Fix the initial superusers not having auth tokens assigned.

Fixes NREL/api-umbrella#95 We're no longer wiping the mongodb as part of our test suite startup, since this would wipe these initial admin accounts. I don't think wiping the database should actually be necessary in these integration tests, since before boot, we're actually wiping the whole data directory that the embedded database would use.
NREL · Sep 24, 2015 · fa10065 · fa10065
1 parent 6fc65e7
commit fa10065
Show file tree

Hide file tree

Showing 6 changed files with 61 additions and 10 deletions.
diff --git a/lib/models/admin.js b/lib/models/admin.js
@@ -1,12 +1,29 @@
 'use strict';
 
-var mongoose = global.mongoose || require('mongoose');
+var crypto = require('crypto'),
+    mongoose = global.mongoose || require('mongoose');
 
-module.exports = mongoose.model('Admin', new mongoose.Schema({
+var schema = new mongoose.Schema({
   _id: mongoose.Schema.Types.Mixed,
   username: {
     type: String,
     index: { unique: true },
   },
   superuser: Boolean,
-}, { collection: 'admins' }));
+  authentication_token: String,
+}, { collection: 'admins' });
+
+schema.pre('validate', function generateApiKey(next) {
+  if(!this.authentication_token) {
+    // Create a random api key consisting of only A-Za-z0-9.
+    this.authentication_token = crypto
+      .randomBytes(64)
+      .toString('base64')
+      .replace(/[+\/=]/g, '')
+      .slice(0, 40);
+  }
+
+  next();
+});
+
+module.exports = mongoose.model('Admin', schema);
diff --git a/test/config/test.yml b/test/config/test.yml
@@ -26,6 +26,9 @@ varnish:
     port: 13011
 web:
   port: 13012
+  admin:
+    initial_superusers:
+      - [email protected]
 router:
   api_backends:
     port: 13011

diff --git a/test/factories/admins.js b/test/factories/admins.js
@@ -0,0 +1,17 @@
+'use strict';
+
+require('../test_helper');
+
+var Factory = require('factory-lady'),
+    mongoose = require('mongoose'),
+    uuid = require('node-uuid');
+
+require('../../lib/models/admin');
+
+function generateId(callback) {
+  callback(uuid.v4());
+}
+
+Factory.define('admin', mongoose.testConnection.model('Admin'), {
+  _id: generateId,
+});
diff --git a/test/integration/boot.js b/test/integration/boot.js
@@ -0,0 +1,17 @@
+'use strict';
+
+require('../test_helper');
+
+var mongoose = require('mongoose');
+
+describe('boot', function() {
+  it('generates the initial superusers with tokens', function(done) {
+  this.timeout(9000000);
+    mongoose.testConnection.model('Admin').find({}, function(error, admins) {
+      should.not.exist(error);
+      admins.length.should.eql(1);
+      admins[0].authentication_token.should.match(/^[a-zA-Z0-9]{40}$/);
+      done();
+    });
+  });
+});
diff --git a/test/support/database_setup.js b/test/support/database_setup.js
@@ -13,16 +13,10 @@ var config = apiUmbrellaConfig.load(path.resolve(__dirname, '../config/test.yml'
 
 mongoose.testConnection = mongoose.createConnection();
 
-// Drop the mongodb database.
+// Open the mongodb database.
 before(function mongoOpen(done) {
   this.timeout(20000);
 
-  mongoose.testConnection.on('connected', function() {
-    // Drop the whole database, since that properly blocks for any active
-    // connections. The database will get re-created on demand.
-    mongoose.testConnection.db.dropDatabase(done);
-  });
-
   // Since we're calling createConnection earlier on, and then opening the
   // connection here, we need to explicitly handle whether we should call
   // openSet for a replicaset based URL.
@@ -31,6 +25,8 @@ before(function mongoOpen(done) {
   } else {
     mongoose.testConnection.open(config.get('mongodb.url'), config.get('mongodb.options'));
   }
+
+  done();
 });
 
 // Wipe the redis data.

diff --git a/test/support/factories.js b/test/support/factories.js
@@ -2,5 +2,6 @@
 
 require('../test_helper');
 
+require('../factories/admins');
 require('../factories/api_users');
 require('../factories/config_versions');