neoris/openvidu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test: remove public access tests and add new scenarios for recording access using secrets

Browse Source
This commit is contained in:
juancarmore 2025-06-13 17:19:38 +02:00
parent 615199edb8
commit eb8ed528b6
1 changed files with 44 additions and 127 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

171
backend/tests/integration/api/security/recording-security.test.ts
View File

@ -158,29 +158,6 @@ describe('Recording API Security Tests', () => {
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });
it('should succeed when recording access is public and participant is publisher', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const recordingCookie = await generateRecordingTokenCookie(roomData.room.roomId, roomData.publisherSecret);
const response = await request(app).get(RECORDINGS_PATH).set('Cookie', recordingCookie);
expect(response.status).toBe(200);
});
it('should succeed when recording access is public and participant is moderator', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const recordingCookie = await generateRecordingTokenCookie(roomData.room.roomId, roomData.moderatorSecret);
const response = await request(app).get(RECORDINGS_PATH).set('Cookie', recordingCookie);
expect(response.status).toBe(200);
});
it('should fail when recording access is public and user is not authenticated', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const response = await request(app).get(RECORDINGS_PATH);
expect(response.status).toBe(401);
});
it('should succeed when recording access is admin-moderator-publisher and participant is publisher', async () => { it('should succeed when recording access is admin-moderator-publisher and participant is publisher', async () => {
await updateRecordingAccessPreferencesInRoom( await updateRecordingAccessPreferencesInRoom(
roomData.room.roomId, roomData.room.roomId,
@ -241,29 +218,6 @@ describe('Recording API Security Tests', () => {
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });
it('should succeed when recording access is public and participant is publisher', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const recordingCookie = await generateRecordingTokenCookie(roomData.room.roomId, roomData.publisherSecret);
const response = await request(app).get(`${RECORDINGS_PATH}/${recordingId}`).set('Cookie', recordingCookie);
expect(response.status).toBe(200);
});
it('should succeed when recording access is public and participant is moderator', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const recordingCookie = await generateRecordingTokenCookie(roomData.room.roomId, roomData.moderatorSecret);
const response = await request(app).get(`${RECORDINGS_PATH}/${recordingId}`).set('Cookie', recordingCookie);
expect(response.status).toBe(200);
});
it('should fail when recording access is public and user is not authenticated', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const response = await request(app).get(`${RECORDINGS_PATH}/${recordingId}`);
expect(response.status).toBe(401);
});
it('should succeed when recording access is admin-moderator-publisher and participant is publisher', async () => { it('should succeed when recording access is admin-moderator-publisher and participant is publisher', async () => {
await updateRecordingAccessPreferencesInRoom( await updateRecordingAccessPreferencesInRoom(
roomData.room.roomId, roomData.room.roomId,
@ -301,6 +255,50 @@ describe('Recording API Security Tests', () => {
const response = await request(app).get(`${RECORDINGS_PATH}/${recordingId}`).set('Cookie', recordingCookie); const response = await request(app).get(`${RECORDINGS_PATH}/${recordingId}`).set('Cookie', recordingCookie);
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });
it('should succeed when using public access secret and user is not authenticated', async () => {
const recordingUrlResponse = await getRecordingUrl(recordingId);
expect(recordingUrlResponse.status).toBe(200);
const recordingUrl = recordingUrlResponse.body.url;
expect(recordingUrl).toBeDefined();
// Parse the URL to extract the secret from the query parameters
const parsedUrl = new URL(recordingUrl);
const secret = parsedUrl.searchParams.get('secret');
const response = await request(app).get(`${RECORDINGS_PATH}/${recordingId}?secret=${secret}`);
expect(response.status).toBe(200);
});
it('should fail when using private access secret and user is not authenticated', async () => {
const recordingUrlResponse = await getRecordingUrl(recordingId, true);
expect(recordingUrlResponse.status).toBe(200);
const recordingUrl = recordingUrlResponse.body.url;
expect(recordingUrl).toBeDefined();
// Parse the URL to extract the secret from the query parameters
const parsedUrl = new URL(recordingUrl);
const secret = parsedUrl.searchParams.get('secret');
const response = await request(app).get(`${RECORDINGS_PATH}/${recordingId}?secret=${secret}`);
expect(response.status).toBe(401);
});
it('should succeed when using private access secret and user is authenticated', async () => {
const recordingUrlResponse = await getRecordingUrl(recordingId, true);
expect(recordingUrlResponse.status).toBe(200);
const recordingUrl = recordingUrlResponse.body.url;
expect(recordingUrl).toBeDefined();
// Parse the URL to extract the secret from the query parameters
const parsedUrl = new URL(recordingUrl);
const secret = parsedUrl.searchParams.get('secret');
const response = await request(app)
.get(`${RECORDINGS_PATH}/${recordingId}?secret=${secret}`)
.set('Cookie', adminCookie);
expect(response.status).toBe(200);
});
}); });
describe('Delete Recording Tests', () => { describe('Delete Recording Tests', () => {
@ -324,33 +322,6 @@ describe('Recording API Security Tests', () => {
expect(response.status).toBe(204); expect(response.status).toBe(204);
}); });
it('should fail when recording access is public and participant is publisher', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const recordingCookie = await generateRecordingTokenCookie(roomData.room.roomId, roomData.publisherSecret);
const response = await request(app)
.delete(`${RECORDINGS_PATH}/${recordingId}`)
.set('Cookie', recordingCookie);
expect(response.status).toBe(403);
});
it('should succeed when recording access is public and participant is moderator', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const recordingCookie = await generateRecordingTokenCookie(roomData.room.roomId, roomData.moderatorSecret);
const response = await request(app)
.delete(`${RECORDINGS_PATH}/${recordingId}`)
.set('Cookie', recordingCookie);
expect(response.status).toBe(204);
});
it('should fail when recording access is public and user is not authenticated', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const response = await request(app).delete(`${RECORDINGS_PATH}/${recordingId}`);
expect(response.status).toBe(401);
});
it('should fail when recording access is admin-moderator-publisher and participant is publisher', async () => { it('should fail when recording access is admin-moderator-publisher and participant is publisher', async () => {
await updateRecordingAccessPreferencesInRoom( await updateRecordingAccessPreferencesInRoom(
roomData.room.roomId, roomData.room.roomId,
@ -446,33 +417,6 @@ describe('Recording API Security Tests', () => {
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });
it('should succeed when recording access is public and participant is publisher', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const recordingCookie = await generateRecordingTokenCookie(roomData.room.roomId, roomData.publisherSecret);
const response = await request(app)
.get(`${RECORDINGS_PATH}/${recordingId}/media`)
.set('Cookie', recordingCookie);
expect(response.status).toBe(200);
});
it('should succeed when recording access is public and participant is moderator', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const recordingCookie = await generateRecordingTokenCookie(roomData.room.roomId, roomData.moderatorSecret);
const response = await request(app)
.get(`${RECORDINGS_PATH}/${recordingId}/media`)
.set('Cookie', recordingCookie);
expect(response.status).toBe(200);
});
it('should succeed when recording access is public and user is not authenticated', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const response = await request(app).get(`${RECORDINGS_PATH}/${recordingId}/media`);
expect(response.status).toBe(200);
});
it('should succeed when recording access is admin-moderator-publisher and participant is publisher', async () => { it('should succeed when recording access is admin-moderator-publisher and participant is publisher', async () => {
await updateRecordingAccessPreferencesInRoom( await updateRecordingAccessPreferencesInRoom(
roomData.room.roomId, roomData.room.roomId,
@ -591,33 +535,6 @@ describe('Recording API Security Tests', () => {
expect(response.status).toBe(200); expect(response.status).toBe(200);
}); });
it('should succeed when recording access is public and participant is publisher', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const recordingCookie = await generateRecordingTokenCookie(roomData.room.roomId, roomData.publisherSecret);
const response = await request(app)
.get(`${RECORDINGS_PATH}/${recordingId}/url`)
.set('Cookie', recordingCookie);
expect(response.status).toBe(200);
});
it('should succeed when recording access is public and participant is moderator', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const recordingCookie = await generateRecordingTokenCookie(roomData.room.roomId, roomData.moderatorSecret);
const response = await request(app)
.get(`${RECORDINGS_PATH}/${recordingId}/url`)
.set('Cookie', recordingCookie);
expect(response.status).toBe(200);
});
it('should fail when recording access is public and user is not authenticated', async () => {
await updateRecordingAccessPreferencesInRoom(roomData.room.roomId, MeetRecordingAccess.PUBLIC);
const response = await request(app).get(`${RECORDINGS_PATH}/${recordingId}/url`);
expect(response.status).toBe(401);
});
it('should succeed when recording access is admin-moderator-publisher and participant is publisher', async () => { it('should succeed when recording access is admin-moderator-publisher and participant is publisher', async () => {
await updateRecordingAccessPreferencesInRoom( await updateRecordingAccessPreferencesInRoom(
roomData.room.roomId, roomData.room.roomId,