npm - @stamhoofd/backend - Versions diffs - 2.81.0 → 2.83.0 - Mend

@stamhoofd/backend 2.81.0 → 2.83.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (108) hide show

package/tests/e2e/api-rate-limits.test.ts ADDED Viewed

@@ -0,0 +1,188 @@
+/* eslint-disable jest/no-conditional-expect */
+import { Request } from '@simonbackx/simple-endpoints';
+import { Organization, OrganizationFactory, Token, UserFactory } from '@stamhoofd/models';
+import { PatchMap } from '@simonbackx/simple-encoding';
+import { ApiUser, ApiUserRateLimits, PermissionLevel, Permissions, PermissionsResourceType, ResourcePermissions, UserMeta, UserPermissions } from '@stamhoofd/structures';
+import { SHExpect, TestUtils } from '@stamhoofd/test-utils';
+import { CreateApiUserEndpoint } from '../../src/endpoints/organization/dashboard/users/CreateApiUserEndpoint';
+import { testServer } from '../helpers/TestServer';
+import { GetUserEndpoint } from '../../src/endpoints/auth/GetUserEndpoint';
+describe('E2E.APIRateLimits', () => {
+    // Test endpoint
+    const createEndpoint = new CreateApiUserEndpoint();
+    const getUserEndpoint = new GetUserEndpoint();
+    let organization: Organization;
+    beforeEach(async () => {
+        TestUtils.setEnvironment('userMode', 'platform');
+        organization = await new OrganizationFactory({}).create();
+    });
+    /**
+     * Note: we don't use a factory because this is an E2E test and
+     * we also want to check if the created tokens with the API are actually marked as API-keys and not normal users.
+     */
+    async function createAPIToken(rateLimits: ApiUserRateLimits | null) {
+        const user = await new UserFactory({
+            globalPermissions: Permissions.create({
+                level: PermissionLevel.Full,
+            }),
+        }).create();
+        const token = await Token.createToken(user);
+        const createRequest = Request.buildJson('POST', '/api-keys', organization.getApiHost(), ApiUser.create({
+            permissions: UserPermissions.create({
+                organizationPermissions: new Map([
+                    [organization.id, Permissions.create({ level: PermissionLevel.Read })],
+                ]),
+            }),
+            meta: UserMeta.create({
+                rateLimits,
+            }),
+        }));
+        createRequest.headers.authorization = 'Bearer ' + token.accessToken;
+        const createResponse = await testServer.test(createEndpoint, createRequest);
+        expect(createResponse.body.meta?.rateLimits ?? undefined).toEqual(rateLimits ?? undefined);
+        return createResponse.body.token;
+    }
+    test('By default throws after 25 requests in less than 5s', async () => {
+        const token = await createAPIToken(null);
+        // Start firing
+        for (let i = 0; i < 30; i++) {
+            const request = Request.buildJson('GET', '/user', organization.getApiHost());
+            request.headers.authorization = 'Bearer ' + token;
+            const promise = testServer.test(getUserEndpoint, request);
+            if (i < 25) {
+                try {
+                    await expect(promise).toResolve();
+                }
+                catch (e) {
+                    let error: any = null;
+                    try {
+                        await promise;
+                    }
+                    catch (e) {
+                        error = e;
+                    }
+                    throw new Error('The endpoint rejected at call ' + i + ' with error message ' + error?.message);
+                }
+            }
+            else {
+                await expect(promise).rejects.toThrow(
+                    SHExpect.simpleError({
+                        code: 'rate_limit',
+                    }),
+                );
+            }
+        }
+    });
+    test('Normal rate limit throws after 25 requests in less than 5s', async () => {
+        const token = await createAPIToken(ApiUserRateLimits.Normal);
+        // Start firing
+        for (let i = 0; i < 30; i++) {
+            const request = Request.buildJson('GET', '/user', organization.getApiHost());
+            request.headers.authorization = 'Bearer ' + token;
+            const promise = testServer.test(getUserEndpoint, request);
+            if (i < 25) {
+                try {
+                    await expect(promise).toResolve();
+                }
+                catch (e) {
+                    let error: any = null;
+                    try {
+                        await promise;
+                    }
+                    catch (e) {
+                        error = e;
+                    }
+                    throw new Error('The endpoint rejected at call ' + i + ' with error message ' + error?.message);
+                }
+            }
+            else {
+                await expect(promise).rejects.toThrow(
+                    SHExpect.simpleError({
+                        code: 'rate_limit',
+                    }),
+                );
+            }
+        }
+    });
+    test('Medium rate limits throw after 50 requests in less than 5s', async () => {
+        const token = await createAPIToken(ApiUserRateLimits.Medium);
+        // Start firing
+        for (let i = 0; i < 60; i++) {
+            const request = Request.buildJson('GET', '/user', organization.getApiHost());
+            request.headers.authorization = 'Bearer ' + token;
+            const promise = testServer.test(getUserEndpoint, request);
+            if (i < 50) {
+                try {
+                    await expect(promise).toResolve();
+                }
+                catch (e) {
+                    let error: any = null;
+                    try {
+                        await promise;
+                    }
+                    catch (e) {
+                        error = e;
+                    }
+                    throw new Error('The endpoint rejected at call ' + i + ' with error message ' + error?.message);
+                }
+            }
+            else {
+                await expect(promise).rejects.toThrow(
+                    SHExpect.simpleError({
+                        code: 'rate_limit',
+                    }),
+                );
+            }
+        }
+    });
+    test('High rate limits throw after 125 requests in less than 5s', async () => {
+        const token = await createAPIToken(ApiUserRateLimits.High);
+        // Start firing
+        for (let i = 0; i < 140; i++) {
+            const request = Request.buildJson('GET', '/user', organization.getApiHost());
+            request.headers.authorization = 'Bearer ' + token;
+            const promise = testServer.test(getUserEndpoint, request);
+            if (i < 125) {
+                try {
+                    await expect(promise).toResolve();
+                }
+                catch (e) {
+                    let error: any = null;
+                    try {
+                        await promise;
+                    }
+                    catch (e) {
+                        error = e;
+                    }
+                    throw new Error('The endpoint rejected at call ' + i + ' with error message ' + error?.message);
+                }
+            }
+            else {
+                await expect(promise).rejects.toThrow(
+                    SHExpect.simpleError({
+                        code: 'rate_limit',
+                    }),
+                );
+            }
+        }
+    });
+});

package/tests/e2e/private-files.test.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { File, MemberDetails, MemberWithRegistrationsBlob, RecordCategory, RecordFileAnswer, RecordSettings, RecordType, Version } from '@stamhoofd/structures';
+import { File, MemberDetails, MemberWithRegistrationsBlob, RecordCategory, RecordFileAnswer, RecordSettings, RecordType, TranslatedString, Version } from '@stamhoofd/structures';
 import { PatchableArray, PatchableArrayAutoEncoder } from '@simonbackx/simple-encoding';
 import { Request } from '@simonbackx/simple-endpoints';
@@ -16,7 +16,7 @@ const getMembersEndpoint = new GetUserMembersEndpoint();
 describe('E2E.PrivateFiles', () => {
     const recordSettings = RecordSettings.create({
         id: 'test',
-        name: 'Bestand test',
+        name: TranslatedString.create('Bestand test'),
         type: RecordType.File,
     });
@@ -25,7 +25,7 @@ describe('E2E.PrivateFiles', () => {
         // Add record settings type
         const category = RecordCategory.create({
-            name: 'Voorbeeld',
+            name: TranslatedString.create('Voorbeeld'),
             defaultEnabled: true,
             records: [
                 recordSettings,

package/tests/helpers/StripeMocker.ts CHANGED Viewed

@@ -165,9 +165,15 @@ export class StripeMocker {
         const endpoint = new StripeWebookEndpoint();
         const r = Request.buildJson('POST', `/stripe/webhooks`, undefined, payload);
+        const secret = payload.account ? STAMHOOFD.STRIPE_CONNECT_ENDPOINT_SECRET : STAMHOOFD.STRIPE_ENDPOINT_SECRET;
+        if (!secret) {
+            throw new Error('No stripe secret set in env');
+        }
         r.headers['stripe-signature'] = stripe.webhooks.generateTestHeaderString({
             payload: await r.body,
-            secret: payload.account ? STAMHOOFD.STRIPE_CONNECT_ENDPOINT_SECRET : STAMHOOFD.STRIPE_ENDPOINT_SECRET,
+            secret: secret,
         });
         await testServer.test(endpoint, r);
     }

/package/src/endpoints/global/platform/{GetPlatformEnpoint.ts → GetPlatformEndpoint.ts} RENAMED Viewed

File without changes