(testToken, settings, done)
| 788 | } |
| 789 | |
| 790 | function createTestApp(testToken, settings, done) { |
| 791 | if (!done && typeof settings === 'function') { |
| 792 | done = settings; |
| 793 | settings = {}; |
| 794 | } |
| 795 | |
| 796 | const appSettings = settings.app || {}; |
| 797 | const modelSettings = settings.model || {}; |
| 798 | const tokenSettings = extend({ |
| 799 | model: Token, |
| 800 | currentUserLiteral: 'me', |
| 801 | }, settings.token); |
| 802 | |
| 803 | const app = loopback({localRegistry: true, loadBuiltinModels: true}); |
| 804 | app.dataSource('db', {connector: 'memory'}); |
| 805 | |
| 806 | app.use(cookieParser('secret')); |
| 807 | app.use(loopback.token(tokenSettings)); |
| 808 | app.set('remoting', {errorHandler: {debug: true, log: false}}); |
| 809 | app.get('/token', function(req, res) { |
| 810 | res.cookie('authorization', testToken.id, {signed: true}); |
| 811 | res.cookie('access_token', testToken.id, {signed: true}); |
| 812 | res.end(); |
| 813 | }); |
| 814 | app.get('/', function(req, res) { |
| 815 | try { |
| 816 | assert(req.accessToken, 'req should have accessToken'); |
| 817 | assert(req.accessToken.id === testToken.id); |
| 818 | } catch (e) { |
| 819 | return done(e); |
| 820 | } |
| 821 | res.send('ok'); |
| 822 | }); |
| 823 | app.get('/check-access', function(req, res) { |
| 824 | res.status(req.accessToken ? 200 : 401).end(); |
| 825 | }); |
| 826 | app.use('/users/:uid', function(req, res) { |
| 827 | const result = {userId: req.params.uid}; |
| 828 | if (req.query.state) { |
| 829 | result.state = req.query.state; |
| 830 | } else if (req.url !== '/') { |
| 831 | result.state = req.url.substring(1); |
| 832 | } |
| 833 | res.status(200).send(result); |
| 834 | }); |
| 835 | app.use(loopback.rest()); |
| 836 | app.enableAuth({dataSource: 'db'}); |
| 837 | |
| 838 | Object.keys(appSettings).forEach(function(key) { |
| 839 | app.set(key, appSettings[key]); |
| 840 | }); |
| 841 | |
| 842 | const modelOptions = { |
| 843 | acls: [ |
| 844 | { |
| 845 | principalType: 'ROLE', |
| 846 | principalId: '$everyone', |
| 847 | accessType: ACL.ALL, |
no test coverage detected
searching dependent graphs…