From 62ec31851c2a780b30dd06c8ffa7661363cbcb5e Mon Sep 17 00:00:00 2001 From: Christopher Kolstad Date: Mon, 15 Apr 2024 13:18:40 +0200 Subject: [PATCH] task: apply middleware to api/admin --- src/lib/app.ts | 2 ++ src/lib/middleware/audit-middleware.test.ts | 13 +++++++++++++ 2 files changed, 15 insertions(+) diff --git a/src/lib/app.ts b/src/lib/app.ts index a593287947a5..d9fe211fb801 100644 --- a/src/lib/app.ts +++ b/src/lib/app.ts @@ -29,6 +29,7 @@ import { unless } from './middleware/unless-middleware'; import { catchAllErrorHandler } from './middleware/catch-all-error-handler'; import NotFoundError from './error/notfound-error'; import { bearerTokenMiddleware } from './middleware/bearer-token-middleware'; +import { auditAccessMiddleware } from './middleware'; export default async function getApp( config: IUnleashConfig, @@ -176,6 +177,7 @@ export default async function getApp( rbacMiddleware(config, stores, services.accessService), ); + app.use(`${baseUriPath}/api/admin`, auditAccessMiddleware(config)); app.use( `${baseUriPath}/api/admin`, maintenanceMiddleware(config, services.maintenanceService), diff --git a/src/lib/middleware/audit-middleware.test.ts b/src/lib/middleware/audit-middleware.test.ts index a4c261031fd7..d66a8d730b59 100644 --- a/src/lib/middleware/audit-middleware.test.ts +++ b/src/lib/middleware/audit-middleware.test.ts @@ -26,4 +26,17 @@ describe('auditMiddleware testing', () => { expect(audit!.username).toBe('unknown'); expect(audit!.ip).toBe('::ffff:127.0.0.1'); }); + test('If no auth in place, does not add the audit object', async () => { + const middleware = auditAccessMiddleware(config); + const app = express(); + app.use('', middleware); + let audit: IAuditUser | undefined; + app.get('/api/admin/test', (req: IAuthRequest, res) => { + audit = req.audit; + res.status(200).end(); + }); + const request = supertest(app); + await request.get('/api/admin/test').expect(200); + expect(audit).toBeUndefined(); + }); });