coop-cloud-chaos-patchs/outline
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Prevent API access from suspended user

Browse Source
This commit is contained in:
Jori Lallo
2018-03-04 17:08:18 -08:00
parent a0f58583b5
commit 1c2b3e992e
3 changed files with 75 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
server/api/middlewares/authentication.test.js
View File

@ -1,5 +1,6 @@
/* eslint-disable flowtype/require-valid-file-annotation */
import { flushdb, seed } from '../../test/support';
import { buildUser } from '../../test/factories';
import { ApiKey } from '../../models';
import randomstring from 'randomstring';
import auth from './authentication';
@ -155,4 +156,29 @@ describe('Authentication middleware', async () => {
);
expect(state.user.id).toEqual(user.id);
});
it('should return an error for suspended users', async () => {
const state = {};
const user = await buildUser({
suspendedAt: new Date(),
});
const authMiddleware = auth();
try {
await authMiddleware(
{
request: {
get: jest.fn(() => `Bearer ${user.getJwtToken()}`),
},
state,
cache: {},
},
jest.fn()
);
} catch (e) {
expect(e.message).toEqual(
'Your access has been suspended by the team admin'
);
}
});
});