admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-17 18:12:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(core): Limit user changes when saml is enabled (#5577)

Browse Source 
* consolidate SSO settings

* update saml settings

* fix type error

* limit user changes when saml is enabled

* add test
This commit is contained in:
Michael Auerswald
2023-03-03 10:05:30 +01:00
committed by GitHub
parent a91b631411
commit b5179597f3
5 changed files with 116 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
packages/cli/test/integration/saml/saml.api.test.ts Normal file
View File

@@ -0,0 +1,78 @@
import express from 'express';
import config from '@/config';
import type { Role } from '@db/entities/Role';
import { randomEmail, randomName, randomValidPassword } from '../shared/random';
import * as testDb from '../shared/testDb';
import type { AuthAgent } from '../shared/types';
import * as utils from '../shared/utils';
import { setSamlLoginEnabled } from '../../../src/sso/saml/samlHelpers';
import { setCurrentAuthenticationMethod } from '../../../src/sso/ssoHelpers';
let app: express.Application;
let globalOwnerRole: Role;
let globalMemberRole: Role;
let authAgent: AuthAgent;
function enableSaml(enable: boolean) {
setSamlLoginEnabled(enable);
setCurrentAuthenticationMethod(enable ? 'saml' : 'email');
config.set('enterprise.features.saml', enable);
}
beforeAll(async () => {
app = await utils.initTestServer({ endpointGroups: ['me'] });
globalOwnerRole = await testDb.getGlobalOwnerRole();
globalMemberRole = await testDb.getGlobalMemberRole();
authAgent = utils.createAuthAgent(app);
});
beforeEach(async () => {
await testDb.truncate(['User']);
});
afterAll(async () => {
await testDb.terminate();
});
describe('Owner shell', () => {
test('PATCH /me should succeed with valid inputs', async () => {
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerShellAgent = authAgent(ownerShell);
const response = await authOwnerShellAgent.patch('/me').send({
email: randomEmail(),
firstName: randomName(),
lastName: randomName(),
password: randomValidPassword(),
});
expect(response.statusCode).toBe(200);
});
test('PATCH /me should throw BadRequestError if email is changed when SAML is enabled', async () => {
enableSaml(true);
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerShellAgent = authAgent(ownerShell);
const response = await authOwnerShellAgent.patch('/me').send({
email: randomEmail(),
firstName: randomName(),
lastName: randomName(),
});
expect(response.statusCode).toBe(400);
expect(response.body.message).toContain('SAML');
enableSaml(false);
});
test('PATCH /password should throw BadRequestError if password is changed when SAML is enabled', async () => {
enableSaml(true);
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerShellAgent = authAgent(ownerShell);
const response = await authOwnerShellAgent.patch('/me/password').send({
password: randomValidPassword(),
});
expect(response.statusCode).toBe(400);
expect(response.body.message).toContain('SAML');
enableSaml(false);
});
});