From 78f67520421b95623344c68d97d811d9f4145417 Mon Sep 17 00:00:00 2001 From: Steve Adams Date: Sat, 23 Feb 2019 03:59:21 +1100 Subject: [PATCH] Sanitize file and folder names (#92) * update env var in docs. Might help with https://github.com/auth0/auth0-deploy-cli/issues/88 * Handle filenames/directories properly fixes https://github.com/auth0/auth0-deploy-cli/issues/81 * add tests * linting error --- package-lock.json | 21 ++++++++++ package.json | 1 + .../directory/handlers/clientGrants.js | 4 +- src/context/directory/handlers/clients.js | 4 +- src/context/directory/handlers/connections.js | 4 +- src/context/directory/handlers/databases.js | 9 ++-- .../directory/handlers/resourceServers.js | 4 +- src/context/directory/handlers/rules.js | 9 ++-- .../directory/handlers/rulesConfigs.js | 4 +- src/context/yaml/handlers/databases.js | 9 ++-- src/context/yaml/handlers/rules.js | 6 ++- src/utils.js | 6 +++ test/context/directory/clientGrants.test.js | 14 +++++++ test/context/directory/clients.test.js | 16 ++++++++ test/context/directory/connections.test.js | 16 ++++++++ test/context/directory/databases.test.js | 36 ++++++++++++++++ test/context/directory/resourceServers.js | 22 ++++++++++ test/context/directory/rules.test.js | 30 ++++++++++++++ test/context/directory/rulesConfigs.js | 14 +++++++ test/context/yaml/databases.test.js | 41 +++++++++++++++++++ test/context/yaml/rules.test.js | 33 +++++++++++++++ test/utils.test.js | 15 ++++++- 22 files changed, 294 insertions(+), 24 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0dfd32f7b..47c2f2648 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8163,6 +8163,14 @@ "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz", "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" }, + "sanitize-filename": { + "version": "1.6.1", + "resolved": "https://registry.npmjs.org/sanitize-filename/-/sanitize-filename-1.6.1.tgz", + "integrity": "sha1-YS2hyWRz+gLczaktzVtKsWSmdyo=", + "requires": { + "truncate-utf8-bytes": "^1.0.0" + } + }, "secure-keys": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/secure-keys/-/secure-keys-1.0.0.tgz", @@ -8880,6 +8888,14 @@ "integrity": "sha1-yy4SAwZ+DI3h9hQJS5/kVwTqYAM=", "dev": true }, + "truncate-utf8-bytes": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/truncate-utf8-bytes/-/truncate-utf8-bytes-1.0.2.tgz", + "integrity": "sha1-QFkjkJWS1W94pYGENLC3hInKXys=", + "requires": { + "utf8-byte-length": "^1.0.1" + } + }, "tty-browserify": { "version": "0.0.0", "resolved": "https://registry.npmjs.org/tty-browserify/-/tty-browserify-0.0.0.tgz", @@ -9095,6 +9111,11 @@ "integrity": "sha1-K1viOjK2Onyd640PKNSFcko98ZA=", "dev": true }, + "utf8-byte-length": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/utf8-byte-length/-/utf8-byte-length-1.0.4.tgz", + "integrity": "sha1-9F8VDExm7uloGGUFq5P8u4rWv2E=" + }, "util": { "version": "0.10.4", "resolved": "https://registry.npmjs.org/util/-/util-0.10.4.tgz", diff --git a/package.json b/package.json index 7ec4a331f..5a3377d36 100644 --- a/package.json +++ b/package.json @@ -39,6 +39,7 @@ "nconf": "^0.8.4", "node-storage": "0.0.7", "readline": "^1.3.0", + "sanitize-filename": "^1.6.1", "superagent": "^3.5.2", "winston": "^2.3.0", "xregexp": "^3.1.1", diff --git a/src/context/directory/handlers/clientGrants.js b/src/context/directory/handlers/clientGrants.js index 7b5e586ce..33ab0e119 100644 --- a/src/context/directory/handlers/clientGrants.js +++ b/src/context/directory/handlers/clientGrants.js @@ -3,7 +3,7 @@ import path from 'path'; import { constants } from 'auth0-source-control-extension-tools'; import log from '../../../logger'; -import { getFiles, existsMustBeDir, loadJSON } from '../../../utils'; +import { getFiles, existsMustBeDir, loadJSON, sanitize } from '../../../utils'; function parse(context) { const grantsFolder = path.join(context.filePath, constants.CLIENTS_GRANTS_DIRECTORY); @@ -35,7 +35,7 @@ async function dump(context) { const found = clients.find(c => c.client_id === dumpGrant.client_id); if (found) dumpGrant.client_id = found.name; - const name = `${dumpGrant.client_id} (${dumpGrant.audience})`.replace(/[/\\?%*:|"<>]/g, '-'); + const name = sanitize(`${dumpGrant.client_id} (${dumpGrant.audience})`); const grantFile = path.join(grantsFolder, `${name}.json`); log.info(`Writing ${grantFile}`); fs.writeFileSync(grantFile, JSON.stringify(dumpGrant, null, 2)); diff --git a/src/context/directory/handlers/clients.js b/src/context/directory/handlers/clients.js index 26d745587..81131eb78 100644 --- a/src/context/directory/handlers/clients.js +++ b/src/context/directory/handlers/clients.js @@ -3,7 +3,7 @@ import path from 'path'; import { constants } from 'auth0-source-control-extension-tools'; import log from '../../../logger'; -import { getFiles, existsMustBeDir, loadJSON } from '../../../utils'; +import { getFiles, existsMustBeDir, loadJSON, sanitize } from '../../../utils'; function parse(context) { const clientsFolder = path.join(context.filePath, constants.CLIENTS_DIRECTORY); @@ -29,7 +29,7 @@ async function dump(context) { fs.ensureDirSync(clientsFolder); clients.forEach((client) => { - const clientFile = path.join(clientsFolder, `${client.name}.json`); + const clientFile = path.join(clientsFolder, sanitize(`${client.name}.json`)); log.info(`Writing ${clientFile}`); fs.writeFileSync(clientFile, JSON.stringify(client, null, 2)); }); diff --git a/src/context/directory/handlers/connections.js b/src/context/directory/handlers/connections.js index 3b7ae1b80..7f4550baf 100644 --- a/src/context/directory/handlers/connections.js +++ b/src/context/directory/handlers/connections.js @@ -3,7 +3,7 @@ import path from 'path'; import { constants } from 'auth0-source-control-extension-tools'; import log from '../../../logger'; -import { getFiles, existsMustBeDir, loadJSON } from '../../../utils'; +import { getFiles, existsMustBeDir, loadJSON, sanitize } from '../../../utils'; function parse(context) { const connectionsFolder = path.join(context.filePath, constants.CONNECTIONS_DIRECTORY); @@ -41,7 +41,7 @@ async function dump(context) { ] }; - const connectionFile = path.join(connectionsFolder, `${dumpedConnection.name}.json`); + const connectionFile = path.join(connectionsFolder, sanitize(`${dumpedConnection.name}.json`)); log.info(`Writing ${connectionFile}`); fs.writeFileSync(connectionFile, JSON.stringify(dumpedConnection, null, 2)); }); diff --git a/src/context/directory/handlers/databases.js b/src/context/directory/handlers/databases.js index 679cda185..f3d604ddb 100644 --- a/src/context/directory/handlers/databases.js +++ b/src/context/directory/handlers/databases.js @@ -3,7 +3,7 @@ import fs from 'fs-extra'; import { constants, loadFile } from 'auth0-source-control-extension-tools'; import log from '../../../logger'; -import { isDirectory, existsMustBeDir, loadJSON, getFiles } from '../../../utils'; +import { isDirectory, existsMustBeDir, loadJSON, getFiles, sanitize } from '../../../utils'; function getDatabase(folder, mappings) { @@ -72,7 +72,7 @@ async function dump(context) { fs.ensureDirSync(databasesFolder); databases.forEach((database) => { - const dbFolder = path.join(databasesFolder, database.name); + const dbFolder = path.join(databasesFolder, sanitize(database.name)); fs.ensureDirSync(dbFolder); const formatted = { @@ -90,10 +90,11 @@ async function dump(context) { ...(database.options.customScripts && { customScripts: Object.entries(database.options.customScripts).reduce((scripts, [ name, script ]) => { // Dump custom script to file - const scriptFile = path.join(dbFolder, `${name}.js`); + const scriptName = sanitize(`${name}.js`); + const scriptFile = path.join(dbFolder, scriptName); log.info(`Writing ${scriptFile}`); fs.writeFileSync(scriptFile, script); - scripts[name] = `./${name}.js`; + scripts[name] = `./${scriptName}`; return scripts; }, {}) }) diff --git a/src/context/directory/handlers/resourceServers.js b/src/context/directory/handlers/resourceServers.js index 6c92acd71..e300e12af 100644 --- a/src/context/directory/handlers/resourceServers.js +++ b/src/context/directory/handlers/resourceServers.js @@ -3,7 +3,7 @@ import path from 'path'; import { constants } from 'auth0-source-control-extension-tools'; import log from '../../../logger'; -import { getFiles, existsMustBeDir, loadJSON } from '../../../utils'; +import { getFiles, existsMustBeDir, loadJSON, sanitize } from '../../../utils'; function parse(context) { const resourceServersFolder = path.join(context.filePath, constants.RESOURCE_SERVERS_DIRECTORY); @@ -29,7 +29,7 @@ async function dump(context) { fs.ensureDirSync(resourceServersFolder); resourceServers.forEach((resourceServer) => { - const resourceServerFile = path.join(resourceServersFolder, `${resourceServer.name}.json`); + const resourceServerFile = path.join(resourceServersFolder, sanitize(`${resourceServer.name}.json`)); log.info(`Writing ${resourceServerFile}`); fs.writeFileSync(resourceServerFile, JSON.stringify(resourceServer, null, 2)); }); diff --git a/src/context/directory/handlers/rules.js b/src/context/directory/handlers/rules.js index 653980d64..fba0899c8 100644 --- a/src/context/directory/handlers/rules.js +++ b/src/context/directory/handlers/rules.js @@ -3,7 +3,7 @@ import path from 'path'; import { constants } from 'auth0-source-control-extension-tools'; import log from '../../../logger'; -import { getFiles, existsMustBeDir, loadJSON } from '../../../utils'; +import { getFiles, existsMustBeDir, loadJSON, sanitize } from '../../../utils'; function parse(context) { @@ -36,14 +36,15 @@ async function dump(context) { fs.ensureDirSync(rulesFolder); rules.forEach((rule) => { // Dump script to file - const ruleJS = path.join(rulesFolder, `${rule.name}.js`); + const name = sanitize(rule.name); + const ruleJS = path.join(rulesFolder, `${name}.js`); log.info(`Writing ${ruleJS}`); fs.writeFileSync(ruleJS, rule.script); // Dump template metadata - const ruleFile = path.join(rulesFolder, `${rule.name}.json`); + const ruleFile = path.join(rulesFolder, `${name}.json`); log.info(`Writing ${ruleFile}`); - fs.writeFileSync(ruleFile, JSON.stringify({ ...rule, script: `./${rule.name}.js` }, null, 2)); + fs.writeFileSync(ruleFile, JSON.stringify({ ...rule, script: `./${name}.js` }, null, 2)); }); } diff --git a/src/context/directory/handlers/rulesConfigs.js b/src/context/directory/handlers/rulesConfigs.js index cdcac3550..a17625c05 100644 --- a/src/context/directory/handlers/rulesConfigs.js +++ b/src/context/directory/handlers/rulesConfigs.js @@ -2,7 +2,7 @@ import fs from 'fs-extra'; import path from 'path'; import { constants } from 'auth0-source-control-extension-tools'; -import { getFiles, existsMustBeDir, loadJSON } from '../../../utils'; +import { getFiles, existsMustBeDir, loadJSON, sanitize } from '../../../utils'; import log from '../../../logger'; function parse(context) { @@ -29,7 +29,7 @@ async function dump(context) { fs.ensureDirSync(ruleConfigsFolder); rulesConfigs.forEach((rulesConfig) => { - const ruleConfigFile = path.join(ruleConfigsFolder, `${rulesConfig.key}.json`); + const ruleConfigFile = path.join(ruleConfigsFolder, sanitize(`${rulesConfig.key}.json`)); log.info(`Writing ${ruleConfigFile}`); fs.writeFileSync(ruleConfigFile, JSON.stringify({ value: '******', diff --git a/src/context/yaml/handlers/databases.js b/src/context/yaml/handlers/databases.js index 5a3ff3f90..0478a43dd 100644 --- a/src/context/yaml/handlers/databases.js +++ b/src/context/yaml/handlers/databases.js @@ -1,6 +1,7 @@ import fs from 'fs-extra'; import path from 'path'; +import { sanitize } from '../../../utils'; import log from '../../../logger'; @@ -53,14 +54,16 @@ async function dump(context) { ...(database.options.customScripts && { customScripts: Object.entries(database.options.customScripts).reduce((scripts, [ name, script ]) => { // Create Database folder - const dbFolder = path.join(context.basePath, 'databases', database.name); + const dbName = sanitize(database.name); + const dbFolder = path.join(context.basePath, 'databases', sanitize(dbName)); fs.ensureDirSync(dbFolder); // Dump custom script to file - const scriptFile = path.join(dbFolder, `${name}.js`); + const scriptName = sanitize(name); + const scriptFile = path.join(dbFolder, `${scriptName}.js`); log.info(`Writing ${scriptFile}`); fs.writeFileSync(scriptFile, script); - scripts[name] = `./databases/${database.name}/${name}.js`; + scripts[name] = `./databases/${dbName}/${scriptName}.js`; return scripts; }, {}) }) diff --git a/src/context/yaml/handlers/rules.js b/src/context/yaml/handlers/rules.js index f6d2efa2b..f00ec840f 100644 --- a/src/context/yaml/handlers/rules.js +++ b/src/context/yaml/handlers/rules.js @@ -1,6 +1,7 @@ import path from 'path'; import fs from 'fs-extra'; +import { sanitize } from '../../../utils'; import log from '../../../logger'; async function parse(context) { @@ -28,10 +29,11 @@ async function dump(context) { rules = rules.map((rule) => { // Dump rule to file - const scriptFile = path.join(rulesFolder, `${rule.name}.js`); + const scriptName = sanitize(`${rule.name}.js`); + const scriptFile = path.join(rulesFolder, scriptName); log.info(`Writing ${scriptFile}`); fs.writeFileSync(scriptFile, rule.script); - return { ...rule, script: `./rules/${rule.name}.js` }; + return { ...rule, script: `./rules/${scriptName}` }; }); } diff --git a/src/utils.js b/src/utils.js index 1df5840e5..0f3345aca 100644 --- a/src/utils.js +++ b/src/utils.js @@ -1,5 +1,6 @@ import fs from 'fs-extra'; import path from 'path'; +import sanitizeName from 'sanitize-filename'; import { loadFile } from 'auth0-source-control-extension-tools'; export function isDirectory(f) { @@ -83,3 +84,8 @@ export function stripIdentifiers(auth0, assets) { return updated; } + + +export function sanitize(str) { + return sanitizeName(str, { replacement: '-' }); +} diff --git a/test/context/directory/clientGrants.test.js b/test/context/directory/clientGrants.test.js index e74cd345f..51f90d541 100644 --- a/test/context/directory/clientGrants.test.js +++ b/test/context/directory/clientGrants.test.js @@ -108,4 +108,18 @@ describe('#directory context clientGrants', () => { const clientGrantsFolder = path.join(dir, constants.CLIENTS_GRANTS_DIRECTORY); expect(loadJSON(path.join(clientGrantsFolder, 'My M2M (https---test.myapp.com-api-v1).json'))).to.deep.equal(context.assets.clientGrants[0]); }); + + it('should dump client grants sanitized', async () => { + const dir = path.join(testDataDir, 'directory', 'clientGrantsDump'); + cleanThenMkdir(dir); + const context = new Context({ AUTH0_INPUT_FILE: dir }, mockMgmtClient()); + + context.assets.clientGrants = [ + { audience: 'https://test.myapp.com/api/v1', client_id: 'My M2M', scope: [ 'update:account' ] } + ]; + + await handler.dump(context); + const clientGrantsFolder = path.join(dir, constants.CLIENTS_GRANTS_DIRECTORY); + expect(loadJSON(path.join(clientGrantsFolder, 'My M2M (https---test.myapp.com-api-v1).json'))).to.deep.equal(context.assets.clientGrants[0]); + }); }); diff --git a/test/context/directory/clients.test.js b/test/context/directory/clients.test.js index 267d4692c..59f4cd865 100644 --- a/test/context/directory/clients.test.js +++ b/test/context/directory/clients.test.js @@ -85,4 +85,20 @@ describe('#directory context clients', () => { expect(loadJSON(path.join(clientFolder, 'someClient.json'))).to.deep.equal(context.assets.clients[0]); expect(loadJSON(path.join(clientFolder, 'someClient2.json'))).to.deep.equal(context.assets.clients[1]); }); + + it('should dump clients sanitized', async () => { + const dir = path.join(testDataDir, 'directory', 'clientsDump'); + cleanThenMkdir(dir); + const context = new Context({ AUTH0_INPUT_FILE: dir }, mockMgmtClient()); + + context.assets.clients = [ + { app_type: 'spa', name: 'someClient-test' }, + { app_type: 'spa', name: 'someClient2/aa' } + ]; + + await handler.dump(context); + const clientFolder = path.join(dir, constants.CLIENTS_DIRECTORY); + expect(loadJSON(path.join(clientFolder, 'someClient-test.json'))).to.deep.equal(context.assets.clients[0]); + expect(loadJSON(path.join(clientFolder, 'someClient2-aa.json'))).to.deep.equal(context.assets.clients[1]); + }); }); diff --git a/test/context/directory/connections.test.js b/test/context/directory/connections.test.js index 7c30ca8f6..faea2bb11 100644 --- a/test/context/directory/connections.test.js +++ b/test/context/directory/connections.test.js @@ -91,4 +91,20 @@ describe('#directory context connections', () => { expect(loadJSON(path.join(clientFolder, 'myad-waad.json'))).to.deep.equal(context.assets.connections[0]); expect(loadJSON(path.join(clientFolder, 'facebook.json'))).to.deep.equal(context.assets.connections[1]); }); + + it('should dump connections sanitized', async () => { + const dir = path.join(testDataDir, 'directory', 'connectionsDump'); + cleanThenMkdir(dir); + const context = new Context({ AUTH0_INPUT_FILE: dir }, mockMgmtClient()); + + context.assets.connections = [ + { + name: 'my/ad-waad', strategy: 'waad', var: 'something', enabled_clients: [] + } + ]; + + await handler.dump(context); + const clientFolder = path.join(dir, constants.CONNECTIONS_DIRECTORY); + expect(loadJSON(path.join(clientFolder, 'my-ad-waad.json'))).to.deep.equal(context.assets.connections[0]); + }); }); diff --git a/test/context/directory/databases.test.js b/test/context/directory/databases.test.js index 4f6f19842..10661704c 100644 --- a/test/context/directory/databases.test.js +++ b/test/context/directory/databases.test.js @@ -250,4 +250,40 @@ describe('#directory context databases', () => { expect(fs.readFileSync(path.join(scripsFolder, 'login.js'), 'utf8')).to.deep.equal(scriptValidate); expect(fs.readFileSync(path.join(scripsFolder, 'verify.js'), 'utf8')).to.deep.equal(scriptValidate); }); + + it('should dump custom databases sanitized', async () => { + cleanThenMkdir(dbDumpDir); + const context = new Context({ AUTH0_INPUT_FILE: dbDumpDir }, mockMgmtClient()); + + const scriptValidate = 'function login() { var env1 = "env2"; }'; + context.assets.databases = [ + { + name: 'users/test', + enabled_clients: [], + options: { + customScripts: { + change_email: scriptValidate + }, + enabledDatabaseCustomization: true + }, + strategy: 'auth0' + } + ]; + + await handler.dump(context); + const scripsFolder = path.join(dbDumpDir, constants.DATABASE_CONNECTIONS_DIRECTORY, 'users-test'); + expect(loadJSON(path.join(scripsFolder, 'database.json'))).to.deep.equal({ + name: 'users/test', + enabled_clients: [], + options: { + customScripts: { + change_email: './change_email.js' + }, + enabledDatabaseCustomization: true + }, + strategy: 'auth0' + }); + + expect(fs.readFileSync(path.join(scripsFolder, 'change_email.js'), 'utf8')).to.deep.equal(scriptValidate); + }); }); diff --git a/test/context/directory/resourceServers.js b/test/context/directory/resourceServers.js index b9428ce0d..e9d8fc089 100644 --- a/test/context/directory/resourceServers.js +++ b/test/context/directory/resourceServers.js @@ -84,4 +84,26 @@ describe('#directory context resourceServers', () => { const resourceServersFolder = path.join(dir, constants.RESOURCE_SERVERS_DIRECTORY); expect(loadJSON(path.join(resourceServersFolder, 'my resource.json'))).to.deep.equal(context.assets.resourceServers[0]); }); + + it('should dump resource servers sanitized', async () => { + const dir = path.join(testDataDir, 'directory', 'resourceServersDump'); + cleanThenMkdir(dir); + const context = new Context({ AUTH0_INPUT_FILE: dir }, mockMgmtClient()); + + context.assets.resourceServers = [ + { + identifier: 'http://myapi.com/api', + name: 'my/test/ resource', + scopes: [ + { description: 'update account', name: 'update:account' }, + { description: 'read account', name: 'read:account' }, + { description: 'admin access', name: 'admin' } + ] + } + ]; + + await handler.dump(context); + const resourceServersFolder = path.join(dir, constants.RESOURCE_SERVERS_DIRECTORY); + expect(loadJSON(path.join(resourceServersFolder, 'my-test- resource.json'))).to.deep.equal(context.assets.resourceServers[0]); + }); }); diff --git a/test/context/directory/rules.test.js b/test/context/directory/rules.test.js index b6dfce5a2..c5be07274 100644 --- a/test/context/directory/rules.test.js +++ b/test/context/directory/rules.test.js @@ -89,4 +89,34 @@ describe('#directory context rules', () => { }); expect(fs.readFileSync(path.join(rulesFolder, 'someRule.js'), 'utf8')).to.deep.equal(scriptValidation); }); + + it('should dump rules sanitized', async () => { + const dir = path.join(testDataDir, 'yaml', 'rulesDump'); + cleanThenMkdir(dir); + const context = new Context({ AUTH0_INPUT_FILE: dir }, mockMgmtClient()); + const scriptValidation = 'function someRule() { var hello = "test"; }'; + + context.assets.rules = [ + { + enabled: false, + name: 'some/Rule', + order: 10, + script: scriptValidation, + stage: 'login_success' + } + ]; + + await handler.dump(context); + + const rulesFolder = path.join(dir, constants.RULES_DIRECTORY); + + expect(loadJSON(path.join(rulesFolder, 'some-Rule.json'))).to.deep.equal({ + enabled: false, + name: 'some/Rule', + order: 10, + script: './some-Rule.js', + stage: 'login_success' + }); + expect(fs.readFileSync(path.join(rulesFolder, 'some-Rule.js'), 'utf8')).to.deep.equal(scriptValidation); + }); }); diff --git a/test/context/directory/rulesConfigs.js b/test/context/directory/rulesConfigs.js index c1bbb1b0d..232815c4b 100644 --- a/test/context/directory/rulesConfigs.js +++ b/test/context/directory/rulesConfigs.js @@ -83,4 +83,18 @@ describe('#directory context rulesConfigs', () => { const rulesConfigsFolder = path.join(dir, constants.RULES_CONFIGS_DIRECTORY); expect(loadJSON(path.join(rulesConfigsFolder, 'SOME_SECRET.json'))).to.deep.equal(context.assets.rulesConfigs[0]); }); + + it('should dump rules configs sanitized', async () => { + const dir = path.join(testDataDir, 'directory', 'rulesConfigsDump'); + cleanThenMkdir(dir); + const context = new Context({ AUTH0_INPUT_FILE: dir }, mockMgmtClient()); + + context.assets.rulesConfigs = [ + { key: 'SOME_SECRET/test', value: 'some_key' } + ]; + + await handler.dump(context); + const rulesConfigsFolder = path.join(dir, constants.RULES_CONFIGS_DIRECTORY); + expect(loadJSON(path.join(rulesConfigsFolder, 'SOME_SECRET-test.json'))).to.deep.equal(context.assets.rulesConfigs[0]); + }); }); diff --git a/test/context/yaml/databases.test.js b/test/context/yaml/databases.test.js index b0ea2ad88..8d411bcec 100644 --- a/test/context/yaml/databases.test.js +++ b/test/context/yaml/databases.test.js @@ -187,4 +187,45 @@ describe('#YAML context databases', () => { expect(fs.readFileSync(path.join(scripsFolder, 'login.js'), 'utf8')).to.deep.equal(scriptValidate); expect(fs.readFileSync(path.join(scripsFolder, 'verify.js'), 'utf8')).to.deep.equal(scriptValidate); }); + + it('should dump custom databases sanitized', async () => { + cleanThenMkdir(dbDumpDir); + const context = new Context({ AUTH0_INPUT_FILE: path.join(dbDumpDir, 'tennat.yaml') }, mockMgmtClient()); + + context.assets.databases = [ + { + name: 'users/test', + enabled_clients: [], + options: { + import_mode: true, + customScripts: { + change_email: scriptValidate + }, + enabledDatabaseCustomization: true + }, + strategy: 'auth0' + } + ]; + + const dumped = await handler.dump(context); + expect(dumped).to.deep.equal({ + databases: [ + { + name: 'users/test', + enabled_clients: [], + options: { + import_mode: true, + customScripts: { + change_email: './databases/users-test/change_email.js' + }, + enabledDatabaseCustomization: true + }, + strategy: 'auth0' + } + ] + }); + + const scripsFolder = path.join(dbDumpDir, 'databases', 'users-test'); + expect(fs.readFileSync(path.join(scripsFolder, 'change_email.js'), 'utf8')).to.deep.equal(scriptValidate); + }); }); diff --git a/test/context/yaml/rules.test.js b/test/context/yaml/rules.test.js index 1d233ef67..636e34a43 100644 --- a/test/context/yaml/rules.test.js +++ b/test/context/yaml/rules.test.js @@ -75,4 +75,37 @@ describe('#YAML context rules', () => { const rulesFolder = path.join(dir, 'rules'); expect(fs.readFileSync(path.join(rulesFolder, 'someRule.js'), 'utf8')).to.deep.equal(scriptValidation); }); + + it('should dump rules sanitized', async () => { + const dir = path.join(testDataDir, 'yaml', 'rulesDump'); + cleanThenMkdir(dir); + const context = new Context({ AUTH0_INPUT_FILE: path.join(dir, 'tennat.yaml') }, mockMgmtClient()); + const scriptValidation = 'function someRule() { var hello = "test"; }'; + + context.assets.rules = [ + { + enabled: false, + name: 'someRule / test', + order: 10, + script: scriptValidation, + stage: 'login_success' + } + ]; + + const dumped = await handler.dump(context); + expect(dumped).to.deep.equal({ + rules: [ + { + enabled: false, + name: 'someRule / test', + order: 10, + script: './rules/someRule - test.js', + stage: 'login_success' + } + ] + }); + + const rulesFolder = path.join(dir, 'rules'); + expect(fs.readFileSync(path.join(rulesFolder, 'someRule - test.js'), 'utf8')).to.deep.equal(scriptValidation); + }); }); diff --git a/test/utils.test.js b/test/utils.test.js index b42d4b4f2..44d8a785c 100644 --- a/test/utils.test.js +++ b/test/utils.test.js @@ -4,7 +4,16 @@ import { expect } from 'chai'; import { Auth0 } from 'auth0-source-control-extension-tools'; import { cleanThenMkdir, testDataDir, mockMgmtClient } from './utils'; -import { isFile, isDirectory, getFiles, loadJSON, existsMustBeDir, toConfigFn, stripIdentifiers } from '../src/utils'; +import { + isFile, + isDirectory, + getFiles, + loadJSON, + existsMustBeDir, + toConfigFn, + stripIdentifiers, + sanitize +} from '../src/utils'; describe('#utils', function() { it('should check if directory exist', () => { @@ -71,6 +80,10 @@ describe('#utils', function() { expect(config('test')).to.equal('data'); }); + it('should sanitized str for path/file', () => { + expect(sanitize('test/some*/crazy//[path]')).to.equal('test-some--crazy--[path]'); + }); + it('should strip identifiers', () => { const assets = { clients: [ { name: 'some client', client_id: 'test' } ],