Update tests to validate behavior of a scope and --secret

fauna · Oct 11, 2023 · 8675352 · 8675352
1 parent 6431b5a
commit 8675352
Show file tree

Hide file tree

Showing 3 changed files with 56 additions and 4 deletions.
diff --git a/src/lib/fauna-command.js b/src/lib/fauna-command.js
@@ -216,7 +216,7 @@ class FaunaCommand extends Command {
         );
       }
 
-      connectionOptions.secret.databaseScope.push(path[i]);
+      connectionOptions.secret.appendScope(path[i]);
     }
 
     return this.getClient({

diff --git a/test/commands/eval.test.js b/test/commands/eval.test.js
@@ -1,5 +1,5 @@
 const { expect, test } = require("@oclif/test");
-const { withOpts, getEndpoint, matchFqlReq, withLegacyOpts } = require("../helpers/utils.js");
+const { withOpts, getEndpoint, evalV10, matchFqlReq, withLegacyOpts } = require("../helpers/utils.js");
 const { query: q } = require("faunadb");
 
 describe("eval", () => {
@@ -115,6 +115,41 @@ describe("eval in v10", () => {
     .it("runs eval in json tagged format", (ctx) => {
       expect(JSON.parse(ctx.stdout)).to.deep.equal({ two: { "@int": "2" } });
     });
+
+  test
+    .do(async () => {
+      // This can fail if `MyDB` already exists, but thats fine.
+      await evalV10("Database.create({ name: 'MyDB' })");
+    })
+    .stdout()
+    // --secret is passed by withOpts, so passing a scope should be disallowed.
+    .command(withOpts(["eval", "MyDB", "{ three: 3 }", "--format", "json-tagged"]))
+    .it("disallows setting --secret and scope", ctx => {
+      expect(JSON.parse(ctx.stdout)).to.deep.equal({ three: { "@int": "3" } });
+    });
+
+  test
+    .do(async () => {
+      // This can fail if `MyDB` already exists, but thats fine.
+      await evalV10("Database.create({ name: 'MyDB' })");
+    })
+    .stdout()
+    // a scoped secret and a scope cannot be passed at the same time.
+    .command([
+      "eval",
+      "MyDB",
+      "{ two: 3 }",
+      "--format",
+      "json-tagged",
+      "--secret",
+      `${process.env.FAUNA_SECRET}:MyDB`,
+      "--url",
+      getEndpoint()
+    ])
+    .catch((e) => {
+      expect(e.message).to.equal("Cannot append scope to a secret from --secret");
+    })
+    .it("disallows setting scoped with a scoped --secret");
 });
 
 function mockQuery(api) {
@@ -123,7 +158,7 @@ function mockQuery(api) {
     .post("/", matchFqlReq(q.Now()))
     .reply(200, { resource: new Date() })
     .post("/", matchFqlReq(q.Paginate(q.Collections())))
-    .reply(200, function () {
+    .reply(200, function() {
       const auth = this.req.headers.authorization[0].split(":");
       return {
         resource: {

diff --git a/test/helpers/utils.js b/test/helpers/utils.js
@@ -1,3 +1,4 @@
+import fetch from "node-fetch";
 const url = require("url");
 const { query: q } = require("faunadb");
 const env = process.env;
@@ -32,13 +33,29 @@ module.exports.withOpts = (cmd) => {
   return cmd.concat(opts);
 };
 
-module.exports.getEndpoint = () =>
+const getEndpoint = () =>
   url.format({
     protocol: env.FAUNA_SCHEME,
     hostname: env.FAUNA_DOMAIN,
     port: env.FAUNA_PORT,
   });
 
+module.exports.getEndpoint = getEndpoint;
+
+module.exports.evalV10 = (query) => {
+  const endpoint = getEndpoint();
+  const secret = env.FAUNA_SECRET;
+  return fetch(new URL("/query/1", endpoint), {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${secret}`,
+    },
+    body: JSON.stringify({
+      query,
+    }),
+  });
+}
+
 const fqlToJsonString = (fql) => JSON.stringify(q.wrap(fql));
 module.exports.fqlToJsonString = fqlToJsonString;
-Original file line number
+Diff line change
@@ Expand Up / @@ -216,7 +216,7 @@ class FaunaCommand extends Command { @@
             );
           }
-          connectionOptions.secret.databaseScope.push(path[i]);
+          connectionOptions.secret.appendScope(path[i]);
         }
         return this.getClient({
@@ Expand Down @@