neoris/openvidu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
openvidu/backend/tests/integration/api/security/meeting-security.test.ts

115 lines
3.8 KiB
TypeScript
Raw Blame History

import { afterAll, beforeAll, beforeEach, describe, expect, it } from '@jest/globals';
import { Express } from 'express';
import request from 'supertest';
import INTERNAL_CONFIG from '../../../../src/config/internal-config.js';
import { MEET_API_KEY } from '../../../../src/environment.js';
import {
deleteAllRooms,
disconnectFakeParticipants,
loginUser,
startTestServer
} from '../../../helpers/request-helpers.js';
import { RoomData, setupSingleRoom } from '../../../helpers/test-scenarios.js';
const MEETINGS_PATH = `${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/meetings`;
describe('Meeting API Security Tests', () => {
let app: Express;
let adminCookie: string;
let roomData: RoomData;
beforeAll(async () => {
app = startTestServer();
adminCookie = await loginUser();
});
beforeEach(async () => {
roomData = await setupSingleRoom(true);
});
afterAll(async () => {
await disconnectFakeParticipants();
await deleteAllRooms();
});
describe('End Meeting Tests', () => {
it('should fail when request includes API key', async () => {
const response = await request(app)
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
expect(response.status).toBe(401);
});
it('should fail when user is authenticated as admin', async () => {
const response = await request(app)
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}`)
.set('Cookie', adminCookie);
expect(response.status).toBe(401);
});
it('should succeed when participant is moderator', async () => {
const response = await request(app)
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}`)
.set('Cookie', roomData.moderatorCookie);
expect(response.status).toBe(200);
});
it('should fail when participant is moderator of a different room', async () => {
const newRoomData = await setupSingleRoom();
const response = await request(app)
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}`)
.set('Cookie', newRoomData.moderatorCookie);
expect(response.status).toBe(403);
});
it('should fail when participant is publisher', async () => {
const response = await request(app)
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}`)
.set('Cookie', roomData.publisherCookie);
expect(response.status).toBe(403);
});
});
describe('Delete Participant from Meeting Tests', () => {
const PARTICIPANT_NAME = 'TEST_PARTICIPANT';
it('should fail when request includes API key', async () => {
const response = await request(app)
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`)
.set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY);
expect(response.status).toBe(401);
});
it('should fail when user is authenticated as admin', async () => {
const response = await request(app)
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`)
.set('Cookie', adminCookie);
expect(response.status).toBe(401);
});
it('should succeed when participant is moderator', async () => {
const response = await request(app)
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`)
.set('Cookie', roomData.moderatorCookie);
expect(response.status).toBe(200);
});
it('should fail when participant is moderator of a different room', async () => {
const newRoomData = await setupSingleRoom();
const response = await request(app)
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`)
.set('Cookie', newRoomData.moderatorCookie);
expect(response.status).toBe(403);
});
it('should fail when participant is publisher', async () => {
const response = await request(app)
.delete(`${MEETINGS_PATH}/${roomData.room.roomId}/participants/${PARTICIPANT_NAME}`)
.set('Cookie', roomData.publisherCookie);
expect(response.status).toBe(403);
});
});
});
Reference in New Issue View Git Blame Copy Permalink