ShariX
/
converse-built


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417
							'use strict'

const t = require('tap')
const tnock = require('./fixtures/tnock.js')

const access = require('../index.js')

const REG = 'http://localhost:1337'
const OPTS = {
  registry: REG
}

t.test('access public', t => {
  tnock(t, REG).post(
    '/-/package/%40foo%2Fbar/access', { access: 'public' }
  ).reply(200)
  return access.public('@foo/bar', OPTS).then(ret => {
    t.deepEqual(ret, true, 'request succeeded')
  })
})

t.test('access public - failure', t => {
  tnock(t, REG).post(
    '/-/package/%40foo%2Fbar/access', { access: 'public' }
  ).reply(418)
  return access.public('@foo/bar', OPTS)
    .catch(err => {
      t.equals(err.statusCode, 418, 'fails with code from registry')
    })
})

t.test('access restricted', t => {
  tnock(t, REG).post(
    '/-/package/%40foo%2Fbar/access', { access: 'restricted' }
  ).reply(200)
  return access.restricted('@foo/bar', OPTS).then(ret => {
    t.deepEqual(ret, true, 'request succeeded')
  })
})

t.test('access restricted - failure', t => {
  tnock(t, REG).post(
    '/-/package/%40foo%2Fbar/access', { access: 'restricted' }
  ).reply(418)
  return access.restricted('@foo/bar', OPTS)
    .catch(err => {
      t.equals(err.statusCode, 418, 'fails with code from registry')
    })
})

t.test('access 2fa-required', t => {
  tnock(t, REG).post('/-/package/%40foo%2Fbar/access', {
    publish_requires_tfa: true
  }).reply(200, { ok: true })
  return access.tfaRequired('@foo/bar', OPTS).then(ret => {
    t.deepEqual(ret, true, 'request succeeded')
  })
})

t.test('access 2fa-not-required', t => {
  tnock(t, REG).post('/-/package/%40foo%2Fbar/access', {
    publish_requires_tfa: false
  }).reply(200, { ok: true })
  return access.tfaNotRequired('@foo/bar', OPTS).then(ret => {
    t.deepEqual(ret, true, 'request succeeded')
  })
})

t.test('access grant basic read-write', t => {
  tnock(t, REG).put('/-/team/myorg/myteam/package', {
    package: '@foo/bar',
    permissions: 'read-write'
  }).reply(201)
  return access.grant(
    '@foo/bar', 'myorg:myteam', 'read-write', OPTS
  ).then(ret => {
    t.deepEqual(ret, true, 'request succeeded')
  })
})

t.test('access grant basic read-only', t => {
  tnock(t, REG).put('/-/team/myorg/myteam/package', {
    package: '@foo/bar',
    permissions: 'read-only'
  }).reply(201)
  return access.grant(
    '@foo/bar', 'myorg:myteam', 'read-only', OPTS
  ).then(ret => {
    t.deepEqual(ret, true, 'request succeeded')
  })
})

t.test('access grant bad perm', t => {
  return access.grant(
    '@foo/bar', 'myorg:myteam', 'unknown', OPTS
  ).then(ret => {
    throw new Error('should not have succeeded')
  }, err => {
    t.match(
      err.message,
      /must be.*read-write.*read-only/,
      'only read-write and read-only are accepted'
    )
  })
})

t.test('access grant no entity', t => {
  return access.grant(
    '@foo/bar', undefined, 'read-write', OPTS
  ).then(ret => {
    throw new Error('should not have succeeded')
  }, err => {
    t.match(
      err.message,
      /Expected string/,
      'passing undefined entity gives useful error'
    )
  })
})

t.test('access grant basic unscoped', t => {
  tnock(t, REG).put('/-/team/myorg/myteam/package', {
    package: 'bar',
    permissions: 'read-write'
  }).reply(201)
  return access.grant(
    'bar', 'myorg:myteam', 'read-write', OPTS
  ).then(ret => {
    t.deepEqual(ret, true, 'request succeeded')
  })
})

t.test('access grant no opts passed', t => {
  // NOTE: mocking real url, because no opts variable means `registry` value
  // will be defauled to real registry url
  tnock(t, 'https://registry.npmjs.org')
    .put('/-/team/myorg/myteam/package', {
      package: 'bar',
      permissions: 'read-write'
    })
    .reply(201)
  return access.grant('bar', 'myorg:myteam', 'read-write')
    .then(ret => {
      t.equals(ret, true, 'request succeeded')
    })
})

t.test('access revoke basic', t => {
  tnock(t, REG).delete('/-/team/myorg/myteam/package', {
    package: '@foo/bar'
  }).reply(200)
  return access.revoke('@foo/bar', 'myorg:myteam', OPTS).then(ret => {
    t.deepEqual(ret, true, 'request succeeded')
  })
})

t.test('access revoke basic unscoped', t => {
  tnock(t, REG).delete('/-/team/myorg/myteam/package', {
    package: 'bar'
  }).reply(200, { accessChanged: true })
  return access.revoke('bar', 'myorg:myteam', OPTS).then(ret => {
    t.deepEqual(ret, true, 'request succeeded')
  })
})

t.test('access revoke no opts passed', t => {
  // NOTE: mocking real url, because no opts variable means `registry` value
  // will be defauled to real registry url
  tnock(t, 'https://registry.npmjs.org')
    .delete('/-/team/myorg/myteam/package', {
      package: 'bar'
    })
    .reply(201)
  return access.revoke('bar', 'myorg:myteam')
    .then(ret => {
      t.equals(ret, true, 'request succeeded')
    })
})

t.test('ls-packages on team', t => {
  const serverPackages = {
    '@foo/bar': 'write',
    '@foo/util': 'read',
    '@foo/other': 'shrödinger'
  }
  const clientPackages = {
    '@foo/bar': 'read-write',
    '@foo/util': 'read-only',
    '@foo/other': 'shrödinger'
  }
  tnock(t, REG).get(
    '/-/team/myorg/myteam/package?format=cli'
  ).reply(200, serverPackages)
  return access.lsPackages('myorg:myteam', OPTS).then(data => {
    t.deepEqual(data, clientPackages, 'got client package info')
  })
})

t.test('ls-packages on org', t => {
  const serverPackages = {
    '@foo/bar': 'write',
    '@foo/util': 'read',
    '@foo/other': 'shrödinger'
  }
  const clientPackages = {
    '@foo/bar': 'read-write',
    '@foo/util': 'read-only',
    '@foo/other': 'shrödinger'
  }
  tnock(t, REG).get(
    '/-/org/myorg/package?format=cli'
  ).reply(200, serverPackages)
  return access.lsPackages('myorg', OPTS).then(data => {
    t.deepEqual(data, clientPackages, 'got client package info')
  })
})

t.test('ls-packages on user', t => {
  const serverPackages = {
    '@foo/bar': 'write',
    '@foo/util': 'read',
    '@foo/other': 'shrödinger'
  }
  const clientPackages = {
    '@foo/bar': 'read-write',
    '@foo/util': 'read-only',
    '@foo/other': 'shrödinger'
  }
  const srv = tnock(t, REG)
  srv.get('/-/org/myuser/package?format=cli').reply(404, { error: 'not found' })
  srv.get('/-/user/myuser/package?format=cli').reply(200, serverPackages)
  return access.lsPackages('myuser', OPTS).then(data => {
    t.deepEqual(data, clientPackages, 'got client package info')
  })
})

t.test('ls-packages error on team', t => {
  tnock(t, REG).get('/-/team/myorg/myteam/package?format=cli').reply(404)
  return access.lsPackages('myorg:myteam', OPTS).then(
    () => { throw new Error('should not have succeeded') },
    err => t.equal(err.code, 'E404', 'spit out 404 directly if team provided')
  )
})

t.test('ls-packages error on user', t => {
  const srv = tnock(t, REG)
  srv.get('/-/org/myuser/package?format=cli').reply(404, { error: 'not found' })
  srv.get('/-/user/myuser/package?format=cli').reply(404, { error: 'not found' })
  return access.lsPackages('myuser', OPTS).then(
    () => { throw new Error('should not have succeeded') },
    err => t.equal(err.code, 'E404', 'spit out 404 if both reqs fail')
  )
})

t.test('ls-packages bad response', t => {
  tnock(t, REG).get(
    '/-/team/myorg/myteam/package?format=cli'
  ).reply(200, JSON.stringify(null))
  return access.lsPackages('myorg:myteam', OPTS).then(data => {
    t.deepEqual(data, null, 'succeeds with null')
  })
})

t.test('ls-packages stream', t => {
  const serverPackages = {
    '@foo/bar': 'write',
    '@foo/util': 'read',
    '@foo/other': 'shrödinger'
  }
  const clientPackages = [
    ['@foo/bar', 'read-write'],
    ['@foo/util', 'read-only'],
    ['@foo/other', 'shrödinger']
  ]
  tnock(t, REG).get(
    '/-/team/myorg/myteam/package?format=cli'
  ).reply(200, serverPackages)
  return access.lsPackages.stream('myorg:myteam', OPTS)
    .collect()
    .then(data => {
      t.deepEqual(data, clientPackages, 'got streamed client package info')
    })
})

t.test('ls-packages stream no opts', t => {
  const serverPackages = {
    '@foo/bar': 'write',
    '@foo/util': 'read',
    '@foo/other': 'shrödinger'
  }
  const clientPackages = [
    ['@foo/bar', 'read-write'],
    ['@foo/util', 'read-only'],
    ['@foo/other', 'shrödinger']
  ]
  // NOTE: mocking real url, because no opts variable means `registry` value
  // will be defauled to real registry url
  tnock(t, 'https://registry.npmjs.org')
    .get('/-/team/myorg/myteam/package?format=cli')
    .reply(200, serverPackages)
  return access.lsPackages.stream('myorg:myteam')
    .collect()
    .then(data => {
      t.deepEqual(data, clientPackages, 'got streamed client package info')
    })
})

t.test('ls-collaborators', t => {
  const serverCollaborators = {
    'myorg:myteam': 'write',
    'myorg:anotherteam': 'read',
    'myorg:thirdteam': 'special-case'
  }
  const clientCollaborators = {
    'myorg:myteam': 'read-write',
    'myorg:anotherteam': 'read-only',
    'myorg:thirdteam': 'special-case'
  }
  tnock(t, REG).get(
    '/-/package/%40foo%2Fbar/collaborators?format=cli'
  ).reply(200, serverCollaborators)
  return access.lsCollaborators('@foo/bar', OPTS).then(data => {
    t.deepEqual(data, clientCollaborators, 'got collaborators')
  })
})

t.test('ls-collaborators stream', t => {
  const serverCollaborators = {
    'myorg:myteam': 'write',
    'myorg:anotherteam': 'read',
    'myorg:thirdteam': 'special-case'
  }
  const clientCollaborators = [
    ['myorg:myteam', 'read-write'],
    ['myorg:anotherteam', 'read-only'],
    ['myorg:thirdteam', 'special-case']
  ]
  tnock(t, REG).get(
    '/-/package/%40foo%2Fbar/collaborators?format=cli'
  ).reply(200, serverCollaborators)
  return access.lsCollaborators.stream('@foo/bar', OPTS)
    .collect()
    .then(data => {
      t.deepEqual(data, clientCollaborators, 'got collaborators')
    })
})

t.test('ls-collaborators w/scope', t => {
  const serverCollaborators = {
    'myorg:myteam': 'write',
    'myorg:anotherteam': 'read',
    'myorg:thirdteam': 'special-case'
  }
  const clientCollaborators = {
    'myorg:myteam': 'read-write',
    'myorg:anotherteam': 'read-only',
    'myorg:thirdteam': 'special-case'
  }
  tnock(t, REG).get(
    '/-/package/%40foo%2Fbar/collaborators?format=cli&user=zkat'
  ).reply(200, serverCollaborators)
  return access.lsCollaborators('@foo/bar', 'zkat', OPTS).then(data => {
    t.deepEqual(data, clientCollaborators, 'got collaborators')
  })
})

t.test('ls-collaborators w/o scope', t => {
  const serverCollaborators = {
    'myorg:myteam': 'write',
    'myorg:anotherteam': 'read',
    'myorg:thirdteam': 'special-case'
  }
  const clientCollaborators = {
    'myorg:myteam': 'read-write',
    'myorg:anotherteam': 'read-only',
    'myorg:thirdteam': 'special-case'
  }
  tnock(t, REG).get(
    '/-/package/bar/collaborators?format=cli&user=zkat'
  ).reply(200, serverCollaborators)
  return access.lsCollaborators('bar', 'zkat', OPTS).then(data => {
    t.deepEqual(data, clientCollaborators, 'got collaborators')
  })
})

t.test('ls-collaborators bad response', t => {
  tnock(t, REG).get(
    '/-/package/%40foo%2Fbar/collaborators?format=cli'
  ).reply(200, JSON.stringify(null))
  return access.lsCollaborators('@foo/bar', null, OPTS).then(data => {
    t.deepEqual(data, null, 'succeeds with null')
  })
})

t.test('error on non-registry specs', t => {
  const resolve = () => { throw new Error('should not succeed') }
  const reject = err => t.match(
    err.message, /spec.*must be a registry spec/, 'registry spec required'
  )
  return Promise.all([
    access.public('githubusername/reponame').then(resolve, reject),
    access.restricted('foo/bar').then(resolve, reject),
    access.grant('foo/bar', 'myorg', 'myteam', 'read-only').then(resolve, reject),
    access.revoke('foo/bar', 'myorg', 'myteam').then(resolve, reject),
    access.lsCollaborators('foo/bar').then(resolve, reject),
    access.tfaRequired('foo/bar').then(resolve, reject),
    access.tfaNotRequired('foo/bar').then(resolve, reject)
  ])
})

t.test('edit', t => {
  t.equal(typeof access.edit, 'function', 'access.edit exists')
  t.throws(() => {
    access.edit()
  }, /Not implemented/, 'directly throws NIY message')
  t.done()
})