Remove Oauth clients code

2020-02-06 16:57:33 +01:00
parent 2854462e0e
commit 2b6bf8d195
19 changed files with 105 additions and 1436 deletions
--- a/src/test/accesscontrol-test.js
+++ b/src/test/accesscontrol-test.js
@@ -10,71 +10,11 @@ var accesscontrol = require('../accesscontrol.js'),
    expect = require('expect.js');

 describe('access control', function () {
-    describe('canonicalScopeString', function () {
-        it('only * scope', function () {
-            expect(accesscontrol.canonicalScopeString('*')).to.be(accesscontrol.VALID_SCOPES.join(','));
-        });
-
-        it('identity for non-*', function () {
-            expect(accesscontrol.canonicalScopeString('foo,bar')).to.be('bar,foo'); // becomes sorted
-        });
+    describe('verifyToken', function () {
+        // FIXME
    });

-    describe('intersectScopes', function () { // args: allowed, wanted
-        it('both are same', function () {
-            expect(accesscontrol.intersectScopes([ 'apps', 'clients' ], [ 'apps', 'clients' ])).to.eql([ 'apps', 'clients' ]);
-        });
-
-        it('some are different', function () {
-            expect(accesscontrol.intersectScopes([ 'apps' ], [ 'apps', 'clients' ])).to.eql(['apps']);
-            expect(accesscontrol.intersectScopes([ 'clients', 'domains', 'mail' ], [ 'mail' ])).to.eql(['mail']);
-        });
-
-        it('everything is different', function () {
-            expect(accesscontrol.intersectScopes(['cloudron', 'domains' ], ['apps','clients'])).to.eql([]);
-        });
-
-        it('subscopes', function () {
-            expect(accesscontrol.intersectScopes(['apps:read' ], ['apps'])).to.eql(['apps:read']);
-            expect(accesscontrol.intersectScopes(['apps:read','domains','profile'], ['apps','domains:manage','profile'])).to.eql(['apps:read','domains:manage','profile']);
-            expect(accesscontrol.intersectScopes(['apps:read','domains','profile'], ['apps','apps:read'])).to.eql(['apps:read']);
-        });
-    });
-
-    describe('validateScopeString', function () {
-        it('allows valid scopes', function () {
-            expect(accesscontrol.validateScopeString('apps')).to.be(null);
-            expect(accesscontrol.validateScopeString('apps,mail')).to.be(null);
-            expect(accesscontrol.validateScopeString('apps:read,mail')).to.be(null);
-            expect(accesscontrol.validateScopeString('apps,mail:write')).to.be(null);
-        });
-
-        it('disallows invalid scopes', function () {
-            expect(accesscontrol.validateScopeString('apps, mail')).to.be.an(Error);
-            expect(accesscontrol.validateScopeString('random')).to.be.an(Error);
-            expect(accesscontrol.validateScopeString('')).to.be.an(Error);
-        });
-    });
-
-    describe('hasScopes', function () {
-        it('succeeds if it contains the scope', function () {
-            expect(accesscontrol.hasScopes([ 'apps' ], [ 'apps' ])).to.be(null);
-            expect(accesscontrol.hasScopes([ 'apps', 'mail' ], [ 'mail' ])).to.be(null);
-            expect(accesscontrol.hasScopes([ 'clients', '*', 'apps', 'mail' ], [ 'mail' ])).to.be(null);
-
-            // subscope
-            expect(accesscontrol.hasScopes([ 'apps' ], [ 'apps:read' ])).to.be(null);
-            expect(accesscontrol.hasScopes([ 'apps:read' ], [ 'apps:read' ])).to.be(null);
-            expect(accesscontrol.hasScopes([ 'apps' , 'mail' ], [ 'apps:*' ])).to.be(null);
-            expect(accesscontrol.hasScopes([ '*' ], [ 'apps:read' ])).to.be(null);
-        });
-
-        it('fails if it does not contain the scope', function () {
-            expect(accesscontrol.hasScopes([ 'apps' ], [ 'mail' ])).to.be.an(Error);
-            expect(accesscontrol.hasScopes([ 'apps', 'mail' ], [ 'clients' ])).to.be.an(Error);
-
-            // subscope
-            expect(accesscontrol.hasScopes([ 'apps:write' ], [ 'apps:read' ])).to.be.an(Error);
-        });
+    describe('hasRole', function () {
+        // FIXME
    });
 });
--- a/src/test/database-test.js
+++ b/src/test/database-test.js
@@ -10,7 +10,6 @@ var appdb = require('../appdb.js'),
    async = require('async'),
    backupdb = require('../backupdb.js'),
    BoxError = require('../boxerror.js'),
-    clientdb = require('../clientdb.js'),
    database = require('../database'),
    domaindb = require('../domaindb'),
    eventlogdb = require('../eventlogdb.js'),
@@ -723,7 +722,7 @@ describe('database', function () {
            identifier: '0',
            clientId: 'clientid-0',
            expires: Date.now() + 60 * 60000,
-            scope: 'clients'
+            scope: ''
        };
        var TOKEN_1 = {
            id: 'tid-1',
@@ -732,7 +731,7 @@ describe('database', function () {
            identifier: '1',
            clientId: 'clientid-1',
            expires: Number.MAX_SAFE_INTEGER,
-            scope: 'settings'
+            scope: ''
        };
        var TOKEN_2 = {
            id: 'tid-2',
@@ -741,7 +740,7 @@ describe('database', function () {
            identifier: '2',
            clientId: 'clientid-2',
            expires: Date.now(),
-            scope: 'apps'
+            scope: ''
        };

        it('add succeeds', function (done) {
@@ -1318,115 +1317,6 @@ describe('database', function () {
        });
    });

-    describe('client', function () {
-        var CLIENT_0 = {
-            id: 'cid-0',
-            appId: 'someappid_0',
-            type: 'typeisastring',
-            clientSecret: 'secret-0',
-            redirectURI: 'http://foo.bar',
-            scope: '*'
-
-        };
-        var CLIENT_1 = {
-            id: 'cid-1',
-            appId: 'someappid_1',
-            type: 'typeisastring',
-            clientSecret: 'secret-',
-            redirectURI: 'http://foo.bar',
-            scope: '*'
-        };
-
-        it('add succeeds', function (done) {
-            clientdb.add(CLIENT_0.id, CLIENT_0.appId, CLIENT_0.type, CLIENT_0.clientSecret, CLIENT_0.redirectURI, CLIENT_0.scope, function (error) {
-                expect(error).to.be(null);
-
-                clientdb.add(CLIENT_1.id, CLIENT_1.appId, CLIENT_0.type, CLIENT_1.clientSecret, CLIENT_1.redirectURI, CLIENT_1.scope, function (error) {
-                    expect(error).to.be(null);
-                    done();
-                });
-            });
-        });
-
-        it('add same client id fails', function (done) {
-            clientdb.add(CLIENT_0.id, CLIENT_0.appId, CLIENT_0.type, CLIENT_0.clientSecret, CLIENT_0.redirectURI, CLIENT_0.scope, function (error) {
-                expect(error).to.be.a(BoxError);
-                expect(error.reason).to.equal(BoxError.ALREADY_EXISTS);
-                done();
-            });
-        });
-
-        it('get succeeds', function (done) {
-            clientdb.get(CLIENT_0.id, function (error, result) {
-                expect(error).to.be(null);
-                expect(result).to.eql(CLIENT_0);
-                done();
-            });
-        });
-
-        it('getByAppId succeeds', function (done) {
-            clientdb.getByAppId(CLIENT_0.appId, function (error, result) {
-                expect(error).to.be(null);
-                expect(result).to.eql(CLIENT_0);
-                done();
-            });
-        });
-
-        it('getByAppIdAndType succeeds', function (done) {
-            clientdb.getByAppIdAndType(CLIENT_0.appId, CLIENT_0.type, function (error, result) {
-                expect(error).to.be(null);
-                expect(result).to.eql(CLIENT_0);
-                done();
-            });
-        });
-
-        it('getByAppId fails for unknown client id', function (done) {
-            clientdb.getByAppId(CLIENT_0.appId + CLIENT_0.appId, function (error, result) {
-                expect(error).to.be.a(BoxError);
-                expect(error.reason).to.equal(BoxError.NOT_FOUND);
-                expect(result).to.not.be.ok();
-                done();
-            });
-        });
-
-        it('getAll succeeds', function (done) {
-            clientdb.getAll(function (error, result) {
-                expect(error).to.be(null);
-                expect(result).to.be.an(Array);
-                expect(result.length).to.equal(5); // three built-in clients
-                expect(result[3]).to.eql(CLIENT_0);
-                expect(result[4]).to.eql(CLIENT_1);
-                done();
-            });
-        });
-
-        it('delByAppIdAndType succeeds', function (done) {
-            clientdb.delByAppIdAndType(CLIENT_1.appId, CLIENT_1.type, function (error) {
-                expect(error).to.be(null);
-
-                clientdb.getByAppIdAndType(CLIENT_1.appId, CLIENT_1.type, function (error, result) {
-                    expect(error).to.be.a(BoxError);
-                    expect(error.reason).to.equal(BoxError.NOT_FOUND);
-                    expect(result).to.not.be.ok();
-                    done();
-                });
-            });
-        });
-
-        it('delByAppId succeeds', function (done) {
-            clientdb.delByAppId(CLIENT_0.appId, function (error) {
-                expect(error).to.be(null);
-
-                clientdb.getByAppId(CLIENT_0.appId, function (error, result) {
-                    expect(error).to.be.a(BoxError);
-                    expect(error.reason).to.equal(BoxError.NOT_FOUND);
-                    expect(result).to.not.be.ok();
-                    done();
-                });
-            });
-        });
-    });
-
    describe('settings', function () {
        it('can set value', function (done) {
            settingsdb.set('somekey', 'somevalue', function (error) {