From 8ab8007c1d01e12a3352d5dd3392c5c70e22dfc4 Mon Sep 17 00:00:00 2001 From: juancarmore Date: Wed, 21 Jan 2026 19:49:36 +0100 Subject: [PATCH] test: update security tests to use admin login for authentication --- .../api/security/analytics-security.test.ts | 4 ++-- .../api/security/api-key-security.test.ts | 9 +++++++-- .../api/security/global-config-security.test.ts | 12 +++++------- .../api/security/meeting-security.test.ts | 9 +++++---- .../integration/api/security/user-security.test.ts | 10 +++++----- 5 files changed, 24 insertions(+), 20 deletions(-) diff --git a/meet-ce/backend/tests/integration/api/security/analytics-security.test.ts b/meet-ce/backend/tests/integration/api/security/analytics-security.test.ts index 814f163d..47f35ade 100644 --- a/meet-ce/backend/tests/integration/api/security/analytics-security.test.ts +++ b/meet-ce/backend/tests/integration/api/security/analytics-security.test.ts @@ -3,7 +3,7 @@ import { Express } from 'express'; import request from 'supertest'; import { INTERNAL_CONFIG } from '../../../../src/config/internal-config.js'; import { MEET_ENV } from '../../../../src/environment.js'; -import { loginUser, startTestServer } from '../../../helpers/request-helpers.js'; +import { loginAdminUser, startTestServer } from '../../../helpers/request-helpers.js'; const ANALYTICS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/analytics`; @@ -13,7 +13,7 @@ describe('Analytics API Security Tests', () => { beforeAll(async () => { app = await startTestServer(); - adminAccessToken = await loginUser(); + adminAccessToken = await loginAdminUser(); }); describe('Get Analytics Tests', () => { diff --git a/meet-ce/backend/tests/integration/api/security/api-key-security.test.ts b/meet-ce/backend/tests/integration/api/security/api-key-security.test.ts index 69481cfb..2a40f67f 100644 --- a/meet-ce/backend/tests/integration/api/security/api-key-security.test.ts +++ b/meet-ce/backend/tests/integration/api/security/api-key-security.test.ts @@ -2,7 +2,12 @@ import { afterAll, beforeAll, describe, expect, it } from '@jest/globals'; import { Express } from 'express'; import request from 'supertest'; import { INTERNAL_CONFIG } from '../../../../src/config/internal-config.js'; -import { generateApiKey, loginUser, restoreDefaultApiKeys, startTestServer } from '../../../helpers/request-helpers.js'; +import { + generateApiKey, + loginAdminUser, + restoreDefaultApiKeys, + startTestServer +} from '../../../helpers/request-helpers.js'; const API_KEYS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/api-keys`; @@ -12,7 +17,7 @@ describe('API Keys API Security Tests', () => { beforeAll(async () => { app = await startTestServer(); - adminAccessToken = await loginUser(); + adminAccessToken = await loginAdminUser(); }); afterAll(async () => { diff --git a/meet-ce/backend/tests/integration/api/security/global-config-security.test.ts b/meet-ce/backend/tests/integration/api/security/global-config-security.test.ts index 531bf866..c414544f 100644 --- a/meet-ce/backend/tests/integration/api/security/global-config-security.test.ts +++ b/meet-ce/backend/tests/integration/api/security/global-config-security.test.ts @@ -1,10 +1,10 @@ import { beforeAll, describe, expect, it } from '@jest/globals'; -import { AuthMode, AuthType, MeetRoomThemeMode } from '@openvidu-meet/typings'; +import { MeetRoomThemeMode } from '@openvidu-meet/typings'; import { Express } from 'express'; import request from 'supertest'; import { INTERNAL_CONFIG } from '../../../../src/config/internal-config.js'; import { MEET_ENV } from '../../../../src/environment.js'; -import { loginUser, restoreDefaultGlobalConfig, startTestServer } from '../../../helpers/request-helpers.js'; +import { loginAdminUser, restoreDefaultGlobalConfig, startTestServer } from '../../../helpers/request-helpers.js'; const CONFIG_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/config`; @@ -14,7 +14,7 @@ describe('Global Config API Security Tests', () => { beforeAll(async () => { app = await startTestServer(); - adminAccessToken = await loginUser(); + adminAccessToken = await loginAdminUser(); }); describe('Update Webhook Config Tests', () => { @@ -71,10 +71,8 @@ describe('Global Config API Security Tests', () => { describe('Update Security Config Tests', () => { const securityConfig = { authentication: { - authMethod: { - type: AuthType.SINGLE_USER - }, - authModeToAccessRoom: AuthMode.ALL_USERS + allowUserCreation: true, + oauthProviders: [] } }; diff --git a/meet-ce/backend/tests/integration/api/security/meeting-security.test.ts b/meet-ce/backend/tests/integration/api/security/meeting-security.test.ts index 14cc70f7..73c352bb 100644 --- a/meet-ce/backend/tests/integration/api/security/meeting-security.test.ts +++ b/meet-ce/backend/tests/integration/api/security/meeting-security.test.ts @@ -8,7 +8,7 @@ import { getPermissions } from '../../../helpers/assertion-helpers.js'; import { deleteAllRooms, disconnectFakeParticipants, - loginUser, + loginAdminUser, startTestServer, updateParticipantMetadata } from '../../../helpers/request-helpers.js'; @@ -24,7 +24,7 @@ describe('Meeting API Security Tests', () => { beforeAll(async () => { app = await startTestServer(); - adminAccessToken = await loginUser(); + adminAccessToken = await loginAdminUser(); }); beforeEach(async () => { @@ -82,8 +82,9 @@ describe('Meeting API Security Tests', () => { beforeEach(async () => { const metadata: MeetRoomMemberTokenMetadata = { livekitUrl: MEET_ENV.LIVEKIT_URL, - role: MeetRoomMemberRole.SPEAKER, - permissions: getPermissions(roomData.room.roomId, MeetRoomMemberRole.SPEAKER, true, true).meet + roomId: roomData.room.roomId, + baseRole: MeetRoomMemberRole.SPEAKER, + effectivePermissions: getPermissions(MeetRoomMemberRole.SPEAKER) }; await updateParticipantMetadata(roomData.room.roomId, PARTICIPANT_NAME, metadata); }); diff --git a/meet-ce/backend/tests/integration/api/security/user-security.test.ts b/meet-ce/backend/tests/integration/api/security/user-security.test.ts index 436a0bdf..300bf632 100644 --- a/meet-ce/backend/tests/integration/api/security/user-security.test.ts +++ b/meet-ce/backend/tests/integration/api/security/user-security.test.ts @@ -3,7 +3,7 @@ import { Express } from 'express'; import request from 'supertest'; import { INTERNAL_CONFIG } from '../../../../src/config/internal-config.js'; import { MEET_ENV } from '../../../../src/environment.js'; -import { changePassword, loginUser, startTestServer } from '../../../helpers/request-helpers.js'; +import { changePassword, loginAdminUser, startTestServer } from '../../../helpers/request-helpers.js'; const USERS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/users`; @@ -18,18 +18,18 @@ describe('User API Security Tests', () => { let adminAccessToken: string; beforeAll(async () => { - adminAccessToken = await loginUser(); + adminAccessToken = await loginAdminUser(); }); it('should succeed when user is authenticated as admin', async () => { const response = await request(app) - .get(`${USERS_PATH}/profile`) + .get(`${USERS_PATH}/me`) .set(INTERNAL_CONFIG.ACCESS_TOKEN_HEADER, adminAccessToken); expect(response.status).toBe(200); }); it('should fail when user is not authenticated', async () => { - const response = await request(app).get(`${USERS_PATH}/profile`); + const response = await request(app).get(`${USERS_PATH}/me`); expect(response.status).toBe(401); }); }); @@ -43,7 +43,7 @@ describe('User API Security Tests', () => { let adminAccessToken: string; beforeAll(async () => { - adminAccessToken = await loginUser(); + adminAccessToken = await loginAdminUser(); }); it('should succeed when user is authenticated as admin', async () => {