Merge pull request #276 from sasjs/sas9-mock

SAS9 mocker improved - public access denied scenario
sasjs · Sep 19, 2022 · 8b12f31 · 8b12f31
2 parents a9c9b73 + e65cba9
commit 8b12f31
Show file tree

Hide file tree

Showing 4 changed files with 90 additions and 7 deletions.
diff --git a/api/mocks/generic/sas9/public-access-denied b/api/mocks/generic/sas9/public-access-denied
@@ -0,0 +1 @@
+Public access has been denied.
diff --git a/api/src/app.ts b/api/src/app.ts
@@ -77,6 +77,10 @@ export default setProcessVariables().then(async () => {
   app.use(express.json({ limit: '100mb' }))
   app.use(express.static(path.join(__dirname, '../public')))
 
+  // Body parser is used for decoding the formdata on POST request.
+  // Currently only place we use it is SAS9 Mock - POST /SASLogon/login
+  app.use(express.urlencoded({ extended: true }))
+
   await setupFolders()
   await copySASjsCore()
 

diff --git a/api/src/controllers/mock-sas9.ts b/api/src/controllers/mock-sas9.ts
@@ -15,7 +15,7 @@ export interface MockFileRead {
 }
 
 export class MockSas9Controller {
-  private loggedIn: boolean = false
+  private loggedIn: string | undefined
 
   @Get('/SASStoredProcess')
   public async sasStoredProcess(): Promise<Sas9Response> {
@@ -46,6 +46,13 @@ export class MockSas9Controller {
       }
     }
 
+    if (this.isPublicAccount()) {
+      return {
+        content: '',
+        redirect: '/SASLogon/Login'
+      }
+    }
+
     let program = req.query._program?.toString() || ''
     program = program.replace('/', '')
 
@@ -68,6 +75,23 @@ export class MockSas9Controller {
 
   @Get('/SASLogon/login')
   public async loginGet(): Promise<Sas9Response> {
+    if (this.loggedIn) {
+      if (this.isPublicAccount()) {
+        return {
+          content: '',
+          redirect: '/SASStoredProcess/Logoff?publicDenied=true'
+        }
+      } else {
+        return await getMockResponseFromFile([
+          process.cwd(),
+          'mocks',
+          'generic',
+          'sas9',
+          'logged-in'
+        ])
+      }
+    }
+
     return await getMockResponseFromFile([
       process.cwd(),
       'mocks',
@@ -78,8 +102,8 @@ export class MockSas9Controller {
   }
 
   @Post('/SASLogon/login')
-  public async loginPost(): Promise<Sas9Response> {
-    this.loggedIn = true
+  public async loginPost(req: express.Request): Promise<Sas9Response> {
+    this.loggedIn = req.body.username
 
     return await getMockResponseFromFile([
       process.cwd(),
@@ -91,8 +115,18 @@ export class MockSas9Controller {
   }
 
   @Get('/SASLogon/logout')
-  public async logout(): Promise<Sas9Response> {
-    this.loggedIn = false
+  public async logout(req: express.Request): Promise<Sas9Response> {
+    this.loggedIn = undefined
+
+    if (req.query.publicDenied === 'true') {
+      return await getMockResponseFromFile([
+        process.cwd(),
+        'mocks',
+        'generic',
+        'sas9',
+        'public-access-denied'
+      ])
+    }
 
     return await getMockResponseFromFile([
       process.cwd(),
@@ -102,6 +136,20 @@ export class MockSas9Controller {
       'logged-out'
     ])
   }
+
+  @Get('/SASStoredProcess/Logoff') //publicDenied=true
+  public async logoff(req: express.Request): Promise<Sas9Response> {
+    const params = req.query.publicDenied
+      ? `?publicDenied=${req.query.publicDenied}`
+      : ''
+
+    return {
+      content: '',
+      redirect: '/SASLogon/logout' + params
+    }
+  }
+
+  private isPublicAccount = () => this.loggedIn?.toLowerCase() === 'public'
 }
 
 /**

diff --git a/api/src/routes/web/sas9-web.ts b/api/src/routes/web/sas9-web.ts
@@ -58,6 +58,11 @@ sas9WebRouter.post('/SASStoredProcess/do/', async (req, res) => {
 sas9WebRouter.get('/SASLogon/login', async (req, res) => {
   const response = await controller.loginGet()
 
+  if (response.redirect) {
+    res.redirect(response.redirect)
+    return
+  }
+
   try {
     res.send(response.content)
   } catch (err: any) {
@@ -66,7 +71,12 @@ sas9WebRouter.get('/SASLogon/login', async (req, res) => {
 })
 
 sas9WebRouter.post('/SASLogon/login', async (req, res) => {
-  const response = await controller.loginPost()
+  const response = await controller.loginPost(req)
+
+  if (response.redirect) {
+    res.redirect(response.redirect)
+    return
+  }
 
   try {
     res.send(response.content)
@@ -76,7 +86,27 @@ sas9WebRouter.post('/SASLogon/login', async (req, res) => {
 })
 
 sas9WebRouter.get('/SASLogon/logout', async (req, res) => {
-  const response = await controller.logout()
+  const response = await controller.logout(req)
+
+  if (response.redirect) {
+    res.redirect(response.redirect)
+    return
+  }
+
+  try {
+    res.send(response.content)
+  } catch (err: any) {
+    res.status(403).send(err.toString())
+  }
+})
+
+sas9WebRouter.get('/SASStoredProcess/Logoff', async (req, res) => {
+  const response = await controller.logoff(req)
+
+  if (response.redirect) {
+    res.redirect(response.redirect)
+    return
+  }
 
   try {
     res.send(response.content)