Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-02 03:55:55 +01:00
Code Issues Packages Projects Releases Wiki Activity

chore: eslint prefer-arrow-callback

Browse Source
This commit is contained in:
Peter Jaszkowiak
2021-02-04 00:01:39 -07:00
committed by Julian Lam
parent 707b55b6a5
commit b56d9e12b5
334 changed files with 4995 additions and 5182 deletions
Download Patch File Download Diff File Expand all files Collapse all files

164
test/authentication.js
View File

@@ -14,14 +14,14 @@ var meta = require('../src/meta');
var privileges = require('../src/privileges');
var helpers = require('./helpers');
describe('authentication', function () {
describe('authentication', () => {
function loginUser(username, password, callback) {
var jar = request.jar();
request({
url: `${nconf.get('url')}/api/config`,
json: true,
jar: jar,
}, function (err, response, body) {
}, (err, response, body) => {
if (err) {
return callback(err);
}
@@ -36,7 +36,7 @@ describe('authentication', function () {
headers: {
'x-csrf-token': body.csrf_token,
},
}, function (err, response, body) {
}, (err, response, body) => {
callback(err, response, body, jar);
});
});
@@ -49,7 +49,7 @@ describe('authentication', function () {
url: `${nconf.get('url')}/api/config`,
json: true,
jar: jar,
}, function (err, response, body) {
}, (err, response, body) => {
if (err) {
return callback(err);
}
@@ -67,7 +67,7 @@ describe('authentication', function () {
headers: {
'x-csrf-token': body.csrf_token,
},
}, function (err, response, body) {
}, (err, response, body) => {
callback(err, response, body, jar);
});
});
@@ -75,21 +75,21 @@ describe('authentication', function () {
var jar = request.jar();
var regularUid;
before(function (done) {
user.create({ username: 'regular', password: 'regularpwd', email: 'regular@nodebb.org' }, function (err, uid) {
before((done) => {
user.create({ username: 'regular', password: 'regularpwd', email: 'regular@nodebb.org' }, (err, uid) => {
assert.ifError(err);
regularUid = uid;
done();
});
});
it('should fail to create user if username is too short', function (done) {
it('should fail to create user if username is too short', (done) => {
helpers.registerUser({
username: 'a',
password: '123456',
'password-confirm': '123456',
email: 'should@error1.com',
}, function (err, jar, response, body) {
}, (err, jar, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 400);
assert.equal(body, '[[error:username-too-short]]');
@@ -97,13 +97,13 @@ describe('authentication', function () {
});
});
it('should fail to create user if userslug is too short', function (done) {
it('should fail to create user if userslug is too short', (done) => {
helpers.registerUser({
username: '----a-----',
password: '123456',
'password-confirm': '123456',
email: 'should@error2.com',
}, function (err, jar, response, body) {
}, (err, jar, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 400);
assert.equal(body, '[[error:username-too-short]]');
@@ -111,13 +111,13 @@ describe('authentication', function () {
});
});
it('should fail to create user if userslug is too short', function (done) {
it('should fail to create user if userslug is too short', (done) => {
helpers.registerUser({
username: ' a',
password: '123456',
'password-confirm': '123456',
email: 'should@error3.com',
}, function (err, jar, response, body) {
}, (err, jar, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 400);
assert.equal(body, '[[error:username-too-short]]');
@@ -125,13 +125,13 @@ describe('authentication', function () {
});
});
it('should fail to create user if userslug is too short', function (done) {
it('should fail to create user if userslug is too short', (done) => {
helpers.registerUser({
username: 'a ',
password: '123456',
'password-confirm': '123456',
email: 'should@error4.com',
}, function (err, jar, response, body) {
}, (err, jar, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 400);
assert.equal(body, '[[error:username-too-short]]');
@@ -140,12 +140,12 @@ describe('authentication', function () {
});
it('should register and login a user', function (done) {
it('should register and login a user', (done) => {
request({
url: `${nconf.get('url')}/api/config`,
json: true,
jar: jar,
}, function (err, response, body) {
}, (err, response, body) => {
assert.ifError(err);
request.post(`${nconf.get('url')}/register`, {
@@ -162,7 +162,7 @@ describe('authentication', function () {
headers: {
'x-csrf-token': body.csrf_token,
},
}, function (err, response, body) {
}, (err, response, body) => {
assert.ifError(err);
assert(body);
@@ -170,12 +170,12 @@ describe('authentication', function () {
url: `${nconf.get('url')}/api/self`,
json: true,
jar: jar,
}, function (err, response, body) {
}, (err, response, body) => {
assert.ifError(err);
assert(body);
assert.equal(body.username, 'admin');
assert.equal(body.email, 'admin@nodebb.org');
user.getSettings(body.uid, function (err, settings) {
user.getSettings(body.uid, (err, settings) => {
assert.ifError(err);
assert.equal(settings.userLang, 'it');
done();
@@ -185,14 +185,14 @@ describe('authentication', function () {
});
});
it('should logout a user', function (done) {
helpers.logoutUser(jar, function (err) {
it('should logout a user', (done) => {
helpers.logoutUser(jar, (err) => {
assert.ifError(err);
request({
url: `${nconf.get('url')}/api/me`,
json: true,
jar: jar,
}, function (err, res, body) {
}, (err, res, body) => {
assert.ifError(err);
assert.equal(res.statusCode, 401);
assert.strictEqual(body.status.code, 'not-authorised');
@@ -201,20 +201,20 @@ describe('authentication', function () {
});
});
it('should login a user', function (done) {
loginUser('regular', 'regularpwd', function (err, response, body, jar) {
it('should login a user', (done) => {
loginUser('regular', 'regularpwd', (err, response, body, jar) => {
assert.ifError(err);
assert(body);
request({
url: `${nconf.get('url')}/api/self`,
json: true,
jar: jar,
}, function (err, response, body) {
}, (err, response, body) => {
assert.ifError(err);
assert(body);
assert.equal(body.username, 'regular');
assert.equal(body.email, 'regular@nodebb.org');
db.getObject(`uid:${regularUid}:sessionUUID:sessionId`, function (err, sessions) {
db.getObject(`uid:${regularUid}:sessionUUID:sessionId`, (err, sessions) => {
assert.ifError(err);
assert(sessions);
assert(Object.keys(sessions).length > 0);
@@ -224,14 +224,14 @@ describe('authentication', function () {
});
});
it('should revoke all sessions', function (done) {
it('should revoke all sessions', (done) => {
var socketAdmin = require('../src/socket.io/admin');
db.sortedSetCard(`uid:${regularUid}:sessions`, function (err, count) {
db.sortedSetCard(`uid:${regularUid}:sessions`, (err, count) => {
assert.ifError(err);
assert(count);
socketAdmin.deleteAllSessions({ uid: 1 }, {}, function (err) {
socketAdmin.deleteAllSessions({ uid: 1 }, {}, (err) => {
assert.ifError(err);
db.sortedSetCard(`uid:${regularUid}:sessions`, function (err, count) {
db.sortedSetCard(`uid:${regularUid}:sessions`, (err, count) => {
assert.ifError(err);
assert(!count);
done();
@@ -240,13 +240,13 @@ describe('authentication', function () {
});
});
it('should fail to login if ip address is invalid', function (done) {
it('should fail to login if ip address is invalid', (done) => {
var jar = request.jar();
request({
url: `${nconf.get('url')}/api/config`,
json: true,
jar: jar,
}, function (err, response, body) {
}, (err, response, body) => {
if (err) {
return done(err);
}
@@ -262,7 +262,7 @@ describe('authentication', function () {
'x-csrf-token': body.csrf_token,
'x-forwarded-for': '<script>alert("xss")</script>',
},
}, function (err, response, body) {
}, (err, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 500);
done();
@@ -270,8 +270,8 @@ describe('authentication', function () {
});
});
it('should fail to login if user does not exist', function (done) {
loginUser('doesnotexist', 'nopassword', function (err, response, body) {
it('should fail to login if user does not exist', (done) => {
loginUser('doesnotexist', 'nopassword', (err, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 403);
assert.equal(body, '[[error:invalid-login-credentials]]');
@@ -279,8 +279,8 @@ describe('authentication', function () {
});
});
it('should fail to login if username is empty', function (done) {
loginUser('', 'some password', function (err, response, body) {
it('should fail to login if username is empty', (done) => {
loginUser('', 'some password', (err, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 403);
assert.equal(body, '[[error:invalid-username-or-password]]');
@@ -288,8 +288,8 @@ describe('authentication', function () {
});
});
it('should fail to login if password is empty', function (done) {
loginUser('someuser', '', function (err, response, body) {
it('should fail to login if password is empty', (done) => {
loginUser('someuser', '', (err, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 403);
assert.equal(body, '[[error:invalid-username-or-password]]');
@@ -297,8 +297,8 @@ describe('authentication', function () {
});
});
it('should fail to login if username and password are empty', function (done) {
loginUser('', '', function (err, response, body) {
it('should fail to login if username and password are empty', (done) => {
loginUser('', '', (err, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 403);
assert.equal(body, '[[error:invalid-username-or-password]]');
@@ -306,10 +306,10 @@ describe('authentication', function () {
});
});
it('should fail to login if user does not have password field in db', function (done) {
user.create({ username: 'hasnopassword', email: 'no@pass.org' }, function (err, uid) {
it('should fail to login if user does not have password field in db', (done) => {
user.create({ username: 'hasnopassword', email: 'no@pass.org' }, (err, uid) => {
assert.ifError(err);
loginUser('hasnopassword', 'doesntmatter', function (err, response, body) {
loginUser('hasnopassword', 'doesntmatter', (err, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 403);
assert.equal(body, '[[error:invalid-login-credentials]]');
@@ -318,12 +318,12 @@ describe('authentication', function () {
});
});
it('should fail to login if password is longer than 4096', function (done) {
it('should fail to login if password is longer than 4096', (done) => {
var longPassword;
for (var i = 0; i < 5000; i++) {
longPassword += 'a';
}
loginUser('someuser', longPassword, function (err, response, body) {
loginUser('someuser', longPassword, (err, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 403);
assert.equal(body, '[[error:password-too-long]]');
@@ -331,10 +331,10 @@ describe('authentication', function () {
});
});
it('should fail to login if local login is disabled', function (done) {
privileges.global.rescind(['groups:local:login'], 'registered-users', function (err) {
it('should fail to login if local login is disabled', (done) => {
privileges.global.rescind(['groups:local:login'], 'registered-users', (err) => {
assert.ifError(err);
loginUser('regular', 'regularpwd', function (err, response, body) {
loginUser('regular', 'regularpwd', (err, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 403);
assert.equal(body, '[[error:local-login-disabled]]');
@@ -343,9 +343,9 @@ describe('authentication', function () {
});
});
it('should fail to register if registraton is disabled', function (done) {
it('should fail to register if registraton is disabled', (done) => {
meta.config.registrationType = 'disabled';
registerUser('some@user.com', 'someuser', 'somepassword', function (err, response, body) {
registerUser('some@user.com', 'someuser', 'somepassword', (err, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 403);
assert.equal(body, 'Forbidden');
@@ -353,9 +353,9 @@ describe('authentication', function () {
});
});
it('should return error if invitation is not valid', function (done) {
it('should return error if invitation is not valid', (done) => {
meta.config.registrationType = 'invite-only';
registerUser('some@user.com', 'someuser', 'somepassword', function (err, response, body) {
registerUser('some@user.com', 'someuser', 'somepassword', (err, response, body) => {
meta.config.registrationType = 'normal';
assert.ifError(err);
assert.equal(response.statusCode, 400);
@@ -364,8 +364,8 @@ describe('authentication', function () {
});
});
it('should fail to register if email is falsy', function (done) {
registerUser('', 'someuser', 'somepassword', function (err, response, body) {
it('should fail to register if email is falsy', (done) => {
registerUser('', 'someuser', 'somepassword', (err, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 400);
assert.equal(body, '[[error:invalid-email]]');
@@ -373,12 +373,12 @@ describe('authentication', function () {
});
});
it('should fail to register if username is falsy or too short', function (done) {
registerUser('some@user.com', '', 'somepassword', function (err, response, body) {
it('should fail to register if username is falsy or too short', (done) => {
registerUser('some@user.com', '', 'somepassword', (err, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 400);
assert.equal(body, '[[error:username-too-short]]');
registerUser('some@user.com', 'a', 'somepassword', function (err, response, body) {
registerUser('some@user.com', 'a', 'somepassword', (err, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 400);
assert.equal(body, '[[error:username-too-short]]');
@@ -387,8 +387,8 @@ describe('authentication', function () {
});
});
it('should fail to register if username is too long', function (done) {
registerUser('some@user.com', 'thisisareallylongusername', '123456', function (err, response, body) {
it('should fail to register if username is too long', (done) => {
registerUser('some@user.com', 'thisisareallylongusername', '123456', (err, response, body) => {
assert.ifError(err);
assert.equal(response.statusCode, 400);
assert.equal(body, '[[error:username-too-long]]');
@@ -396,9 +396,9 @@ describe('authentication', function () {
});
});
it('should queue user if ip is used before', function (done) {
it('should queue user if ip is used before', (done) => {
meta.config.registrationApprovalType = 'admin-approval-ip';
registerUser('another@user.com', 'anotheruser', 'anotherpwd', function (err, response, body) {
registerUser('another@user.com', 'anotheruser', 'anotherpwd', (err, response, body) => {
meta.config.registrationApprovalType = 'normal';
assert.ifError(err);
assert.equal(response.statusCode, 200);
@@ -408,10 +408,10 @@ describe('authentication', function () {
});
it('should be able to login with email', function (done) {
user.create({ username: 'ginger', password: '123456', email: 'ginger@nodebb.org' }, function (err) {
it('should be able to login with email', (done) => {
user.create({ username: 'ginger', password: '123456', email: 'ginger@nodebb.org' }, (err) => {
assert.ifError(err);
loginUser('ginger@nodebb.org', '123456', function (err, response) {
loginUser('ginger@nodebb.org', '123456', (err, response) => {
assert.ifError(err);
assert.equal(response.statusCode, 200);
done();
@@ -419,9 +419,9 @@ describe('authentication', function () {
});
});
it('should fail to login if login type is username and an email is sent', function (done) {
it('should fail to login if login type is username and an email is sent', (done) => {
meta.config.allowLoginWith = 'username';
loginUser('ginger@nodebb.org', '123456', function (err, response, body) {
loginUser('ginger@nodebb.org', '123456', (err, response, body) => {
meta.config.allowLoginWith = 'username-email';
assert.ifError(err);
assert.equal(response.statusCode, 400);
@@ -430,13 +430,13 @@ describe('authentication', function () {
});
});
it('should send 200 if not logged in', function (done) {
it('should send 200 if not logged in', (done) => {
var jar = request.jar();
request({
url: `${nconf.get('url')}/api/config`,
json: true,
jar: jar,
}, function (err, response, body) {
}, (err, response, body) => {
assert.ifError(err);
request.post(`${nconf.get('url')}/logout`, {
@@ -446,7 +446,7 @@ describe('authentication', function () {
headers: {
'x-csrf-token': body.csrf_token,
},
}, function (err, res, body) {
}, (err, res, body) => {
assert.ifError(err);
assert.equal(res.statusCode, 200);
assert.equal(body, 'not-logged-in');
@@ -455,30 +455,30 @@ describe('authentication', function () {
});
});
describe('banned user authentication', function () {
describe('banned user authentication', () => {
const bannedUser = {
username: 'banme',
pw: '123456',
uid: null,
};
before(async function () {
before(async () => {
bannedUser.uid = await user.create({ username: 'banme', password: '123456', email: 'ban@me.com' });
});
it('should prevent banned user from logging in', function (done) {
user.bans.ban(bannedUser.uid, 0, 'spammer', function (err) {
it('should prevent banned user from logging in', (done) => {
user.bans.ban(bannedUser.uid, 0, 'spammer', (err) => {
assert.ifError(err);
loginUser(bannedUser.username, bannedUser.pw, function (err, res, body) {
loginUser(bannedUser.username, bannedUser.pw, (err, res, body) => {
assert.ifError(err);
assert.equal(res.statusCode, 403);
assert.equal(body, '[[error:user-banned-reason, spammer]]');
user.bans.unban(bannedUser.uid, function (err) {
user.bans.unban(bannedUser.uid, (err) => {
assert.ifError(err);
var expiry = Date.now() + 10000;
user.bans.ban(bannedUser.uid, expiry, '', function (err) {
user.bans.ban(bannedUser.uid, expiry, '', (err) => {
assert.ifError(err);
loginUser(bannedUser.username, bannedUser.pw, function (err, res, body) {
loginUser(bannedUser.username, bannedUser.pw, (err, res, body) => {
assert.ifError(err);
assert.equal(res.statusCode, 403);
assert.equal(body, `[[error:user-banned-reason-until, ${utils.toISOString(expiry)}, No reason given.]]`);
@@ -490,13 +490,13 @@ describe('authentication', function () {
});
});
it('should allow banned user to log in if the "banned-users" group has "local-login" privilege', async function () {
it('should allow banned user to log in if the "banned-users" group has "local-login" privilege', async () => {
await privileges.global.give(['groups:local:login'], 'banned-users');
const res = await loginUserPromisified(bannedUser.username, bannedUser.pw);
assert.strictEqual(res.statusCode, 200);
});
it('should allow banned user to log in if the user herself has "local-login" privilege', async function () {
it('should allow banned user to log in if the user herself has "local-login" privilege', async () => {
await privileges.global.rescind(['groups:local:login'], 'banned-users');
await privileges.categories.give(['local:login'], 0, bannedUser.uid);
const res = await loginUserPromisified(bannedUser.username, bannedUser.pw);
@@ -504,7 +504,7 @@ describe('authentication', function () {
});
});
it('should lockout account on 3 failed login attempts', function (done) {
it('should lockout account on 3 failed login attempts', (done) => {
meta.config.loginAttempts = 3;
var uid;
async.waterfall([