Enable authorizations w/ dummy-auth (#158)
* Enable authorizations w/ dummy-auth * fixed: some tests run in privileged mode * Fixed tests to skip auth * npm test --silent * Added dependency to passport
This commit is contained in:
Daniel Hutzel
@@ -5,7 +5,8 @@
|
||||
"dependencies": {
|
||||
"@capire/common": "*",
|
||||
"@sap/cds": "^4",
|
||||
"express": "^4.17.1"
|
||||
"express": "^4.17.1",
|
||||
"passport": "0.4.1"
|
||||
},
|
||||
"scripts": {
|
||||
"genres": "cds serve test/genres.cds",
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
using { sap.capire.bookshop as my } from '../db/schema';
|
||||
service AdminService @(requires_:'admin') {
|
||||
service AdminService @(requires:'admin') {
|
||||
entity Books as projection on my.Books;
|
||||
entity Authors as projection on my.Authors;
|
||||
}
|
||||
|
||||
@@ -5,6 +5,6 @@ service CatalogService @(path:'/browse') {
|
||||
author.name as author
|
||||
} excluding { createdBy, modifiedBy };
|
||||
|
||||
@requires_: 'authenticated-user'
|
||||
@requires: 'authenticated-user'
|
||||
action submitOrder (book : Books:ID, amount: Integer);
|
||||
}
|
||||
|
||||
@@ -36,6 +36,7 @@ Authorization: Basic alice:
|
||||
# Create book
|
||||
POST {{server}}/admin/Books
|
||||
Content-Type: application/json;IEEE754Compatible=true
|
||||
Authorization: Basic alice:
|
||||
|
||||
{
|
||||
"ID": 2,
|
||||
@@ -53,6 +54,7 @@ Content-Type: application/json;IEEE754Compatible=true
|
||||
# Put image to books
|
||||
PUT {{server}}/admin/Books(2)/image
|
||||
Content-Type: image/png
|
||||
Authorization: Basic alice:
|
||||
|
||||
data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAANwAAADcCAYAAAAbWs+BAAAGwElEQVR4Ae3cwZFbNxBFUY5rkrDTmKAUk5QT03Aa44U22KC7NHptw+DRikVAXf8fzC3u8Hj4R4AAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAgZzAW26USQT+e4HPx+Mz+RRvj0e0kT+SD2cWAQK1gOBqH6sEogKCi3IaRqAWEFztY5VAVEBwUU7DCNQCgqt9rBKICgguymkYgVpAcLWPVQJRAcFFOQ0jUAsIrvaxSiAqILgop2EEagHB1T5WCUQFBBflNIxALSC42scqgaiA4KKchhGoBQRX+1glEBUQXJTTMAK1gOBqH6sEogKCi3IaRqAWeK+Xb1z9iN558fHxcSPS9p2ezx/ROz4e4TtIHt+3j/61hW9f+2+7/+UXbifjewIDAoIbQDWSwE5AcDsZ3xMYEBDcAKqRBHYCgtvJ+J7AgIDgBlCNJLATENxOxvcEBgQEN4BqJIGdgOB2Mr4nMCAguAFUIwnsBAS3k/E9gQEBwQ2gGklgJyC4nYzvCQwICG4A1UgCOwHB7WR8T2BAQHADqEYS2AkIbifjewIDAoIbQDWSwE5AcDsZ3xMYEEjfTzHwiK91B8npd6Q8n8/oGQ/ckRJ9vvQwv3BpUfMIFAKCK3AsEUgLCC4tah6BQkBwBY4lAmkBwaVFzSNQCAiuwLFEIC0guLSoeQQKAcEVOJYIpAUElxY1j0AhILgCxxKBtIDg0qLmESgEBFfgWCKQFhBcWtQ8AoWA4AocSwTSAoJLi5pHoBAQXIFjiUBaQHBpUfMIFAKCK3AsEUgLCC4tah6BQmDgTpPsHSTFs39p6fQ7Q770UsV/Ov19X+2OFL9wxR+rJQJpAcGlRc0jUAgIrsCxRCAtILi0qHkECgHBFTiWCKQFBJcWNY9AISC4AscSgbSA4NKi5hEoBARX4FgikBYQXFrUPAKFgOAKHEsE0gKCS4uaR6AQEFyBY4lAWkBwaVHzCBQCgitwLBFICwguLWoegUJAcAWOJQJpAcGlRc0jUAgIrsCxRCAt8J4eePq89B0ar3ZnyOnve/rfn1+400/I810lILirjtPLnC4guNNPyPNdJSC4q47Ty5wuILjTT8jzXSUguKuO08ucLiC400/I810lILirjtPLnC4guNNPyPNdJSC4q47Ty5wuILjTT8jzXSUguKuO08ucLiC400/I810lILirjtPLnC4guNNPyPNdJSC4q47Ty5wuILjTT8jzXSUguKuO08ucLiC400/I810l8JZ/m78+szP/zI47fJo7Q37vgJ7PHwN/07/3TOv/9gu3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhAcMPAxhNYBQS3avhMYFhg4P6H9J0maYHXuiMlrXf+vOfA33Turf3C5SxNItAKCK4lsoFATkBwOUuTCLQCgmuJbCCQExBcztIkAq2A4FoiGwjkBASXszSJQCsguJbIBgI5AcHlLE0i0AoIriWygUBOQHA5S5MItAKCa4lsIJATEFzO0iQCrYDgWiIbCOQEBJezNIlAKyC4lsgGAjkBweUsTSLQCgiuJbKBQE5AcDlLkwi0Akff//Dz6U+/I6U1/sUNr3bnytl3kPzi4bXb/cK1RDYQyAkILmdpEoFWQHAtkQ0EcgKCy1maRKAVEFxLZAOBnIDgcpYmEWgFBNcS2UAgJyC4nKVJBFoBwbVENhDICQguZ2kSgVZAcC2RDQRyAoLLWZpEoBUQXEtkA4GcgOByliYRaAUE1xLZQCAnILicpUkEWgHBtUQ2EMgJCC5naRKBVkBwLZENBHIC/4M7TXIv+3PS22d24qvdQfL3C/7N5P5i/MLlLE0i0AoIriWygUBOQHA5S5MItAKCa4lsIJATEFzO0iQCrYDgWiIbCOQEBJezNIlAKyC4lsgGAjkBweUsTSLQCgiuJbKBQE5AcDlLkwi0AoJriWwgkBMQXM7SJAKtgOBaIhsI5AQEl7M0iUArILiWyAYCOQHB5SxNItAKCK4lsoFATkBwOUuTCBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIAAAQIECBAgQIDAvyrwDySEJ2VQgUSoAAAAAElFTkSuQmCC
|
||||
|
||||
@@ -78,4 +80,3 @@ GET {{server}}/browse/Genres?
|
||||
# &$filter=parent_ID eq null&$select=name
|
||||
# &$expand=children($select=name)
|
||||
{{me}}
|
||||
|
||||
|
||||
@@ -6,7 +6,8 @@
|
||||
"@capire/orders": "*",
|
||||
"@capire/common": "*",
|
||||
"@sap/cds": "^4",
|
||||
"express": "^4.17.1"
|
||||
"express": "^4.17.1",
|
||||
"passport": "0.4.1"
|
||||
},
|
||||
"scripts": {
|
||||
"start": "cds run --in-memory?",
|
||||
|
||||
@@ -25,8 +25,8 @@
|
||||
"fiori": "cds watch fiori",
|
||||
"media": "cds watch media",
|
||||
"mocha": "npx mocha || echo",
|
||||
"jest": "npx jest --verbose",
|
||||
"test": "npm run jest -s"
|
||||
"jest": "npx jest",
|
||||
"test": "npm run jest --silent"
|
||||
},
|
||||
"mocha": {
|
||||
"parallel": true
|
||||
|
||||
@@ -1,10 +1,16 @@
|
||||
|
||||
@me = {{$processEnv USER}}:
|
||||
@bookshop = http://localhost:4004
|
||||
@reviews-service = {{bookshop}}/reviews
|
||||
# @reviews-service = http://localhost:5005/reviews
|
||||
|
||||
|
||||
|
||||
#################################################
|
||||
#
|
||||
# To ReviewsService
|
||||
#
|
||||
# move the right down:
|
||||
@reviews-service = http://localhost:4004/reviews
|
||||
@reviews-service = http://localhost:5005/reviews
|
||||
|
||||
### Get all reviews
|
||||
GET {{reviews-service}}/Reviews
|
||||
@@ -12,6 +18,7 @@ GET {{reviews-service}}/Reviews
|
||||
### Add a new review (with random rating)
|
||||
POST {{reviews-service}}/Reviews
|
||||
Content-Type: application/json;IEEE754Compatible=true
|
||||
Authorization: Basic {{me}}
|
||||
|
||||
{"subject":"201", "title":"boo"}
|
||||
|
||||
@@ -23,8 +30,6 @@ Content-Type: application/json;IEEE754Compatible=true
|
||||
# (both in-process as well as separate one)
|
||||
#
|
||||
|
||||
@bookshop = http://localhost:4004
|
||||
|
||||
### Request to CatalogService > delegated to ReviewsService
|
||||
GET {{bookshop}}/browse/Books(201)/reviews?
|
||||
&$select=rating,date,reviewer,title
|
||||
|
||||
@@ -24,14 +24,14 @@ service ReviewsService {
|
||||
|
||||
|
||||
// Access control restrictions
|
||||
annotate ReviewsService.Reviews with @restrict_:[
|
||||
annotate ReviewsService.Reviews with @restrict:[
|
||||
{ grant:'READ', to:'any' }, // everybody can read reviews
|
||||
{ grant:'CREATE', to:'authenticated-user' }, // users must login to add reviews
|
||||
{ grant:'UPDATE', to:'authenticated-user', where:'reviewer=$user' },
|
||||
{ grant:'DELETE', to:'admin' },
|
||||
];
|
||||
|
||||
annotate ReviewsService with @restrict_:[
|
||||
annotate ReviewsService with @restrict:[
|
||||
{ grant:'like', to:'identified-user' },
|
||||
{ grant:'unlike', to:'identified-user', where:'user=$user' },
|
||||
];
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
const cds = require('@sap/cds/lib')
|
||||
const cds = require('@sap/cds/lib'); cds.User = cds.User.Privileged // skip auth
|
||||
const { GET, POST, expect } = cds.test('bookshop').in(__dirname,'..')
|
||||
|
||||
describe('Custom Handlers', () => {
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
const cds = require('@sap/cds/lib')
|
||||
const cds = require('@sap/cds/lib'); cds.User = cds.User.Privileged // skip auth
|
||||
const { GET, expect } = cds.test ('serve', __dirname+'/localized-data.cds', '--in-memory')
|
||||
|
||||
describe('Localized Data', () => {
|
||||
|
||||
@@ -2,7 +2,7 @@ const cds = require('@sap/cds/lib')
|
||||
const cwd = process.cwd(); process.chdir (__dirname) //> only for internal CI/CD@SAP
|
||||
const {expect} = cds.test
|
||||
const _model = '@capire/reviews'
|
||||
|
||||
cds.User = cds.User.Privileged // hard core monkey patch
|
||||
|
||||
describe('Messaging', ()=>{
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
const cds = require('@sap/cds/lib')
|
||||
const cds = require('@sap/cds/lib'); cds.User = cds.User.Privileged // skip auth
|
||||
const { GET, expect } = cds.test('bookshop').in(__dirname,'..')
|
||||
|
||||
describe('OData Protocol', () => {
|
||||
|
||||
Reference in New Issue
Block a user