jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

groups: add events to eventlog

Browse Source
This commit is contained in:
Girish Ramakrishnan
2024-12-04 09:48:25 +01:00
parent fdf8025a02
commit 3b9d617e37
13 changed files with 113 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/test/directoryserver-test.js
+4 -4
View File
@@ -85,12 +85,12 @@ describe('Directory Server (LDAP)', function () {
directoryServer.start.bind(null),
directoryServer.setConfig.bind(null, { enabled: true, secret: auth.secret, allowlist: '127.0.0.1' }, auditSource),
async () => {
group = await groups.add({ name: 'ldap-test-1' });
await groups.setMembers(group, [ admin.id, user.id ], {});
group = await groups.add({ name: 'ldap-test-1' }, auditSource);
await groups.setMembers(group, [ admin.id, user.id ], {}, auditSource);
},
async () => {
group2 = await groups.add({ name: 'ldap-test-2' });
await groups.setMembers(group2, [ admin.id ], {});
group2 = await groups.add({ name: 'ldap-test-2' }, auditSource);
await groups.setMembers(group2, [ admin.id ], {}, auditSource);
}
], done);
});
src/test/externalldap-test.js
+5 -5
View File
@@ -500,7 +500,7 @@ describe('External LDAP', function () {
it('can set groups of external user when group sync is disabled', async function () {
const user = await users.getByUsername(ldapUsers[0].username);
await groups.setLocalMembership(user, []);
await groups.setLocalMembership(user, [], auditSource);
});
it('enable with groupSync', async function () {
@@ -544,7 +544,7 @@ describe('External LDAP', function () {
groupname: 'INTERNALgroup' // also tests lowercasing
});
await groups.add({ name: 'internalgroup' });
await groups.add({ name: 'internalgroup' }, auditSource);
await externalLdap.sync(function progress() {});
const result = await groups.list();
@@ -564,7 +564,7 @@ describe('External LDAP', function () {
const result = await groups.getByName('nonemptygroup');
expect(result).to.be.ok();
const result2 = await groups.getMembers(result.id);
const result2 = await groups.getMemberIds(result.id);
expect(result2.length).to.equal(2);
});
@@ -578,7 +578,7 @@ describe('External LDAP', function () {
const result = await groups.getByName('nonemptygroup');
expect(result).to.be.ok();
const result2 = await groups.getMembers(result.id);
const result2 = await groups.getMemberIds(result.id);
expect(result2.length).to.equal(2);
});
@@ -591,7 +591,7 @@ describe('External LDAP', function () {
await externalLdap.sync(function progress() {});
const result = await groups.getByName('onemembergroup');
const result2 = await groups.getMembers(result.id);
const result2 = await groups.getMemberIds(result.id);
expect(result2.length).to.equal(1);
const u = await users.get(result2[0]);
src/test/groups-test.js
+37 -49
View File
@@ -13,63 +13,65 @@ const BoxError = require('../boxerror.js'),
safe = require('safetydance');
describe('Groups', function () {
const { setup, cleanup, admin, user } = common;
const { setup, cleanup, admin, user, auditSource } = common;
before(setup);
after(cleanup);
let group0Name = 'administrators', group0Object;
let group1Name = 'externs', group1Object;
const group0Name = 'administrators';
let group0Object;
const group1Name = 'externs';
let group1Object;
describe('add', function () {
it('cannot add group - too small', async function () {
const [error] = await safe(groups.add({ name: '' }));
const [error] = await safe(groups.add({ name: '' }, auditSource));
expect(error.reason).to.be(BoxError.BAD_FIELD);
});
it('cannot add group - too big', async function () {
const [error] = await safe(groups.add({ name: new Array(256).join('a') }));
const [error] = await safe(groups.add({ name: new Array(256).join('a') }, auditSource));
expect(error.reason).to.be(BoxError.BAD_FIELD);
});
it('cannot add group - bad name', async function () {
const [error] = await safe(groups.add({ name: 'bad:name' }));
const [error] = await safe(groups.add({ name: 'bad:name' }, auditSource));
expect(error.reason).to.be(BoxError.BAD_FIELD);
});
it('cannot add group - reserved', async function () {
const [error] = await safe(groups.add({ name: 'users' }));
const [error] = await safe(groups.add({ name: 'users' }, auditSource));
expect(error.reason).to.be(BoxError.BAD_FIELD);
});
it('cannot add group - invalid', async function () {
const [error] = await safe(groups.add({ name: 'cloudron+admin' }));
const [error] = await safe(groups.add({ name: 'cloudron+admin' }, auditSource));
expect(error.reason).to.be(BoxError.BAD_FIELD);
});
it('cannot add group - invalid source', async function () {
const [error] = await safe(groups.add({ name: 'somegroup', source: 'unknownsource' }));
const [error] = await safe(groups.add({ name: 'somegroup', source: 'unknownsource' }, auditSource));
expect(error.reason).to.be(BoxError.BAD_FIELD);
});
it('can add valid groups', async function () {
let [error, result] = await safe(groups.add({ name: group0Name }));
let [error, result] = await safe(groups.add({ name: group0Name }, auditSource));
expect(error).to.be(null);
group0Object = result;
[error, result] = await safe(groups.add({ name: group1Name}));
[error, result] = await safe(groups.add({ name: group1Name}, auditSource));
expect(error).to.be(null);
group1Object = result;
});
it('cannot add existing group with mixed case', async function () {
const name = group0Name[0].toUpperCase() + group0Name.substr(1);
const [error] = await safe(groups.add({ name }));
const name = group0Name[0].toUpperCase() + group0Name.slice(1);
const [error] = await safe(groups.add({ name }, auditSource));
expect(error.reason).to.be(BoxError.ALREADY_EXISTS);
});
it('cannot add existing group', async function () {
const [error] = await safe(groups.add({name: group0Name }));
const [error] = await safe(groups.add({name: group0Name }, auditSource));
expect(error.reason).to.be(BoxError.ALREADY_EXISTS);
});
});
@@ -93,57 +95,43 @@ describe('Groups', function () {
});
it('can set members', async function () {
await groups.setMembers(group0Object, [ admin.id, user.id ], {});
await groups.setMembers(group0Object, [ admin.id, user.id ], {}, auditSource);
});
it('cannot set duplicate members', async function () {
const [error] = await safe(groups.setMembers(group0Object, [ admin.id, user.id, admin.id ], {}));
const [error] = await safe(groups.setMembers(group0Object, [ admin.id, user.id, admin.id ], {}, auditSource));
expect(error.reason).to.be(BoxError.CONFLICT);
});
it('can list users of group', async function () {
const result = await groups.getMembers(group0Object.id);
const result = await groups.getMemberIds(group0Object.id);
expect(result.sort()).to.eql([ admin.id, user.id ].sort());
});
it('cannot list members of non-existent group', async function () {
const result = await groups.getMembers('randomgroup');
const result = await groups.getMemberIds('randomgroup');
expect(result.length).to.be(0); // currently, we cannot differentiate invalid groups and empty groups
});
it('cannot delete non-existent member', async function () {
const [error] = await safe(groups.removeMember(group0Object.id, 'random'));
expect(error.reason).to.be(BoxError.NOT_FOUND);
});
it('cannot remove member from non-existent group', async function () {
const [error] = await safe(groups.removeMember('randomgroup', admin.id));
expect(error.reason).to.be(BoxError.NOT_FOUND);
});
it('can remove existing member', async function () {
await groups.removeMember(group0Object.id, user.id);
});
it('can getWithMembers', async function () {
const result = await groups.getWithMembers(group0Object.id);
expect(result.name).to.be(group0Name);
expect(result.userIds).to.eql([ admin.id ]);
expect(result.userIds).to.eql([ admin.id, user.id ]);
});
it('can set group membership', async function () {
await groups.setLocalMembership(admin, [ group0Object.id ]);
await groups.setLocalMembership(admin, [ group0Object.id ], auditSource);
const groupIds = await groups._getMembership(admin.id);
expect(groupIds.length).to.be(1);
});
it('cannot set user to same group twice', async function () {
const [error] = await safe(groups.setLocalMembership(admin, [ group0Object.id, group0Object.id ]));
const [error] = await safe(groups.setLocalMembership(admin, [ group0Object.id, group0Object.id ], auditSource));
expect(error.reason).to.be(BoxError.CONFLICT);
});
it('can set user to multiple groups', async function () {
await groups.setLocalMembership(admin, [ group0Object.id, group1Object.id ]);
await groups.setLocalMembership(admin, [ group0Object.id, group1Object.id ], auditSource);
});
it('can get groups membership', async function () {
@@ -172,13 +160,13 @@ describe('Groups', function () {
describe('delete', function () {
it('cannot delete invalid group', async function () {
const [error] = await safe(groups.del('random'));
const [error] = await safe(groups.del({ id: 'random' }, auditSource));
expect(error.reason).to.be(BoxError.NOT_FOUND);
});
it('can delete valid group', async function () {
await groups.setMembers(group0Object, [ admin.id, user.id ], {}); // ensure group has some members
await groups.del(group0Object.id);
await groups.setMembers(group0Object, [ admin.id, user.id ], {}, auditSource); // ensure group has some members
await groups.del(group0Object, auditSource);
});
});
@@ -186,23 +174,23 @@ describe('Groups', function () {
let groupObject;
before(async function () {
let [error, result] = await safe(groups.add({ name: 'kootam' }));
const [error, result] = await safe(groups.add({ name: 'kootam' }, auditSource));
expect(error).to.be(null);
groupObject = result;
});
it('cannot set empty group name', async function () {
const [error] = await safe(groups.setName(groupObject, ''));
const [error] = await safe(groups.setName(groupObject, '', auditSource));
expect(error.reason).to.be(BoxError.BAD_FIELD);
});
it('cannot set bad group name', async function () {
const [error] = await safe(groups.setName(groupObject, '!kootam'));
const [error] = await safe(groups.setName(groupObject, '!kootam', auditSource));
expect(error.reason).to.be(BoxError.BAD_FIELD);
});
it('can set group name', async function () {
await groups.setName(groupObject, 'kootam2');
await groups.setName(groupObject, 'kootam2', auditSource);
groupObject = await groups.get(groupObject.id);
expect(groupObject.name).to.be('kootam2');
});
@@ -212,27 +200,27 @@ describe('Groups', function () {
let ldapGroup;
before(async function () {
ldapGroup = await groups.add({ name: 'ldap-kootam', source: 'ldap' });
ldapGroup = await groups.add({ name: 'ldap-kootam', source: 'ldap' }, auditSource);
});
it('cannot change name', async function () {
const [error] = await safe(groups.setName(ldapGroup, 'ldap-kootam2'));
const [error] = await safe(groups.setName(ldapGroup, 'ldap-kootam2', auditSource));
expect(error.reason).to.be(BoxError.BAD_STATE);
});
it('cannot set members', async function () {
const [error] = await safe(groups.setMembers(ldapGroup, [ admin.id ], { skipSourceSkip: false }));
const [error] = await safe(groups.setMembers(ldapGroup, [ admin.id ], { skipSourceSkip: false }, auditSource));
expect(error.reason).to.be(BoxError.BAD_STATE);
});
it('cannot set membership', async function () {
const [error] = await safe(groups.setLocalMembership(admin, [ ldapGroup.id ]));
const [error] = await safe(groups.setLocalMembership(admin, [ ldapGroup.id ], auditSource));
expect(error.reason).to.be(BoxError.BAD_STATE);
});
it('does not clear remote membership', async function () {
await groups.setMembers(ldapGroup, [ admin.id ], { skipSourceCheck: true }); // would be called by ldap syncer
await groups.setLocalMembership(admin, [ group1Object.id ]);
await groups.setMembers(ldapGroup, [ admin.id ], { skipSourceCheck: true }, auditSource); // would be called by ldap syncer
await groups.setLocalMembership(admin, [ group1Object.id ], auditSource);
const groupIds = await groups._getMembership(admin.id);
expect(groupIds.length).to.be(2);
src/test/ldapserver-test.js
+4 -4
View File
@@ -78,12 +78,12 @@ describe('Ldap Server', function () {
async () => await mail.setAliases(mailboxName, domain.domain, [ { name: mailAliasName, domain: domain.domain}, { name: mailAliasWildcardName + '*', domain: domain.domain } ], auditSource),
ldapServer.start.bind(null),
async () => {
group = await groups.add({ name: 'ldap-test-1' });
await groups.setMembers(group, [ admin.id, user.id ], {});
group = await groups.add({ name: 'ldap-test-1' }, auditSource);
await groups.setMembers(group, [ admin.id, user.id ], {}, auditSource);
},
async () => {
group2 = await groups.add({ name: 'ldap-test-2' });
await groups.setMembers(group2, [ admin.id ], {});
group2 = await groups.add({ name: 'ldap-test-2' }, auditSource);
await groups.setMembers(group2, [ admin.id ], {}, auditSource);
}
], done);