Run test that require db access (#5796)

as mongo only. also seperate out into own section of test.
2019-07-10 13:25:29 -04:00
parent 815b7c6e05
commit 76ce9e1a5c
1 changed files with 42 additions and 37 deletions
--- a/spec/ParseUser.spec.js
+++ b/spec/ParseUser.spec.js
@@ -3847,41 +3847,46 @@ describe('Parse.User testing', () => {
      }
    );
  });
-
-  it('should validate credentials first and check if account already linked afterwards (GHSA-8w3j-g983-8jh5)', async done => {
-    // Add User to Database with authData
-    const database = Config.get(Parse.applicationId).database;
-    const collection = await database.adapter._adaptiveCollection('_User');
-    await collection.insertOne({
-      _id: 'ABCDEF1234',
-      name: '<some_name>',
-      email: '<some_email>',
-      username: '<some_username>',
-      _hashed_password: '<some_password>',
-      _auth_data_custom: {
-        id: 'linkedID', // Already linked userid
-      },
-      sessionToken: '<some_session_token>',
-    });
-    const provider = {
-      getAuthType: () => 'custom',
-      restoreAuthentication: () => true,
-    }; // AuthProvider checks if password is 'password'
-    Parse.User._registerAuthenticationProvider(provider);
-
-    // Try to link second user with wrong password
-    try {
-      const user = await Parse.AnonymousUtils.logIn();
-      await user._linkWith(provider.getAuthType(), {
-        authData: { id: 'linkedID', password: 'wrong' },
-      });
-    } catch (error) {
-      // This should throw Parse.Error.SESSION_MISSING and not Parse.Error.ACCOUNT_ALREADY_LINKED
-      expect(error.code).toEqual(Parse.Error.SESSION_MISSING);
-      done();
-      return;
-    }
-    fail();
-    done();
-  });
+});
+
+describe('Security Advisory GHSA-8w3j-g983-8jh5', function() {
+  it_only_db('mongo')(
+    'should validate credentials first and check if account already linked afterwards ()',
+    async done => {
+      // Add User to Database with authData
+      const database = Config.get(Parse.applicationId).database;
+      const collection = await database.adapter._adaptiveCollection('_User');
+      await collection.insertOne({
+        _id: 'ABCDEF1234',
+        name: '<some_name>',
+        email: '<some_email>',
+        username: '<some_username>',
+        _hashed_password: '<some_password>',
+        _auth_data_custom: {
+          id: 'linkedID', // Already linked userid
+        },
+        sessionToken: '<some_session_token>',
+      });
+      const provider = {
+        getAuthType: () => 'custom',
+        restoreAuthentication: () => true,
+      }; // AuthProvider checks if password is 'password'
+      Parse.User._registerAuthenticationProvider(provider);
+
+      // Try to link second user with wrong password
+      try {
+        const user = await Parse.AnonymousUtils.logIn();
+        await user._linkWith(provider.getAuthType(), {
+          authData: { id: 'linkedID', password: 'wrong' },
+        });
+      } catch (error) {
+        // This should throw Parse.Error.SESSION_MISSING and not Parse.Error.ACCOUNT_ALREADY_LINKED
+        expect(error.code).toEqual(Parse.Error.SESSION_MISSING);
+        done();
+        return;
+      }
+      fail();
+      done();
+    }
+  );
 });