diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 64c818476..0305171c7 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -5,6 +5,7 @@ stages: - test - clients - docker-nightly + - external-plugins #before_script: # - 'sed -i -z "s/database:\n hostname: ''localhost''/database:\n hostname: ''postgres''/" config/test.yaml' @@ -93,7 +94,7 @@ build-openapi-clients: - schedules changes: - support/doc/api/openapi.yaml - script: + script: - apt-get update -qq - apt-get -yqqq install openjdk-8-jre - yarn install --pure-lockfile @@ -145,3 +146,31 @@ build-docker-master: - master variables: DOCKER_IMAGE_NAME: chocobozzz/peertube:production-buster + +test-external-plugins: + stage: external-plugins + only: + - schedules + services: + - name: postgres:9.6 + alias: postgres + - name: redis:latest + alias: redis + - name: rroemhild/test-openldap + alias: ldap + variables: + PGHOST: postgres + PGUSER: postgres + REDIS_HOST: redis + artifacts: + expire_in: 1 day + paths: + - test*/logs + when: always + before_script: + - 'sed -i -z "s/database:\n hostname: ''localhost''/database:\n hostname: ''postgres''/" config/test.yaml' + - 'sed -i -z "s/redis:\n hostname: ''localhost''/redis:\n hostname: ''redis''/" config/test.yaml' + - psql -c "create user peertube with password 'peertube';"; fi + - NOCLIENT=1 yarn install --pure-lockfile --cache-folder .yarn-cache + script: + - npm run ci -- "external-plugins" \ No newline at end of file diff --git a/scripts/ci.sh b/scripts/ci.sh index aea009d9f..7854d88fc 100755 --- a/scripts/ci.sh +++ b/scripts/ci.sh @@ -34,6 +34,9 @@ elif [ "$1" = "api-3" ]; then elif [ "$1" = "api-4" ]; then npm run build:server sh ./server/tests/api/ci-4.sh 2 +elif [ "$1" = "external-plugins" ]; then + npm run build:server + mocha --timeout 5000 --exit --require ts-node/register --require tsconfig-paths/register --bail server/tests/external-plugins/index.ts elif [ "$1" = "lint" ]; then npm run eslint -- --ext .ts "server/**/*.ts" "shared/**/*.ts" npm run swagger-cli -- validate support/doc/api/openapi.yaml diff --git a/server/tests/external-plugins/auth-ldap.ts b/server/tests/external-plugins/auth-ldap.ts new file mode 100644 index 000000000..7aee986c7 --- /dev/null +++ b/server/tests/external-plugins/auth-ldap.ts @@ -0,0 +1,100 @@ +/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ + +import 'mocha' +import { getMyUserInformation, installPlugin, setAccessTokensToServers, updatePluginSettings, userLogin, uploadVideo, uninstallPlugin } from '../../../shared/extra-utils' +import { cleanupTests, flushAndRunServer, ServerInfo } from '../../../shared/extra-utils/server/servers' +import { User } from '@shared/models/users/user.model' +import { expect } from 'chai' + +describe('Official plugin auth-ldap', function () { + let server: ServerInfo + let accessToken: string + + before(async function () { + this.timeout(30000) + + server = await flushAndRunServer(1) + await setAccessTokensToServers([ server ]) + + await installPlugin({ + url: server.url, + accessToken: server.accessToken, + npmName: 'peertube-plugin-auth-ldap' + }) + }) + + it('Should not login with without LDAP settings', async function () { + await userLogin(server, { username: 'fry', password: 'fry' }, 400) + }) + + it('Should not login with bad LDAP settings', async function () { + await updatePluginSettings({ + url: server.url, + accessToken: server.accessToken, + npmName: 'peertube-plugin-auth-ldap', + settings: { + 'bind-credentials': 'GoodNewsEveryone', + 'bind-dn': 'cn=admin,dc=planetexpress,dc=com', + 'insecure-tls': false, + 'mail-property': 'mail', + 'search-base': 'ou=people,dc=planetexpress,dc=com', + 'search-filter': '(|(mail={{username}})(uid={{username}}))', + 'url': 'ldap://ldap:390', + 'username-property': 'uid' + } + }) + + await userLogin(server, { username: 'fry', password: 'fry' }, 400) + }) + + it('Should not login with good LDAP settings but wrong username/password', async function () { + await updatePluginSettings({ + url: server.url, + accessToken: server.accessToken, + npmName: 'peertube-plugin-auth-ldap', + settings: { + 'bind-credentials': 'GoodNewsEveryone', + 'bind-dn': 'cn=admin,dc=planetexpress,dc=com', + 'insecure-tls': false, + 'mail-property': 'mail', + 'search-base': 'ou=people,dc=planetexpress,dc=com', + 'search-filter': '(|(mail={{username}})(uid={{username}}))', + 'url': 'ldap://ldap:389', + 'username-property': 'uid' + } + }) + + await userLogin(server, { username: 'fry', password: 'bad password' }, 400) + await userLogin(server, { username: 'fryr', password: 'fry' }, 400) + }) + + it('Should login with the appropriate username/password', async function () { + accessToken = await userLogin(server, { username: 'fry', password: 'fry' }) + }) + + it('Should login with the appropriate email/password', async function () { + accessToken = await userLogin(server, { username: 'fry@planetexpress.com', password: 'fry' }) + }) + + it('Should login get my profile', async function () { + const res = await getMyUserInformation(server.url, accessToken) + const body: User = res.body + + expect(body.username).to.equal('fry') + expect(body.email).to.equal('fry@planetexpress.com') + }) + + it('Should upload a video', async function () { + await uploadVideo(server.url, accessToken, { name: 'my super video' }) + }) + + it('Should not login if the plugin is uninstalled', async function () { + await uninstallPlugin({ url: server.url, accessToken: server.accessToken, npmName: 'peertube-plugin-auth-ldap' }) + + await userLogin(server, { username: 'fry@planetexpress.com', password: 'fry' }, 400) + }) + + after(async function () { + await cleanupTests([ server ]) + }) +}) diff --git a/server/tests/external-plugins/index.ts b/server/tests/external-plugins/index.ts new file mode 100644 index 000000000..1f1236c69 --- /dev/null +++ b/server/tests/external-plugins/index.ts @@ -0,0 +1 @@ +export * from './auth-ldap'