projects / websub-hub / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
consider path when determining if an IA profile user can view a topic
[websub-hub] / test / src / manager.js
diff --git a/test/src/manager.js b/test/src/manager.js
index cbd83243d3faecabdf8d77667151a230ac180f88..9d8c380ff3b300b25d2841de4dffea19b6b05cf5 100644 (file)
--- a/test/src/manager.js
+++ b/test/src/manager.js
@@ -207,7 +207,7 @@ describe('Manager', function () {
       manager.db.topicGetById.resolves({
         id: '56c557ce-e667-11eb-bd80-0025905f714a',
         created: new Date(),
-        url: 'https://example.com/',
+        url: 'https://example.com/topic',
         leaseSecondsPreferred: 123,
         leaseSecondsMin: 12,
         leaseSecondsMax: 123456789,
@@ -254,7 +254,7 @@ describe('Manager', function () {
     });
     it('covers matching profile', async function () {
       ctx.session = {
-        authenticatedProfile: 'https://example.com/profile',
+        authenticatedProfile: 'https://example.com/',
       };
       await manager.getTopicDetails(res, ctx);
       assert(ctx.topic);
@@ -367,6 +367,34 @@ describe('Manager', function () {
     });
   }); // postRoot
 
+  describe('_profileControlsTopic', function () {
+    let profileUrlObj, topicUrlObj;
+    it('allows exact match', function () {
+      profileUrlObj = new URL('https://profile.example.com/');
+      topicUrlObj = new URL('https://profile.example.com/');
+      const result = Manager._profileControlsTopic(profileUrlObj, topicUrlObj);
+      assert.strictEqual(result, true);
+    });
+    it('allows descendent-path match', function () {
+      profileUrlObj = new URL('https://profile.example.com/');
+      topicUrlObj = new URL('https://profile.example.com/feed/atom');
+      const result = Manager._profileControlsTopic(profileUrlObj, topicUrlObj);
+      assert.strictEqual(result, true);
+    });
+    it('disallows non-descendent-path', function () {
+      profileUrlObj = new URL('https://profile.example.com/itsame');
+      topicUrlObj = new URL('https://profile.example.com/');
+      const result = Manager._profileControlsTopic(profileUrlObj, topicUrlObj);
+      assert.strictEqual(result, false);
+    });
+    it('disallows non-matched host', function () {
+      profileUrlObj = new URL('https://profile.example.com/itsame');
+      topicUrlObj = new URL('https://elsewhere.example.com/itsame/feed');
+      const result = Manager._profileControlsTopic(profileUrlObj, topicUrlObj);
+      assert.strictEqual(result, false);
+    });
+  }); // _profileControlsTopic
+
   describe('_getRootData', function () {
     it('extracts expected values', function () {
       req.getHeader.returns('user@example.com');
WebSub Hub server