joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
979af97b017a0f86142f2c9bf53e7f2f2255125f
kami-parse-server/spec/LogsRouter.spec.js
Florent Vilmart d83a0b6808 Use Prettier JS (#5017) 
* Adds prettier

* Run lint before tests
2018-09-01 13:58:06 -04:00

190 lines
5.1 KiB
JavaScript
Raw Blame History

'use strict';
const request = require('request');
const LogsRouter = require('../lib/Routers/LogsRouter').LogsRouter;
const LoggerController = require('../lib/Controllers/LoggerController')
.LoggerController;
const WinstonLoggerAdapter = require('../lib/Adapters/Logger/WinstonLoggerAdapter')
.WinstonLoggerAdapter;
const loggerController = new LoggerController(new WinstonLoggerAdapter());
describe('LogsRouter', () => {
it('can check valid master key of request', done => {
// Make mock request
const request = {
auth: {
isMaster: true,
},
query: {},
config: {
loggerController: loggerController,
},
};
const router = new LogsRouter();
expect(() => {
router.validateRequest(request);
}).not.toThrow();
done();
});
it('can check invalid construction of controller', done => {
// Make mock request
const request = {
auth: {
isMaster: true,
},
query: {},
config: {
loggerController: undefined, // missing controller
},
};
const router = new LogsRouter();
expect(() => {
router.validateRequest(request);
}).toThrow();
done();
});
it('can check invalid master key of request', done => {
request.get(
{
url: 'http://localhost:8378/1/scriptlog',
json: true,
headers: {
'X-Parse-Application-Id': 'test',
'X-Parse-REST-API-Key': 'rest',
},
},
(error, response, body) => {
expect(response.statusCode).toEqual(403);
expect(body.error).toEqual('unauthorized: master key is required');
done();
}
);
});
const headers = {
'X-Parse-Application-Id': 'test',
'X-Parse-REST-API-Key': 'rest',
'X-Parse-Master-Key': 'test',
};
/**
* Verifies simple passwords in GET login requests with special characters are scrubbed from the verbose log
*/
it('does scrub simple passwords on GET login', done => {
reconfigureServer({
verbose: true,
}).then(function() {
request.get(
{
headers: headers,
url:
'http://localhost:8378/1/login?username=test&password=simplepass.com',
},
() => {
request.get(
{
url: 'http://localhost:8378/1/scriptlog?size=4&level=verbose',
json: true,
headers: headers,
},
(error, response, body) => {
expect(response.statusCode).toEqual(200);
// 4th entry is our actual GET request
expect(body[2].url).toEqual(
'/1/login?username=test&password=********'
);
expect(body[2].message).toEqual(
'REQUEST for [GET] /1/login?username=test&password=********: {}'
);
done();
}
);
}
);
});
});
/**
* Verifies complex passwords in GET login requests with special characters are scrubbed from the verbose log
*/
it('does scrub complex passwords on GET login', done => {
reconfigureServer({
verbose: true,
}).then(function() {
request.get(
{
headers: headers,
// using urlencoded password, 'simple @,/?:&=+$#pass.com'
url:
'http://localhost:8378/1/login?username=test&password=simple%20%40%2C%2F%3F%3A%26%3D%2B%24%23pass.com',
},
() => {
request.get(
{
url: 'http://localhost:8378/1/scriptlog?size=4&level=verbose',
json: true,
headers: headers,
},
(error, response, body) => {
expect(response.statusCode).toEqual(200);
// 4th entry is our actual GET request
expect(body[2].url).toEqual(
'/1/login?username=test&password=********'
);
expect(body[2].message).toEqual(
'REQUEST for [GET] /1/login?username=test&password=********: {}'
);
done();
}
);
}
);
});
});
/**
* Verifies fields in POST login requests are NOT present in the verbose log
*/
it('does not have password field in POST login', done => {
reconfigureServer({
verbose: true,
}).then(function() {
request.post(
{
headers: headers,
url: 'http://localhost:8378/1/login',
data: {
username: 'test',
password: 'simplepass.com',
},
},
() => {
request.get(
{
url: 'http://localhost:8378/1/scriptlog?size=4&level=verbose',
json: true,
headers: headers,
},
(error, response, body) => {
expect(response.statusCode).toEqual(200);
// 4th entry is our actual GET request
expect(body[2].url).toEqual('/1/login');
expect(body[2].message).toEqual(
'REQUEST for [POST] /1/login: {}'
);
done();
}
);
}
);
});
});
});
Reference in New Issue View Git Blame Copy Permalink