From 67dfd5df632711b9e02fd6eba823c7dd5c955660 Mon Sep 17 00:00:00 2001 From: juancarmore Date: Tue, 30 Sep 2025 11:06:17 +0200 Subject: [PATCH] backend: update appearance config route to allow anonymous access and adjust related tests --- backend/src/routes/global-config.routes.ts | 9 +++------ backend/tests/helpers/request-helpers.ts | 2 -- .../api/security/global-config-security.test.ts | 16 ++-------------- 3 files changed, 5 insertions(+), 22 deletions(-) diff --git a/backend/src/routes/global-config.routes.ts b/backend/src/routes/global-config.routes.ts index d289a5c..bfd9384 100644 --- a/backend/src/routes/global-config.routes.ts +++ b/backend/src/routes/global-config.routes.ts @@ -5,6 +5,7 @@ import * as appearanceConfigCtrl from '../controllers/global-config/appearance-c import * as securityConfigCtrl from '../controllers/global-config/security-config.controller.js'; import * as webhookConfigCtrl from '../controllers/global-config/webhook-config.controller.js'; import { + allowAnonymous, tokenAndRoleValidator, validateRoomsAppearanceConfig, validateSecurityConfig, @@ -34,7 +35,7 @@ configRouter.put( validateSecurityConfig, securityConfigCtrl.updateSecurityConfig ); -configRouter.get('/security', securityConfigCtrl.getSecurityConfig); +configRouter.get('/security', withAuth(allowAnonymous), securityConfigCtrl.getSecurityConfig); // Appearance config configRouter.put( @@ -43,8 +44,4 @@ configRouter.put( validateRoomsAppearanceConfig, appearanceConfigCtrl.updateRoomsAppearanceConfig ); -configRouter.get( - '/rooms/appearance', - withAuth(tokenAndRoleValidator(UserRole.ADMIN)), - appearanceConfigCtrl.getRoomsAppearanceConfig -); +configRouter.get('/rooms/appearance', withAuth(allowAnonymous), appearanceConfigCtrl.getRoomsAppearanceConfig); diff --git a/backend/tests/helpers/request-helpers.ts b/backend/tests/helpers/request-helpers.ts index 89415f7..37c1e62 100644 --- a/backend/tests/helpers/request-helpers.ts +++ b/backend/tests/helpers/request-helpers.ts @@ -80,10 +80,8 @@ export const getApiKeys = async () => { export const getRoomsAppearanceConfig = async () => { checkAppIsRunning(); - const adminCookie = await loginUser(); const response = await request(app) .get(`${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/config/rooms/appearance`) - .set('Cookie', adminCookie) .send(); return response; }; diff --git a/backend/tests/integration/api/security/global-config-security.test.ts b/backend/tests/integration/api/security/global-config-security.test.ts index 5043705..d15ae5d 100644 --- a/backend/tests/integration/api/security/global-config-security.test.ts +++ b/backend/tests/integration/api/security/global-config-security.test.ts @@ -152,21 +152,9 @@ describe('Global Config API Security Tests', () => { }); describe('Get Rooms Appearance Config Tests', () => { - it('should fail when request includes API key', async () => { - const response = await request(app) - .get(`${CONFIG_PATH}/rooms/appearance`) - .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_INITIAL_API_KEY); - expect(response.status).toBe(401); - }); - - it('should succeed when user is authenticated as admin', async () => { - const response = await request(app).get(`${CONFIG_PATH}/rooms/appearance`).set('Cookie', adminCookie); - expect(response.status).toBe(200); - }); - - it('should fail when user is not authenticated', async () => { + it('should succeed when user is not authenticated', async () => { const response = await request(app).get(`${CONFIG_PATH}/rooms/appearance`); - expect(response.status).toBe(401); + expect(response.status).toBe(200); }); }); });