Add more tests

Author: skadefro

OpenFlow/src/Audit.ts

@@ -3,8 +3,11 @@ import { TokenUser, Base, Rights, NoderedUtil } from "@openiap/openflow-api";
 import { Crypt } from "./Crypt";
 import { Span } from "@opentelemetry/api";
 
+export type tokenType = "local" | "jwtsignin" | "samltoken" | "tokenissued" | "weblogin";
+export type loginProvider = "saml" | "google" | "local" | "websocket";
+export type clientType = "browser" | "openrpa" | "nodered" | "webapp" | "openflow" | "powershell" | "mobileapp" | "samlverify" | "googleverify" | "aiotmobileapp" | "aiotwebapp";
 export class Audit {
-    public static LoginSuccess(user: TokenUser, type: string, provider: string, remoteip: string, clientagent: string, clientversion: string, parent: Span) {
+    public static LoginSuccess(user: TokenUser, type: tokenType, provider: loginProvider, remoteip: string, clientagent: clientType, clientversion: string, parent: Span) {
         const log: Singin = new Singin();
         Base.addRight(log, user._id, user.name, [Rights.read, Rights.update, Rights.invoke]);
         log.remoteip = remoteip;
@@ -19,7 +22,7 @@ export class Audit {
         Config.db.InsertOne(log, "audit", 0, false, Crypt.rootToken(), parent)
             .catch((error) => console.error("failed InsertOne in LoginSuccess: " + error));
     }
-    public static ImpersonateSuccess(user: TokenUser, impostor: TokenUser, clientagent: string, clientversion: string, parent: Span) {
+    public static ImpersonateSuccess(user: TokenUser, impostor: TokenUser, clientagent: clientType, clientversion: string, parent: Span) {
         const log: Singin = new Singin();
         Base.addRight(log, user._id, user.name, [Rights.read]);
         Base.addRight(log, impostor._id, impostor.name, [Rights.read]);
@@ -36,7 +39,7 @@ export class Audit {
         Config.db.InsertOne(log, "audit", 0, false, Crypt.rootToken(), parent)
             .catch((error) => console.error("failed InsertOne in ImpersonateSuccess: " + error));
     }
-    public static ImpersonateFailed(user: TokenUser, impostor: TokenUser, clientagent: string, clientversion: string, parent: Span) {
+    public static ImpersonateFailed(user: TokenUser, impostor: TokenUser, clientagent: clientType, clientversion: string, parent: Span) {
         const log: Singin = new Singin();
         Base.addRight(log, user._id, user.name, [Rights.read]);
         Base.addRight(log, impostor._id, impostor.name, [Rights.read]);
@@ -52,7 +55,7 @@ export class Audit {
         Config.db.InsertOne(log, "audit", 0, false, Crypt.rootToken(), parent)
             .catch((error) => console.error("failed InsertOne in ImpersonateFailed: " + error));
     }
-    public static LoginFailed(username: string, type: string, provider: string, remoteip: string, clientagent: string, clientversion: string, parent: Span) {
+    public static LoginFailed(username: string, type: tokenType, provider: loginProvider, remoteip: string, clientagent: clientType, clientversion: string, parent: Span) {
         const log: Singin = new Singin();
         log.remoteip = remoteip;
         log.success = false;

OpenFlow/src/Auth.ts

@@ -25,6 +25,11 @@ export class Auth {
 
     public static authorizationCache: HashTable<CachedUser> = {};
     private static cacheTimer: NodeJS.Timeout;
+    public static shutdown() {
+        if (!NoderedUtil.IsNullUndefinded(this.cacheTimer)) {
+            clearInterval(this.cacheTimer);
+        }
+    }
     public static getUser(key: string, type: string): User {
         if (NoderedUtil.IsNullUndefinded(this.cacheTimer)) this.cacheTimer = setInterval(this.cleanCache, 60000)
         var res: CachedUser = this.authorizationCache[key + type];
@@ -43,7 +48,7 @@ export class Auth {
         this.RemoveUser(key, type);
         return null;
     }
-    private static async cleanCache() {
+    public static async cleanCache() {
         try {
             if (this.authorizationCache == null) return;
             const keys: string[] = Object.keys(this.authorizationCache);

OpenFlow/src/Config.ts

@@ -18,6 +18,8 @@ export class Config {
     public static reload(): void {
         Config.getversion();
         Config.logpath = Config.getEnv("logpath", __dirname);
+        Config.log_error_stack = Config.parseBoolean(Config.getEnv("log_error_stack", "false"));
+        Config.log_errors = Config.parseBoolean(Config.getEnv("log_errors", "true"));
         Config.log_queries = Config.parseBoolean(Config.getEnv("log_queries", "false"));
         Config.log_aggregates = Config.parseBoolean(Config.getEnv("log_aggregates", "false"));
         Config.log_inserts = Config.parseBoolean(Config.getEnv("log_inserts", "false"));
@@ -157,6 +159,8 @@ export class Config {
     public static license_key: string = Config.getEnv("license_key", "");
     public static version: string = Config.getversion();
     public static logpath: string = Config.getEnv("logpath", __dirname);
+    public static log_error_stack: boolean = Config.parseBoolean(Config.getEnv("log_error_stack", "false"));
+    public static log_errors: boolean = Config.parseBoolean(Config.getEnv("log_errors", "true"));
     public static log_queries: boolean = Config.parseBoolean(Config.getEnv("log_queries", "false"));
     public static log_aggregates: boolean = Config.parseBoolean(Config.getEnv("log_aggregates", "false"));
     public static log_inserts: boolean = Config.parseBoolean(Config.getEnv("log_inserts", "false"));

OpenFlow/src/DBHelper.ts

@@ -8,6 +8,7 @@ export class DBHelper {
     public static async FindByUsername(username: string, jwt: string, parent: Span): Promise<User> {
         const span: Span = Logger.otel.startSubSpan("dbhelper.FindByUsername", parent);
         try {
+            if (NoderedUtil.IsNullEmpty(username)) throw new Error("Username is mandatory")
             const byuser = { username: new RegExp(["^", username, "$"].join(""), "i") };
             const byid = { federationids: new RegExp(["^", username, "$"].join(""), "i") }
             const q = { $or: [byuser, byid] };
@@ -42,6 +43,7 @@ export class DBHelper {
         try {
             var _id = id;
             if (NoderedUtil.IsNullEmpty(_id)) _id = null;
+            if (NoderedUtil.IsNullEmpty(username) && NoderedUtil.IsNullEmpty(_id)) throw new Error("Either username or id is mandatory");
             const items: User[] = await Config.db.query<User>({ $or: [{ username: new RegExp(["^", username, "$"].join(""), "i") }, { _id }] },
                 null, 1, 0, null, "users", Crypt.rootToken(), undefined, undefined, span);
             if (items === null || items === undefined || items.length === 0) { return null; }
@@ -56,6 +58,7 @@ export class DBHelper {
     public static async FindByUsernameOrFederationid(username: string, parent: Span): Promise<User> {
         const span: Span = Logger.otel.startSubSpan("dbhelper.FindByUsernameOrFederationid", parent);
         try {
+            if (NoderedUtil.IsNullEmpty(username)) throw new Error("username cannot be null");
             const byuser = { username: new RegExp(["^", username, "$"].join(""), "i") };
             const byid = { federationids: new RegExp(["^", username, "$"].join(""), "i") }
             const q = { $or: [byuser, byid] };
@@ -74,6 +77,7 @@ export class DBHelper {
     public static async DecorateWithRoles<T extends TokenUser | User>(user: T, parent: Span): Promise<T> {
         const span: Span = Logger.otel.startSubSpan("dbhelper.DecorateWithRoles", parent);
         try {
+            if (NoderedUtil.IsNullUndefinded(user)) throw new Error("User is mandatory");
             if (!Config.decorate_roles_fetching_all_roles) {
                 if (!user.roles) user.roles = [];
                 const pipe: any = [{ "$match": { "_id": user._id } },
@@ -164,22 +168,18 @@ export class DBHelper {
         return user as any;
     }
     public static async FindRoleByName(name: string, parent: Span): Promise<Role> {
-        const items: Role[] = await Config.db.query<Role>({ name: name }, null, 1, 0, null, "users", Crypt.rootToken(), undefined, undefined, parent);
+        const items: Role[] = await Config.db.query<Role>({ name: name, "_type": "role" }, null, 1, 0, null, "users", Crypt.rootToken(), undefined, undefined, parent);
         if (items === null || items === undefined || items.length === 0) { return null; }
         return Role.assign(items[0]);
     }
     public static async FindRoleByNameOrId(name: string, id: string, parent: Span): Promise<Role> {
-        try {
-            var _id = id;
-            if (NoderedUtil.IsNullEmpty(_id)) _id = null; // undefined is bad here
-            const jwt = Crypt.rootToken();
-            const items: Role[] = await Config.db.query<Role>({ $or: [{ name }, { _id }], "_type": "role" }, null, 5, 0, null, "users", jwt, undefined, undefined, parent);
-            if (items === null || items === undefined || items.length === 0) { return null; }
-            return Role.assign(items[0]);
-        } catch (error) {
-            console.error(error);
-            return null;
-        }
+        var _id = id;
+        if (NoderedUtil.IsNullEmpty(_id)) _id = null; // undefined is bad here
+        if (NoderedUtil.IsNullEmpty(name) && NoderedUtil.IsNullEmpty(_id)) throw new Error("Either username or id is mandatory");
+        const jwt = Crypt.rootToken();
+        const items: Role[] = await Config.db.query<Role>({ $or: [{ name }, { _id }], "_type": "role" }, null, 5, 0, null, "users", jwt, undefined, undefined, parent);
+        if (items === null || items === undefined || items.length === 0) { return null; }
+        return Role.assign(items[0]);
     }
     public static async Save(item: User | Role, jwt: string, parent: Span): Promise<void> {
         await Config.db._UpdateOne(null, item, "users", 2, false, jwt, parent);
@@ -205,7 +205,7 @@ export class DBHelper {
             Logger.otel.endSpan(span);
         }
     }
-    public static async ensureUser(jwt: string, name: string, username: string, id: string, password: string, parent: Span): Promise<User> {
+    public static async EnsureUser(jwt: string, name: string, username: string, id: string, password: string, parent: Span): Promise<User> {
         const span: Span = Logger.otel.startSubSpan("dbhelper.ensureUser", parent);
         try {
             let user: User = await this.FindByUsernameOrId(username, id, span);

OpenFlow/src/DatabaseConnection.ts

@@ -329,26 +329,26 @@ export class DatabaseConnection {
                             } else if (arr[0]._type === "user") {
                                 let u: User = User.assign(arr[0]);
                                 if (!Base.hasRight(u, item._id, Rights.read)) {
-                                    Logger.instanse.debug("Assigning " + item.name + " read permission to " + u.name);
+                                    Logger.instanse.silly("Assigning " + item.name + " read permission to " + u.name);
                                     Base.addRight(u, item._id, item.name, [Rights.read], false);
                                     u = this.ensureResource(u);
                                     const _ot_end1 = Logger.otel.startTimer();
                                     await this.db.collection("users").updateOne({ _id: u._id }, { $set: { _acl: u._acl } });
                                     Logger.otel.endTimer(_ot_end1, DatabaseConnection.mongodb_update, { collection: "users" });
                                 } else if (u._id != item._id) {
-                                    Logger.instanse.debug(item.name + " allready exists on " + u.name);
+                                    Logger.instanse.silly(item.name + " allready exists on " + u.name);
                                 }
                             } else if (arr[0]._type === "role") {
                                 let r: Role = Role.assign(arr[0]);
                                 if (r._id !== WellknownIds.admins && r._id !== WellknownIds.users && !Base.hasRight(r, item._id, Rights.read)) {
-                                    Logger.instanse.debug("Assigning " + item.name + " read permission to " + r.name);
+                                    Logger.instanse.silly("Assigning " + item.name + " read permission to " + r.name);
                                     Base.addRight(r, item._id, item.name, [Rights.read], false);
                                     r = this.ensureResource(r);
                                     const _ot_end2 = Logger.otel.startTimer();
                                     await this.db.collection("users").updateOne({ _id: r._id }, { $set: { _acl: r._acl } });
                                     Logger.otel.endTimer(_ot_end2, DatabaseConnection.mongodb_update, { collection: "users" });
                                 } else if (r._id != item._id) {
-                                    Logger.instanse.debug(item.name + " allready exists on " + r.name);
+                                    Logger.instanse.silly(item.name + " allready exists on " + r.name);
                                 }
 
                             }

OpenFlow/src/Logger.ts

@@ -6,6 +6,12 @@ const path = require('path');
 export class Logger {
     public static otel: otel;
     public static License: LicenseFile;
+    static myFormat = winston.format.printf(info => {
+        if (info instanceof Error || info.stack) {
+            return `${info.timestamp} [${info.level}] ${info.message} \n ${info.stack}`;
+        }
+        return `${info.timestamp} [${info.level}] ${info.message}`;
+    });
     static configure(skipotel: boolean, skiplic: boolean): winston.Logger {
         const filename = path.join(Config.logpath, "openflow.log");
         const options: any = {
@@ -25,18 +31,12 @@ export class Logger {
                 colorize: true
             },
         };
-        const myFormat = winston.format.printf(info => {
-            if (info instanceof Error || info.stack) {
-                return `${info.timestamp} [${info.level}] ${info.message} \n ${info.stack}`;
-            }
-            return `${info.timestamp} [${info.level}] ${info.message}`;
-        });
         options.console.format = winston.format.combine(
             winston.format.errors({ stack: true }),
             winston.format.timestamp({ format: 'HH:mm:ss.sss' }),
             winston.format.colorize(),
             winston.format.json(),
-            myFormat
+            Logger.myFormat
         );
         const logger: winston.Logger = winston.createLogger({
             level: "debug",
@@ -45,7 +45,7 @@ export class Logger {
                 winston.format.errors({ stack: true }),
                 winston.format.timestamp({ format: 'HH:mm:ss.sss' }),
                 winston.format.json(),
-                myFormat
+                Logger.myFormat
             ),
             transports: [
                 new winston.transports.File(options.file),

OpenFlow/src/LoginProvider.ts

@@ -1006,7 +1006,7 @@ export class LoginProvider {
                         user = new User(); user.name = username; user.username = username;
                         await Crypt.SetPassword(user, password, span);
                         const jwt: string = Crypt.rootToken();
-                        user = await DBHelper.ensureUser(jwt, user.name, user.username, null, password, span);
+                        user = await DBHelper.EnsureUser(jwt, user.name, user.username, null, password, span);
 
                         const admins: Role = await DBHelper.FindRoleByName("admins", span);
                         admins.AddMember(user);
@@ -1035,7 +1035,7 @@ export class LoginProvider {
                     if (!createUser) {
                         return done(null, false);
                     }
-                    user = await DBHelper.ensureUser(Crypt.rootToken(), username, username, null, password, span);
+                    user = await DBHelper.EnsureUser(Crypt.rootToken(), username, username, null, password, span);
                 } else {
                     if (user.disabled) {
                         Audit.LoginFailed(username, "weblogin", "local", remoteip, "browser", "unknown", span);
@@ -1156,7 +1156,7 @@ export class LoginProvider {
                     }
                     if (NoderedUtil.IsNullEmpty(_user.name)) { done("Cannot add new user, name is empty, please add displayname to claims", null); return; }
                     const jwt: string = Crypt.rootToken();
-                    _user = await DBHelper.ensureUser(jwt, _user.name, _user.username, null, null, span);
+                    _user = await DBHelper.EnsureUser(jwt, _user.name, _user.username, null, null, span);
                 }
             } else {
                 if (!NoderedUtil.IsNullUndefinded(_user)) {
@@ -1230,7 +1230,7 @@ export class LoginProvider {
                     _user.username = username;
                     (_user as any).mobile = profile.mobile;
                     if (NoderedUtil.IsNullEmpty(_user.name)) { done("Cannot add new user, name is empty.", null); return; }
-                    _user = await DBHelper.ensureUser(jwt, _user.name, _user.username, null, null, span);
+                    _user = await DBHelper.EnsureUser(jwt, _user.name, _user.username, null, null, span);
                 }
             }
             if (NoderedUtil.IsNullUndefinded(_user)) {