NodeBB/test/socket.io.js

'use strict';

// see https://gist.github.com/jfromaniello/4087861#gistcomment-1447029


process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';

const util = require('util');

const sleep = util.promisify(setTimeout);
const assert = require('assert');
const async = require('async');
const nconf = require('nconf');
const request = require('request');

const cookies = request.jar();

const db = require('./mocks/databasemock');
const user = require('../src/user');
const groups = require('../src/groups');
const categories = require('../src/categories');
const helpers = require('./helpers');
const meta = require('../src/meta');
const events = require('../src/events');

const socketAdmin = require('../src/socket.io/admin');

describe('socket.io', () => {
	let io;
	let cid;
	let tid;
	let adminUid;
	let regularUid;

	before(async () => {
		const data = await Promise.all([
			user.create({ username: 'admin', password: 'adminpwd' }),
			user.create({ username: 'regular', password: 'regularpwd' }),
			categories.create({
				name: 'Test Category',
				description: 'Test category created by testing script',
			}),
		]);
		adminUid = data[0];
		await groups.join('administrators', data[0]);

		regularUid = data[1];
		await user.setUserField(regularUid, 'email', 'regular@test.com');
		await user.email.confirmByUid(regularUid);

		cid = data[2].cid;
	});


	it('should connect and auth properly', (done) => {
		request.get({
			url: `${nconf.get('url')}/api/config`,
			jar: cookies,
			json: true,
		}, (err, res, body) => {
			assert.ifError(err);

			request.post(`${nconf.get('url')}/login`, {
				jar: cookies,
				form: {
					username: 'admin',
					password: 'adminpwd',
				},
				headers: {
					'x-csrf-token': body.csrf_token,
				},
				json: true,
			}, (err, res) => {
				assert.ifError(err);

				helpers.connectSocketIO(res, (err, _io) => {
					io = _io;
					assert.ifError(err);

					done();
				});
			});
		});
	});

	it('should return error for unknown event', (done) => {
		io.emit('unknown.event', (err) => {
			assert(err);
			assert.equal(err.message, '[[error:invalid-event, unknown.event]]');
			done();
		});
	});

	it('should return error for unknown event', (done) => {
		io.emit('user.gdpr.__proto__.constructor.toString', (err) => {
			assert(err);
			assert.equal(err.message, '[[error:invalid-event, user.gdpr.__proto__.constructor.toString]]');
			done();
		});
	});

	it('should return error for unknown event', (done) => {
		io.emit('constructor.toString', (err) => {
			assert(err);
			assert.equal(err.message, '[[error:invalid-event, constructor.toString]]');
			done();
		});
	});

	it('should get installed themes', (done) => {
		const themes = ['nodebb-theme-persona'];
		io.emit('admin.themes.getInstalled', (err, data) => {
			assert.ifError(err);
			assert(data);
			const installed = data.map(theme => theme.id);
			themes.forEach((theme) => {
				assert(installed.includes(theme));
			});
			done();
		});
	});

	it('should ban a user', async () => {
		const apiUser = require('../src/api/users');
		await apiUser.ban({ uid: adminUid }, { uid: regularUid, reason: 'spammer' });
		const data = await user.getLatestBanInfo(regularUid);
		assert(data.uid);
		assert(data.timestamp);
		assert(data.hasOwnProperty('banned_until'));
		assert(data.hasOwnProperty('banned_until_readable'));
		assert.equal(data.reason, 'spammer');
	});

	it('should return ban reason', (done) => {
		user.bans.getReason(regularUid, (err, reason) => {
			assert.ifError(err);
			assert.equal(reason, 'spammer');
			done();
		});
	});

	it('should unban a user', async () => {
		const apiUser = require('../src/api/users');
		await apiUser.unban({ uid: adminUid }, { uid: regularUid });
		const isBanned = await user.bans.isBanned(regularUid);
		assert(!isBanned);
	});

	it('should make user admin', (done) => {
		socketAdmin.user.makeAdmins({ uid: adminUid }, [regularUid], (err) => {
			assert.ifError(err);
			groups.isMember(regularUid, 'administrators', (err, isMember) => {
				assert.ifError(err);
				assert(isMember);
				done();
			});
		});
	});

	it('should make user non-admin', (done) => {
		socketAdmin.user.removeAdmins({ uid: adminUid }, [regularUid], (err) => {
			assert.ifError(err);
			groups.isMember(regularUid, 'administrators', (err, isMember) => {
				assert.ifError(err);
				assert(!isMember);
				done();
			});
		});
	});

	describe('user create/delete', () => {
		let uid;
		const apiUsers = require('../src/api/users');
		it('should create a user', async () => {
			const userData = await apiUsers.create({ uid: adminUid }, { username: 'foo1' });
			uid = userData.uid;
			const isMember = await groups.isMember(userData.uid, 'registered-users');
			assert(isMember);
		});

		it('should delete users', async () => {
			await apiUsers.delete({ uid: adminUid }, { uid });
			await sleep(500);
			const isMember = await groups.isMember(uid, 'registered-users');
			assert(!isMember);
		});

		it('should error if user does not exist', async () => {
			let err;
			try {
				await apiUsers.deleteMany({ uid: adminUid }, { uids: [uid] });
			} catch (_err) {
				err = _err;
			}
			assert.strictEqual(err.message, '[[error:no-user]]');
		});

		it('should delete users and their content', async () => {
			const userData = await apiUsers.create({ uid: adminUid }, { username: 'foo2' });
			await apiUsers.deleteMany({ uid: adminUid }, { uids: [userData.uid] });
			await sleep(500);
			const isMember = await groups.isMember(userData.uid, 'registered-users');
			assert(!isMember);
		});

		it('should error with invalid data', async () => {
			let err;
			try {
				await apiUsers.create({ uid: adminUid }, null);
			} catch (_err) {
				err = _err;
			}
			assert.strictEqual(err.message, '[[error:invalid-data]]');
		});
	});

	it('should load user groups', async () => {
		const { users } = await socketAdmin.user.loadGroups({ uid: adminUid }, [adminUid]);
		assert.strictEqual(users[0].username, 'admin');
		assert(Array.isArray(users[0].groups));
	});

	it('should reset lockouts', (done) => {
		socketAdmin.user.resetLockouts({ uid: adminUid }, [regularUid], (err) => {
			assert.ifError(err);
			done();
		});
	});

	describe('validation emails', () => {
		const plugins = require('../src/plugins');

		async function dummyEmailerHook(data) {
			// pretend to handle sending emails
		}
		before(() => {
			// Attach an emailer hook so related requests do not error
			plugins.hooks.register('emailer-test', {
				hook: 'filter:email.send',
				method: dummyEmailerHook,
			});
		});
		after(() => {
			plugins.hooks.unregister('emailer-test', 'filter:email.send');
		});

		it('should validate emails', (done) => {
			socketAdmin.user.validateEmail({ uid: adminUid }, [regularUid], (err) => {
				assert.ifError(err);
				user.getUserField(regularUid, 'email:confirmed', (err, emailConfirmed) => {
					assert.ifError(err);
					assert.equal(parseInt(emailConfirmed, 10), 1);
					done();
				});
			});
		});

		it('should error with invalid uids', (done) => {
			socketAdmin.user.sendValidationEmail({ uid: adminUid }, null, (err) => {
				assert.equal(err.message, '[[error:invalid-data]]');
				done();
			});
		});

		it('should send validation email', (done) => {
			socketAdmin.user.sendValidationEmail({ uid: adminUid }, [regularUid], (err) => {
				assert.ifError(err);
				done();
			});
		});
	});

	it('should push unread notifications on reconnect', (done) => {
		const socketMeta = require('../src/socket.io/meta');
		socketMeta.reconnected({ uid: 1 }, {}, (err) => {
			assert.ifError(err);
			done();
		});
	});


	it('should error if the room is missing', (done) => {
		io.emit('meta.rooms.enter', null, (err) => {
			assert.equal(err.message, '[[error:invalid-data]]');
			done();
		});
	});

	it('should return if uid is 0', (done) => {
		const socketMeta = require('../src/socket.io/meta');
		socketMeta.rooms.enter({ uid: 0 }, null, (err) => {
			assert.ifError(err);
			done();
		});
	});

	it('should join a room', (done) => {
		io.emit('meta.rooms.enter', { enter: 'recent_topics' }, (err) => {
			assert.ifError(err);
			done();
		});
	});

	it('should leave current room', (done) => {
		io.emit('meta.rooms.leaveCurrent', {}, (err) => {
			assert.ifError(err);
			done();
		});
	});

	it('should get server time', (done) => {
		io.emit('admin.getServerTime', null, (err, time) => {
			assert.ifError(err);
			assert(time);
			done();
		});
	});

	it('should error to get daily analytics with invalid data', (done) => {
		io.emit('admin.analytics.get', null, (err) => {
			assert.equal(err.message, '[[error:invalid-data]]');
			done();
		});
	});

	it('should get daily analytics', (done) => {
		io.emit('admin.analytics.get', { graph: 'traffic', units: 'days' }, (err, data) => {
			assert.ifError(err);
			assert(data);
			assert(data.summary);
			done();
		});
	});

	it('should get hourly analytics', (done) => {
		io.emit('admin.analytics.get', { graph: 'traffic', units: 'hours' }, (err, data) => {
			assert.ifError(err);
			assert(data);
			assert(data.summary);
			done();
		});
	});

	it('should allow a custom date range for traffic graph analytics', (done) => {
		io.emit('admin.analytics.get', { graph: 'traffic', units: 'days', amount: '7' }, (err, data) => {
			assert.ifError(err);
			assert(data);
			assert(data.pageviews);
			assert(data.uniqueVisitors);
			assert.strictEqual(7, data.pageviews.length);
			assert.strictEqual(7, data.uniqueVisitors.length);
			done();
		});
	});

	it('should return error', (done) => {
		socketAdmin.before({ uid: 10 }, 'someMethod', {}, (err) => {
			assert.equal(err.message, '[[error:no-privileges]]');
			done();
		});
	});

	it('should get room stats', (done) => {
		io.emit('meta.rooms.enter', { enter: 'topic_1' }, (err) => {
			assert.ifError(err);
			socketAdmin.rooms.getAll({ uid: 10 }, {}, (err) => {
				assert.ifError(err);
				setTimeout(() => {
					socketAdmin.rooms.getAll({ uid: 10 }, {}, (err, data) => {
						assert.ifError(err);
						assert(data.hasOwnProperty('onlineGuestCount'));
						assert(data.hasOwnProperty('onlineRegisteredCount'));
						assert(data.hasOwnProperty('socketCount'));
						assert(data.hasOwnProperty('topics'));
						assert(data.hasOwnProperty('users'));
						done();
					});
				}, 1000);
			});
		});
	});

	it('should get room stats', (done) => {
		io.emit('meta.rooms.enter', { enter: 'category_1' }, (err) => {
			assert.ifError(err);
			socketAdmin.rooms.getAll({ uid: 10 }, {}, (err) => {
				assert.ifError(err);
				setTimeout(() => {
					socketAdmin.rooms.getAll({ uid: 10 }, {}, (err, data) => {
						assert.ifError(err);
						assert.equal(data.users.category, 1, JSON.stringify(data, null, 4));
						done();
					});
				}, 1000);
			});
		});
	});

	it('should get admin search dictionary', (done) => {
		socketAdmin.getSearchDict({ uid: adminUid }, {}, (err, data) => {
			assert.ifError(err);
			assert(Array.isArray(data));
			assert(data[0].namespace);
			assert(data[0].translations);
			assert(data[0].title);
			done();
		});
	});

	it('should fire event', (done) => {
		io.on('testEvent', (data) => {
			assert.equal(data.foo, 1);
			done();
		});
		socketAdmin.fireEvent({ uid: adminUid }, { name: 'testEvent', payload: { foo: 1 } }, (err) => {
			assert.ifError(err);
		});
	});

	it('should error with invalid data', (done) => {
		socketAdmin.themes.set({ uid: adminUid }, null, (err) => {
			assert.equal(err.message, '[[error:invalid-data]]');
			done();
		});
	});

	it('should set theme to bootswatch', (done) => {
		socketAdmin.themes.set({ uid: adminUid }, {
			type: 'bootswatch',
			src: '//maxcdn.bootstrapcdn.com/bootswatch/latest/darkly/bootstrap.min.css',
			id: 'darkly',
		}, (err) => {
			assert.ifError(err);
			meta.configs.getFields(['theme:src', 'bootswatchSkin'], (err, fields) => {
				assert.ifError(err);
				assert.equal(fields['theme:src'], '//maxcdn.bootstrapcdn.com/bootswatch/latest/darkly/bootstrap.min.css');
				assert.equal(fields.bootswatchSkin, 'darkly');
				done();
			});
		});
	});

	it('should set theme to local persona', (done) => {
		socketAdmin.themes.set({ uid: adminUid }, { type: 'local', id: 'nodebb-theme-persona' }, (err) => {
			assert.ifError(err);
			meta.configs.get('theme:id', (err, id) => {
				assert.ifError(err);
				assert.equal(id, 'nodebb-theme-persona');
				done();
			});
		});
	});

	it('should toggle plugin active', (done) => {
		socketAdmin.plugins.toggleActive({ uid: adminUid }, 'nodebb-plugin-location-to-map', (err, data) => {
			assert.ifError(err);
			assert.deepEqual(data, { id: 'nodebb-plugin-location-to-map', active: true });
			done();
		});
	});

	it('should toggle plugin install', function (done) {
		this.timeout(0);
		const oldValue = process.env.NODE_ENV;
		process.env.NODE_ENV = 'development';
		socketAdmin.plugins.toggleInstall({
			uid: adminUid,
		}, {
			id: 'nodebb-plugin-location-to-map',
			version: 'latest',
		}, (err, data) => {
			assert.ifError(err);
			assert.equal(data.name, 'nodebb-plugin-location-to-map');
			process.env.NODE_ENV = oldValue;
			done();
		});
	});

	it('should get list of active plugins', (done) => {
		socketAdmin.plugins.getActive({ uid: adminUid }, {}, (err, data) => {
			assert.ifError(err);
			assert(Array.isArray(data));
			done();
		});
	});

	it('should order active plugins', (done) => {
		const data = [
			{ name: 'nodebb-theme-persona', order: 0 },
			{ name: 'nodebb-plugin-dbsearch', order: 1 },
			{ name: 'nodebb-plugin-markdown', order: 2 },
			{ ignoreme: 'wrong data' },
		];
		socketAdmin.plugins.orderActivePlugins({ uid: adminUid }, data, (err) => {
			assert.ifError(err);
			db.sortedSetRank('plugins:active', 'nodebb-plugin-dbsearch', (err, rank) => {
				assert.ifError(err);
				assert.equal(rank, 1);
				done();
			});
		});
	});

	it('should upgrade plugin', function (done) {
		this.timeout(0);
		const oldValue = process.env.NODE_ENV;
		process.env.NODE_ENV = 'development';
		socketAdmin.plugins.upgrade({
			uid: adminUid,
		}, {
			id: 'nodebb-plugin-location-to-map',
			version: 'latest',
		}, (err) => {
			assert.ifError(err);
			process.env.NODE_ENV = oldValue;
			done();
		});
	});

	it('should error with invalid data', (done) => {
		socketAdmin.widgets.set({ uid: adminUid }, null, (err) => {
			assert.equal(err.message, '[[error:invalid-data]]');
			done();
		});
	});

	it('should error with invalid data', (done) => {
		const data = [
			{
				template: 'global',
				location: 'sidebar',
				widgets: [{ widget: 'html', data: { html: 'test', title: 'test', container: '' } }],
			},
		];
		socketAdmin.widgets.set({ uid: adminUid }, data, (err) => {
			assert.ifError(err);
			db.getObjectField('widgets:global', 'sidebar', (err, widgetData) => {
				assert.ifError(err);

				assert.equal(JSON.parse(widgetData)[0].data.html, 'test');
				done();
			});
		});
	});

	it('should clear sitemap cache', async () => {
		await socketAdmin.settings.clearSitemapCache({ uid: adminUid }, {});
	});

	it('should send test email', async () => {
		const tpls = ['digest', 'banned', 'verify', 'welcome', 'notification', 'invitation'];
		try {
			for (const tpl of tpls) {
				// eslint-disable-next-line no-await-in-loop
				await socketAdmin.email.test({ uid: adminUid }, { template: tpl });
			}
		} catch (err) {
			if (err.message !== '[[error:sendmail-not-found]]') {
				assert.ifError(err);
			}
		}
	});

	it('should not error when resending digests', async () => {
		await socketAdmin.digest.resend({ uid: adminUid }, { action: 'resend-day', uid: adminUid });
		await socketAdmin.digest.resend({ uid: adminUid }, { action: 'resend-day' });
	});

	it('should error with invalid interval', async () => {
		const oldValue = meta.config.dailyDigestFreq;
		meta.config.dailyDigestFreq = 'off';
		try {
			await socketAdmin.digest.resend({ uid: adminUid }, { action: 'resend-' });
		} catch (err) {
			assert.strictEqual(err.message, '[[error:digest-not-enabled]]');
		}
		meta.config.dailyDigestFreq = oldValue;
	});

	it('should get logs', (done) => {
		const fs = require('fs');
		const path = require('path');
		meta.logs.path = path.join(nconf.get('base_dir'), 'test/files', 'output.log');
		fs.appendFile(meta.logs.path, 'some logs', (err) => {
			assert.ifError(err);

			socketAdmin.logs.get({ uid: adminUid }, {}, (err, data) => {
				assert.ifError(err);
				assert(data);
				done();
			});
		});
	});

	it('should clear logs', (done) => {
		socketAdmin.logs.clear({ uid: adminUid }, {}, (err) => {
			assert.ifError(err);
			socketAdmin.logs.get({ uid: adminUid }, {}, (err, data) => {
				assert.ifError(err);
				assert.equal(data.length, 0);
				done();
			});
		});
	});

	it('should clear errors', (done) => {
		socketAdmin.errors.clear({ uid: adminUid }, {}, (err) => {
			assert.ifError(err);
			db.exists('error:404', (err, exists) => {
				assert.ifError(err);
				assert(!exists);
				done();
			});
		});
	});

	it('should delete a single event', (done) => {
		db.getSortedSetRevRange('events:time', 0, 0, (err, eids) => {
			assert.ifError(err);
			events.deleteEvents(eids, (err) => {
				assert.ifError(err);
				db.isSortedSetMembers('events:time', eids, (err, isMembers) => {
					assert.ifError(err);
					assert(!isMembers.includes(true));
					done();
				});
			});
		});
	});

	it('should delete all events', (done) => {
		events.deleteAll((err) => {
			assert.ifError(err);
			db.sortedSetCard('events:time', (err, count) => {
				assert.ifError(err);
				assert.equal(count, 0);
				done();
			});
		});
	});

	describe('logger', () => {
		const logger = require('../src/logger');
		const index = require('../src/socket.io');
		const fs = require('fs');
		const path = require('path');

		it('should enable logging', (done) => {
			meta.config.loggerStatus = 1;
			meta.config.loggerIOStatus = 1;
			const loggerPath = path.join(__dirname, '..', 'logs', 'logger.log');
			logger.monitorConfig({ io: index.server }, { key: 'loggerPath', value: loggerPath });
			setTimeout(() => {
				io.emit('meta.rooms.enter', { enter: 'recent_topics' }, (err) => {
					assert.ifError(err);
					fs.readFile(loggerPath, 'utf-8', (err, content) => {
						assert.ifError(err);
						assert(content);
						done();
					});
				});
			}, 500);
		});

		after((done) => {
			meta.config.loggerStatus = 0;
			meta.config.loggerIOStatus = 0;
			done();
		});
	});

	describe('password reset', () => {
		const socketUser = require('../src/socket.io/user');

		it('should error if uids is not array', (done) => {
			socketAdmin.user.sendPasswordResetEmail({ uid: adminUid }, null, (err) => {
				assert.strictEqual(err.message, '[[error:invalid-data]]');
				done();
			});
		});

		it('should error if uid doesnt have email', (done) => {
			socketAdmin.user.sendPasswordResetEmail({ uid: adminUid }, [adminUid], (err) => {
				assert.strictEqual(err.message, '[[error:user-doesnt-have-email, admin]]');
				done();
			});
		});

		it('should send password reset email', async () => {
			await user.setUserField(adminUid, 'email', 'admin_test@nodebb.org');
			await user.email.confirmByUid(adminUid);
			await socketAdmin.user.sendPasswordResetEmail({ uid: adminUid }, [adminUid]);
		});

		it('should error if uids is not array', (done) => {
			socketAdmin.user.forcePasswordReset({ uid: adminUid }, null, (err) => {
				assert.strictEqual(err.message, '[[error:invalid-data]]');
				done();
			});
		});

		it('should for password reset', async () => {
			const then = Date.now();
			const uid = await user.create({ username: 'forceme', password: '123345' });
			await socketAdmin.user.forcePasswordReset({ uid: adminUid }, [uid]);
			const pwExpiry = await user.getUserField(uid, 'passwordExpiry');
			const sleep = util.promisify(setTimeout);
			await sleep(500);
			assert(pwExpiry > then && pwExpiry < Date.now());
		});

		it('should not error on valid email', (done) => {
			socketUser.reset.send({ uid: 0 }, 'regular@test.com', (err) => {
				assert.ifError(err);

				async.parallel({
					count: async.apply(db.sortedSetCount.bind(db), 'reset:issueDate', 0, Date.now()),
					event: async.apply(events.getEvents, '', 0, 0),
				}, (err, data) => {
					assert.ifError(err);
					assert.strictEqual(data.count, 2);

					// Event validity
					assert.strictEqual(data.event.length, 1);
					const event = data.event[0];
					assert.strictEqual(event.type, 'password-reset');
					assert.strictEqual(event.text, '[[success:success]]');

					done();
				});
			});
		});

		it('should not generate code if rate limited', (done) => {
			socketUser.reset.send({ uid: 0 }, 'regular@test.com', (err) => {
				assert(err);

				async.parallel({
					count: async.apply(db.sortedSetCount.bind(db), 'reset:issueDate', 0, Date.now()),
					event: async.apply(events.getEvents, '', 0, 0),
				}, (err, data) => {
					assert.ifError(err);
					assert.strictEqual(data.count, 2);

					// Event validity
					assert.strictEqual(data.event.length, 1);
					const event = data.event[0];
					assert.strictEqual(event.type, 'password-reset');
					assert.strictEqual(event.text, '[[error:reset-rate-limited]]');

					done();
				});
			});
		});

		it('should not error on invalid email (but not generate reset code)', (done) => {
			socketUser.reset.send({ uid: 0 }, 'irregular@test.com', (err) => {
				assert.ifError(err);

				db.sortedSetCount('reset:issueDate', 0, Date.now(), (err, count) => {
					assert.ifError(err);
					assert.strictEqual(count, 2);
					done();
				});
			});
		});

		it('should error on no email', (done) => {
			socketUser.reset.send({ uid: 0 }, '', (err) => {
				assert(err instanceof Error);
				assert.strictEqual(err.message, '[[error:invalid-data]]');
				done();
			});
		});
	});

	it('should clear caches', async () => {
		await socketAdmin.cache.clear({ uid: adminUid }, { name: 'post' });
		await socketAdmin.cache.clear({ uid: adminUid }, { name: 'object' });
		await socketAdmin.cache.clear({ uid: adminUid }, { name: 'group' });
		await socketAdmin.cache.clear({ uid: adminUid }, { name: 'local' });
	});

	it('should toggle caches', async () => {
		const caches = {
			post: require('../src/posts/cache'),
			object: require('../src/database').objectCache,
			group: require('../src/groups').cache,
			local: require('../src/cache'),
		};

		await socketAdmin.cache.toggle({ uid: adminUid }, { name: 'post', enabled: !caches.post.enabled });
		if (caches.object) {
			await socketAdmin.cache.toggle({ uid: adminUid }, { name: 'object', enabled: !caches.object.enabled });
		}
		await socketAdmin.cache.toggle({ uid: adminUid }, { name: 'group', enabled: !caches.group.enabled });
		await socketAdmin.cache.toggle({ uid: adminUid }, { name: 'local', enabled: !caches.local.enabled });

		// call again to return back to original state
		await socketAdmin.cache.toggle({ uid: adminUid }, { name: 'post', enabled: !caches.post.enabled });
		if (caches.object) {
			await socketAdmin.cache.toggle({ uid: adminUid }, { name: 'object', enabled: !caches.object.enabled });
		}
		await socketAdmin.cache.toggle({ uid: adminUid }, { name: 'group', enabled: !caches.group.enabled });
		await socketAdmin.cache.toggle({ uid: adminUid }, { name: 'local', enabled: !caches.local.enabled });
	});
});