From 46bd1bcca8c095a62294e62fec2fd53d28fdfad8 Mon Sep 17 00:00:00 2001 From: juancarmore Date: Mon, 5 May 2025 14:38:56 +0200 Subject: [PATCH] tests: Refactor security tests to use setupSingleRoom for room data management --- .../api/security/meeting-security.test.ts | 94 +++------- .../api/security/participant-security.test.ts | 166 ++++++++---------- .../api/security/recording-security.test.ts | 71 ++------ .../api/security/room-security.test.ts | 89 +++++----- 4 files changed, 160 insertions(+), 260 deletions(-) diff --git a/backend/tests/integration/api/security/meeting-security.test.ts b/backend/tests/integration/api/security/meeting-security.test.ts index ce132d7..ec9a16d 100644 --- a/backend/tests/integration/api/security/meeting-security.test.ts +++ b/backend/tests/integration/api/security/meeting-security.test.ts @@ -1,113 +1,77 @@ -import { afterAll, beforeAll, describe, expect, it } from '@jest/globals'; +import { afterAll, beforeAll, beforeEach, describe, expect, it } from '@jest/globals'; import { Express } from 'express'; import request from 'supertest'; import INTERNAL_CONFIG from '../../../../src/config/internal-config.js'; -import { MeetRoomHelper } from '../../../../src/helpers/room.helper.js'; -import { UserRole } from '../../../../src/typings/ce/index.js'; -import { - createRoom, - deleteAllRooms, - generateParticipantToken, - loginUserAsRole, - startTestServer -} from '../../../helpers/request-helpers.js'; +import { deleteAllRooms, disconnectFakeParticipants, startTestServer } from '../../../helpers/request-helpers.js'; +import { RoomData, setupSingleRoom } from '../../../helpers/test-scenarios.js'; const MEETINGS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/meetings`; describe('Meeting API Security Tests', () => { let app: Express; - let roomId: string; + let roomData: RoomData; - let adminCookie: string; - let moderatorCookie: string; - let publisherCookie: string; - - beforeAll(async () => { + beforeAll(() => { app = startTestServer(); + }); - // Get cookie for admin - adminCookie = await loginUserAsRole(UserRole.ADMIN); - - // Create a room and extract the roomId - const room = await createRoom(); - roomId = room.roomId; - - // Extract the room secrets and generate participant tokens, saved as cookies - const { moderatorSecret, publisherSecret } = MeetRoomHelper.extractSecretsFromRoom(room); - moderatorCookie = await generateParticipantToken(adminCookie, roomId, 'Moderator', moderatorSecret); - publisherCookie = await generateParticipantToken(adminCookie, roomId, 'Publisher', publisherSecret); + beforeEach(async () => { + roomData = await setupSingleRoom(true); }); afterAll(async () => { + await disconnectFakeParticipants(); await deleteAllRooms(); - }, 20000); + }); describe('End Meeting Tests', () => { it('should succeed when participant is moderator', async () => { - const response = await request(app).delete(`${MEETINGS_PATH}/${roomId}`).set('Cookie', moderatorCookie); + const response = await request(app) + .delete(`${MEETINGS_PATH}/${roomData.room.roomId}`) + .set('Cookie', roomData.moderatorCookie); expect(response.status).toBe(200); }); it('should fail when participant is moderator of a different room', async () => { - // Create a new room to get a different roomId - const newRoom = await createRoom(); - const newRoomId = newRoom.roomId; + const newRoomData = await setupSingleRoom(); - // Extract the moderator secret and generate a participant token for the new room - const { moderatorSecret } = MeetRoomHelper.extractSecretsFromRoom(newRoom); - const newModeratorCookie = await generateParticipantToken( - adminCookie, - newRoomId, - 'Moderator', - moderatorSecret - ); - - const response = await request(app).delete(`${MEETINGS_PATH}/${roomId}`).set('Cookie', newModeratorCookie); + const response = await request(app) + .delete(`${MEETINGS_PATH}/${roomData.room.roomId}`) + .set('Cookie', newRoomData.moderatorCookie); expect(response.status).toBe(403); }); it('should fail when participant is publisher', async () => { - const response = await request(app).delete(`${MEETINGS_PATH}/${roomId}`).set('Cookie', publisherCookie); + const response = await request(app) + .delete(`${MEETINGS_PATH}/${roomData.room.roomId}`) + .set('Cookie', roomData.publisherCookie); expect(response.status).toBe(403); }); }); describe('Delete Participant from Meeting Tests', () => { - const PARTICIPANT_NAME = 'testParticipant'; + const PARTICIPANT_NAME = 'TEST_PARTICIPANT'; it('should succeed when participant is moderator', async () => { const response = await request(app) - .delete(`${MEETINGS_PATH}/${roomId}/participants/${PARTICIPANT_NAME}`) - .set('Cookie', moderatorCookie); - - // The response code should be 404 to consider a success because there is no real participant inside the room - expect(response.status).toBe(404); + .delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`) + .set('Cookie', roomData.moderatorCookie); + expect(response.status).toBe(200); }); it('should fail when participant is moderator of a different room', async () => { - // Create a new room to get a different roomId - const newRoom = await createRoom(); - const newRoomId = newRoom.roomId; - - // Extract the moderator secret and generate a participant token for the new room - const { moderatorSecret } = MeetRoomHelper.extractSecretsFromRoom(newRoom); - const newModeratorCookie = await generateParticipantToken( - adminCookie, - newRoomId, - 'Moderator', - moderatorSecret - ); + const newRoomData = await setupSingleRoom(); const response = await request(app) - .delete(`${MEETINGS_PATH}/${roomId}/participants/${PARTICIPANT_NAME}`) - .set('Cookie', newModeratorCookie); + .delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`) + .set('Cookie', newRoomData.moderatorCookie); expect(response.status).toBe(403); }); it('should fail when participant is publisher', async () => { const response = await request(app) - .delete(`${MEETINGS_PATH}/${roomId}/participants/${PARTICIPANT_NAME}`) - .set('Cookie', publisherCookie); + .delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`) + .set('Cookie', roomData.publisherCookie); expect(response.status).toBe(403); }); }); diff --git a/backend/tests/integration/api/security/participant-security.test.ts b/backend/tests/integration/api/security/participant-security.test.ts index 5b654d8..ab4fb6b 100644 --- a/backend/tests/integration/api/security/participant-security.test.ts +++ b/backend/tests/integration/api/security/participant-security.test.ts @@ -2,267 +2,249 @@ import { afterAll, beforeAll, describe, expect, it } from '@jest/globals'; import { Express } from 'express'; import request from 'supertest'; import INTERNAL_CONFIG from '../../../../src/config/internal-config.js'; -import { MeetRoomHelper } from '../../../../src/helpers/room.helper.js'; import { AuthMode, UserRole } from '../../../../src/typings/ce/index.js'; import { changeSecurityPreferences, - createRoom, deleteAllRooms, + disconnectFakeParticipants, loginUserAsRole, startTestServer } from '../../../helpers/request-helpers.js'; +import { RoomData, setupSingleRoom } from '../../../helpers/test-scenarios.js'; const PARTICIPANTS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/participants`; describe('Participant API Security Tests', () => { - const PARTICIPANT_NAME = 'testParticipant'; + const PARTICIPANT_NAME = 'TEST_PARTICIPANT'; let app: Express; - let userCookie: string; - let adminCookie: string; - - let roomId: string; - let moderatorSecret: string; - let publisherSecret: string; + let roomData: RoomData; beforeAll(async () => { app = startTestServer(); - - // Get cookies for admin and user userCookie = await loginUserAsRole(UserRole.USER); - adminCookie = await loginUserAsRole(UserRole.ADMIN); - - // Create a room and extract the roomId - const room = await createRoom(); - roomId = room.roomId; - - // Extract the moderator and publisher secrets from the room - ({ moderatorSecret, publisherSecret } = MeetRoomHelper.extractSecretsFromRoom(room)); }); afterAll(async () => { + await disconnectFakeParticipants(); await deleteAllRooms(); - }, 20000); + }); describe('Generate Participant Token Tests', () => { + beforeAll(async () => { + roomData = await setupSingleRoom(); + }); + it('should succeed when no authentication is required and participant is publisher', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.NONE }); + await changeSecurityPreferences({ authMode: AuthMode.NONE }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: publisherSecret + secret: roomData.publisherSecret }); expect(response.status).toBe(200); }); it('should succeed when no authentication is required and participant is moderator', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.NONE }); + await changeSecurityPreferences({ authMode: AuthMode.NONE }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: moderatorSecret + secret: roomData.moderatorSecret }); expect(response.status).toBe(200); }); it('should succeed when authentication is required for moderator and participant is publisher', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.MODERATORS_ONLY }); + await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: publisherSecret + secret: roomData.publisherSecret }); expect(response.status).toBe(200); }); it('should succeed when authentication is required for moderator, participant is moderator and authenticated', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.MODERATORS_ONLY }); + await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).set('Cookie', userCookie).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: moderatorSecret + secret: roomData.moderatorSecret }); expect(response.status).toBe(200); }); it('should fail when authentication is required for moderator and participant is moderator but not authenticated', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.MODERATORS_ONLY }); + await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: moderatorSecret + secret: roomData.moderatorSecret }); expect(response.status).toBe(401); }); it('should succeed when authentication is required for all users, participant is publisher and authenticated', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS }); + await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).set('Cookie', userCookie).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: publisherSecret + secret: roomData.publisherSecret }); expect(response.status).toBe(200); }); it('should fail when authentication is required for all users and participant is publisher but not authenticated', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS }); + await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: publisherSecret + secret: roomData.publisherSecret }); expect(response.status).toBe(401); }); it('should succeed when authentication is required for all users, participant is moderator and authenticated', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS }); + await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).set('Cookie', userCookie).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: moderatorSecret + secret: roomData.moderatorSecret }); expect(response.status).toBe(200); }); it('should fail when authentication is required for all users and participant is moderator but not authenticated', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS }); + await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token`).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: moderatorSecret + secret: roomData.moderatorSecret }); expect(response.status).toBe(401); }); }); describe('Refresh Participant Token Tests', () => { + beforeAll(async () => { + roomData = await setupSingleRoom(true); + }); + it('should succeed when no authentication is required and participant is publisher', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.NONE }); + await changeSecurityPreferences({ authMode: AuthMode.NONE }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token/refresh`).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: publisherSecret + secret: roomData.publisherSecret }); - - // The response code should be 404 to consider a success because there is no real participant inside the room - expect(response.status).toBe(404); + expect(response.status).toBe(200); }); it('should succeed when no authentication is required and participant is moderator', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.NONE }); + await changeSecurityPreferences({ authMode: AuthMode.NONE }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token/refresh`).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: moderatorSecret + secret: roomData.moderatorSecret }); - - // The response code should be 404 to consider a success because there is no real participant inside the room - expect(response.status).toBe(404); + expect(response.status).toBe(200); }); it('should succeed when authentication is required for moderator and participant is publisher', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.MODERATORS_ONLY }); + await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token/refresh`).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: publisherSecret + secret: roomData.publisherSecret }); - - // The response code should be 404 to consider a success because there is no real participant inside the room - expect(response.status).toBe(404); + expect(response.status).toBe(200); }); it('should succeed when authentication is required for moderator, participant is moderator and authenticated', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.MODERATORS_ONLY }); + await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY }); const response = await request(app) .post(`${PARTICIPANTS_PATH}/token/refresh`) .set('Cookie', userCookie) .send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: moderatorSecret + secret: roomData.moderatorSecret }); - - // The response code should be 404 to consider a success because there is no real participant inside the room - expect(response.status).toBe(404); + expect(response.status).toBe(200); }); it('should fail when authentication is required for moderator and participant is moderator but not authenticated', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.MODERATORS_ONLY }); + await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token/refresh`).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: moderatorSecret + secret: roomData.moderatorSecret }); expect(response.status).toBe(401); }); it('should succeed when authentication is required for all users, participant is publisher and authenticated', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS }); + await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS }); const response = await request(app) .post(`${PARTICIPANTS_PATH}/token/refresh`) .set('Cookie', userCookie) .send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: publisherSecret + secret: roomData.publisherSecret }); - - // The response code should be 404 to consider a success because there is no real participant inside the room - expect(response.status).toBe(404); + expect(response.status).toBe(200); }); it('should fail when authentication is required for all users and participant is publisher but not authenticated', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS }); + await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token/refresh`).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: publisherSecret + secret: roomData.publisherSecret }); expect(response.status).toBe(401); }); it('should succeed when authentication is required for all users, participant is moderator and authenticated', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS }); + await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS }); const response = await request(app) .post(`${PARTICIPANTS_PATH}/token/refresh`) .set('Cookie', userCookie) .send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: moderatorSecret + secret: roomData.moderatorSecret }); - - // The response code should be 404 to consider a success because there is no real participant inside the room - expect(response.status).toBe(404); + expect(response.status).toBe(200); }); it('should fail when authentication is required for all users and participant is moderator but not authenticated', async () => { - await changeSecurityPreferences(adminCookie, { authMode: AuthMode.ALL_USERS }); + await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS }); const response = await request(app).post(`${PARTICIPANTS_PATH}/token/refresh`).send({ - roomId, + roomId: roomData.room.roomId, participantName: PARTICIPANT_NAME, - secret: moderatorSecret + secret: roomData.moderatorSecret }); expect(response.status).toBe(401); }); diff --git a/backend/tests/integration/api/security/recording-security.test.ts b/backend/tests/integration/api/security/recording-security.test.ts index 7a6c414..bdb71b3 100644 --- a/backend/tests/integration/api/security/recording-security.test.ts +++ b/backend/tests/integration/api/security/recording-security.test.ts @@ -3,15 +3,9 @@ import { Express } from 'express'; import request from 'supertest'; import INTERNAL_CONFIG from '../../../../src/config/internal-config.js'; import { MEET_API_KEY } from '../../../../src/environment.js'; -import { MeetRoomHelper } from '../../../../src/helpers/room.helper.js'; import { UserRole } from '../../../../src/typings/ce/index.js'; -import { - createRoom, - deleteAllRooms, - generateParticipantToken, - loginUserAsRole, - startTestServer -} from '../../../helpers/request-helpers.js'; +import { deleteAllRooms, loginUserAsRole, startTestServer } from '../../../helpers/request-helpers.js'; +import { RoomData, setupSingleRoom } from '../../../helpers/test-scenarios.js'; const RECORDINGS_PATH = `${INTERNAL_CONFIG.API_BASE_PATH_V1}/recordings`; const INTERNAL_RECORDINGS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/recordings`; @@ -22,12 +16,9 @@ describe('Recording API Security Tests', () => { let userCookie: string; let adminCookie: string; - let roomId: string; + let roomData: RoomData; let recordingId: string; - let moderatorCookie: string; - let publisherCookie: string; - beforeAll(async () => { app = startTestServer(); @@ -36,26 +27,20 @@ describe('Recording API Security Tests', () => { adminCookie = await loginUserAsRole(UserRole.ADMIN); // Create a room and extract the roomId - const room = await createRoom(); - roomId = room.roomId; - recordingId = `${roomId}--EG_recordingId--uid`; - - // Extract the room secrets and generate participant tokens, saved as cookies - const { moderatorSecret, publisherSecret } = MeetRoomHelper.extractSecretsFromRoom(room); - moderatorCookie = await generateParticipantToken(adminCookie, roomId, 'Moderator', moderatorSecret); - publisherCookie = await generateParticipantToken(adminCookie, roomId, 'Publisher', publisherSecret); + roomData = await setupSingleRoom(); + recordingId = `${roomData.room.roomId}--EG_recordingId--uid`; }); afterAll(async () => { await deleteAllRooms(); - }, 20000); + }); describe('Start Recording Tests', () => { it('should succeed when participant is moderator', async () => { const response = await request(app) .post(INTERNAL_RECORDINGS_PATH) - .send({ roomId }) - .set('Cookie', moderatorCookie); + .send({ roomId: roomData.room.roomId }) + .set('Cookie', roomData.moderatorCookie); // The response code should be 409 to consider a success // This is because there is no real participant inside the room and the recording will fail @@ -63,31 +48,20 @@ describe('Recording API Security Tests', () => { }); it('should fail when participant is moderator of a different room', async () => { - // Create a new room to get a different roomId - const newRoom = await createRoom(); - const newRoomId = newRoom.roomId; - - // Extract the moderator secret and generate a participant token for the new room - const { moderatorSecret } = MeetRoomHelper.extractSecretsFromRoom(newRoom); - const newModeratorCookie = await generateParticipantToken( - adminCookie, - newRoomId, - 'Moderator', - moderatorSecret - ); + const newRoomData = await setupSingleRoom(); const response = await request(app) .post(INTERNAL_RECORDINGS_PATH) - .send({ roomId }) - .set('Cookie', newModeratorCookie); + .send({ roomId: roomData.room.roomId }) + .set('Cookie', newRoomData.moderatorCookie); expect(response.status).toBe(403); }); it('should fail when participant is publisher', async () => { const response = await request(app) .post(INTERNAL_RECORDINGS_PATH) - .send({ roomId }) - .set('Cookie', publisherCookie); + .send({ roomId: roomData.room.roomId }) + .set('Cookie', roomData.publisherCookie); expect(response.status).toBe(403); }); }); @@ -96,35 +70,24 @@ describe('Recording API Security Tests', () => { it('should succeed when participant is moderator', async () => { const response = await request(app) .post(`${INTERNAL_RECORDINGS_PATH}/${recordingId}/stop`) - .set('Cookie', moderatorCookie); + .set('Cookie', roomData.moderatorCookie); // The response code should be 404 to consider a success because the recording does not exist expect(response.status).toBe(404); }); it('should fail when participant is moderator of a different room', async () => { - // Create a new room to get a different roomId - const newRoom = await createRoom(); - const newRoomId = newRoom.roomId; - - // Extract the moderator secret and generate a participant token for the new room - const { moderatorSecret } = MeetRoomHelper.extractSecretsFromRoom(newRoom); - const newModeratorCookie = await generateParticipantToken( - adminCookie, - newRoomId, - 'Moderator', - moderatorSecret - ); + const newRoomData = await setupSingleRoom(); const response = await request(app) .post(`${INTERNAL_RECORDINGS_PATH}/${recordingId}/stop`) - .set('Cookie', newModeratorCookie); + .set('Cookie', newRoomData.moderatorCookie); expect(response.status).toBe(403); }); it('should fail when participant is publisher', async () => { const response = await request(app) .post(`${INTERNAL_RECORDINGS_PATH}/${recordingId}/stop`) - .set('Cookie', publisherCookie); + .set('Cookie', roomData.publisherCookie); expect(response.status).toBe(403); }); }); diff --git a/backend/tests/integration/api/security/room-security.test.ts b/backend/tests/integration/api/security/room-security.test.ts index dd211ae..cfcfb37 100644 --- a/backend/tests/integration/api/security/room-security.test.ts +++ b/backend/tests/integration/api/security/room-security.test.ts @@ -9,10 +9,10 @@ import { changeSecurityPreferences, createRoom, deleteAllRooms, - generateParticipantToken, loginUserAsRole, startTestServer } from '../../../helpers/request-helpers.js'; +import { RoomData, setupSingleRoom } from '../../../helpers/test-scenarios.js'; const ROOMS_PATH = `${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms`; const INTERNAL_ROOMS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/rooms`; @@ -32,11 +32,11 @@ describe('Room API Security Tests', () => { afterAll(async () => { await deleteAllRooms(); - }, 20000); + }); describe('Create Room Tests', () => { it('should succeed when users cannot create rooms, and request includes API key', async () => { - await changeSecurityPreferences(adminCookie, { + await changeSecurityPreferences({ usersCanCreateRooms: false }); @@ -48,7 +48,7 @@ describe('Room API Security Tests', () => { }); it('should succeed when users cannot create rooms, and user is authenticated as admin', async () => { - await changeSecurityPreferences(adminCookie, { + await changeSecurityPreferences({ usersCanCreateRooms: false }); @@ -57,7 +57,7 @@ describe('Room API Security Tests', () => { }); it('should fail when users cannot create rooms, and user is authenticated as user', async () => { - await changeSecurityPreferences(adminCookie, { + await changeSecurityPreferences({ usersCanCreateRooms: false }); @@ -66,7 +66,7 @@ describe('Room API Security Tests', () => { }); it('should fail when users cannot create rooms, and user is not authenticated', async () => { - await changeSecurityPreferences(adminCookie, { + await changeSecurityPreferences({ usersCanCreateRooms: false }); @@ -75,7 +75,7 @@ describe('Room API Security Tests', () => { }); it('should succeed when users can create rooms and auth is not required, and user is not authenticated', async () => { - await changeSecurityPreferences(adminCookie, { + await changeSecurityPreferences({ usersCanCreateRooms: true, authRequired: false }); @@ -85,7 +85,7 @@ describe('Room API Security Tests', () => { }); it('should succeed when users can create rooms and auth is required, and user is authenticated', async () => { - await changeSecurityPreferences(adminCookie, { + await changeSecurityPreferences({ usersCanCreateRooms: true, authRequired: true }); @@ -95,7 +95,7 @@ describe('Room API Security Tests', () => { }); it('should fail when users can create rooms and auth is required, and user is not authenticated', async () => { - await changeSecurityPreferences(adminCookie, { + await changeSecurityPreferences({ usersCanCreateRooms: true, authRequired: true }); @@ -163,111 +163,102 @@ describe('Room API Security Tests', () => { }); describe('Get Room Tests', () => { - let roomId: string; - let moderatorCookie: string; - let publisherCookie: string; + let roomData: RoomData; beforeAll(async () => { - const room = await createRoom(); - roomId = room.roomId; - - // Extract the room secrets and generate participant tokens, saved as cookies - const { moderatorSecret, publisherSecret } = MeetRoomHelper.extractSecretsFromRoom(room); - moderatorCookie = await generateParticipantToken(adminCookie, roomId, 'Moderator', moderatorSecret); - publisherCookie = await generateParticipantToken(adminCookie, roomId, 'Publisher', publisherSecret); + roomData = await setupSingleRoom(); }); it('should succeed when request includes API key', async () => { const response = await request(app) - .get(`${ROOMS_PATH}/${roomId}`) + .get(`${ROOMS_PATH}/${roomData.room.roomId}`) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY); expect(response.status).toBe(200); }); it('should succeed when user is authenticated as admin', async () => { - const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', adminCookie); + const response = await request(app).get(`${ROOMS_PATH}/${roomData.room.roomId}`).set('Cookie', adminCookie); expect(response.status).toBe(200); }); it('should fail when user is authenticated as user', async () => { - const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', userCookie); + const response = await request(app).get(`${ROOMS_PATH}/${roomData.room.roomId}`).set('Cookie', userCookie); expect(response.status).toBe(401); }); it('should fail when user is not authenticated', async () => { - const response = await request(app).get(`${ROOMS_PATH}/${roomId}`); + const response = await request(app).get(`${ROOMS_PATH}/${roomData.room.roomId}`); expect(response.status).toBe(401); }); it('should fail when participant is publisher', async () => { - const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', publisherCookie); + const response = await request(app) + .get(`${ROOMS_PATH}/${roomData.room.roomId}`) + .set('Cookie', roomData.publisherCookie); expect(response.status).toBe(403); }); it('should fail when participant is moderator of a different room', async () => { - // Create a new room to get a different roomId - const newRoom = await createRoom(); - const newRoomId = newRoom.roomId; + const newRoomData = await setupSingleRoom(); - // Extract the moderator secret and generate a participant token for the new room - const { moderatorSecret } = MeetRoomHelper.extractSecretsFromRoom(newRoom); - const newModeratorCookie = await generateParticipantToken( - adminCookie, - newRoomId, - 'Moderator', - moderatorSecret - ); - - const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', newModeratorCookie); + const response = await request(app) + .get(`${ROOMS_PATH}/${roomData.room.roomId}`) + .set('Cookie', newRoomData.moderatorCookie); expect(response.status).toBe(403); }); it('should succeed when no authentication is required and participant is moderator', async () => { - await changeSecurityPreferences(adminCookie, { + await changeSecurityPreferences({ authMode: AuthMode.NONE }); - const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', moderatorCookie); + const response = await request(app) + .get(`${ROOMS_PATH}/${roomData.room.roomId}`) + .set('Cookie', roomData.moderatorCookie); expect(response.status).toBe(200); }); it('should succeed when authentication is required for moderators, participant is moderator and user is authenticated', async () => { - await changeSecurityPreferences(adminCookie, { + await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY }); const response = await request(app) - .get(`${ROOMS_PATH}/${roomId}`) - .set('Cookie', [moderatorCookie, userCookie]); + .get(`${ROOMS_PATH}/${roomData.room.roomId}`) + .set('Cookie', [roomData.moderatorCookie, userCookie]); expect(response.status).toBe(200); }); it('should fail when authentication is required for moderators, participant is moderator and user is not authenticated', async () => { - await changeSecurityPreferences(adminCookie, { + await changeSecurityPreferences({ authMode: AuthMode.MODERATORS_ONLY }); - const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', moderatorCookie); + const response = await request(app) + .get(`${ROOMS_PATH}/${roomData.room.roomId}`) + .set('Cookie', roomData.moderatorCookie); expect(response.status).toBe(401); }); it('should succeed when authentication is required for all participants, participant is moderator and user is authenticated', async () => { - await changeSecurityPreferences(adminCookie, { + await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS }); const response = await request(app) - .get(`${ROOMS_PATH}/${roomId}`) - .set('Cookie', [moderatorCookie, userCookie]); + .get(`${ROOMS_PATH}/${roomData.room.roomId}`) + .set('Cookie', [roomData.moderatorCookie, userCookie]); expect(response.status).toBe(200); }); it('should fail when authentication is required for all participants, participant is moderator and user is not authenticated', async () => { - await changeSecurityPreferences(adminCookie, { + await changeSecurityPreferences({ authMode: AuthMode.ALL_USERS }); - const response = await request(app).get(`${ROOMS_PATH}/${roomId}`).set('Cookie', moderatorCookie); + const response = await request(app) + .get(`${ROOMS_PATH}/${roomData.room.roomId}`) + .set('Cookie', roomData.moderatorCookie); expect(response.status).toBe(401); }); });