Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions app/apps/server/tests/mocks/orchestrator.mock.js
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
/* istanbul ignore file */

export class AppServerOrchestratorMock {
constructor() {
this._marketplaceUrl = 'https://marketplace.rocket.chat';
Expand Down
213 changes: 137 additions & 76 deletions app/lib/tests/server.tests.js
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
/* eslint-env mocha */
import 'babel-polyfill';
import assert from 'assert';

import { expect } from 'chai';
import './server.mocks.js';

import PasswordPolicyClass from '../server/lib/PasswordPolicyClass';
Expand All @@ -9,31 +11,31 @@ describe('PasswordPolicyClass', () => {
describe('Default options', () => {
const passwordPolice = new PasswordPolicyClass();
it('should be disabled', () => {
assert.equal(passwordPolice.enabled, false);
expect(passwordPolice.enabled).to.be.equal(false);
});
it('should have minLength = -1', () => {
assert.equal(passwordPolice.minLength, -1);
expect(passwordPolice.minLength).to.be.equal(-1);
});
it('should have maxLength = -1', () => {
assert.equal(passwordPolice.maxLength, -1);
expect(passwordPolice.maxLength).to.be.equal(-1);
});
it('should have forbidRepeatingCharacters = false', () => {
assert.equal(passwordPolice.forbidRepeatingCharacters, false);
expect(passwordPolice.forbidRepeatingCharacters).to.be.false;
});
it('should have forbidRepeatingCharactersCount = 3', () => {
assert.equal(passwordPolice.forbidRepeatingCharactersCount, 3);
expect(passwordPolice.forbidRepeatingCharactersCount).to.be.equal(3);
});
it('should have mustContainAtLeastOneLowercase = false', () => {
assert.equal(passwordPolice.mustContainAtLeastOneLowercase, false);
expect(passwordPolice.mustContainAtLeastOneLowercase).to.be.false;
});
it('should have mustContainAtLeastOneUppercase = false', () => {
assert.equal(passwordPolice.mustContainAtLeastOneUppercase, false);
expect(passwordPolice.mustContainAtLeastOneUppercase).to.be.false;
});
it('should have mustContainAtLeastOneNumber = false', () => {
assert.equal(passwordPolice.mustContainAtLeastOneNumber, false);
expect(passwordPolice.mustContainAtLeastOneNumber).to.be.false;
});
it('should have mustContainAtLeastOneSpecialCharacter = false', () => {
assert.equal(passwordPolice.mustContainAtLeastOneSpecialCharacter, false);
expect(passwordPolice.mustContainAtLeastOneSpecialCharacter).to.be.false;
});

describe('Password tests with default options', () => {
Expand All @@ -54,13 +56,12 @@ describe('PasswordPolicyClass', () => {
enabled: true,
throwError: false,
});

assert.equal(passwordPolice.validate(), false);
assert.equal(passwordPolice.validate(1), false);
assert.equal(passwordPolice.validate(true), false);
assert.equal(passwordPolice.validate(new Date()), false);
assert.equal(passwordPolice.validate(new Function()), false);
assert.equal(passwordPolice.validate(''), false);
expect(passwordPolice.validate()).to.be.false;
expect(passwordPolice.validate(1)).to.be.false;
expect(passwordPolice.validate(true)).to.be.false;
expect(passwordPolice.validate(new Date())).to.be.false;
expect(passwordPolice.validate(new Function())).to.be.false;
expect(passwordPolice.validate('')).to.be.false;
});

it('should restrict by minLength', () => {
Expand All @@ -70,10 +71,10 @@ describe('PasswordPolicyClass', () => {
throwError: false,
});

assert.equal(passwordPolice.validate('1'), false);
assert.equal(passwordPolice.validate('1234'), false);
assert.equal(passwordPolice.validate('12345'), true);
assert.equal(passwordPolice.validate(' '), false);
expect(passwordPolice.validate('1')).to.be.false;
expect(passwordPolice.validate('1234')).to.be.false;
expect(passwordPolice.validate('12345')).to.be.true;
expect(passwordPolice.validate(' ')).to.be.false;
});

it('should restrict by maxLength', () => {
Expand All @@ -83,10 +84,10 @@ describe('PasswordPolicyClass', () => {
throwError: false,
});

assert.equal(passwordPolice.validate('1'), true);
assert.equal(passwordPolice.validate('12345'), true);
assert.equal(passwordPolice.validate('123456'), false);
assert.equal(passwordPolice.validate(' '), false);
expect(passwordPolice.validate('1')).to.be.true;
expect(passwordPolice.validate('12345')).to.be.true;
expect(passwordPolice.validate('123456')).to.be.false;
expect(passwordPolice.validate(' ')).to.be.false;
});

it('should allow repeated characters', () => {
Expand All @@ -96,11 +97,11 @@ describe('PasswordPolicyClass', () => {
throwError: false,
});

assert.equal(passwordPolice.validate('1'), true);
assert.equal(passwordPolice.validate('12345'), true);
assert.equal(passwordPolice.validate('123456'), true);
assert.equal(passwordPolice.validate(' '), false);
assert.equal(passwordPolice.validate('11111111111111'), true);
expect(passwordPolice.validate('1')).to.be.true;
expect(passwordPolice.validate('12345')).to.be.true;
expect(passwordPolice.validate('123456')).to.be.true;
expect(passwordPolice.validate(' ')).to.be.false;
expect(passwordPolice.validate('11111111111111')).to.be.true;
});

it('should restrict repeated characters', () => {
Expand All @@ -111,12 +112,12 @@ describe('PasswordPolicyClass', () => {
throwError: false,
});

assert.equal(passwordPolice.validate('1'), true);
assert.equal(passwordPolice.validate('11'), true);
assert.equal(passwordPolice.validate('111'), true);
assert.equal(passwordPolice.validate('1111'), false);
assert.equal(passwordPolice.validate(' '), false);
assert.equal(passwordPolice.validate('123456'), true);
expect(passwordPolice.validate('1')).to.be.true;
expect(passwordPolice.validate('11')).to.be.true;
expect(passwordPolice.validate('111')).to.be.true;
expect(passwordPolice.validate('1111')).to.be.false;
expect(passwordPolice.validate(' ')).to.be.false;
expect(passwordPolice.validate('123456')).to.be.true;
});

it('should restrict repeated characters customized', () => {
Expand All @@ -127,14 +128,14 @@ describe('PasswordPolicyClass', () => {
throwError: false,
});

assert.equal(passwordPolice.validate('1'), true);
assert.equal(passwordPolice.validate('11'), true);
assert.equal(passwordPolice.validate('111'), true);
assert.equal(passwordPolice.validate('1111'), true);
assert.equal(passwordPolice.validate('11111'), true);
assert.equal(passwordPolice.validate('111111'), false);
assert.equal(passwordPolice.validate(' '), false);
assert.equal(passwordPolice.validate('123456'), true);
expect(passwordPolice.validate('1')).to.be.true;
expect(passwordPolice.validate('11')).to.be.true;
expect(passwordPolice.validate('111')).to.be.true;
expect(passwordPolice.validate('1111')).to.be.true;
expect(passwordPolice.validate('11111')).to.be.true;
expect(passwordPolice.validate('111111')).to.be.false;
expect(passwordPolice.validate(' ')).to.be.false;
expect(passwordPolice.validate('123456')).to.be.true;
});

it('should contain one lowercase', () => {
Expand All @@ -144,13 +145,13 @@ describe('PasswordPolicyClass', () => {
throwError: false,
});

assert.equal(passwordPolice.validate('a'), true);
assert.equal(passwordPolice.validate('aa'), true);
assert.equal(passwordPolice.validate('A'), false);
assert.equal(passwordPolice.validate(' '), false);
assert.equal(passwordPolice.validate('123456'), false);
assert.equal(passwordPolice.validate('AAAAA'), false);
assert.equal(passwordPolice.validate('AAAaAAA'), true);
expect(passwordPolice.validate('a')).to.be.true;
expect(passwordPolice.validate('aa')).to.be.true;
expect(passwordPolice.validate('A')).to.be.false;
expect(passwordPolice.validate(' ')).to.be.false;
expect(passwordPolice.validate('123456')).to.be.false;
expect(passwordPolice.validate('AAAAA')).to.be.false;
expect(passwordPolice.validate('AAAaAAA')).to.be.true;
});

it('should contain one uppercase', () => {
Expand All @@ -160,48 +161,108 @@ describe('PasswordPolicyClass', () => {
throwError: false,
});

assert.equal(passwordPolice.validate('a'), false);
assert.equal(passwordPolice.validate('aa'), false);
assert.equal(passwordPolice.validate('A'), true);
assert.equal(passwordPolice.validate(' '), false);
assert.equal(passwordPolice.validate('123456'), false);
assert.equal(passwordPolice.validate('AAAAA'), true);
assert.equal(passwordPolice.validate('AAAaAAA'), true);
expect(passwordPolice.validate('a')).to.be.false;
expect(passwordPolice.validate('aa')).to.be.false;
expect(passwordPolice.validate('A')).to.be.true;
expect(passwordPolice.validate(' ')).to.be.false;
expect(passwordPolice.validate('123456')).to.be.false;
expect(passwordPolice.validate('AAAAA')).to.be.true;
expect(passwordPolice.validate('AAAaAAA')).to.be.true;
});

it('should contain one uppercase', () => {
it('should contain one number', () => {
const passwordPolice = new PasswordPolicyClass({
enabled: true,
mustContainAtLeastOneNumber: true,
throwError: false,
});

assert.equal(passwordPolice.validate('a'), false);
assert.equal(passwordPolice.validate('aa'), false);
assert.equal(passwordPolice.validate('A'), false);
assert.equal(passwordPolice.validate(' '), false);
assert.equal(passwordPolice.validate('123456'), true);
assert.equal(passwordPolice.validate('AAAAA'), false);
assert.equal(passwordPolice.validate('AAAaAAA'), false);
assert.equal(passwordPolice.validate('AAAa1AAA'), true);
expect(passwordPolice.validate('a')).to.be.false;
expect(passwordPolice.validate('aa')).to.be.false;
expect(passwordPolice.validate('A')).to.be.false;
expect(passwordPolice.validate(' ')).to.be.false;
expect(passwordPolice.validate('123456')).to.be.true;
expect(passwordPolice.validate('AAAAA')).to.be.false;
expect(passwordPolice.validate('AAAaAAA')).to.be.false;
expect(passwordPolice.validate('AAAa1AAA')).to.be.true;
});

it('should contain one uppercase', () => {
it('should contain one special character', () => {
const passwordPolice = new PasswordPolicyClass({
enabled: true,
mustContainAtLeastOneSpecialCharacter: true,
throwError: false,
});

assert.equal(passwordPolice.validate('a'), false);
assert.equal(passwordPolice.validate('aa'), false);
assert.equal(passwordPolice.validate('A'), false);
assert.equal(passwordPolice.validate(' '), false);
assert.equal(passwordPolice.validate('123456'), false);
assert.equal(passwordPolice.validate('AAAAA'), false);
assert.equal(passwordPolice.validate('AAAaAAA'), false);
assert.equal(passwordPolice.validate('AAAa1AAA'), false);
assert.equal(passwordPolice.validate('AAAa@AAA'), true);
expect(passwordPolice.validate('a')).to.be.false;
expect(passwordPolice.validate('aa')).to.be.false;
expect(passwordPolice.validate('A')).to.be.false;
expect(passwordPolice.validate(' ')).to.be.false;
expect(passwordPolice.validate('123456')).to.be.false;
expect(passwordPolice.validate('AAAAA')).to.be.false;
expect(passwordPolice.validate('AAAaAAA')).to.be.false;
expect(passwordPolice.validate('AAAa1AAA')).to.be.false;
expect(passwordPolice.validate('AAAa@AAA')).to.be.true;
});
});

describe('Password generator', () => {
it('should return a random password', () => {
const passwordPolice = new PasswordPolicyClass({
enabled: true,
throwError: false,
});

expect(passwordPolice.generatePassword()).to.not.be.undefined;
});
});

describe('Password Policy', () => {
it('should return a correct password policy', () => {
const passwordPolice = new PasswordPolicyClass({
enabled: true,
throwError: false,
minLength: 10,
maxLength: 20,
forbidRepeatingCharacters: true,
forbidRepeatingCharactersCount: 4,
mustContainAtLeastOneLowercase: true,
mustContainAtLeastOneUppercase: true,
mustContainAtLeastOneNumber: true,
mustContainAtLeastOneSpecialCharacter: true,
});

const policy = passwordPolice.getPasswordPolicy();

expect(policy).to.not.be.undefined;
expect(policy.enabled).to.be.true;
expect(policy.policy.length).to.be.equal(8);
expect(policy.policy[0][0]).to.be.equal('get-password-policy-minLength');
expect(policy.policy[0][1].minLength).to.be.equal(10);
});

it('should return correct values if policy is disabled', () => {
const passwordPolice = new PasswordPolicyClass({
enabled: false,
});

const policy = passwordPolice.getPasswordPolicy();

expect(policy.enabled).to.be.false;
expect(policy.policy.length).to.be.equal(0);
});

it('should return correct values if policy is enabled but no specifiers exists', () => {
const passwordPolice = new PasswordPolicyClass({
enabled: true,
});

const policy = passwordPolice.getPasswordPolicy();

expect(policy.enabled).to.be.true;
// even when no policy is specified, forbidRepeatingCharactersCount is still configured
// since its default value is 3
expect(policy.policy.length).to.be.equal(1);
});
});
});