juice-shop
198 строк · 6.5 Кб
1/*
2* Copyright (c) 2014-2024 Bjoern Kimminich & the OWASP Juice Shop contributors.
3* SPDX-License-Identifier: MIT
4*/
5
6import { inject, TestBed } from '@angular/core/testing'
7import { AccountingGuard, AdminGuard, DeluxeGuard, LoginGuard } from './app.guard'
8import { HttpClientTestingModule } from '@angular/common/http/testing'
9import { RouterTestingModule } from '@angular/router/testing'
10import { ErrorPageComponent } from './error-page/error-page.component'
11
12describe('LoginGuard', () => {
13beforeEach(() => {
14TestBed.configureTestingModule({
15imports: [
16HttpClientTestingModule,
17RouterTestingModule.withRoutes([
18{ path: '403', component: ErrorPageComponent }
19]
20)],
21providers: [LoginGuard]
22})
23})
24
25it('should be created', inject([LoginGuard], (guard: LoginGuard) => {
26expect(guard).toBeTruthy()
27}))
28
29it('should open for authenticated users', inject([LoginGuard], (guard: LoginGuard) => {
30localStorage.setItem('token', 'TOKEN')
31expect(guard.canActivate()).toBeTrue()
32}))
33
34it('should close for anonymous users', inject([LoginGuard], (guard: LoginGuard) => {
35localStorage.removeItem('token')
36expect(guard.canActivate()).toBeFalse()
37}))
38
39it('returns payload from decoding a valid JWT', inject([LoginGuard], (guard: LoginGuard) => {
40localStorage.setItem('token', 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c')
41expect(guard.tokenDecode()).toEqual({
42sub: '1234567890',
43name: 'John Doe',
44iat: 1516239022
45})
46}))
47
48it('returns nothing when decoding an invalid JWT', inject([LoginGuard], (guard: LoginGuard) => {
49localStorage.setItem('token', '12345.abcde')
50expect(guard.tokenDecode()).toBeNull()
51}))
52
53it('returns nothing when decoding an non-existing JWT', inject([LoginGuard], (guard: LoginGuard) => {
54localStorage.removeItem('token')
55expect(guard.tokenDecode()).toBeNull()
56}))
57})
58
59describe('AdminGuard', () => {
60let loginGuard: any
61
62beforeEach(() => {
63loginGuard = jasmine.createSpyObj('LoginGuard', ['tokenDecode', 'forbidRoute'])
64
65TestBed.configureTestingModule({
66imports: [
67HttpClientTestingModule,
68RouterTestingModule.withRoutes([
69{ path: '403', component: ErrorPageComponent }
70]
71)],
72providers: [
73AdminGuard,
74{ provide: LoginGuard, useValue: loginGuard }
75]
76})
77})
78
79it('should be created', inject([AdminGuard], (guard: AdminGuard) => {
80expect(guard).toBeTruthy()
81}))
82
83it('should open for admins', inject([AdminGuard], (guard: AdminGuard) => {
84loginGuard.tokenDecode.and.returnValue({ data: { role: 'admin' } })
85expect(guard.canActivate()).toBeTrue()
86}))
87
88it('should close for regular customers', inject([AdminGuard], (guard: AdminGuard) => {
89loginGuard.tokenDecode.and.returnValue({ data: { role: 'customer' } })
90expect(guard.canActivate()).toBeFalse()
91expect(loginGuard.forbidRoute).toHaveBeenCalled()
92}))
93
94it('should close for deluxe customers', inject([AdminGuard], (guard: AdminGuard) => {
95loginGuard.tokenDecode.and.returnValue({ data: { role: 'deluxe' } })
96expect(guard.canActivate()).toBeFalse()
97expect(loginGuard.forbidRoute).toHaveBeenCalled()
98}))
99
100it('should close for accountants', inject([AdminGuard], (guard: AdminGuard) => {
101loginGuard.tokenDecode.and.returnValue({ data: { role: 'accounting' } })
102expect(guard.canActivate()).toBeFalse()
103expect(loginGuard.forbidRoute).toHaveBeenCalled()
104}))
105})
106
107describe('AccountingGuard', () => {
108let loginGuard: any
109
110beforeEach(() => {
111loginGuard = jasmine.createSpyObj('LoginGuard', ['tokenDecode', 'forbidRoute'])
112
113TestBed.configureTestingModule({
114imports: [
115HttpClientTestingModule,
116RouterTestingModule.withRoutes([
117{ path: '403', component: ErrorPageComponent }
118]
119)],
120providers: [
121AccountingGuard,
122{ provide: LoginGuard, useValue: loginGuard }
123]
124})
125})
126
127it('should be created', inject([AccountingGuard], (guard: AccountingGuard) => {
128expect(guard).toBeTruthy()
129}))
130
131it('should open for accountants', inject([AccountingGuard], (guard: AccountingGuard) => {
132loginGuard.tokenDecode.and.returnValue({ data: { role: 'accounting' } })
133expect(guard.canActivate()).toBeTrue()
134}))
135
136it('should close for regular customers', inject([AccountingGuard], (guard: AccountingGuard) => {
137loginGuard.tokenDecode.and.returnValue({ data: { role: 'customer' } })
138expect(guard.canActivate()).toBeFalse()
139expect(loginGuard.forbidRoute).toHaveBeenCalled()
140}))
141
142it('should close for deluxe customers', inject([AccountingGuard], (guard: AccountingGuard) => {
143loginGuard.tokenDecode.and.returnValue({ data: { role: 'deluxe' } })
144expect(guard.canActivate()).toBeFalse()
145expect(loginGuard.forbidRoute).toHaveBeenCalled()
146}))
147
148it('should close for admins', inject([AccountingGuard], (guard: AccountingGuard) => {
149loginGuard.tokenDecode.and.returnValue({ data: { role: 'admin' } })
150expect(guard.canActivate()).toBeFalse()
151expect(loginGuard.forbidRoute).toHaveBeenCalled()
152}))
153})
154
155describe('DeluxeGuard', () => {
156let loginGuard: any
157
158beforeEach(() => {
159loginGuard = jasmine.createSpyObj('LoginGuard', ['tokenDecode'])
160
161TestBed.configureTestingModule({
162imports: [
163HttpClientTestingModule,
164RouterTestingModule.withRoutes([
165{ path: '403', component: ErrorPageComponent }
166]
167)],
168providers: [
169DeluxeGuard,
170{ provide: LoginGuard, useValue: loginGuard }
171]
172})
173})
174
175it('should be created', inject([DeluxeGuard], (guard: DeluxeGuard) => {
176expect(guard).toBeTruthy()
177}))
178
179it('should open for deluxe customers', inject([DeluxeGuard], (guard: DeluxeGuard) => {
180loginGuard.tokenDecode.and.returnValue({ data: { role: 'deluxe' } })
181expect(guard.isDeluxe()).toBeTrue()
182}))
183
184it('should close for regular customers', inject([DeluxeGuard], (guard: DeluxeGuard) => {
185loginGuard.tokenDecode.and.returnValue({ data: { role: 'customer' } })
186expect(guard.isDeluxe()).toBeFalse()
187}))
188
189it('should close for admins', inject([DeluxeGuard], (guard: DeluxeGuard) => {
190loginGuard.tokenDecode.and.returnValue({ data: { role: 'admin' } })
191expect(guard.isDeluxe()).toBeFalse()
192}))
193
194it('should close for accountants', inject([DeluxeGuard], (guard: DeluxeGuard) => {
195loginGuard.tokenDecode.and.returnValue({ data: { role: 'accounting' } })
196expect(guard.isDeluxe()).toBeFalse()
197}))
198})
199