MXS-1300: Move the REST API tests back into the core

As the REST API is a part of the core, it is more appropriate for the tests to reside there as well. Further refactoring of the testing needs to be done to allow multiple components to use the same framework but with different tests.
2017-07-13 13:48:57 +03:00
parent a082871726
commit 01fa1a827a
22 changed files with 3 additions and 3 deletions
--- a/server/core/test/rest-api/test/auth.js
+++ b/server/core/test/rest-api/test/auth.js
@ -0,0 +1,116 @@
+require("../utils.js")()
+
+
+function set_auth(auth, value) {
+    return request.get(auth + host + "/maxscale")
+        .then(function(resp) {
+            var d = JSON.parse(resp)
+            d.data.attributes.parameters.admin_auth = value;
+            return request.patch(auth + host + "/maxscale", { json: d })
+        })
+        .then(function() {
+            return request.get(auth + host + "/maxscale")
+        })
+        .then(function(resp) {
+            var d = JSON.parse(resp)
+            d.data.attributes.parameters.admin_auth.should.equal(value)
+        })
+}
+
+describe("Authentication", function() {
+    before(startMaxScale)
+
+    var user1 = {
+        data: {
+            id: "user1",
+            type: "inet",
+            attributes: {
+                password: "pw1"
+            }
+        }
+    }
+
+    var user2 = {
+        data: {
+            id: "user2",
+            type: "inet",
+            attributes: {
+                password: "pw2"
+            }
+        }
+    }
+
+    var auth1 = "http://" + user1.data.id + ":" + user1.data.attributes.password + "@"
+    var auth2 = "http://" + user2.data.id + ":" + user2.data.attributes.password + "@"
+
+    it("unauthorized request without authentication", function() {
+        return request.get(base_url + "/maxscale")
+            .should.be.fulfilled
+    })
+
+    it("authorized request without authentication", function() {
+        return request.get(auth1 + host + "/maxscale")
+            .should.be.fulfilled
+    })
+
+    it("add user", function() {
+        return request.post(base_url + "/users/inet", { json: user1 })
+            .should.be.fulfilled
+    })
+
+    it("request created user", function() {
+        return request.get(base_url + "/users/inet/" + user1.data.id)
+            .should.be.fulfilled
+    })
+
+    it("enable authentication", function() {
+        return set_auth(auth1, true).should.be.fulfilled
+    })
+
+    it("unauthorized request with authentication", function() {
+        return request.get(base_url + "/maxscale").auth()
+            .should.be.rejected
+    })
+
+    it("authorized request with authentication", function() {
+        return request.get(auth1 + host + "/maxscale")
+            .should.be.fulfilled
+    })
+
+    it("replace user", function() {
+        return request.post(auth1 + host + "/users/inet", { json: user2 })
+            .then(function() {
+                return request.get(auth1 + host + "/users/inet/" + user2.data.id)
+            })
+            .then(function() {
+                return request.delete(auth1 + host + "/users/inet/" + user1.data.id)
+            })
+            .should.be.fulfilled
+    })
+
+    it("request with wrong user", function() {
+        return request.get(auth1 + host + "/maxscale")
+            .should.be.rejected
+    })
+
+    it("request with correct user", function() {
+        return request.get(auth2 + host + "/maxscale")
+            .should.be.fulfilled
+    })
+
+    it("disable authentication", function() {
+        return set_auth(auth2, false).should.be.fulfilled
+    })
+
+    it("unauthorized request without authentication ", function() {
+        return request.get(base_url + "/maxscale/logs")
+            .should.be.fulfilled
+    })
+
+    it("authorized request without authentication", function() {
+        return request.get(auth2 + host + "/maxscale")
+            .should.be.fulfilled
+    })
+
+    after(stopMaxScale)
+});