prosody
cfc42ed3892c
spec/util_sasl_spec.lua
Software / code / prosody
File
spec/util_sasl_spec.lua @ 13524:cfc42ed3892c
mod_pubsub: Check new role framework for node creation privileges
This enables granting regular users permission to create nodes via the
new roles framework. Previously this required either making everyone an
admin or writing a custom mod_pubsub variant with different permission
details.
Previous default behavior of only allowing creation by admin is kept as
to not give out unexpected permissions on upgrade, but could be
reevaluated at a later time.
Fixes #1324
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Sun, 13 Oct 2024 13:03:08 +0200 |
| parent | 13113:191fe4866e3e |
line wrap: on
line source
local sasl = require "util.sasl"; -- profile * mechanism -- callbacks could use spies instead describe("util.sasl", function () describe("plain_test profile", function () local profile = { plain_test = function (_, username, password, realm) assert.equals("user", username) assert.equals("pencil", password) assert.equals("sasl.test", realm) return true, true; end; }; it("works with PLAIN", function () local plain = sasl.new("sasl.test", profile); assert.truthy(plain:select("PLAIN")); assert.truthy(plain:process("\000user\000pencil")); assert.equals("user", plain.username); end); end); describe("plain profile", function () local profile = { plain = function (_, username, realm) assert.equals("user", username) assert.equals("sasl.test", realm) return "pencil", true; end; }; it("works with PLAIN", function () local plain = sasl.new("sasl.test", profile); assert.truthy(plain:select("PLAIN")); assert.truthy(plain:process("\000user\000pencil")); assert.equals("user", plain.username); end); -- TODO SCRAM end); describe("oauthbearer profile", function() local profile = { oauthbearer = function(_, token, _realm, _authzid) if token == "example-bearer-token" then return "user", true, {}; else return nil, nil, {} end end; } it("works with OAUTHBEARER", function() local bearer = sasl.new("sasl.test", profile); assert.truthy(bearer:select("OAUTHBEARER")); assert.equals("success", bearer:process("n,,\1auth=Bearer example-bearer-token\1\1")); assert.equals("user", bearer.username); end) it("returns extras with OAUTHBEARER", function() local bearer = sasl.new("sasl.test", profile); assert.truthy(bearer:select("OAUTHBEARER")); local status, extra = bearer:process("n,,\1auth=Bearer unknown\1\1"); assert.equals("challenge", status); assert.equals("{\"status\":\"invalid_token\"}", extra); assert.equals("failure", bearer:process("\1")); end) end) end);
