From: Justin Wind Date: Sun, 15 May 2022 20:34:50 +0000 (-0700) Subject: fix unauthenticated topic details flow X-Git-Tag: v1.3.8^2~2 X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=3839577f7cdab67b4591bc827e037d6c173c9dae;p=websub-hub fix unauthenticated topic details flow --- diff --git a/src/service.js b/src/service.js index 7e07a49..e769599 100644 --- a/src/service.js +++ b/src/service.js @@ -171,9 +171,9 @@ class Service extends Dingus { this.setResponseType(this.responseTypes, req, res, ctx); - await this.authenticator.sessionRequired(req, res, ctx, this.loginPath); - - await this.manager.getAdminOverview(res, ctx); + if (await this.authenticator.sessionRequired(req, res, ctx, this.loginPath)) { + await this.manager.getAdminOverview(res, ctx); + } } @@ -190,9 +190,9 @@ class Service extends Dingus { this.setResponseType(this.responseTypes, req, res, ctx); - await this.authenticator.sessionRequired(req, res, ctx, this.loginPath); - - await this.manager.getTopicDetails(res, ctx); + if (await this.authenticator.sessionRequired(req, res, ctx, this.loginPath)) { + await this.manager.getTopicDetails(res, ctx); + } } diff --git a/test/src/service.js b/test/src/service.js index 9afaf13..62c0059 100644 --- a/test/src/service.js +++ b/test/src/service.js @@ -108,19 +108,33 @@ describe('Service', function () { }); // handlerGetHistorySVG describe('handlerGetAdminOverview', function () { - it('covers', async function () { + it('covers authenticated', async function () { + service.authenticator.sessionRequired.resolves(false); + await service.handlerGetAdminOverview(req, res, ctx); + assert(service.authenticator.sessionRequired.called); + assert(service.manager.getAdminOverview.notCalled); + }); + it('covers unauthenticated', async function () { + service.authenticator.sessionRequired.resolves(true); await service.handlerGetAdminOverview(req, res, ctx); assert(service.authenticator.sessionRequired.called); assert(service.manager.getAdminOverview.called); - }) + }); }); // handlerGetAdminOverview describe('handlerGetAdminTopicDetails', function () { - it('covers', async function () { + it('covers unauthenticated', async function () { + service.authenticator.sessionRequired.resolves(false); + await service.handlerGetAdminTopicDetails(req, res, ctx); + assert(service.authenticator.sessionRequired.called); + assert(service.manager.getTopicDetails.notCalled); + }); + it('covers authenticated', async function () { + service.authenticator.sessionRequired.resolves(true); await service.handlerGetAdminTopicDetails(req, res, ctx); assert(service.authenticator.sessionRequired.called); assert(service.manager.getTopicDetails.called); - }) + }); }); // handlerGetAdminTopicDetails describe('handlerPostAdminProcess', function () {