2019-02-09 22:20:37 +00:00
|
|
|
import LoginAndRegisterTotp from "../../../helpers/LoginAndRegisterTotp";
|
2019-02-12 22:23:43 +00:00
|
|
|
import VerifySecretObserved from "../../../helpers/assertions/VerifySecretObserved";
|
2019-04-24 21:52:08 +00:00
|
|
|
import { StartDriver, StopDriver } from "../../../helpers/context/WithDriver";
|
2019-02-09 22:20:37 +00:00
|
|
|
import ValidateTotp from "../../../helpers/ValidateTotp";
|
|
|
|
import Logout from "../../../helpers/Logout";
|
2019-02-12 22:41:19 +00:00
|
|
|
import VisitPageAndWaitUrlIs from "../../../helpers/behaviors/VisitPageAndWaitUrlIs";
|
2019-03-03 22:51:52 +00:00
|
|
|
import VerifyBodyContains from "../../../helpers/assertions/VerifyBodyContains";
|
2019-04-24 21:52:08 +00:00
|
|
|
import VerifyUrlIs from "../../../helpers/assertions/WaitUrlIs";
|
2019-02-09 22:20:37 +00:00
|
|
|
|
|
|
|
async function ShouldHaveAccessTo(url: string) {
|
|
|
|
it('should have access to ' + url, async function() {
|
2019-02-12 22:41:19 +00:00
|
|
|
await VisitPageAndWaitUrlIs(this.driver, url);
|
2019-02-12 22:23:43 +00:00
|
|
|
await VerifySecretObserved(this.driver);
|
2019-02-09 22:20:37 +00:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
async function ShouldNotHaveAccessTo(url: string) {
|
|
|
|
it('should not have access to ' + url, async function() {
|
2019-03-03 22:51:52 +00:00
|
|
|
await VisitPageAndWaitUrlIs(this.driver, url);
|
|
|
|
await VerifyBodyContains(this.driver, "403 Forbidden");
|
2019-02-09 22:20:37 +00:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
// we verify that the user has only access to want he is granted to.
|
|
|
|
export default function() {
|
|
|
|
// We ensure that bob has access to what he is granted to
|
|
|
|
describe('Permissions of user john', function() {
|
|
|
|
before(async function() {
|
2019-04-24 21:52:08 +00:00
|
|
|
this.driver = await StartDriver();
|
2019-02-13 23:27:43 +00:00
|
|
|
const secret = await LoginAndRegisterTotp(this.driver, "john", "password", true);
|
2019-03-03 22:51:52 +00:00
|
|
|
await VisitPageAndWaitUrlIs(this.driver, 'https://login.example.com:8080/#/');
|
2019-02-09 22:20:37 +00:00
|
|
|
await ValidateTotp(this.driver, secret);
|
2019-04-24 21:52:08 +00:00
|
|
|
await VerifyUrlIs(this.driver, "https://home.example.com:8080/");
|
|
|
|
});
|
|
|
|
|
|
|
|
after(async function() {
|
|
|
|
await Logout(this.driver);
|
|
|
|
await StopDriver(this.driver);
|
|
|
|
});
|
2019-02-09 22:20:37 +00:00
|
|
|
|
|
|
|
ShouldHaveAccessTo('https://public.example.com:8080/secret.html');
|
2019-03-03 22:51:52 +00:00
|
|
|
ShouldHaveAccessTo('https://secure.example.com:8080/secret.html');
|
2019-02-09 22:20:37 +00:00
|
|
|
ShouldHaveAccessTo('https://dev.example.com:8080/groups/admin/secret.html');
|
|
|
|
ShouldHaveAccessTo('https://dev.example.com:8080/groups/dev/secret.html');
|
|
|
|
ShouldHaveAccessTo('https://dev.example.com:8080/users/john/secret.html');
|
|
|
|
ShouldHaveAccessTo('https://dev.example.com:8080/users/harry/secret.html');
|
|
|
|
ShouldHaveAccessTo('https://dev.example.com:8080/users/bob/secret.html');
|
|
|
|
ShouldHaveAccessTo('https://admin.example.com:8080/secret.html');
|
|
|
|
ShouldHaveAccessTo('https://mx1.mail.example.com:8080/secret.html');
|
2019-03-03 22:51:52 +00:00
|
|
|
ShouldHaveAccessTo('https://singlefactor.example.com:8080/secret.html');
|
2019-02-09 22:20:37 +00:00
|
|
|
ShouldNotHaveAccessTo('https://mx2.mail.example.com:8080/secret.html');
|
|
|
|
})
|
|
|
|
|
|
|
|
// We ensure that bob has access to what he is granted to
|
|
|
|
describe('Permissions of user bob', function() {
|
|
|
|
before(async function() {
|
2019-04-24 21:52:08 +00:00
|
|
|
this.driver = await StartDriver();
|
2019-02-13 23:27:43 +00:00
|
|
|
const secret = await LoginAndRegisterTotp(this.driver, "bob", "password", true);
|
2019-03-03 22:51:52 +00:00
|
|
|
await VisitPageAndWaitUrlIs(this.driver, 'https://login.example.com:8080/#/');
|
2019-02-09 22:20:37 +00:00
|
|
|
await ValidateTotp(this.driver, secret);
|
2019-04-24 21:52:08 +00:00
|
|
|
await VerifyUrlIs(this.driver, "https://home.example.com:8080/");
|
|
|
|
});
|
|
|
|
|
|
|
|
after(async function() {
|
|
|
|
await Logout(this.driver);
|
|
|
|
await StopDriver(this.driver);
|
|
|
|
});
|
2019-02-09 22:20:37 +00:00
|
|
|
|
|
|
|
ShouldHaveAccessTo('https://public.example.com:8080/secret.html');
|
2019-03-03 22:51:52 +00:00
|
|
|
ShouldHaveAccessTo('https://secure.example.com:8080/secret.html');
|
2019-02-09 22:20:37 +00:00
|
|
|
ShouldNotHaveAccessTo('https://dev.example.com:8080/groups/admin/secret.html');
|
|
|
|
ShouldHaveAccessTo('https://dev.example.com:8080/groups/dev/secret.html');
|
|
|
|
ShouldNotHaveAccessTo('https://dev.example.com:8080/users/john/secret.html');
|
|
|
|
ShouldNotHaveAccessTo('https://dev.example.com:8080/users/harry/secret.html');
|
|
|
|
ShouldHaveAccessTo('https://dev.example.com:8080/users/bob/secret.html');
|
|
|
|
ShouldNotHaveAccessTo('https://admin.example.com:8080/secret.html');
|
|
|
|
ShouldHaveAccessTo('https://mx1.mail.example.com:8080/secret.html');
|
2019-03-03 22:51:52 +00:00
|
|
|
ShouldHaveAccessTo('https://singlefactor.example.com:8080/secret.html');
|
2019-02-09 22:20:37 +00:00
|
|
|
ShouldHaveAccessTo('https://mx2.mail.example.com:8080/secret.html');
|
2019-04-24 21:52:08 +00:00
|
|
|
});
|
2019-02-09 22:20:37 +00:00
|
|
|
|
|
|
|
// We ensure that harry has access to what he is granted to
|
|
|
|
describe('Permissions of user harry', function() {
|
|
|
|
before(async function() {
|
2019-04-24 21:52:08 +00:00
|
|
|
this.driver = await StartDriver();
|
2019-02-13 23:27:43 +00:00
|
|
|
const secret = await LoginAndRegisterTotp(this.driver, "harry", "password", true);
|
2019-03-03 22:51:52 +00:00
|
|
|
await VisitPageAndWaitUrlIs(this.driver, 'https://login.example.com:8080/#/');
|
2019-02-09 22:20:37 +00:00
|
|
|
await ValidateTotp(this.driver, secret);
|
2019-04-24 21:52:08 +00:00
|
|
|
await VerifyUrlIs(this.driver, "https://home.example.com:8080/");
|
|
|
|
});
|
|
|
|
|
|
|
|
after(async function() {
|
|
|
|
await Logout(this.driver);
|
|
|
|
await StopDriver(this.driver);
|
|
|
|
});
|
2019-02-09 22:20:37 +00:00
|
|
|
|
|
|
|
ShouldHaveAccessTo('https://public.example.com:8080/secret.html');
|
2019-03-03 22:51:52 +00:00
|
|
|
ShouldHaveAccessTo('https://secure.example.com:8080/secret.html');
|
2019-02-09 22:20:37 +00:00
|
|
|
ShouldNotHaveAccessTo('https://dev.example.com:8080/groups/admin/secret.html');
|
|
|
|
ShouldNotHaveAccessTo('https://dev.example.com:8080/groups/dev/secret.html');
|
|
|
|
ShouldNotHaveAccessTo('https://dev.example.com:8080/users/john/secret.html');
|
|
|
|
ShouldHaveAccessTo('https://dev.example.com:8080/users/harry/secret.html');
|
|
|
|
ShouldNotHaveAccessTo('https://dev.example.com:8080/users/bob/secret.html');
|
|
|
|
ShouldNotHaveAccessTo('https://admin.example.com:8080/secret.html');
|
|
|
|
ShouldNotHaveAccessTo('https://mx1.mail.example.com:8080/secret.html');
|
2019-03-03 22:51:52 +00:00
|
|
|
ShouldHaveAccessTo('https://singlefactor.example.com:8080/secret.html');
|
2019-02-09 22:20:37 +00:00
|
|
|
ShouldNotHaveAccessTo('https://mx2.mail.example.com:8080/secret.html');
|
2019-04-24 21:52:08 +00:00
|
|
|
});
|
2019-02-09 22:20:37 +00:00
|
|
|
}
|