src/test/groups-test.js

/* jslint node:true */
/* global it:false */
/* global describe:false */
/* global before:false */
/* global after:false */

'use strict';

const BoxError = require('../boxerror.js'),
    common = require('./common.js'),
    expect = require('expect.js'),
    groups = require('../groups.js'),
    safe = require('safetydance');

describe('Groups', function () {
    const { setup, cleanup, admin, user } = common;

    before(setup);
    after(cleanup);

    describe('add/get/del', function () {
        let group0Name = 'administrators', group0Object;
        let group1Name = 'externs', group1Object;

        it('cannot add group - too small', async function () {
            const [error] = await safe(groups.add({ name: '' }));
            expect(error.reason).to.be(BoxError.BAD_FIELD);
        });

        it('cannot add group - too big', async function () {
            const [error] = await safe(groups.add({ name: new Array(256).join('a') }));
            expect(error.reason).to.be(BoxError.BAD_FIELD);
        });

        it('cannot add group - bad name', async function () {
            const [error] = await safe(groups.add({ name: 'bad:name' }));
            expect(error.reason).to.be(BoxError.BAD_FIELD);
        });

        it('cannot add group - reserved', async function () {
            const [error] = await safe(groups.add({ name: 'users' }));
            expect(error.reason).to.be(BoxError.BAD_FIELD);
        });

        it('cannot add group - invalid', async function () {
            const [error] = await safe(groups.add({ name: 'cloudron+admin' }));
            expect(error.reason).to.be(BoxError.BAD_FIELD);
        });

        it('cannot add group - invalid source', async function () {
            const [error] = await safe(groups.add({ name: 'somegroup', source: 'unknownsource' }));
            expect(error.reason).to.be(BoxError.BAD_FIELD);
        });

        it('can add valid groups', async function () {
            let [error, result] = await safe(groups.add({ name: group0Name }));
            expect(error).to.be(null);
            group0Object = result;

            [error, result] = await safe(groups.add({ name: group1Name, source: 'ldap' }));
            expect(error).to.be(null);
            group1Object = result;
        });

        it('cannot add existing group with mixed case', async function () {
            const name = group0Name[0].toUpperCase() + group0Name.substr(1);
            const [error] = await safe(groups.add({ name }));
            expect(error.reason).to.be(BoxError.ALREADY_EXISTS);
        });

        it('cannot add existing group', async function () {
            const [error] = await safe(groups.add({name: group0Name, source: 'ldap' }));
            expect(error.reason).to.be(BoxError.ALREADY_EXISTS);
        });

        it('cannot get invalid group', async function () {
            const result = await groups.get('sometrandom');
            expect(result).to.be(null);
        });

        it('can get valid group', async function () {
            const result = await groups.get(group0Object.id);
            expect(result.name).to.equal(group0Name);
        });

        it('isMember returns false', async function () {
            const isMember = await groups.isMember(group0Object.id, admin.id);
            expect(isMember).to.be(false);
        });

        it('can set members', async function () {
            await groups.setMembers(group0Object.id, [ admin.id, user.id ]);
        });

        it('cannot set duplicate members', async function () {
            const [error] = await safe(groups.setMembers(group0Object.id, [ admin.id, user.id, admin.id ]));
            expect(error.reason).to.be(BoxError.CONFLICT);
        });

        it('can list users of group', async function () {
            const result = await groups.getMembers(group0Object.id);
            expect(result.sort()).to.eql([ admin.id, user.id ].sort());
        });

        it('cannot list members of non-existent group', async function () {
            const result = await groups.getMembers('randomgroup');
            expect(result.length).to.be(0); // currently, we cannot differentiate invalid groups and empty groups
        });

        it('cannot delete non-existent member', async function () {
            const [error] = await safe(groups.removeMember(group0Object.id, 'random'));
            expect(error.reason).to.be(BoxError.NOT_FOUND);
        });

        it('cannot remove member from non-existent group', async function () {
            const [error] = await safe(groups.removeMember('randomgroup', admin.id));
            expect(error.reason).to.be(BoxError.NOT_FOUND);
        });

        it('can remove existing member', async function () {
            await groups.removeMember(group0Object.id, user.id);
        });

        it('can getWithMembers', async function () {
            const result = await groups.getWithMembers(group0Object.id);
            expect(result.name).to.be(group0Name);
            expect(result.userIds).to.eql([ admin.id ]);
        });

        it('can set groups', async function () {
            await groups.setMembership(admin.id, [ group0Object.id ]);
        });

        it('cannot set user to same group twice', async function () {
            const [error] = await safe(groups.setMembership(admin.id, [ group0Object.id, group0Object.id ]));
            expect(error.reason).to.be(BoxError.CONFLICT);
        });

        it('can set user to multiple groups', async function () {
            await groups.setMembership(admin.id, [ group0Object.id, group1Object.id ]);
        });

        it('can get groups membership', async function () {
            const groupIds = await groups.getMembership(admin.id);
            expect(groupIds.length).to.be(2);
            expect(groupIds.sort()).to.eql([ group0Object.id, group1Object.id ].sort());
        });

        it('can list', async function () {
            const result = await groups.list();
            expect(result.length).to.be(2);
            expect(result[0].name).to.be(group0Name);
            expect(result[1].name).to.be(group1Name);
        });

        it('can listWithMembers', async function () {
            const result = await groups.listWithMembers();
            expect(result.length).to.be(2);
            expect(result[0].name).to.be(group0Name);
            expect(result[1].userIds).to.eql([ admin.id ]);
            expect(result[1].name).to.be(group1Name);
        });

        it('cannot delete invalid group', async function () {
            const [error] = await safe(groups.remove('random'));
            expect(error.reason).to.be(BoxError.NOT_FOUND);
        });

        it('can delete valid group', async function () {
            await groups.setMembers(group0Object.id, [ admin.id, user.id ]); // ensure group has some members
            await groups.remove(group0Object.id);
        });
    });

    describe('update', function () {
        let groupObject;

        before(async function () {
            let [error, result] = await safe(groups.add({ name: 'kootam' }));
            expect(error).to.be(null);
            groupObject = result;
        });

        it('cannot set empty group name', async function () {
            const [error] = await safe(groups.setName(groupObject, ''));
            expect(error.reason).to.be(BoxError.BAD_FIELD);
        });

        it('cannot set bad group name', async function () {
            const [error] = await safe(groups.setName(groupObject, '!kootam'));
            expect(error.reason).to.be(BoxError.BAD_FIELD);
        });

        it('can set group name', async function () {
            await groups.setName(groupObject, 'kootam2');
            groupObject = await groups.get(groupObject.id);
            expect(groupObject.name).to.be('kootam2');
        });

        it('cannot change ldap group name', async function () {
            const result = await groups.add({ name: 'ldap-kootam', source: 'ldap' });
            const [error] = await safe(groups.setName(result, 'ldap-kootam2'));
            expect(error.reason).to.be(BoxError.BAD_STATE);
        });
    });
});
initial tests for adding group 2016-02-07 20:34:05 -08:00			`/* jslint node:true */`
			`/* global it:false */`
			`/* global describe:false */`
			`/* global before:false */`
			`/* global after:false */`

			`'use strict';`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`const BoxError = require('../boxerror.js'),`
			`common = require('./common.js'),`
initial tests for adding group 2016-02-07 20:34:05 -08:00			`expect = require('expect.js'),`
			`groups = require('../groups.js'),`
async'ify the groups code 2021-06-28 15:15:28 -07:00			`safe = require('safetydance');`
initial tests for adding group 2016-02-07 20:34:05 -08:00
			`describe('Groups', function () {`
tests: cleanup common variables 2021-08-13 10:41:10 -07:00			`const { setup, cleanup, admin, user } = common;`
async'ify the groups code 2021-06-28 15:15:28 -07:00
initial tests for adding group 2016-02-07 20:34:05 -08:00			`before(setup);`
			`after(cleanup);`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`describe('add/get/del', function () {`
			`let group0Name = 'administrators', group0Object;`
			`let group1Name = 'externs', group1Object;`

			`it('cannot add group - too small', async function () {`
			`const [error] = await safe(groups.add({ name: '' }));`
Move GroupsError to BoxError 2019-10-22 16:34:17 -07:00			`expect(error.reason).to.be(BoxError.BAD_FIELD);`
initial tests for adding group 2016-02-07 20:34:05 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot add group - too big', async function () {`
			`const [error] = await safe(groups.add({ name: new Array(256).join('a') }));`
Move GroupsError to BoxError 2019-10-22 16:34:17 -07:00			`expect(error.reason).to.be(BoxError.BAD_FIELD);`
initial tests for adding group 2016-02-07 20:34:05 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot add group - bad name', async function () {`
			`const [error] = await safe(groups.add({ name: 'bad:name' }));`
Move GroupsError to BoxError 2019-10-22 16:34:17 -07:00			`expect(error.reason).to.be(BoxError.BAD_FIELD);`
restrict group names 2016-02-08 09:41:21 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot add group - reserved', async function () {`
			`const [error] = await safe(groups.add({ name: 'users' }));`
Move GroupsError to BoxError 2019-10-22 16:34:17 -07:00			`expect(error.reason).to.be(BoxError.BAD_FIELD);`
Add route to set the users groups 2016-02-09 15:47:02 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot add group - invalid', async function () {`
			`const [error] = await safe(groups.add({ name: 'cloudron+admin' }));`
groups.create() now needs source argument 2020-06-04 14:17:56 +02:00			`expect(error.reason).to.be(BoxError.BAD_FIELD);`
			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot add group - invalid source', async function () {`
			`const [error] = await safe(groups.add({ name: 'somegroup', source: 'unknownsource' }));`
Move GroupsError to BoxError 2019-10-22 16:34:17 -07:00			`expect(error.reason).to.be(BoxError.BAD_FIELD);`
Fix group name validation to not allow hyphen 2016-09-30 12:25:42 -07:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('can add valid groups', async function () {`
			`let [error, result] = await safe(groups.add({ name: group0Name }));`
more group tests 2016-02-07 20:48:06 -08:00			`expect(error).to.be(null);`
use unique ids for groups 2016-09-30 09:18:41 -07:00			`group0Object = result;`
async'ify the groups code 2021-06-28 15:15:28 -07:00
group: cannot set name of ldap group 2024-01-19 22:28:48 +01:00			`[error, result] = await safe(groups.add({ name: group1Name, source: 'ldap' }));`
async'ify the groups code 2021-06-28 15:15:28 -07:00			`expect(error).to.be(null);`
			`group1Object = result;`
more group tests 2016-02-07 20:48:06 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot add existing group with mixed case', async function () {`
			`const name = group0Name[0].toUpperCase() + group0Name.substr(1);`
			`const [error] = await safe(groups.add({ name }));`
Move GroupsError to BoxError 2019-10-22 16:34:17 -07:00			`expect(error.reason).to.be(BoxError.ALREADY_EXISTS);`
always store the group names as lower case 2016-09-30 12:33:18 -07:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot add existing group', async function () {`
			`const [error] = await safe(groups.add({name: group0Name, source: 'ldap' }));`
Move GroupsError to BoxError 2019-10-22 16:34:17 -07:00			`expect(error.reason).to.be(BoxError.ALREADY_EXISTS);`
group members: add/remove/get 2016-02-08 09:41:21 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot get invalid group', async function () {`
			`const result = await groups.get('sometrandom');`
			`expect(result).to.be(null);`
more group tests 2016-02-07 20:48:06 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('can get valid group', async function () {`
			`const result = await groups.get(group0Object.id);`
			`expect(result.name).to.equal(group0Name);`
more group tests 2016-02-07 20:48:06 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('isMember returns false', async function () {`
tests: cleanup common variables 2021-08-13 10:41:10 -07:00			`const isMember = await groups.isMember(group0Object.id, admin.id);`
async'ify the groups code 2021-06-28 15:15:28 -07:00			`expect(isMember).to.be(false);`
more group tests 2016-02-07 20:48:06 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('can set members', async function () {`
tests: cleanup common variables 2021-08-13 10:41:10 -07:00			`await groups.setMembers(group0Object.id, [ admin.id, user.id ]);`
groupMembers: add unique constraint 2020-12-22 10:34:19 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot set duplicate members', async function () {`
tests: cleanup common variables 2021-08-13 10:41:10 -07:00			`const [error] = await safe(groups.setMembers(group0Object.id, [ admin.id, user.id, admin.id ]));`
async'ify the groups code 2021-06-28 15:15:28 -07:00			`expect(error.reason).to.be(BoxError.CONFLICT);`
add groups.isMember 2016-02-08 10:53:01 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('can list users of group', async function () {`
			`const result = await groups.getMembers(group0Object.id);`
make ldap tests pass 2021-08-13 15:49:59 -07:00			`expect(result.sort()).to.eql([ admin.id, user.id ].sort());`
group members: add/remove/get 2016-02-08 09:41:21 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot list members of non-existent group', async function () {`
			`const result = await groups.getMembers('randomgroup');`
group members: add/remove/get 2016-02-08 09:41:21 -08:00			`expect(result.length).to.be(0); // currently, we cannot differentiate invalid groups and empty groups`
			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot delete non-existent member', async function () {`
			`const [error] = await safe(groups.removeMember(group0Object.id, 'random'));`
Move GroupsError to BoxError 2019-10-22 16:34:17 -07:00			`expect(error.reason).to.be(BoxError.NOT_FOUND);`
group members: add/remove/get 2016-02-08 09:41:21 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot remove member from non-existent group', async function () {`
tests: cleanup common variables 2021-08-13 10:41:10 -07:00			`const [error] = await safe(groups.removeMember('randomgroup', admin.id));`
Move GroupsError to BoxError 2019-10-22 16:34:17 -07:00			`expect(error.reason).to.be(BoxError.NOT_FOUND);`
group members: add/remove/get 2016-02-08 09:41:21 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('can remove existing member', async function () {`
tests: cleanup common variables 2021-08-13 10:41:10 -07:00			`await groups.removeMember(group0Object.id, user.id);`
test setting group members 2016-09-29 15:15:25 -07:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('can getWithMembers', async function () {`
			`const result = await groups.getWithMembers(group0Object.id);`
			`expect(result.name).to.be(group0Name);`
tests: cleanup common variables 2021-08-13 10:41:10 -07:00			`expect(result.userIds).to.eql([ admin.id ]);`
groupMembers: add unique constraint 2020-12-22 10:34:19 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('can set groups', async function () {`
tests: cleanup common variables 2021-08-13 10:41:10 -07:00			`await groups.setMembership(admin.id, [ group0Object.id ]);`
group members: add/remove/get 2016-02-08 09:41:21 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot set user to same group twice', async function () {`
tests: cleanup common variables 2021-08-13 10:41:10 -07:00			`const [error] = await safe(groups.setMembership(admin.id, [ group0Object.id, group0Object.id ]));`
async'ify the groups code 2021-06-28 15:15:28 -07:00			`expect(error.reason).to.be(BoxError.CONFLICT);`
group members: add/remove/get 2016-02-08 09:41:21 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('can set user to multiple groups', async function () {`
tests: cleanup common variables 2021-08-13 10:41:10 -07:00			`await groups.setMembership(admin.id, [ group0Object.id, group1Object.id ]);`
group members: add/remove/get 2016-02-08 09:41:21 -08:00			`});`
Allow non-empty groups to be deleted 2016-02-13 11:55:30 +01:00
async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('can get groups membership', async function () {`
tests: cleanup common variables 2021-08-13 10:41:10 -07:00			`const groupIds = await groups.getMembership(admin.id);`
async'ify the groups code 2021-06-28 15:15:28 -07:00			`expect(groupIds.length).to.be(2);`
			`expect(groupIds.sort()).to.eql([ group0Object.id, group1Object.id ].sort());`
Allow non-empty groups to be deleted 2016-02-13 11:55:30 +01:00			`});`
Add route to set the users groups 2016-02-09 15:47:02 -08:00
make the tests work 2021-06-29 09:44:16 -07:00			`it('can list', async function () {`
			`const result = await groups.list();`
async'ify the groups code 2021-06-28 15:15:28 -07:00			`expect(result.length).to.be(2);`
			`expect(result[0].name).to.be(group0Name);`
			`expect(result[1].name).to.be(group1Name);`
Add route to set the users groups 2016-02-09 15:47:02 -08:00			`});`

make the tests work 2021-06-29 09:44:16 -07:00			`it('can listWithMembers', async function () {`
			`const result = await groups.listWithMembers();`
async'ify the groups code 2021-06-28 15:15:28 -07:00			`expect(result.length).to.be(2);`
			`expect(result[0].name).to.be(group0Name);`
tests: cleanup common variables 2021-08-13 10:41:10 -07:00			`expect(result[1].userIds).to.eql([ admin.id ]);`
async'ify the groups code 2021-06-28 15:15:28 -07:00			`expect(result[1].name).to.be(group1Name);`
groupMembers: add unique constraint 2020-12-22 10:34:19 -08:00			`});`

async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('cannot delete invalid group', async function () {`
			`const [error] = await safe(groups.remove('random'));`
			`expect(error.reason).to.be(BoxError.NOT_FOUND);`
			`});`
Add route to set the users groups 2016-02-09 15:47:02 -08:00
async'ify the groups code 2021-06-28 15:15:28 -07:00			`it('can delete valid group', async function () {`
tests: cleanup common variables 2021-08-13 10:41:10 -07:00			`await groups.setMembers(group0Object.id, [ admin.id, user.id ]); // ensure group has some members`
async'ify the groups code 2021-06-28 15:15:28 -07:00			`await groups.remove(group0Object.id);`
Add route to set the users groups 2016-02-09 15:47:02 -08:00			`});`
			`});`
group: cannot set name of ldap group 2024-01-19 22:28:48 +01:00
			`describe('update', function () {`
			`let groupObject;`

			`before(async function () {`
			`let [error, result] = await safe(groups.add({ name: 'kootam' }));`
			`expect(error).to.be(null);`
			`groupObject = result;`
			`});`

			`it('cannot set empty group name', async function () {`
			`const [error] = await safe(groups.setName(groupObject, ''));`
			`expect(error.reason).to.be(BoxError.BAD_FIELD);`
			`});`

			`it('cannot set bad group name', async function () {`
			`const [error] = await safe(groups.setName(groupObject, '!kootam'));`
			`expect(error.reason).to.be(BoxError.BAD_FIELD);`
			`});`

			`it('can set group name', async function () {`
			`await groups.setName(groupObject, 'kootam2');`
			`groupObject = await groups.get(groupObject.id);`
			`expect(groupObject.name).to.be('kootam2');`
			`});`

			`it('cannot change ldap group name', async function () {`
			`const result = await groups.add({ name: 'ldap-kootam', source: 'ldap' });`
			`const [error] = await safe(groups.setName(result, 'ldap-kootam2'));`
			`expect(error.reason).to.be(BoxError.BAD_STATE);`
			`});`
			`});`
Add route to set the users groups 2016-02-09 15:47:02 -08:00			`});`