1
0
mirror of https://github.com/Foltik/Shimapan synced 2024-12-10 21:48:03 -05:00

Fix key limit check and add test

This commit is contained in:
Jack Foltz 2018-08-13 06:13:47 -04:00
parent b941da93e1
commit d28ce97ff5
Signed by: foltik
GPG Key ID: 303F88F996E95541
2 changed files with 16 additions and 1 deletions

View File

@ -15,7 +15,7 @@ const createParams = [
{name: 'identifier', type: 'string', sanitize: true}, {name: 'identifier', type: 'string', sanitize: true},
{name: 'scope', instance: Array}]; {name: 'scope', instance: Array}];
router.post('/create', requireAuth('key.create'), bodyVerifier(createParams), wrap(async (req, res) => { router.post('/create', requireAuth('key.create'), bodyVerifier(createParams), wrap(async (req, res) => {
const keyCount = await Key.countDocuments({username: req.username}); const keyCount = await Key.countDocuments({issuer: req.username});
if (keyCount >= config.get('Key.limit')) if (keyCount >= config.get('Key.limit'))
return res.status(403).json({message: 'Key limit reached.'}); return res.status(403).json({message: 'Key limit reached.'});

View File

@ -687,6 +687,21 @@ describe('Keys', () => {
util.verifyResponse(res, 403, 'Requested scope exceeds own scope.'); util.verifyResponse(res, 403, 'Requested scope exceeds own scope.');
}); });
}); });
describe('2 Key Limit', () => {
it('must not create additional keys beyond the limit', async () => {
await util.createSession(agent, ['key.create', 'file.upload']);
const limit = config.get('Key.limit');
// Create keys upto the limit (key0, key1, key2, ...)
await Promise.all(
[...Array(limit)]
.map(idx => util.createKey({identifier: 'key' + idx, scope: ['file.upload']}, agent)));
const res = await util.createKey({identifier: 'toomany', scope: ['file.upload']}, agent);
util.verifyResponse(res, 403, 'Key limit reached.');
});
});
}); });
describe('/POST delete', () => { describe('/POST delete', () => {