some frontend unit tests

2018-02-20 20:31:27 -08:00 · 2018-02-20 20:31:27 -08:00 · 78728ce4ca
commit 78728ce4ca
parent 4929437283
24 changed files with 708 additions and 417 deletions
--- a/test/frontend/tests/api-tests.js
+++ b/test/frontend/tests/api-tests.js
@ -0,0 +1,26 @@
+import assert from 'assert';
+import * as api from '../../../app/api';
+import Keychain from '../../../app/keychain';
+
+const encoder = new TextEncoder();
+const plaintext = encoder.encode('hello world!');
+const metadata = {
+  name: 'test.txt',
+  type: 'text/plain'
+};
+
+describe('API', function() {
+  describe('uploadFile', function() {
+    it('returns file info on success', async function() {
+      const keychain = new Keychain();
+      const encrypted = await keychain.encryptFile(plaintext);
+      const meta = await keychain.encryptMetadata(metadata);
+      const verifierB64 = await keychain.authKeyB64();
+      const up = api.uploadFile(encrypted, meta, verifierB64, keychain);
+      const result = await up.result;
+      assert.ok(result.url);
+      assert.ok(result.id);
+      assert.ok(result.ownerToken);
+    });
+  });
+});
--- a/test/frontend/tests/fileSender-tests.js
+++ b/test/frontend/tests/fileSender-tests.js
@ -0,0 +1,17 @@
+import assert from 'assert';
+import FileSender from '../../../app/fileSender';
+
+// FileSender uses a File in real life but a Blob works for testing
+const blob = new Blob(['hello world!'], { type: 'text/plain' });
+blob.name = 'text.txt';
+
+describe('FileSender', function() {
+  describe('upload', function() {
+    it('returns an OwnedFile on success', async function() {
+      const fs = new FileSender(blob);
+      const file = await fs.upload();
+      assert.ok(file.id);
+      assert.equal(file.name, blob.name);
+    });
+  });
+});
--- a/test/frontend/tests/keychain-tests.js
+++ b/test/frontend/tests/keychain-tests.js
@ -0,0 +1,41 @@
+import assert from 'assert';
+import Keychain from '../../../app/keychain';
+
+describe('Keychain', function() {
+  describe('setPassword', function() {
+    it('changes the authKey', async function() {
+      const k = new Keychain();
+      const original = await k.authKeyB64();
+      k.setPassword('foo', 'some://url');
+      const pwd = await k.authKeyB64();
+      assert.notEqual(pwd, original);
+    });
+  });
+
+  describe('encrypt / decrypt file', function() {
+    it('can decrypt text it encrypts', async function() {
+      const enc = new TextEncoder();
+      const dec = new TextDecoder();
+      const text = 'hello world!';
+      const k = new Keychain();
+      const ciphertext = await k.encryptFile(enc.encode(text));
+      assert.notEqual(dec.decode(ciphertext), text);
+      const plaintext = await k.decryptFile(ciphertext);
+      assert.equal(dec.decode(plaintext), text);
+    });
+  });
+
+  describe('encrypt / decrypt metadata', function() {
+    it('can decrypt metadata it encrypts', async function() {
+      const k = new Keychain();
+      const meta = {
+        name: 'foo',
+        type: 'bar/baz'
+      };
+      const ciphertext = await k.encryptMetadata(meta);
+      const result = await k.decryptMetadata(ciphertext);
+      assert.equal(result.name, meta.name);
+      assert.equal(result.type, meta.type);
+    });
+  });
+});
--- a/test/frontend/tests/workflow-tests.js
+++ b/test/frontend/tests/workflow-tests.js
@ -0,0 +1,133 @@
+import assert from 'assert';
+import FileSender from '../../../app/fileSender';
+import FileReceiver from '../../../app/fileReceiver';
+
+const headless = /Headless/.test(navigator.userAgent);
+const noSave = !headless; // only run the saveFile code if headless
+
+// FileSender uses a File in real life but a Blob works for testing
+const blob = new Blob(['hello world!'], { type: 'text/plain' });
+blob.name = 'test.txt';
+
+describe('Upload / Download flow', function() {
+  it('can only download once by default', async function() {
+    const fs = new FileSender(blob);
+    const file = await fs.upload();
+    const fr = new FileReceiver({
+      secretKey: file.toJSON().secretKey,
+      id: file.id,
+      nonce: file.keychain.nonce,
+      requiresPassword: false
+    });
+    await fr.getMetadata();
+    await fr.download(noSave);
+    try {
+      await fr.download(noSave);
+      assert.fail('downloaded again');
+    } catch (e) {
+      assert.equal(e.message, '404');
+    }
+  });
+
+  it('downloads with the correct password', async function() {
+    const fs = new FileSender(blob);
+    const file = await fs.upload();
+    await file.setPassword('magic');
+    const fr = new FileReceiver({
+      secretKey: file.toJSON().secretKey,
+      id: file.id,
+      url: file.url,
+      nonce: file.keychain.nonce,
+      requiresPassword: true,
+      password: 'magic'
+    });
+    await fr.getMetadata();
+    await fr.download(noSave);
+    assert.equal(fr.state, 'complete');
+  });
+
+  it('blocks invalid passwords from downloading', async function() {
+    const fs = new FileSender(blob);
+    const file = await fs.upload();
+    await file.setPassword('magic');
+    const fr = new FileReceiver({
+      secretKey: file.toJSON().secretKey,
+      id: file.id,
+      url: file.url,
+      nonce: file.keychain.nonce,
+      requiresPassword: true,
+      password: 'password'
+    });
+    try {
+      await fr.getMetadata();
+      assert.fail('got metadata with bad password');
+    } catch (e) {
+      assert.equal(e.message, '401');
+    }
+    try {
+      // We can't decrypt without IV from metadata
+      // but let's try to download anyway
+      await fr.download();
+      assert.fail('downloaded file with bad password');
+    } catch (e) {
+      assert.equal(e.message, '401');
+    }
+  });
+
+  it('retries a bad nonce', async function() {
+    const fs = new FileSender(blob);
+    const file = await fs.upload();
+    const fr = new FileReceiver({
+      secretKey: file.toJSON().secretKey,
+      id: file.id,
+      nonce: null, // oops
+      requiresPassword: false
+    });
+    await fr.getMetadata();
+    assert.equal(fr.fileInfo.name, blob.name);
+  });
+
+  it('can allow multiple downloads', async function() {
+    const fs = new FileSender(blob);
+    const file = await fs.upload();
+    const fr = new FileReceiver({
+      secretKey: file.toJSON().secretKey,
+      id: file.id,
+      nonce: file.keychain.nonce,
+      requiresPassword: false
+    });
+    await file.changeLimit(2);
+    await fr.getMetadata();
+    await fr.download(noSave);
+    await file.updateDownloadCount();
+    assert.equal(file.dtotal, 1);
+
+    await fr.download(noSave);
+    await file.updateDownloadCount();
+    assert.equal(file.dtotal, 2);
+    try {
+      await fr.download(noSave);
+      assert.fail('downloaded too many times');
+    } catch (e) {
+      assert.equal(e.message, '404');
+    }
+  });
+
+  it('can delete the file before download', async function() {
+    const fs = new FileSender(blob);
+    const file = await fs.upload();
+    const fr = new FileReceiver({
+      secretKey: file.toJSON().secretKey,
+      id: file.id,
+      nonce: file.keychain.nonce,
+      requiresPassword: false
+    });
+    await file.del();
+    try {
+      await fr.getMetadata();
+      assert.fail('file still exists');
+    } catch (e) {
+      assert.equal(e.message, '404');
+    }
+  });
+});