🚨 Optimize UM tests (#3066)

* ⚡ Declutter test logs

* 🐛 Fix random passwords length

* 🐛 Fix password hashing in test user creation

* 🐛 Hash leftover password

* ⚡ Improve error message for `compare`

* ⚡ Restore `randomInvalidPassword` contant

* ⚡ Mock Telemetry module to prevent `--forceExit`

* 🔥 Remove unused imports

* 🔥 Remove unused import

* ⚡ Add util for configuring test SMTP

* ⚡ Isolate user creation

* 🔥 De-duplicate `createFullUser`

* ⚡ Centralize hashing

* 🔥 Remove superfluous arg

* 🔥 Remove outdated comment

* ⚡ Prioritize shared tables during trucation

* 🧪 Add login tests

* ⚡ Use token helper

* ✏️ Improve naming

* ⚡ Make `createMemberShell` consistent

* 🔥 Remove unneeded helper

* 🔥 De-duplicate `beforeEach`

* ✏️ Improve naming

* 🚚 Move `categorize` to utils

* ✏️ Update comment

* 🧪 Simplify test

* 📘 Improve `User.password` type

* ⚡ Silence logger

* ⚡ Simplify condition

* ⚡ Unhash password in payload

* 🐛 Fix comparison against unhashed password

* ⚡ Increase timeout for fake SMTP service

* 🔥 Remove unneeded import

* ⚡ Use `isNull()`

* 🧪 Use `Promise.all()` in creds tests

* 🧪 Use `Promise.all()` in me tests

* 🧪 Use `Promise.all()` in owner tests

* 🧪 Use `Promise.all()` in password tests

* 🧪 Use `Promise.all()` in users tests

* ⚡ Re-set cookie if UM disabled

* 🔥 Remove repeated line

* ⚡ Refactor out shared owner data

* 🔥 Remove unneeded import

* 🔥 Remove repeated lines

* ⚡ Organize imports

* ⚡ Reuse helper

* 🚚 Rename tests to match routers

* 🚚 Rename `createFullUser()` to `createUser()`

* ⚡ Consolidate user shell creation

* ⚡ Make hashing async

* ⚡ Add email to user shell

* ⚡ Optimize array building

* 🛠 refactor user shell factory

* 🐛 Fix MySQL tests

* ⚡ Silence logger in other DBs

Co-authored-by: Ben Hesseldieck <b.hesseldieck@gmail.com>

packages/cli/test/integration/auth.mw.test.ts

@@ -0,0 +1,63 @@
+import express = require('express');
+
+import * as request from 'supertest';
+import {
+	REST_PATH_SEGMENT,
+	ROUTES_REQUIRING_AUTHORIZATION,
+	ROUTES_REQUIRING_AUTHENTICATION,
+} from './shared/constants';
+import * as utils from './shared/utils';
+import * as testDb from './shared/testDb';
+import type { Role } from '../../src/databases/entities/Role';
+
+jest.mock('../../src/telemetry');
+
+let app: express.Application;
+let testDbName = '';
+let globalMemberRole: Role;
+
+beforeAll(async () => {
+	app = utils.initTestServer({
+		applyAuth: true,
+		endpointGroups: ['me', 'auth', 'owner', 'users'],
+	});
+	const initResult = await testDb.init();
+	testDbName = initResult.testDbName;
+
+	globalMemberRole = await testDb.getGlobalMemberRole();
+
+	utils.initTestLogger();
+	utils.initTestTelemetry();
+});
+
+afterAll(async () => {
+	await testDb.terminate(testDbName);
+});
+
+ROUTES_REQUIRING_AUTHENTICATION.concat(ROUTES_REQUIRING_AUTHORIZATION).forEach((route) => {
+	const [method, endpoint] = getMethodAndEndpoint(route);
+
+	test(`${route} should return 401 Unauthorized if no cookie`, async () => {
+		const response = await request(app)[method](endpoint).use(utils.prefix(REST_PATH_SEGMENT));
+
+		expect(response.statusCode).toBe(401);
+	});
+});
+
+ROUTES_REQUIRING_AUTHORIZATION.forEach(async (route) => {
+	const [method, endpoint] = getMethodAndEndpoint(route);
+
+	test(`${route} should return 403 Forbidden for member`, async () => {
+		const member = await testDb.createUser({ globalRole: globalMemberRole });
+		const authMemberAgent = utils.createAgent(app, { auth: true, user: member });
+		const response = await authMemberAgent[method](endpoint);
+
+		expect(response.statusCode).toBe(403);
+	});
+});
+
+function getMethodAndEndpoint(route: string) {
+	return route.split(' ').map((segment, index) => {
+		return index % 2 === 0 ? segment.toLowerCase() : segment;
+	});
+}