From c586c9a7e79b42d913fc058317a97ed0e61264dd Mon Sep 17 00:00:00 2001 From: Michael C Date: Mon, 20 Feb 2023 15:56:08 -0500 Subject: [PATCH] add etag tests - add shadowban self test - add init and -it to docker runs --- package.json | 4 ++-- test/cases/eTag.ts | 41 +++++++++++++++++++++++++++++++++++++ test/cases/shadowBanUser.ts | 21 +++++++++++++++++++ 3 files changed, 64 insertions(+), 2 deletions(-) create mode 100644 test/cases/eTag.ts diff --git a/package.json b/package.json index c47f349..32fd685 100644 --- a/package.json +++ b/package.json @@ -9,8 +9,8 @@ "cover:report": "nyc report", "dev": "nodemon", "dev:bash": "nodemon -x 'npm test ; npm start'", - "postgres:docker": "docker run --rm -p 5432:5432 -e POSTGRES_USER=ci_db_user -e POSTGRES_PASSWORD=ci_db_pass postgres:14-alpine", - "redis:docker": "docker run --rm -p 6379:6379 redis:7-alpine --save '' --appendonly no", + "postgres:docker": "docker run --init -it --rm -p 5432:5432 -e POSTGRES_USER=ci_db_user -e POSTGRES_PASSWORD=ci_db_pass postgres:14-alpine", + "redis:docker": "docker run --init -it --rm -p 6379:6379 redis:7-alpine --save '' --appendonly no", "start": "ts-node src/index.ts", "tsc": "tsc -p tsconfig.json", "lint": "eslint src test", diff --git a/test/cases/eTag.ts b/test/cases/eTag.ts new file mode 100644 index 0000000..1deaba2 --- /dev/null +++ b/test/cases/eTag.ts @@ -0,0 +1,41 @@ +import assert from "assert"; +import { client } from "../utils/httpClient"; +import redis from "../../src/utils/redis"; +import crypto from "crypto"; + +const genRandom = (bytes=8) => crypto.pseudoRandomBytes(bytes).toString("hex"); +const validateEtag = (expected: string, actual: string): boolean => { + const [actualHashType, actualHashKey, actualService] = actual.split(";"); + const [expectedHashType, expectedHashKey, expectedService] = expected.split(";"); + return (actualHashType === expectedHashType) && (actualHashKey === expectedHashKey) && (actualService === expectedService); +}; + +describe("eTag", () => { + const endpoint = "/etag"; + it("Should reject weak etag", (done) => { + const etagKey = `W/test-etag-${genRandom()}`; + client.get(endpoint, { headers: { "If-None-Match": etagKey } }) + .then(res => { + assert.strictEqual(res.status, 404); + done(); + }) + .catch(err => done(err)); + }); +}); + +describe("304 etag validation", () => { + const endpoint = "/api/skipSegments"; + for (const hashType of ["skipSegments", "skipSegmentsHash", "videoLabel", "videoLabelHash"]) { + it(`${hashType} etag should return 304`, (done) => { + const etagKey = `${hashType};${genRandom};YouTube;${Date.now()}`; + redis.setEx(etagKey, 8400, "test").then(() => + client.get(endpoint, { headers: { "If-None-Match": etagKey } }).then(res => { + assert.strictEqual(res.status, 304); + const etag = res.headers?.etag ?? ""; + assert.ok(validateEtag(etagKey, etag)); + done(); + }).catch(err => done(err)) + ); + }); + } +}); \ No newline at end of file diff --git a/test/cases/shadowBanUser.ts b/test/cases/shadowBanUser.ts index 8e52918..7dfb024 100644 --- a/test/cases/shadowBanUser.ts +++ b/test/cases/shadowBanUser.ts @@ -410,6 +410,27 @@ describe("shadowBanUser", () => { .catch(err => done(err)); }); + it("Should be possible to ban self", (done) => { + const userID = VIPuserID; + const hashUserID = getHash(userID); + client({ + method: "POST", + url: endpoint, + params: { + enabled: true, + userID: hashUserID, + categories: `["sponsor"]`, + unHideOldSubmissions: true, + adminUserID: userID, + } + }) + .then(res => { + assert.strictEqual(res.status, 200); + done(); + }) + .catch(err => done(err)); + }); + it("Should be able to ban user by userID and other users who used that IP and hide specific category", (done) => { const hashedIP = "shadowBannedIP8"; const userID = "shadowBanned8";