tests: Refactor security tests to use setupSingleRoom for room data management
This commit is contained in:
juancarmore
parent
e6173e1748
commit
46bd1bcca8
@ -1,113 +1,77 @@
|
||||
import { afterAll, beforeAll, describe, expect, it } from '@jest/globals';
|
||||
import { afterAll, beforeAll, beforeEach, describe, expect, it } from '@jest/globals';
|
||||
import { Express } from 'express';
|
||||
import request from 'supertest';
|
||||
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
|
||||
import { MeetRoomHelper } from '../../../../src/helpers/room.helper.js';
|
||||
import { UserRole } from '../../../../src/typings/ce/index.js';
|
||||
import {
|
||||
createRoom,
|
||||
deleteAllRooms,
|
||||
generateParticipantToken,
|
||||
loginUserAsRole,
|
||||
startTestServer
|
||||
} from '../../../helpers/request-helpers.js';
|
||||
import { deleteAllRooms, disconnectFakeParticipants, startTestServer } from '../../../helpers/request-helpers.js';
|
||||
import { RoomData, setupSingleRoom } from '../../../helpers/test-scenarios.js';
|
||||
|
||||
const MEETINGS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/meetings`;
|
||||
|
||||
describe('Meeting API Security Tests', () => {
|
||||
let app: Express;
|
||||
let roomId: string;
|
||||
let roomData: RoomData;
|
||||
|
||||
let adminCookie: string;
|
||||
let moderatorCookie: string;
|
||||
let publisherCookie: string;
|
||||
|
||||
beforeAll(async () => {
|
||||
beforeAll(() => {
|
||||
app = startTestServer();
|
||||
});
|
||||
|
||||
// Get cookie for admin
|
||||
adminCookie = await loginUserAsRole(UserRole.ADMIN);
|
||||
|
||||
// Create a room and extract the roomId
|
||||
const room = await createRoom();
|
||||
roomId = room.roomId;
|
||||
|
||||
// Extract the room secrets and generate participant tokens, saved as cookies
|
||||
const { moderatorSecret, publisherSecret } = MeetRoomHelper.extractSecretsFromRoom(room);
|
||||
moderatorCookie = await generateParticipantToken(adminCookie, roomId, 'Moderator', moderatorSecret);
|
||||
publisherCookie = await generateParticipantToken(adminCookie, roomId, 'Publisher', publisherSecret);
|
||||
beforeEach(async () => {
|
||||
roomData = await setupSingleRoom(true);
|
||||
});
|
||||
|
||||
afterAll(async () => {
|
||||
await disconnectFakeParticipants();
|
||||
await deleteAllRooms();
|
||||
}, 20000);
|
||||
});
|
||||
|
||||
describe('End Meeting Tests', () => {
|
||||
it('should succeed when participant is moderator', async () => {
|
||||
const response = await request(app).delete(`${MEETINGS_PATH}/${roomId}`).set('Cookie', moderatorCookie);
|
||||
const response = await request(app)
|
||||
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}`)
|
||||
.set('Cookie', roomData.moderatorCookie);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should fail when participant is moderator of a different room', async () => {
|
||||
// Create a new room to get a different roomId
|
||||
const newRoom = await createRoom();
|
||||
const newRoomId = newRoom.roomId;
|
||||
const newRoomData = await setupSingleRoom();
|
||||
|
||||
// Extract the moderator secret and generate a participant token for the new room
|
||||
const { moderatorSecret } = MeetRoomHelper.extractSecretsFromRoom(newRoom);
|
||||
const newModeratorCookie = await generateParticipantToken(
|
||||
adminCookie,
|
||||
newRoomId,
|
||||
'Moderator',
|
||||
moderatorSecret
|
||||
);
|
||||
|
||||
const response = await request(app).delete(`${MEETINGS_PATH}/${roomId}`).set('Cookie', newModeratorCookie);
|
||||
const response = await request(app)
|
||||
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}`)
|
||||
.set('Cookie', newRoomData.moderatorCookie);
|
||||
expect(response.status).toBe(403);
|
||||
});
|
||||
|
||||
it('should fail when participant is publisher', async () => {
|
||||
const response = await request(app).delete(`${MEETINGS_PATH}/${roomId}`).set('Cookie', publisherCookie);
|
||||
const response = await request(app)
|
||||
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}`)
|
||||
.set('Cookie', roomData.publisherCookie);
|
||||
expect(response.status).toBe(403);
|
||||
});
|
||||
});
|
||||
|
||||
describe('Delete Participant from Meeting Tests', () => {
|
||||
const PARTICIPANT_NAME = 'testParticipant';
|
||||
const PARTICIPANT_NAME = 'TEST_PARTICIPANT';
|
||||
|
||||
it('should succeed when participant is moderator', async () => {
|
||||
const response = await request(app)
|
||||
.delete(`${MEETINGS_PATH}/${roomId}/participants/${PARTICIPANT_NAME}`)
|
||||
.set('Cookie', moderatorCookie);
|
||||
|
||||
// The response code should be 404 to consider a success because there is no real participant inside the room
|
||||
expect(response.status).toBe(404);
|
||||
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`)
|
||||
.set('Cookie', roomData.moderatorCookie);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should fail when participant is moderator of a different room', async () => {
|
||||
// Create a new room to get a different roomId
|
||||
const newRoom = await createRoom();
|
||||
const newRoomId = newRoom.roomId;
|
||||
|
||||
// Extract the moderator secret and generate a participant token for the new room
|
||||
const { moderatorSecret } = MeetRoomHelper.extractSecretsFromRoom(newRoom);
|
||||
const newModeratorCookie = await generateParticipantToken(
|
||||
adminCookie,
|
||||
newRoomId,
|
||||
'Moderator',
|
||||
moderatorSecret
|
||||
);
|
||||
const newRoomData = await setupSingleRoom();
|
||||
|
||||
const response = await request(app)
|
||||
.delete(`${MEETINGS_PATH}/${roomId}/participants/${PARTICIPANT_NAME}`)
|
||||
.set('Cookie', newModeratorCookie);
|
||||
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`)
|
||||
.set('Cookie', newRoomData.moderatorCookie);
|
||||
expect(response.status).toBe(403);
|
||||
});
|
||||
|
||||
it('should fail when participant is publisher', async () => {
|
||||
const response = await request(app)
|
||||
.delete(`${MEETINGS_PATH}/${roomId}/participants/${PARTICIPANT_NAME}`)
|
||||
.set('Cookie', publisherCookie);
|
||||
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`)
|
||||
.set('Cookie', roomData.publisherCookie);
|
||||
expect(response.status).toBe(403);
|
||||
});
|
||||
});
|
||||
|
||||
@ -2,267 +2,249 @@ import { afterAll, beforeAll, describe, expect, it } from '@jest/globals';
|
||||
import { Express } from 'express';
|
||||
import request from 'supertest';
|
||||
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
|
||||
import { MeetRoomHelper } from '../../../../src/helpers/room.helper.js';
|
||||
import { AuthMode, UserRole } from '../../../../src/typings/ce/index.js';
|
||||
import {
|
||||
changeSecurityPreferences,
|
||||
createRoom,
|
||||
deleteAllRooms,
|
||||
disconnectFakeParticipants,
|
||||
loginUserAsRole,
|
||||
startTestServer
|
||||
} from '../../../helpers/request-helpers.js';
|
||||
import { RoomData, setupSingleRoom } from '../../../helpers/test-scenarios.js';
|
||||
|
||||
const PARTICIPANTS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/participants`;
|
||||
|
||||
describe('Participant API Security Tests', () => {
|
||||
const PARTICIPANT_NAME = 'testParticipant';
|
||||
const PARTICIPANT_NAME = 'TEST_PARTICIPANT';
|
||||
|
||||
let app: Express;
|
||||
|
||||
let userCookie: string;
|
||||
let adminCookie: string;
|
||||
|
||||
let roomId: string;
|
||||
let moderatorSecret: string;
|
||||
let publisherSecret: string;
|
||||
let roomData: RoomData;
|
||||
|
||||
beforeAll(async () => {
|
||||
app = startTestServer();
|
||||
|
||||
// Get cookies for admin and user
|
||||
userCookie = await loginUserAsRole(UserRole.USER);
|
||||
adminCookie = await loginUserAsRole(UserRole.ADMIN);
|
||||
|
||||
// Create a room and extract the roomId
|
||||
const room = await createRoom();
|
||||
roomId = room.roomId;
|
||||
|
||||
// Extract the moderator and publisher secrets from the room
|
||||
({ moderatorSecret, publisherSecret } = MeetRoomHelper.extractSecretsFromRoom(room));
|
||||
});
|
||||
|
||||
afterAll(async () => {
|
||||
await disconnectFakeParticipants();
|
||||
await deleteAllRooms();
|
||||
}, 20000);
|
||||
});
|
||||
|
||||
describe('Generate Participant Token Tests', () => {
|
||||
beforeAll(async () => {
|
||||
roomData = await setupSingleRoom();
|
||||
});
|
||||
|
||||
it('should succeed when no authentication is required and participant is publisher', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.NONE });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.NONE });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: publisherSecret
|
||||
secret: roomData.publisherSecret
|
||||
});
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should succeed when no authentication is required and participant is moderator', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.NONE });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.NONE });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: moderatorSecret
|
||||
secret: roomData.moderatorSecret
|
||||
});
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should succeed when authentication is required for moderator and participant is publisher', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.MODERATORS_ONLY });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: publisherSecret
|
||||
secret: roomData.publisherSecret
|
||||
});
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should succeed when authentication is required for moderator, participant is moderator and authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.MODERATORS_ONLY });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).set('Cookie', userCookie).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: moderatorSecret
|
||||
secret: roomData.moderatorSecret
|
||||
});
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should fail when authentication is required for moderator and participant is moderator but not authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.MODERATORS_ONLY });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: moderatorSecret
|
||||
secret: roomData.moderatorSecret
|
||||
});
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
it('should succeed when authentication is required for all users, participant is publisher and authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).set('Cookie', userCookie).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: publisherSecret
|
||||
secret: roomData.publisherSecret
|
||||
});
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should fail when authentication is required for all users and participant is publisher but not authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: publisherSecret
|
||||
secret: roomData.publisherSecret
|
||||
});
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
it('should succeed when authentication is required for all users, participant is moderator and authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).set('Cookie', userCookie).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: moderatorSecret
|
||||
secret: roomData.moderatorSecret
|
||||
});
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should fail when authentication is required for all users and participant is moderator but not authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: moderatorSecret
|
||||
secret: roomData.moderatorSecret
|
||||
});
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
});
|
||||
|
||||
describe('Refresh Participant Token Tests', () => {
|
||||
beforeAll(async () => {
|
||||
roomData = await setupSingleRoom(true);
|
||||
});
|
||||
|
||||
it('should succeed when no authentication is required and participant is publisher', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.NONE });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.NONE });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token/refresh`).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: publisherSecret
|
||||
secret: roomData.publisherSecret
|
||||
});
|
||||
|
||||
// The response code should be 404 to consider a success because there is no real participant inside the room
|
||||
expect(response.status).toBe(404);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should succeed when no authentication is required and participant is moderator', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.NONE });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.NONE });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token/refresh`).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: moderatorSecret
|
||||
secret: roomData.moderatorSecret
|
||||
});
|
||||
|
||||
// The response code should be 404 to consider a success because there is no real participant inside the room
|
||||
expect(response.status).toBe(404);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should succeed when authentication is required for moderator and participant is publisher', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.MODERATORS_ONLY });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token/refresh`).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: publisherSecret
|
||||
secret: roomData.publisherSecret
|
||||
});
|
||||
|
||||
// The response code should be 404 to consider a success because there is no real participant inside the room
|
||||
expect(response.status).toBe(404);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should succeed when authentication is required for moderator, participant is moderator and authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.MODERATORS_ONLY });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY });
|
||||
|
||||
const response = await request(app)
|
||||
.post(`${PARTICIPANTS_PATH}/token/refresh`)
|
||||
.set('Cookie', userCookie)
|
||||
.send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: moderatorSecret
|
||||
secret: roomData.moderatorSecret
|
||||
});
|
||||
|
||||
// The response code should be 404 to consider a success because there is no real participant inside the room
|
||||
expect(response.status).toBe(404);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should fail when authentication is required for moderator and participant is moderator but not authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.MODERATORS_ONLY });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token/refresh`).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: moderatorSecret
|
||||
secret: roomData.moderatorSecret
|
||||
});
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
it('should succeed when authentication is required for all users, participant is publisher and authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS });
|
||||
|
||||
const response = await request(app)
|
||||
.post(`${PARTICIPANTS_PATH}/token/refresh`)
|
||||
.set('Cookie', userCookie)
|
||||
.send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: publisherSecret
|
||||
secret: roomData.publisherSecret
|
||||
});
|
||||
|
||||
// The response code should be 404 to consider a success because there is no real participant inside the room
|
||||
expect(response.status).toBe(404);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should fail when authentication is required for all users and participant is publisher but not authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token/refresh`).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: publisherSecret
|
||||
secret: roomData.publisherSecret
|
||||
});
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
it('should succeed when authentication is required for all users, participant is moderator and authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS });
|
||||
|
||||
const response = await request(app)
|
||||
.post(`${PARTICIPANTS_PATH}/token/refresh`)
|
||||
.set('Cookie', userCookie)
|
||||
.send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: moderatorSecret
|
||||
secret: roomData.moderatorSecret
|
||||
});
|
||||
|
||||
// The response code should be 404 to consider a success because there is no real participant inside the room
|
||||
expect(response.status).toBe(404);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should fail when authentication is required for all users and participant is moderator but not authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS });
|
||||
await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS });
|
||||
|
||||
const response = await request(app).post(`${PARTICIPANTS_PATH}/token/refresh`).send({
|
||||
roomId,
|
||||
roomId: roomData.room.roomId,
|
||||
participantName: PARTICIPANT_NAME,
|
||||
secret: moderatorSecret
|
||||
secret: roomData.moderatorSecret
|
||||
});
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
@ -3,15 +3,9 @@ import { Express } from 'express';
|
||||
import request from 'supertest';
|
||||
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
|
||||
import { MEET_API_KEY } from '../../../../src/environment.js';
|
||||
import { MeetRoomHelper } from '../../../../src/helpers/room.helper.js';
|
||||
import { UserRole } from '../../../../src/typings/ce/index.js';
|
||||
import {
|
||||
createRoom,
|
||||
deleteAllRooms,
|
||||
generateParticipantToken,
|
||||
loginUserAsRole,
|
||||
startTestServer
|
||||
} from '../../../helpers/request-helpers.js';
|
||||
import { deleteAllRooms, loginUserAsRole, startTestServer } from '../../../helpers/request-helpers.js';
|
||||
import { RoomData, setupSingleRoom } from '../../../helpers/test-scenarios.js';
|
||||
|
||||
const RECORDINGS_PATH = `${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings`;
|
||||
const INTERNAL_RECORDINGS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/recordings`;
|
||||
@ -22,12 +16,9 @@ describe('Recording API Security Tests', () => {
|
||||
let userCookie: string;
|
||||
let adminCookie: string;
|
||||
|
||||
let roomId: string;
|
||||
let roomData: RoomData;
|
||||
let recordingId: string;
|
||||
|
||||
let moderatorCookie: string;
|
||||
let publisherCookie: string;
|
||||
|
||||
beforeAll(async () => {
|
||||
app = startTestServer();
|
||||
|
||||
@ -36,26 +27,20 @@ describe('Recording API Security Tests', () => {
|
||||
adminCookie = await loginUserAsRole(UserRole.ADMIN);
|
||||
|
||||
// Create a room and extract the roomId
|
||||
const room = await createRoom();
|
||||
roomId = room.roomId;
|
||||
recordingId = `${roomId}--EG_recordingId--uid`;
|
||||
|
||||
// Extract the room secrets and generate participant tokens, saved as cookies
|
||||
const { moderatorSecret, publisherSecret } = MeetRoomHelper.extractSecretsFromRoom(room);
|
||||
moderatorCookie = await generateParticipantToken(adminCookie, roomId, 'Moderator', moderatorSecret);
|
||||
publisherCookie = await generateParticipantToken(adminCookie, roomId, 'Publisher', publisherSecret);
|
||||
roomData = await setupSingleRoom();
|
||||
recordingId = `${roomData.room.roomId}--EG_recordingId--uid`;
|
||||
});
|
||||
|
||||
afterAll(async () => {
|
||||
await deleteAllRooms();
|
||||
}, 20000);
|
||||
});
|
||||
|
||||
describe('Start Recording Tests', () => {
|
||||
it('should succeed when participant is moderator', async () => {
|
||||
const response = await request(app)
|
||||
.post(INTERNAL_RECORDINGS_PATH)
|
||||
.send({ roomId })
|
||||
.set('Cookie', moderatorCookie);
|
||||
.send({ roomId: roomData.room.roomId })
|
||||
.set('Cookie', roomData.moderatorCookie);
|
||||
|
||||
// The response code should be 409 to consider a success
|
||||
// This is because there is no real participant inside the room and the recording will fail
|
||||
@ -63,31 +48,20 @@ describe('Recording API Security Tests', () => {
|
||||
});
|
||||
|
||||
it('should fail when participant is moderator of a different room', async () => {
|
||||
// Create a new room to get a different roomId
|
||||
const newRoom = await createRoom();
|
||||
const newRoomId = newRoom.roomId;
|
||||
|
||||
// Extract the moderator secret and generate a participant token for the new room
|
||||
const { moderatorSecret } = MeetRoomHelper.extractSecretsFromRoom(newRoom);
|
||||
const newModeratorCookie = await generateParticipantToken(
|
||||
adminCookie,
|
||||
newRoomId,
|
||||
'Moderator',
|
||||
moderatorSecret
|
||||
);
|
||||
const newRoomData = await setupSingleRoom();
|
||||
|
||||
const response = await request(app)
|
||||
.post(INTERNAL_RECORDINGS_PATH)
|
||||
.send({ roomId })
|
||||
.set('Cookie', newModeratorCookie);
|
||||
.send({ roomId: roomData.room.roomId })
|
||||
.set('Cookie', newRoomData.moderatorCookie);
|
||||
expect(response.status).toBe(403);
|
||||
});
|
||||
|
||||
it('should fail when participant is publisher', async () => {
|
||||
const response = await request(app)
|
||||
.post(INTERNAL_RECORDINGS_PATH)
|
||||
.send({ roomId })
|
||||
.set('Cookie', publisherCookie);
|
||||
.send({ roomId: roomData.room.roomId })
|
||||
.set('Cookie', roomData.publisherCookie);
|
||||
expect(response.status).toBe(403);
|
||||
});
|
||||
});
|
||||
@ -96,35 +70,24 @@ describe('Recording API Security Tests', () => {
|
||||
it('should succeed when participant is moderator', async () => {
|
||||
const response = await request(app)
|
||||
.post(`${INTERNAL_RECORDINGS_PATH}/${recordingId}/stop`)
|
||||
.set('Cookie', moderatorCookie);
|
||||
.set('Cookie', roomData.moderatorCookie);
|
||||
// The response code should be 404 to consider a success because the recording does not exist
|
||||
expect(response.status).toBe(404);
|
||||
});
|
||||
|
||||
it('should fail when participant is moderator of a different room', async () => {
|
||||
// Create a new room to get a different roomId
|
||||
const newRoom = await createRoom();
|
||||
const newRoomId = newRoom.roomId;
|
||||
|
||||
// Extract the moderator secret and generate a participant token for the new room
|
||||
const { moderatorSecret } = MeetRoomHelper.extractSecretsFromRoom(newRoom);
|
||||
const newModeratorCookie = await generateParticipantToken(
|
||||
adminCookie,
|
||||
newRoomId,
|
||||
'Moderator',
|
||||
moderatorSecret
|
||||
);
|
||||
const newRoomData = await setupSingleRoom();
|
||||
|
||||
const response = await request(app)
|
||||
.post(`${INTERNAL_RECORDINGS_PATH}/${recordingId}/stop`)
|
||||
.set('Cookie', newModeratorCookie);
|
||||
.set('Cookie', newRoomData.moderatorCookie);
|
||||
expect(response.status).toBe(403);
|
||||
});
|
||||
|
||||
it('should fail when participant is publisher', async () => {
|
||||
const response = await request(app)
|
||||
.post(`${INTERNAL_RECORDINGS_PATH}/${recordingId}/stop`)
|
||||
.set('Cookie', publisherCookie);
|
||||
.set('Cookie', roomData.publisherCookie);
|
||||
expect(response.status).toBe(403);
|
||||
});
|
||||
});
|
||||
|
||||
@ -9,10 +9,10 @@ import {
|
||||
changeSecurityPreferences,
|
||||
createRoom,
|
||||
deleteAllRooms,
|
||||
generateParticipantToken,
|
||||
loginUserAsRole,
|
||||
startTestServer
|
||||
} from '../../../helpers/request-helpers.js';
|
||||
import { RoomData, setupSingleRoom } from '../../../helpers/test-scenarios.js';
|
||||
|
||||
const ROOMS_PATH = `${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`;
|
||||
const INTERNAL_ROOMS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/rooms`;
|
||||
@ -32,11 +32,11 @@ describe('Room API Security Tests', () => {
|
||||
|
||||
afterAll(async () => {
|
||||
await deleteAllRooms();
|
||||
}, 20000);
|
||||
});
|
||||
|
||||
describe('Create Room Tests', () => {
|
||||
it('should succeed when users cannot create rooms, and request includes API key', async () => {
|
||||
await changeSecurityPreferences(adminCookie, {
|
||||
await changeSecurityPreferences({
|
||||
usersCanCreateRooms: false
|
||||
});
|
||||
|
||||
@ -48,7 +48,7 @@ describe('Room API Security Tests', () => {
|
||||
});
|
||||
|
||||
it('should succeed when users cannot create rooms, and user is authenticated as admin', async () => {
|
||||
await changeSecurityPreferences(adminCookie, {
|
||||
await changeSecurityPreferences({
|
||||
usersCanCreateRooms: false
|
||||
});
|
||||
|
||||
@ -57,7 +57,7 @@ describe('Room API Security Tests', () => {
|
||||
});
|
||||
|
||||
it('should fail when users cannot create rooms, and user is authenticated as user', async () => {
|
||||
await changeSecurityPreferences(adminCookie, {
|
||||
await changeSecurityPreferences({
|
||||
usersCanCreateRooms: false
|
||||
});
|
||||
|
||||
@ -66,7 +66,7 @@ describe('Room API Security Tests', () => {
|
||||
});
|
||||
|
||||
it('should fail when users cannot create rooms, and user is not authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, {
|
||||
await changeSecurityPreferences({
|
||||
usersCanCreateRooms: false
|
||||
});
|
||||
|
||||
@ -75,7 +75,7 @@ describe('Room API Security Tests', () => {
|
||||
});
|
||||
|
||||
it('should succeed when users can create rooms and auth is not required, and user is not authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, {
|
||||
await changeSecurityPreferences({
|
||||
usersCanCreateRooms: true,
|
||||
authRequired: false
|
||||
});
|
||||
@ -85,7 +85,7 @@ describe('Room API Security Tests', () => {
|
||||
});
|
||||
|
||||
it('should succeed when users can create rooms and auth is required, and user is authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, {
|
||||
await changeSecurityPreferences({
|
||||
usersCanCreateRooms: true,
|
||||
authRequired: true
|
||||
});
|
||||
@ -95,7 +95,7 @@ describe('Room API Security Tests', () => {
|
||||
});
|
||||
|
||||
it('should fail when users can create rooms and auth is required, and user is not authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, {
|
||||
await changeSecurityPreferences({
|
||||
usersCanCreateRooms: true,
|
||||
authRequired: true
|
||||
});
|
||||
@ -163,111 +163,102 @@ describe('Room API Security Tests', () => {
|
||||
});
|
||||
|
||||
describe('Get Room Tests', () => {
|
||||
let roomId: string;
|
||||
let moderatorCookie: string;
|
||||
let publisherCookie: string;
|
||||
let roomData: RoomData;
|
||||
|
||||
beforeAll(async () => {
|
||||
const room = await createRoom();
|
||||
roomId = room.roomId;
|
||||
|
||||
// Extract the room secrets and generate participant tokens, saved as cookies
|
||||
const { moderatorSecret, publisherSecret } = MeetRoomHelper.extractSecretsFromRoom(room);
|
||||
moderatorCookie = await generateParticipantToken(adminCookie, roomId, 'Moderator', moderatorSecret);
|
||||
publisherCookie = await generateParticipantToken(adminCookie, roomId, 'Publisher', publisherSecret);
|
||||
roomData = await setupSingleRoom();
|
||||
});
|
||||
|
||||
it('should succeed when request includes API key', async () => {
|
||||
const response = await request(app)
|
||||
.get(`${ROOMS_PATH}/${roomId}`)
|
||||
.get(`${ROOMS_PATH}/${roomData.room.roomId}`)
|
||||
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should succeed when user is authenticated as admin', async () => {
|
||||
const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', adminCookie);
|
||||
const response = await request(app).get(`${ROOMS_PATH}/${roomData.room.roomId}`).set('Cookie', adminCookie);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should fail when user is authenticated as user', async () => {
|
||||
const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', userCookie);
|
||||
const response = await request(app).get(`${ROOMS_PATH}/${roomData.room.roomId}`).set('Cookie', userCookie);
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
it('should fail when user is not authenticated', async () => {
|
||||
const response = await request(app).get(`${ROOMS_PATH}/${roomId}`);
|
||||
const response = await request(app).get(`${ROOMS_PATH}/${roomData.room.roomId}`);
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
it('should fail when participant is publisher', async () => {
|
||||
const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', publisherCookie);
|
||||
const response = await request(app)
|
||||
.get(`${ROOMS_PATH}/${roomData.room.roomId}`)
|
||||
.set('Cookie', roomData.publisherCookie);
|
||||
expect(response.status).toBe(403);
|
||||
});
|
||||
|
||||
it('should fail when participant is moderator of a different room', async () => {
|
||||
// Create a new room to get a different roomId
|
||||
const newRoom = await createRoom();
|
||||
const newRoomId = newRoom.roomId;
|
||||
const newRoomData = await setupSingleRoom();
|
||||
|
||||
// Extract the moderator secret and generate a participant token for the new room
|
||||
const { moderatorSecret } = MeetRoomHelper.extractSecretsFromRoom(newRoom);
|
||||
const newModeratorCookie = await generateParticipantToken(
|
||||
adminCookie,
|
||||
newRoomId,
|
||||
'Moderator',
|
||||
moderatorSecret
|
||||
);
|
||||
|
||||
const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', newModeratorCookie);
|
||||
const response = await request(app)
|
||||
.get(`${ROOMS_PATH}/${roomData.room.roomId}`)
|
||||
.set('Cookie', newRoomData.moderatorCookie);
|
||||
expect(response.status).toBe(403);
|
||||
});
|
||||
|
||||
it('should succeed when no authentication is required and participant is moderator', async () => {
|
||||
await changeSecurityPreferences(adminCookie, {
|
||||
await changeSecurityPreferences({
|
||||
authMode: AuthMode.NONE
|
||||
});
|
||||
|
||||
const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', moderatorCookie);
|
||||
const response = await request(app)
|
||||
.get(`${ROOMS_PATH}/${roomData.room.roomId}`)
|
||||
.set('Cookie', roomData.moderatorCookie);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should succeed when authentication is required for moderators, participant is moderator and user is authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, {
|
||||
await changeSecurityPreferences({
|
||||
authMode: AuthMode.MODERATORS_ONLY
|
||||
});
|
||||
|
||||
const response = await request(app)
|
||||
.get(`${ROOMS_PATH}/${roomId}`)
|
||||
.set('Cookie', [moderatorCookie, userCookie]);
|
||||
.get(`${ROOMS_PATH}/${roomData.room.roomId}`)
|
||||
.set('Cookie', [roomData.moderatorCookie, userCookie]);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should fail when authentication is required for moderators, participant is moderator and user is not authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, {
|
||||
await changeSecurityPreferences({
|
||||
authMode: AuthMode.MODERATORS_ONLY
|
||||
});
|
||||
|
||||
const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', moderatorCookie);
|
||||
const response = await request(app)
|
||||
.get(`${ROOMS_PATH}/${roomData.room.roomId}`)
|
||||
.set('Cookie', roomData.moderatorCookie);
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
|
||||
it('should succeed when authentication is required for all participants, participant is moderator and user is authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, {
|
||||
await changeSecurityPreferences({
|
||||
authMode: AuthMode.ALL_USERS
|
||||
});
|
||||
|
||||
const response = await request(app)
|
||||
.get(`${ROOMS_PATH}/${roomId}`)
|
||||
.set('Cookie', [moderatorCookie, userCookie]);
|
||||
.get(`${ROOMS_PATH}/${roomData.room.roomId}`)
|
||||
.set('Cookie', [roomData.moderatorCookie, userCookie]);
|
||||
expect(response.status).toBe(200);
|
||||
});
|
||||
|
||||
it('should fail when authentication is required for all participants, participant is moderator and user is not authenticated', async () => {
|
||||
await changeSecurityPreferences(adminCookie, {
|
||||
await changeSecurityPreferences({
|
||||
authMode: AuthMode.ALL_USERS
|
||||
});
|
||||
|
||||
const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', moderatorCookie);
|
||||
const response = await request(app)
|
||||
.get(`${ROOMS_PATH}/${roomData.room.roomId}`)
|
||||
.set('Cookie', roomData.moderatorCookie);
|
||||
expect(response.status).toBe(401);
|
||||
});
|
||||
});
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user