server: add basic is-admin tests and bug fixes

client/components/badges/expiration-badge/index.tsx

@@ -49,9 +49,9 @@ const ExpirationBadge = ({
     return (
         <Badge type={isExpired ? "error" : "warning"}>
             <Tooltip
+                hideArrow
                 text={`${expirationDate.toLocaleDateString()} ${expirationDate.toLocaleTimeString()}`}>
                 {isExpired ? "Expired" : `Expires ${timeUntilString}`}
-                hideArrow
             </Tooltip>
         </Badge>
     )

server/src/__tests__/e2e.ts

@@ -1,15 +1,15 @@
-import * as request from 'supertest'
-import { app } from '../app'
+import * as request from "supertest"
+import { app } from "../app"
 
-describe('GET /health', () => {
-  it('should return 200 and a status up', (done) => {
+describe("GET /health", () => {
+	it("should return 200 and a status up", (done) => {
 		request(app)
 			.get(`/health`)
-      .expect('Content-Type', /json/)
+			.expect("Content-Type", /json/)
 			.expect(200)
 			.end((err, res) => {
 				if (err) return done(err)
-        expect(res.body).toMatchObject({ 'status': 'UP' })
+				expect(res.body).toMatchObject({ status: "UP" })
 				done()
 			})
 	})

server/src/lib/__tests__/config.ts

@@ -2,8 +2,8 @@ import { config } from "../config"
 
 describe("Config", () => {
 	it("should build a valid development config when no environment is set", () => {
-        const emptyEnv = {};
-        const result = config(emptyEnv);
+		const emptyEnv = {}
+		const result = config(emptyEnv)
 
 		expect(result).toHaveProperty("is_production", false)
 		expect(result).toHaveProperty("port")
@@ -18,8 +18,9 @@ describe("Config", () => {
 	})
 
 	it("should fail when building a prod environment without SECRET_KEY", () => {
-        expect(() => config({ NODE_ENV: "production" }))
-            .toThrow(new Error("Missing environment variable: SECRET_KEY"))
+		expect(() => config({ NODE_ENV: "production" })).toThrow(
+			new Error("Missing environment variable: SECRET_KEY")
+		)
 	})
 
 	it("should build a prod config with a SECRET_KEY", () => {
@@ -50,8 +51,9 @@ describe("Config", () => {
 			expect(result).toHaveProperty("memory_db", false)
 		})
 		it("should fail when it is not parseable", () => {
-            expect(() => config({ MEMORY_DB: "foo" }))
-                .toThrow(new Error("Invalid boolean value: foo"))
+			expect(() => config({ MEMORY_DB: "foo" })).toThrow(
+				new Error("Invalid boolean value: foo")
+			)
 		})
 		it("should default to false when the string is empty", () => {
 			const result = config({ MEMORY_DB: "" })

server/src/lib/__tests__/get-html-from-drift-file.ts

@@ -0,0 +1,17 @@
+import getHtmlFromFile from "@lib/get-html-from-drift-file"
+
+describe("get-html-from-drift-file", () => {
+	it("should not wrap markdown in code blocks", () => {
+		const markdown = `## My Markdown`
+		const html = getHtmlFromFile({ content: markdown, title: "my-markdown.md" })
+		// the string is <h2><a href=\"#my-markdown\" id=\"my-markdown\" style=\"color:inherit\">My Markdown</a></h2>,
+		// but we dont wan't to be too strict in case markup changes
+		expect(html).toMatch(/<h2><a.*<\/a><\/h2>/)
+	})
+
+	it("should wrap code in code blocks", () => {
+		const code = `const foo = "bar"`
+		const html = getHtmlFromFile({ content: code, title: "my-code.js" })
+		expect(html).toMatch(/<pre><code class="prism-code language-js">/)
+	})
+})

server/src/lib/__tests__/middleware/is-admin.ts

@@ -0,0 +1,50 @@
+// import * as request from 'supertest'
+// import { app } from '../../../app'
+import { NextFunction, Response } from "express"
+import isAdmin from "@lib/middleware/is-admin"
+import { UserJwtRequest } from "@lib/middleware/jwt"
+
+describe("is-admin middlware", () => {
+	let mockRequest: Partial<UserJwtRequest>
+	let mockResponse: Partial<Response>
+	let nextFunction: NextFunction = jest.fn()
+
+	beforeEach(() => {
+		mockRequest = {}
+		mockResponse = {
+			sendStatus: jest.fn()
+		}
+	})
+
+	it("should return 401 if no authorization header", async () => {
+		const res = mockResponse as Response
+		isAdmin(mockRequest as UserJwtRequest, res, nextFunction)
+		expect(res.sendStatus).toHaveBeenCalledWith(401)
+	})
+
+	it("should return 401 if no token is supplied", async () => {
+		const req = mockRequest as UserJwtRequest
+		req.headers = {
+			authorization: "Bearer"
+		}
+		isAdmin(req, mockResponse as Response, nextFunction)
+		expect(mockResponse.sendStatus).toBeCalledWith(401)
+	})
+
+	it("should return 404 if config.enable_admin is false", async () => {
+		jest.mock("../../config", () => ({
+			enable_admin: false
+		}))
+
+		const req = mockRequest as UserJwtRequest
+		req.headers = {
+			authorization: "Bearer 123"
+		}
+		isAdmin(req, mockResponse as Response, nextFunction)
+		expect(mockResponse.sendStatus).toBeCalledWith(404)
+	})
+
+	// TODO: 403 if !isAdmin
+	// Verify it calls next() if admin
+	// Requires mocking config.enable_admin
+})

server/src/lib/config.ts

@@ -6,12 +6,12 @@ type Config = {
 	memory_db: boolean
 	enable_admin: boolean
 	secret_key: string
-	registration_password: string,
-	welcome_content: string | undefined,
-	welcome_title: string | undefined,
+	registration_password: string
+	welcome_content: string | undefined
+	welcome_title: string | undefined
 }
 
-type EnvironmentValue = string | undefined;
+type EnvironmentValue = string | undefined
 type Environment = { [key: string]: EnvironmentValue }
 
 export const config = (env: Environment): Config => {
@@ -34,7 +34,10 @@ export const config = (env: Environment): Config => {
 		return str
 	}
 
-	const defaultIfUndefined = (str: EnvironmentValue, defaultValue: string): string => {
+	const defaultIfUndefined = (
+		str: EnvironmentValue,
+		defaultValue: string
+	): string => {
 		if (str === undefined) {
 			return defaultValue
 		}
@@ -52,11 +55,15 @@ export const config = (env: Environment): Config => {
 		}
 	}
 
-	const is_production = env.NODE_ENV === "production";
+	const is_production = env.NODE_ENV === "production"
 
-	const developmentDefault = (str: EnvironmentValue, name: string, defaultValue: string): string => {
-		if (is_production) return throwIfUndefined(str, name);
-		return defaultIfUndefined(str, defaultValue);
+	const developmentDefault = (
+		str: EnvironmentValue,
+		name: string,
+		defaultValue: string
+	): string => {
+		if (is_production) return throwIfUndefined(str, name)
+		return defaultIfUndefined(str, defaultValue)
 	}
 
 	validNodeEnvs(env.NODE_ENV)
@@ -72,7 +79,6 @@ export const config = (env: Environment): Config => {
 		registration_password: env.REGISTRATION_PASSWORD ?? "",
 		welcome_content: env.WELCOME_CONTENT,
 		welcome_title: env.WELCOME_TITLE
-
 	}
 	return config
 }

server/src/lib/get-html-from-drift-file.ts

@@ -32,10 +32,8 @@ ${content}
 	} else {
 		contentToRender = "\n" + content
 	}
-    console.log(contentToRender.slice(0, 50))
 	const html = markdown(contentToRender)
 	return html
 }
 
-
 export default getHtmlFromFile

server/src/lib/middleware/is-admin.ts

@@ -11,16 +11,20 @@ export interface UserJwtRequest extends Request {
 	user?: User
 }
 
-export default function authenticateToken(
+export default function isAdmin(
 	req: UserJwtRequest,
 	res: Response,
 	next: NextFunction
 ) {
+	if (!req.headers?.authorization) {
+		return res.sendStatus(401)
+	}
+
 	const authHeader = req.headers["authorization"]
 	const token = authHeader && authHeader.split(" ")[1]
-	if (token == null) return res.sendStatus(401)
+	if (!token) return res.sendStatus(401)
+	console.log(config)
 	if (!config.enable_admin) return res.sendStatus(404)
-
 	jwt.verify(token, config.jwt_secret, async (err: any, user: any) => {
 		if (err) return res.sendStatus(403)
 		const userObj = await UserModel.findByPk(user.id, {

server/src/routes/posts.ts

@@ -357,4 +357,3 @@ posts.delete("/:id", jwt, async (req: UserJwtRequest, res, next) => {
 		next(e)
 	}
 })
-