Home Explore Help
Sign In
biheng
/
uppy
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 22c0218f18
Branches Tags
uppy
/
packages
/
@uppy
/
companion
/
test
/
__tests__
/
companion.js

companion.js 6.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206 
  1. /* global jest:false, test:false, expect:false, describe:false */
    2. 

  2. 

  3. const mockOauthState = require('../mockoauthstate')()
    4. 

  4. const { version } = require('../../package.json')
    5. 

  5. 

  6. jest.mock('tus-js-client')
    7. 

  7. jest.mock('purest')
    8. 

  8. jest.mock('../../src/server/helpers/oauth-state', () => ({
    9. 

  9.   ...jest.requireActual('../../src/server/helpers/oauth-state'),
    10. 

  10.   ...mockOauthState,
    11. 

  11. }))
    12. 

  12. 

  13. const nock = require('nock')
    14. 

  14. const request = require('supertest')
    15. 

  15. const tokenService = require('../../src/server/helpers/jwt')
    16. 

  16. const { getServer } = require('../mockserver')
    17. 

  17. 

  18. // todo don't share server between tests. rewrite to not use env variables
    19. 

  19. const authServer = getServer({ COMPANION_CLIENT_SOCKET_CONNECT_TIMEOUT: '0' })
    20. 

  20. const authData = {
    21. 

  21.   dropbox: 'token value',
    22. 

  22.   box: 'token value',
    23. 

  23.   drive: 'token value',
    24. 

  24. }
    25. 

  25. const token = tokenService.generateEncryptedToken(authData, process.env.COMPANION_SECRET)
    26. 

  26. const OAUTH_STATE = 'some-cool-nice-encrytpion'
    27. 

  27. 

  28. describe('validate upload data', () => {
    29. 

  29.   test('invalid upload protocol gets rejected', () => {
    30. 

  30.     return request(authServer)
    31. 

  31.       .post('/drive/get/DUMMY-FILE-ID')
    32. 

  32.       .set('uppy-auth-token', token)
    33. 

  33.       .set('Content-Type', 'application/json')
    34. 

  34.       .send({
    35. 

  35.         endpoint: 'http://url.myendpoint.com/files',
    36. 

  36.         protocol: 'tusInvalid',
    37. 

  37.       })
    38. 

  38.       .expect(400)
    39. 

  39.       .then((res) => expect(res.body.message).toBe('please specify a valid protocol'))
    40. 

  40.   })
    41. 

  41. 

  42.   test('invalid upload fieldname gets rejected', () => {
    43. 

  43.     return request(authServer)
    44. 

  44.       .post('/drive/get/DUMMY-FILE-ID')
    45. 

  45.       .set('uppy-auth-token', token)
    46. 

  46.       .set('Content-Type', 'application/json')
    47. 

  47.       .send({
    48. 

  48.         endpoint: 'http://url.myendpoint.com/files',
    49. 

  49.         protocol: 'tus',
    50. 

  50.         fieldname: 390,
    51. 

  51.       })
    52. 

  52.       .expect(400)
    53. 

  53.       .then((res) => expect(res.body.message).toBe('fieldname must be a string'))
    54. 

  54.   })
    55. 

  55. 

  56.   test('invalid upload metadata gets rejected', () => {
    57. 

  57.     return request(authServer)
    58. 

  58.       .post('/drive/get/DUMMY-FILE-ID')
    59. 

  59.       .set('uppy-auth-token', token)
    60. 

  60.       .set('Content-Type', 'application/json')
    61. 

  61.       .send({
    62. 

  62.         endpoint: 'http://url.myendpoint.com/files',
    63. 

  63.         protocol: 'tus',
    64. 

  64.         metadata: 'I am a string instead of object',
    65. 

  65.       })
    66. 

  66.       .expect(400)
    67. 

  67.       .then((res) => expect(res.body.message).toBe('metadata must be an object'))
    68. 

  68.   })
    69. 

  69. 

  70.   test('invalid upload headers get rejected', () => {
    71. 

  71.     return request(authServer)
    72. 

  72.       .post('/drive/get/DUMMY-FILE-ID')
    73. 

  73.       .set('uppy-auth-token', token)
    74. 

  74.       .set('Content-Type', 'application/json')
    75. 

  75.       .send({
    76. 

  76.         endpoint: 'http://url.myendpoint.com/files',
    77. 

  77.         protocol: 'tus',
    78. 

  78.         headers: 'I am a string instead of object',
    79. 

  79.       })
    80. 

  80.       .expect(400)
    81. 

  81.       .then((res) => expect(res.body.message).toBe('headers must be an object'))
    82. 

  82.   })
    83. 

  83. 

  84.   test('invalid upload HTTP Method gets rejected', () => {
    85. 

  85.     return request(authServer)
    86. 

  86.       .post('/drive/get/DUMMY-FILE-ID')
    87. 

  87.       .set('uppy-auth-token', token)
    88. 

  88.       .set('Content-Type', 'application/json')
    89. 

  89.       .send({
    90. 

  90.         endpoint: 'http://url.myendpoint.com/files',
    91. 

  91.         protocol: 'tus',
    92. 

  92.         httpMethod: 'DELETE',
    93. 

  93.       })
    94. 

  94.       .expect(400)
    95. 

  95.       .then((res) => expect(res.body.message).toBe('unsupported HTTP METHOD specified'))
    96. 

  96.   })
    97. 

  97. 

  98.   test('valid upload data is allowed - tus', () => {
    99. 

  99.     return request(authServer)
    100. 

  100.       .post('/drive/get/DUMMY-FILE-ID')
    101. 

  101.       .set('uppy-auth-token', token)
    102. 

  102.       .set('Content-Type', 'application/json')
    103. 

  103.       .send({
    104. 

  104.         endpoint: 'http://url.myendpoint.com/files',
    105. 

  105.         protocol: 'tus',
    106. 

  106.         httpMethod: 'POST',
    107. 

  107.         headers: {
    108. 

  108.           customheader: 'header value',
    109. 

  109.         },
    110. 

  110.         metadata: {
    111. 

  111.           mymetadata: 'matadata value',
    112. 

  112.         },
    113. 

  113.         fieldname: 'uploadField',
    114. 

  114.       })
    115. 

  115.       .expect(200)
    116. 

  116.   })
    117. 

  117. 

  118.   test('valid upload data is allowed - s3-multipart', () => {
    119. 

  119.     return request(authServer)
    120. 

  120.       .post('/drive/get/DUMMY-FILE-ID')
    121. 

  121.       .set('uppy-auth-token', token)
    122. 

  122.       .set('Content-Type', 'application/json')
    123. 

  123.       .send({
    124. 

  124.         endpoint: 'http://url.myendpoint.com/files',
    125. 

  125.         protocol: 's3-multipart',
    126. 

  126.         httpMethod: 'PUT',
    127. 

  127.         headers: {
    128. 

  128.           customheader: 'header value',
    129. 

  129.         },
    130. 

  130.         metadata: {
    131. 

  131.           mymetadata: 'matadata value',
    132. 

  132.         },
    133. 

  133.         fieldname: 'uploadField',
    134. 

  134.       })
    135. 

  135.       .expect(200)
    136. 

  136.   })
    137. 

  137. })
    138. 

  138. 

  139. describe('handle main oauth redirect', () => {
    140. 

  140.   const serverWithMainOauth = getServer({
    141. 

  141.     COMPANION_OAUTH_DOMAIN: 'localhost:3040',
    142. 

  142.   })
    143. 

  143.   test('redirect to a valid uppy instance', () => {
    144. 

  144.     return request(serverWithMainOauth)
    145. 

  145.       .get(`/dropbox/redirect?state=${OAUTH_STATE}`)
    146. 

  146.       .set('uppy-auth-token', token)
    147. 

  147.       .expect(302)
    148. 

  148.       .expect('Location', `http://localhost:3020/connect/dropbox/callback?state=${OAUTH_STATE}`)
    149. 

  149.   })
    150. 

  150. 

  151.   test('do not redirect to invalid uppy instances', () => {
    152. 

  152.     const state = 'state-with-invalid-instance-url' // see mock ../../src/server/helpers/oauth-state above
    153. 

  153.     return request(serverWithMainOauth)
    154. 

  154.       .get(`/dropbox/redirect?state=${state}`)
    155. 

  155.       .set('uppy-auth-token', token)
    156. 

  156.       .expect(400)
    157. 

  157.   })
    158. 

  158. })
    159. 

  159. 

  160. it('periodically pings', (done) => {
    161. 

  161.   nock('http://localhost').post('/ping', (body) => (
    162. 

  162.     body.some === 'value'
    163. 

  163.     && body.version === version
    164. 

  164.     && typeof body.processId === 'string'
    165. 

  165.   )).reply(200, () => done())
    166. 

  166. 

  167.   getServer({
    168. 

  168.     COMPANION_PERIODIC_PING_URLS: 'http://localhost/ping',
    169. 

  169.     COMPANION_PERIODIC_PING_STATIC_JSON_PAYLOAD: '{"some": "value"}',
    170. 

  170.     COMPANION_PERIODIC_PING_INTERVAL: '10',
    171. 

  171.     COMPANION_PERIODIC_PING_COUNT: '1',
    172. 

  172.   })
    173. 

  173. }, 1000)
    174. 

  174. 

  175. it('respects allowLocalUrls', async () => {
    176. 

  176.   const server = getServer()
    177. 

  177.   const url = 'http://localhost/'
    178. 

  178. 

  179.   let res
    180. 

  180. 

  181.   res = await request(server)
    182. 

  182.     .post('/url/meta')
    183. 

  183.     .send({ url })
    184. 

  184.     .expect(400)
    185. 

  185. 

  186.   expect(res.body).toEqual({ error: 'Invalid request body' })
    187. 

  187. 

  188.   res = await request(server)
    189. 

  189.     .post('/url/get')
    190. 

  190.     .send({
    191. 

  191.       fileId: url,
    192. 

  192.       metadata: {},
    193. 

  193.       endpoint: 'http://url.myendpoint.com/files',
    194. 

  194.       protocol: 'tus',
    195. 

  195.       size: null,
    196. 

  196.       url,
    197. 

  197.     })
    198. 

  198.     .expect(400)
    199. 

  199. 

  200.   expect(res.body).toEqual({ error: 'Invalid request body' })
    201. 

  201. }, 1000)
    202. 

  202. 

  203. afterAll(() => {
    204. 

  204.   nock.cleanAll()
    205. 

  205.   nock.restore()
    206. 

  206. })
    207.