Skip to content

Commit 60792fb

Browse files
Add tests for userIdFromRequest()
1 parent 10dccdb commit 60792fb

File tree

3 files changed

+70
-6
lines changed

3 files changed

+70
-6
lines changed

lib/handlers/allow.js

Lines changed: 21 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,7 @@
1-
module.exports.allow = allow
1+
module.exports = {
2+
allow,
3+
userIdFromRequest
4+
}
25

36
var ACL = require('../acl-checker')
47
var $rdf = require('rdflib')
@@ -93,15 +96,29 @@ function fetchDocument (host, ldp, baseUri) {
9396
}
9497
}
9598

96-
function getUserId (req, callback) {
99+
/**
100+
* Extracts the Web ID from the request object (for purposes of access control).
101+
*
102+
* @param req {IncomingRequest}
103+
*
104+
* @return {string|null} Web ID
105+
*/
106+
function userIdFromRequest (req) {
97107
let userId
108+
let locals = req.app.locals
98109

99110
if (req.session.userId) {
100111
userId = req.session.userId
101-
} else if (req.claims) {
102-
userId = req.claims.sub
112+
} else if (locals.authMethod === 'oidc') {
113+
userId = locals.oidc.webIdFromClaims(req.claims)
103114
}
104115

116+
return userId
117+
}
118+
119+
function getUserId (req, callback) {
120+
let userId = userIdFromRequest(req)
121+
105122
callback(null, userId)
106123
// var onBehalfOf = req.get('On-Behalf-Of')
107124
// if (!onBehalfOf) {

package.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,7 @@
5858
"node-forge": "^0.6.38",
5959
"nodemailer": "^3.1.4",
6060
"nomnom": "^1.8.1",
61-
"oidc-auth-manager": "^0.4.1",
61+
"oidc-auth-manager": "^0.5.0",
6262
"oidc-op-express": "^0.0.3",
6363
"rdflib": "^0.15.0",
6464
"recursive-readdir": "^2.1.0",
@@ -77,6 +77,7 @@
7777
},
7878
"devDependencies": {
7979
"chai": "^3.5.0",
80+
"dirty-chai": "^1.2.2",
8081
"hippie": "^0.5.0",
8182
"mocha": "^3.2.0",
8283
"nock": "^9.0.2",

test/unit/acl-checker.js

Lines changed: 47 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,15 @@
11
'use strict'
22
const proxyquire = require('proxyquire')
3-
const assert = require('chai').assert
3+
const chai = require('chai')
4+
const { assert, expect } = chai
5+
const dirtyChai = require('dirty-chai')
6+
chai.use(dirtyChai)
7+
const sinon = require('sinon')
8+
const sinonChai = require('sinon-chai')
9+
chai.use(sinonChai)
10+
chai.should()
411
const debug = require('../../lib/debug').ACL
12+
const { userIdFromRequest } = require('../../lib/handlers/allow')
513

614
class PermissionSetAlwaysGrant {
715
checkAccess () {
@@ -19,6 +27,44 @@ class PermissionSetAlwaysError {
1927
}
2028
}
2129

30+
describe('Allow handler', () => {
31+
let req
32+
let aliceWebId = 'https://alice.example.com/#me'
33+
34+
beforeEach(() => {
35+
req = { app: { locals: {} }, session: {} }
36+
})
37+
38+
describe('userIdFromRequest()', () => {
39+
it('should first look in session.userId', () => {
40+
req.session.userId = aliceWebId
41+
42+
let userId = userIdFromRequest(req)
43+
44+
expect(userId).to.equal(aliceWebId)
45+
})
46+
47+
it('should use webIdFromClaims() if applicable', () => {
48+
req.app.locals.authMethod = 'oidc'
49+
req.claims = {}
50+
51+
let webIdFromClaims = sinon.stub().returns(aliceWebId)
52+
req.app.locals.oidc = { webIdFromClaims }
53+
54+
let userId = userIdFromRequest(req)
55+
56+
expect(userId).to.equal(aliceWebId)
57+
expect(webIdFromClaims).to.have.been.calledWith(req.claims)
58+
})
59+
60+
it('should return falsy if all else fails', () => {
61+
let userId = userIdFromRequest(req)
62+
63+
expect(userId).to.not.be.ok()
64+
})
65+
})
66+
})
67+
2268
describe('ACLChecker unit test', () => {
2369
it('should callback with null on grant success', done => {
2470
let ACLChecker = proxyquire('../../lib/acl-checker', {

0 commit comments

Comments
 (0)