immich/server/src/services/api-key.service.spec.ts

import { BadRequestException } from '@nestjs/common';
import { IKeyRepository } from 'src/interfaces/api-key.interface';
import { ICryptoRepository } from 'src/interfaces/crypto.interface';
import { APIKeyService } from 'src/services/api-key.service';
import { keyStub } from 'test/fixtures/api-key.stub';
import { authStub } from 'test/fixtures/auth.stub';
import { newKeyRepositoryMock } from 'test/repositories/api-key.repository.mock';
import { newCryptoRepositoryMock } from 'test/repositories/crypto.repository.mock';
import { Mocked } from 'vitest';

describe(APIKeyService.name, () => {
  let sut: APIKeyService;
  let keyMock: Mocked<IKeyRepository>;
  let cryptoMock: Mocked<ICryptoRepository>;

  beforeEach(() => {
    cryptoMock = newCryptoRepositoryMock();
    keyMock = newKeyRepositoryMock();
    sut = new APIKeyService(cryptoMock, keyMock);
  });

  describe('create', () => {
    it('should create a new key', async () => {
      keyMock.create.mockResolvedValue(keyStub.admin);
      await sut.create(authStub.admin, { name: 'Test Key' });
      expect(keyMock.create).toHaveBeenCalledWith({
        key: 'cmFuZG9tLWJ5dGVz (hashed)',
        name: 'Test Key',
        userId: authStub.admin.user.id,
      });
      expect(cryptoMock.newPassword).toHaveBeenCalled();
      expect(cryptoMock.hashSha256).toHaveBeenCalled();
    });

    it('should not require a name', async () => {
      keyMock.create.mockResolvedValue(keyStub.admin);

      await sut.create(authStub.admin, {});

      expect(keyMock.create).toHaveBeenCalledWith({
        key: 'cmFuZG9tLWJ5dGVz (hashed)',
        name: 'API Key',
        userId: authStub.admin.user.id,
      });
      expect(cryptoMock.newPassword).toHaveBeenCalled();
      expect(cryptoMock.hashSha256).toHaveBeenCalled();
    });
  });

  describe('update', () => {
    it('should throw an error if the key is not found', async () => {
      keyMock.getById.mockResolvedValue(null);

      await expect(sut.update(authStub.admin, 'random-guid', { name: 'New Name' })).rejects.toBeInstanceOf(
        BadRequestException,
      );

      expect(keyMock.update).not.toHaveBeenCalledWith('random-guid');
    });

    it('should update a key', async () => {
      keyMock.getById.mockResolvedValue(keyStub.admin);
      keyMock.update.mockResolvedValue(keyStub.admin);

      await sut.update(authStub.admin, 'random-guid', { name: 'New Name' });

      expect(keyMock.update).toHaveBeenCalledWith(authStub.admin.user.id, 'random-guid', { name: 'New Name' });
    });
  });

  describe('delete', () => {
    it('should throw an error if the key is not found', async () => {
      keyMock.getById.mockResolvedValue(null);

      await expect(sut.delete(authStub.admin, 'random-guid')).rejects.toBeInstanceOf(BadRequestException);

      expect(keyMock.delete).not.toHaveBeenCalledWith('random-guid');
    });

    it('should delete a key', async () => {
      keyMock.getById.mockResolvedValue(keyStub.admin);

      await sut.delete(authStub.admin, 'random-guid');

      expect(keyMock.delete).toHaveBeenCalledWith(authStub.admin.user.id, 'random-guid');
    });
  });

  describe('getById', () => {
    it('should throw an error if the key is not found', async () => {
      keyMock.getById.mockResolvedValue(null);

      await expect(sut.getById(authStub.admin, 'random-guid')).rejects.toBeInstanceOf(BadRequestException);

      expect(keyMock.getById).toHaveBeenCalledWith(authStub.admin.user.id, 'random-guid');
    });

    it('should get a key by id', async () => {
      keyMock.getById.mockResolvedValue(keyStub.admin);

      await sut.getById(authStub.admin, 'random-guid');

      expect(keyMock.getById).toHaveBeenCalledWith(authStub.admin.user.id, 'random-guid');
    });
  });

  describe('getAll', () => {
    it('should return all the keys for a user', async () => {
      keyMock.getByUserId.mockResolvedValue([keyStub.admin]);

      await expect(sut.getAll(authStub.admin)).resolves.toHaveLength(1);

      expect(keyMock.getByUserId).toHaveBeenCalledWith(authStub.admin.user.id);
    });
  });
});
fix(server): auth strategies (#1459) * fix(server): auth strategies * chore: tests 2023-01-28 06:12:11 +01:00			`import { BadRequestException } from '@nestjs/common';`
chore(server): rename domain `repositories` -> `interfaces` (#8147) rename domain repositories 2024-03-21 12:59:49 +01:00			`import { IKeyRepository } from 'src/interfaces/api-key.interface';`
			`import { ICryptoRepository } from 'src/interfaces/crypto.interface';`
chore(server): move services (#8133) move services 2024-03-21 00:07:30 +01:00			`import { APIKeyService } from 'src/services/api-key.service';`
chore(server): use absolute import paths (#8080) update server to use absolute import paths 2024-03-20 19:32:04 +01:00			`import { keyStub } from 'test/fixtures/api-key.stub';`
			`import { authStub } from 'test/fixtures/auth.stub';`
			`import { newKeyRepositoryMock } from 'test/repositories/api-key.repository.mock';`
			`import { newCryptoRepositoryMock } from 'test/repositories/crypto.repository.mock';`
chore: migrate to vitest (#7156) * chore: jest => vitest * chore: replace jest-when 2024-04-16 16:44:45 +02:00			`import { Mocked } from 'vitest';`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00
			`describe(APIKeyService.name, () => {`
			`let sut: APIKeyService;`
chore: migrate to vitest (#7156) * chore: jest => vitest * chore: replace jest-when 2024-04-16 16:44:45 +02:00			`let keyMock: Mocked<IKeyRepository>;`
			`let cryptoMock: Mocked<ICryptoRepository>;`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00
chore(server): eslint await-thenable (#7545) * await-thenable * fix library watchers * moar eslint * fix test * fix typo * try to remove check void return * fix checksVoidReturn * move to domain utils * remove eslint ignores * chore: cleanup types * chore: use logger * fix: e2e --------- Co-authored-by: Ben McCann <322311+benmccann@users.noreply.github.com> Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> 2024-03-05 23:23:06 +01:00			`beforeEach(() => {`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00			`cryptoMock = newCryptoRepositoryMock();`
			`keyMock = newKeyRepositoryMock();`
			`sut = new APIKeyService(cryptoMock, keyMock);`
			`});`

			`describe('create', () => {`
			`it('should create a new key', async () => {`
refactor(server): auth guard (#1472) * refactor: auth guard * chore: move auth guard to middleware * chore: tests * chore: remove unused code * fix: migration to uuid without dataloss * chore: e2e tests * chore: removed unused guards 2023-01-31 19:11:49 +01:00			`keyMock.create.mockResolvedValue(keyStub.admin);`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00			`await sut.create(authStub.admin, { name: 'Test Key' });`
			`expect(keyMock.create).toHaveBeenCalledWith({`
			`key: 'cmFuZG9tLWJ5dGVz (hashed)',`
			`name: 'Test Key',`
refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-10 05:34:12 +01:00			`userId: authStub.admin.user.id,`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00			`});`
refactor(server): new password repo method (#8208) 2024-03-23 19:33:25 +01:00			`expect(cryptoMock.newPassword).toHaveBeenCalled();`
feat(server): move authentication to tokens stored in the database (#1381) * chore: add typeorm commands to npm and set default database config values * feat: move to server side authentication tokens * fix: websocket should emit error and disconnect on error thrown by the server * refactor: rename cookie-auth-strategy to user-auth-strategy * feat: user tokens and API keys now use SHA256 hash for performance improvements * test: album e2e test remove unneeded module import * infra: truncate api key table as old keys will no longer work with new hash algorithm * fix(server): e2e tests (#1435) * fix: root module paths * chore: linting * chore: rename user-auth to strategy.ts and make validate return AuthUserDto * fix: we should always send HttpOnly for our auth cookies * chore: remove now unused crypto functions and jwt dependencies * fix: return the extra fields for AuthUserDto in auth service validate --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> 2023-01-27 21:50:07 +01:00			`expect(cryptoMock.hashSha256).toHaveBeenCalled();`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00			`});`

			`it('should not require a name', async () => {`
refactor(server): auth guard (#1472) * refactor: auth guard * chore: move auth guard to middleware * chore: tests * chore: remove unused code * fix: migration to uuid without dataloss * chore: e2e tests * chore: removed unused guards 2023-01-31 19:11:49 +01:00			`keyMock.create.mockResolvedValue(keyStub.admin);`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00
			`await sut.create(authStub.admin, {});`

			`expect(keyMock.create).toHaveBeenCalledWith({`
			`key: 'cmFuZG9tLWJ5dGVz (hashed)',`
			`name: 'API Key',`
refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-10 05:34:12 +01:00			`userId: authStub.admin.user.id,`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00			`});`
refactor(server): new password repo method (#8208) 2024-03-23 19:33:25 +01:00			`expect(cryptoMock.newPassword).toHaveBeenCalled();`
feat(server): move authentication to tokens stored in the database (#1381) * chore: add typeorm commands to npm and set default database config values * feat: move to server side authentication tokens * fix: websocket should emit error and disconnect on error thrown by the server * refactor: rename cookie-auth-strategy to user-auth-strategy * feat: user tokens and API keys now use SHA256 hash for performance improvements * test: album e2e test remove unneeded module import * infra: truncate api key table as old keys will no longer work with new hash algorithm * fix(server): e2e tests (#1435) * fix: root module paths * chore: linting * chore: rename user-auth to strategy.ts and make validate return AuthUserDto * fix: we should always send HttpOnly for our auth cookies * chore: remove now unused crypto functions and jwt dependencies * fix: return the extra fields for AuthUserDto in auth service validate --------- Co-authored-by: Jason Rasmussen <jrasm91@gmail.com> 2023-01-27 21:50:07 +01:00			`expect(cryptoMock.hashSha256).toHaveBeenCalled();`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00			`});`
			`});`

			`describe('update', () => {`
			`it('should throw an error if the key is not found', async () => {`
			`keyMock.getById.mockResolvedValue(null);`

infra(server): fix Album TypeORM relations and change ids to uuids (#1582) * infra: make api-key primary key column a UUID * infra: move ManyToMany relations in album entity, make ownerId ManyToOne --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-02-18 21:58:55 +01:00			`await expect(sut.update(authStub.admin, 'random-guid', { name: 'New Name' })).rejects.toBeInstanceOf(`
			`BadRequestException,`
			`);`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00
infra(server): fix Album TypeORM relations and change ids to uuids (#1582) * infra: make api-key primary key column a UUID * infra: move ManyToMany relations in album entity, make ownerId ManyToOne --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-02-18 21:58:55 +01:00			`expect(keyMock.update).not.toHaveBeenCalledWith('random-guid');`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00			`});`

			`it('should update a key', async () => {`
refactor(server): auth guard (#1472) * refactor: auth guard * chore: move auth guard to middleware * chore: tests * chore: remove unused code * fix: migration to uuid without dataloss * chore: e2e tests * chore: removed unused guards 2023-01-31 19:11:49 +01:00			`keyMock.getById.mockResolvedValue(keyStub.admin);`
refactor(server): api key auth (#3054) 2023-07-01 03:49:30 +02:00			`keyMock.update.mockResolvedValue(keyStub.admin);`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00
infra(server): fix Album TypeORM relations and change ids to uuids (#1582) * infra: make api-key primary key column a UUID * infra: move ManyToMany relations in album entity, make ownerId ManyToOne --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-02-18 21:58:55 +01:00			`await sut.update(authStub.admin, 'random-guid', { name: 'New Name' });`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00
refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-10 05:34:12 +01:00			`expect(keyMock.update).toHaveBeenCalledWith(authStub.admin.user.id, 'random-guid', { name: 'New Name' });`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00			`});`
			`});`

			`describe('delete', () => {`
			`it('should throw an error if the key is not found', async () => {`
			`keyMock.getById.mockResolvedValue(null);`

infra(server): fix Album TypeORM relations and change ids to uuids (#1582) * infra: make api-key primary key column a UUID * infra: move ManyToMany relations in album entity, make ownerId ManyToOne --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-02-18 21:58:55 +01:00			`await expect(sut.delete(authStub.admin, 'random-guid')).rejects.toBeInstanceOf(BadRequestException);`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00
infra(server): fix Album TypeORM relations and change ids to uuids (#1582) * infra: make api-key primary key column a UUID * infra: move ManyToMany relations in album entity, make ownerId ManyToOne --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-02-18 21:58:55 +01:00			`expect(keyMock.delete).not.toHaveBeenCalledWith('random-guid');`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00			`});`

			`it('should delete a key', async () => {`
refactor(server): auth guard (#1472) * refactor: auth guard * chore: move auth guard to middleware * chore: tests * chore: remove unused code * fix: migration to uuid without dataloss * chore: e2e tests * chore: removed unused guards 2023-01-31 19:11:49 +01:00			`keyMock.getById.mockResolvedValue(keyStub.admin);`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00
infra(server): fix Album TypeORM relations and change ids to uuids (#1582) * infra: make api-key primary key column a UUID * infra: move ManyToMany relations in album entity, make ownerId ManyToOne --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-02-18 21:58:55 +01:00			`await sut.delete(authStub.admin, 'random-guid');`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00
refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-10 05:34:12 +01:00			`expect(keyMock.delete).toHaveBeenCalledWith(authStub.admin.user.id, 'random-guid');`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00			`});`
			`});`

			`describe('getById', () => {`
			`it('should throw an error if the key is not found', async () => {`
			`keyMock.getById.mockResolvedValue(null);`

infra(server): fix Album TypeORM relations and change ids to uuids (#1582) * infra: make api-key primary key column a UUID * infra: move ManyToMany relations in album entity, make ownerId ManyToOne --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-02-18 21:58:55 +01:00			`await expect(sut.getById(authStub.admin, 'random-guid')).rejects.toBeInstanceOf(BadRequestException);`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00
refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-10 05:34:12 +01:00			`expect(keyMock.getById).toHaveBeenCalledWith(authStub.admin.user.id, 'random-guid');`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00			`});`

			`it('should get a key by id', async () => {`
refactor(server): auth guard (#1472) * refactor: auth guard * chore: move auth guard to middleware * chore: tests * chore: remove unused code * fix: migration to uuid without dataloss * chore: e2e tests * chore: removed unused guards 2023-01-31 19:11:49 +01:00			`keyMock.getById.mockResolvedValue(keyStub.admin);`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00
infra(server): fix Album TypeORM relations and change ids to uuids (#1582) * infra: make api-key primary key column a UUID * infra: move ManyToMany relations in album entity, make ownerId ManyToOne --------- Co-authored-by: Alex Tran <alex.tran1502@gmail.com> 2023-02-18 21:58:55 +01:00			`await sut.getById(authStub.admin, 'random-guid');`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00
refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-10 05:34:12 +01:00			`expect(keyMock.getById).toHaveBeenCalledWith(authStub.admin.user.id, 'random-guid');`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00			`});`
			`});`

			`describe('getAll', () => {`
			`it('should return all the keys for a user', async () => {`
refactor(server): auth guard (#1472) * refactor: auth guard * chore: move auth guard to middleware * chore: tests * chore: remove unused code * fix: migration to uuid without dataloss * chore: e2e tests * chore: removed unused guards 2023-01-31 19:11:49 +01:00			`keyMock.getByUserId.mockResolvedValue([keyStub.admin]);`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00
			`await expect(sut.getAll(authStub.admin)).resolves.toHaveLength(1);`

refactor(server): auth dto (#5593) * refactor: AuthUserDto => AuthDto * refactor: reorganize auth-dto * refactor: AuthUser() => Auth() 2023-12-10 05:34:12 +01:00			`expect(keyMock.getByUserId).toHaveBeenCalledWith(authStub.admin.user.id);`
refactor(server): api keys (#1339) * refactor: api keys * refactor: test module * chore: tests * chore: fix provider * refactor: test mock repos 2023-01-18 15:40:15 +01:00			`});`
			`});`
			`});`