}),
hasMasterKey: true
};
var requestId = 0;
parseLiveQueryServer._matchesACL(acl, client, requestId).then(function(isMatched) {
expect(isMatched).toBe(true);
done();
});
});
it('won\'t match non-public ACL when client has no master key', function(done){
var parseLiveQueryServer = new ParseLiveQueryServer(10, 10, {});
var acl = new Parse.ACL();
acl.setPublicReadAccess(false);
var client = {
getSubscriptionInfo: jasmine.createSpy('getSubscriptionInfo').and.returnValue({
}),
hasMasterKey: false
};
var requestId = 0;
parseLiveQueryServer._matchesACL(acl, client, requestId).then(function(isMatched) {
expect(isMatched).toBe(false);
done();
});
});
afterEach(function(){
jasmine.restoreLibrary('../src/LiveQuery/ParseWebSocketServer', 'ParseWebSocketServer');
jasmine.restoreLibrary('../src/LiveQuery/Client', 'Client');