From def7b613db462b7ea76b2b45e95ae779e1ef2839 Mon Sep 17 00:00:00 2001 From: Heiko Date: Mon, 11 Mar 2019 12:43:59 +0100 Subject: [PATCH] =?UTF-8?q?code=20now=20fits=20to=20the=20documentation=20?= =?UTF-8?q?of=20the=20arangoUser=20object=20inside=20th=E2=80=A6=20(#8352)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * code now fits to the documentation of the arangoUser object inside the foxx request object * more tests --- .../modules/@arangodb/foxx/router/request.js | 6 +- .../authentication/foxx-arango-auth-spec.js | 144 ++++++++++++++++++ 2 files changed, 149 insertions(+), 1 deletion(-) diff --git a/js/server/modules/@arangodb/foxx/router/request.js b/js/server/modules/@arangodb/foxx/router/request.js index d9bd18186f..b8780a6cfe 100644 --- a/js/server/modules/@arangodb/foxx/router/request.js +++ b/js/server/modules/@arangodb/foxx/router/request.js @@ -191,7 +191,11 @@ module.exports = } get arangoUser () { - return this._raw.user; + if (this._raw.authorized) { + return this._raw.user; + } else { + return null; + } } get arangoVersion () { diff --git a/tests/js/client/authentication/foxx-arango-auth-spec.js b/tests/js/client/authentication/foxx-arango-auth-spec.js index cebc596509..d1a4301008 100644 --- a/tests/js/client/authentication/foxx-arango-auth-spec.js +++ b/tests/js/client/authentication/foxx-arango-auth-spec.js @@ -40,4 +40,148 @@ describe('Foxx arangoUser', function () { expect(result.code).to.equal(200); expect(result.body).to.eql(JSON.stringify({user: 'root'})); }); + + it('should not set the arangoUser object if not authenticated correctly - used invalid password', function () { + const opts = { headers: { + authorization: ( + 'Basic ' + new Buffer('root:invalidpassword').toString('base64') + ) + }}; + const result = internal.download(url + mount, '', opts); + expect(result.code).to.equal(200); + expect(result.body).to.eql(JSON.stringify({user: null})); + }); + + it('should not set the arangoUser object if not authenticated correctly - used invalid username', function () { + const opts = { headers: { + authorization: ( + 'Basic ' + new Buffer('iamnotavaliduser:').toString('base64') + ) + }}; + const result = internal.download(url + mount, '', opts); + expect(result.code).to.equal(200); + expect(result.body).to.eql(JSON.stringify({user: null})); + }); + + it('should not set the arangoUser object if not authenticated correctly - used invalid username and password', function () { + const opts = { headers: { + authorization: ( + 'Basic ' + new Buffer('iamnotavaliduser:noriamavalidpassword').toString('base64') + ) + }}; + const result = internal.download(url + mount, '', opts); + expect(result.code).to.equal(200); + expect(result.body).to.eql(JSON.stringify({user: null})); + }); + + it('should not set the arangoUser object if not authenticated correctly - empty username and empty password', function () { + const opts = { headers: { + authorization: ( + 'Basic ' + new Buffer(':').toString('base64') + ) + }}; + const result = internal.download(url + mount, '', opts); + expect(result.code).to.equal(200); + expect(result.body).to.eql(JSON.stringify({user: null})); + }); + + it('should not set the arangoUser object if not authenticated correctly - empty password', function () { + const opts = { headers: { + authorization: ( + 'Basic ' + new Buffer('iamnotavaliduser:').toString('base64') + ) + }}; + const result = internal.download(url + mount, '', opts); + expect(result.code).to.equal(200); + expect(result.body).to.eql(JSON.stringify({user: null})); + }); + + it('should not set the arangoUser object if not authenticated correctly - empty user', function () { + const opts = { headers: { + authorization: ( + 'Basic ' + new Buffer(':somerandompass').toString('base64') + ) + }}; + const result = internal.download(url + mount, '', opts); + expect(result.code).to.equal(200); + expect(result.body).to.eql(JSON.stringify({user: null})); + }); + + it('should not set the arangoUser object if not authenticated correctly - empty string', function () { + const opts = { headers: { + authorization: ( + 'Basic ' + new Buffer('').toString('base64') + ) + }}; + const result = internal.download(url + mount, '', opts); + expect(result.code).to.equal(200); + expect(result.body).to.eql(JSON.stringify({user: null})); + }); + + it('should not set the arangoUser object if not authenticated correctly - str boolean true', function () { + const opts = { headers: { + authorization: ( + 'Basic ' + new Buffer('true').toString('base64') + ) + }}; + const result = internal.download(url + mount, '', opts); + expect(result.code).to.equal(200); + expect(result.body).to.eql(JSON.stringify({user: null})); + }); + + it('should not set the arangoUser object if not authenticated correctly - str boolean false', function () { + const opts = { headers: { + authorization: ( + 'Basic ' + new Buffer('false').toString('base64') + ) + }}; + const result = internal.download(url + mount, '', opts); + expect(result.code).to.equal(200); + expect(result.body).to.eql(JSON.stringify({user: null})); + }); + + it('should not set the arangoUser object if not authenticated correctly - str array', function () { + const opts = { headers: { + authorization: ( + 'Basic ' + new Buffer('[]').toString('base64') + ) + }}; + const result = internal.download(url + mount, '', opts); + expect(result.code).to.equal(200); + expect(result.body).to.eql(JSON.stringify({user: null})); + }); + + it('should not set the arangoUser object if not authenticated correctly - str obj', function () { + const opts = { headers: { + authorization: ( + 'Basic ' + new Buffer('{}').toString('base64') + ) + }}; + const result = internal.download(url + mount, '', opts); + expect(result.code).to.equal(200); + expect(result.body).to.eql(JSON.stringify({user: null})); + }); + + it('should not set the arangoUser object if not authenticated correctly - str array', function () { + const opts = { headers: { + authorization: ( + 'Basic ' + new Buffer([]).toString('base64') + ) + }}; + const result = internal.download(url + mount, '', opts); + expect(result.code).to.equal(200); + expect(result.body).to.eql(JSON.stringify({user: null})); + }); + + it('should not set the arangoUser object if not authenticated correctly - str obj', function () { + const opts = { headers: { + authorization: ( + 'Basic ' + new Buffer({}).toString('base64') + ) + }}; + const result = internal.download(url + mount, '', opts); + expect(result.code).to.equal(200); + expect(result.body).to.eql(JSON.stringify({user: null})); + }); + });