From d17d8e2805009102bf8a3effd2390f8ce2e2f1d1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C4=B1dvan=20Akca?= <akca.ridvann@gmail.com>
Date: Fri, 16 Feb 2024 13:11:21 +0300
Subject: [PATCH] feat: implement app-auth-client endpoint

---
 .../app-auth-clients/get-app-auth-client.js   | 10 +++
 .../get-app-auth-client.test.js               | 68 +++++++++++++++++++
 .../app-auth-clients/get-app-auth-client.js   | 11 +++
 .../get-app-auth-client.test.js               | 31 +++++++++
 packages/backend/src/helpers/authorization.js |  4 ++
 .../routes/api/v1/admin/app-auth-clients.js   | 15 ++++
 .../src/routes/api/v1/app-auth-clients.js     |  9 +++
 packages/backend/src/routes/index.js          |  6 ++
 .../serializers/appAuthClientSerializer.js    | 10 +++
 packages/backend/src/serializers/index.js     |  2 +
 .../backend/test/factories/app-auth-client.js | 25 +++++++
 packages/backend/test/factories/app-config.js | 13 ++++
 .../rest/api/v1/admin/get-app-auth-client.js  | 19 ++++++
 .../mocks/rest/api/v1/get-app-auth-client.js  | 19 ++++++
 14 files changed, 242 insertions(+)
 create mode 100644 packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.js
 create mode 100644 packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.test.js
 create mode 100644 packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.js
 create mode 100644 packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.test.js
 create mode 100644 packages/backend/src/routes/api/v1/admin/app-auth-clients.js
 create mode 100644 packages/backend/src/routes/api/v1/app-auth-clients.js
 create mode 100644 packages/backend/src/serializers/appAuthClientSerializer.js
 create mode 100644 packages/backend/test/factories/app-auth-client.js
 create mode 100644 packages/backend/test/factories/app-config.js
 create mode 100644 packages/backend/test/mocks/rest/api/v1/admin/get-app-auth-client.js
 create mode 100644 packages/backend/test/mocks/rest/api/v1/get-app-auth-client.js

diff --git a/packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.js b/packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.js
new file mode 100644
index 00000000..30cd7338
--- /dev/null
+++ b/packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.js
@@ -0,0 +1,10 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import AppAuthClient from '../../../../../models/app-auth-client.js';
+
+export default async (request, response) => {
+  const appAuthClient = await AppAuthClient.query()
+    .findById(request.params.appAuthClientId)
+    .throwIfNotFound();
+
+  renderObject(response, appAuthClient);
+};
diff --git a/packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.test.js b/packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.test.js
new file mode 100644
index 00000000..fb7903e6
--- /dev/null
+++ b/packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.test.js
@@ -0,0 +1,68 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import getAdminAppAuthClientMock from '../../../../../../test/mocks/rest/api/v1/admin/get-app-auth-client.js';
+import { createAppAuthClient } from '../../../../../../test/factories/app-auth-client.js';
+import { createPermission } from '../../../../../../test/factories/permission.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/app-auth-clients/:appAuthClientId', () => {
+  let currentUser, currentAppAuthClient, token;
+
+  describe('without valid license key', () => {
+    beforeEach(async () => {
+      vi.spyOn(license, 'hasValidLicense').mockResolvedValue(false);
+
+      currentUser = await createUser();
+      currentAppAuthClient = await createAppAuthClient();
+
+      await createPermission({
+        roleId: currentUser.roleId,
+        action: 'read',
+        subject: 'App',
+        conditions: [],
+      });
+
+      token = createAuthTokenByUserId(currentUser.id);
+    });
+
+    it('should return empty object', async () => {
+      const response = await request(app)
+        .get(`/api/v1/admin/app-auth-clients/${currentAppAuthClient.id}`)
+        .set('Authorization', token)
+        .expect(403);
+
+      expect(response.body).toEqual({});
+    });
+  });
+
+  describe('with valid license key', () => {
+    beforeEach(async () => {
+      vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+      currentUser = await createUser();
+      currentAppAuthClient = await createAppAuthClient();
+
+      await createPermission({
+        roleId: currentUser.roleId,
+        action: 'read',
+        subject: 'App',
+        conditions: [],
+      });
+
+      token = createAuthTokenByUserId(currentUser.id);
+    });
+
+    it('should return specified app auth client info', async () => {
+      const response = await request(app)
+        .get(`/api/v1/admin/app-auth-clients/${currentAppAuthClient.id}`)
+        .set('Authorization', token)
+        .expect(200);
+
+      const expectedPayload = getAdminAppAuthClientMock(currentAppAuthClient);
+      expect(response.body).toEqual(expectedPayload);
+    });
+  });
+});
diff --git a/packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.js b/packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.js
new file mode 100644
index 00000000..ae5e335f
--- /dev/null
+++ b/packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.js
@@ -0,0 +1,11 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import AppAuthClient from '../../../../models/app-auth-client.js';
+
+export default async (request, response) => {
+  const appAuthClient = await AppAuthClient.query()
+    .findById(request.params.appAuthClientId)
+    .where({ active: true })
+    .throwIfNotFound();
+
+  renderObject(response, appAuthClient);
+};
diff --git a/packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.test.js b/packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.test.js
new file mode 100644
index 00000000..f746d0b1
--- /dev/null
+++ b/packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.test.js
@@ -0,0 +1,31 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import getAppAuthClientMock from '../../../../../test/mocks/rest/api/v1/admin/get-app-auth-client.js';
+import { createAppAuthClient } from '../../../../../test/factories/app-auth-client.js';
+import * as license from '../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/app-auth-clients/:id', () => {
+  let currentUser, currentAppAuthClient, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    currentUser = await createUser();
+    currentAppAuthClient = await createAppAuthClient();
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return specified app auth client info', async () => {
+    const response = await request(app)
+      .get(`/api/v1/app-auth-clients/${currentAppAuthClient.id}?active=true`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppAuthClientMock(currentAppAuthClient);
+    expect(response.body).toEqual(expectedPayload);
+  });
+});
diff --git a/packages/backend/src/helpers/authorization.js b/packages/backend/src/helpers/authorization.js
index 8c20c4f4..133ea880 100644
--- a/packages/backend/src/helpers/authorization.js
+++ b/packages/backend/src/helpers/authorization.js
@@ -7,6 +7,10 @@ const authorizationList = {
     action: 'read',
     subject: 'User',
   },
+  '/api/v1/admin/app-auth-clients/:appAuthClientId': {
+    action: 'read',
+    subject: 'App',
+  },
 };
 
 export const authorizeUser = async (request, response, next) => {
diff --git a/packages/backend/src/routes/api/v1/admin/app-auth-clients.js b/packages/backend/src/routes/api/v1/admin/app-auth-clients.js
new file mode 100644
index 00000000..92b4885c
--- /dev/null
+++ b/packages/backend/src/routes/api/v1/admin/app-auth-clients.js
@@ -0,0 +1,15 @@
+import { Router } from 'express';
+import { authenticateUser } from '../../../../helpers/authentication.js';
+import { authorizeUser } from '../../../../helpers/authorization.js';
+import getAdminAppAuthClientsAction from '../../../../controllers/api/v1/admin/app-auth-clients/get-app-auth-client.js';
+
+const router = Router();
+
+router.get(
+  '/:appAuthClientId',
+  authenticateUser,
+  authorizeUser,
+  getAdminAppAuthClientsAction
+);
+
+export default router;
diff --git a/packages/backend/src/routes/api/v1/app-auth-clients.js b/packages/backend/src/routes/api/v1/app-auth-clients.js
new file mode 100644
index 00000000..3590dd4e
--- /dev/null
+++ b/packages/backend/src/routes/api/v1/app-auth-clients.js
@@ -0,0 +1,9 @@
+import { Router } from 'express';
+import { authenticateUser } from '../../../helpers/authentication.js';
+import getAppAuthClientAction from '../../../controllers/api/v1/app-auth-clients/get-app-auth-client.js';
+
+const router = Router();
+
+router.get('/:appAuthClientId', authenticateUser, getAppAuthClientAction);
+
+export default router;
diff --git a/packages/backend/src/routes/index.js b/packages/backend/src/routes/index.js
index 51fccf26..f31e6311 100644
--- a/packages/backend/src/routes/index.js
+++ b/packages/backend/src/routes/index.js
@@ -6,10 +6,12 @@ import healthcheckRouter from './healthcheck.js';
 import automatischRouter from './api/v1/automatisch.js';
 import usersRouter from './api/v1/users.js';
 import paymentRouter from './api/v1/payment.ee.js';
+import appAuthClientsRouter from './api/v1/app-auth-clients.js';
 import samlAuthProvidersRouter from './api/v1/admin/saml-auth-providers.ee.js';
 import rolesRouter from './api/v1/admin/roles.ee.js';
 import permissionsRouter from './api/v1/admin/permissions.ee.js';
 import adminUsersRouter from './api/v1/admin/users.ee.js';
+import adminAppAuthClientsRouter from './api/v1/admin/app-auth-clients.js';)
 
 const router = Router();
 
@@ -20,9 +22,13 @@ router.use('/healthcheck', healthcheckRouter);
 router.use('/api/v1/automatisch', automatischRouter);
 router.use('/api/v1/users', usersRouter);
 router.use('/api/v1/payment', paymentRouter);
+router.use('/api/v1/app-auth-clients', appAuthClientsRouter);
+
 router.use('/api/v1/admin/saml-auth-providers', samlAuthProvidersRouter);
 router.use('/api/v1/admin/roles', rolesRouter);
 router.use('/api/v1/admin/permissions', permissionsRouter);
 router.use('/api/v1/admin/users', adminUsersRouter);
+router.use('/api/v1/admin/app-auth-clients', adminAppAuthClientsRouter);
+
 
 export default router;
diff --git a/packages/backend/src/serializers/appAuthClientSerializer.js b/packages/backend/src/serializers/appAuthClientSerializer.js
new file mode 100644
index 00000000..88af3dab
--- /dev/null
+++ b/packages/backend/src/serializers/appAuthClientSerializer.js
@@ -0,0 +1,10 @@
+const appAuthClientSerializer = (appAuthClient) => {
+  return {
+    id: appAuthClient.id,
+    appConfigId: appAuthClient.appConfigId,
+    name: appAuthClient.name,
+    active: appAuthClient.active,
+  };
+};
+
+export default appAuthClientSerializer;
diff --git a/packages/backend/src/serializers/index.js b/packages/backend/src/serializers/index.js
index b8f30924..057b54f0 100644
--- a/packages/backend/src/serializers/index.js
+++ b/packages/backend/src/serializers/index.js
@@ -2,12 +2,14 @@ import userSerializer from './user.js';
 import roleSerializer from './role.js';
 import permissionSerializer from './permission.js';
 import samlAuthProviderSerializer from './saml-auth-provider.ee.js';
+import appAuthClientSerializer from './appAuthClientSerializer.js';
 
 const serializers = {
   User: userSerializer,
   Role: roleSerializer,
   Permission: permissionSerializer,
   SamlAuthProvider: samlAuthProviderSerializer,
+  AppAuthClient: appAuthClientSerializer,
 };
 
 export default serializers;
diff --git a/packages/backend/test/factories/app-auth-client.js b/packages/backend/test/factories/app-auth-client.js
new file mode 100644
index 00000000..296d8315
--- /dev/null
+++ b/packages/backend/test/factories/app-auth-client.js
@@ -0,0 +1,25 @@
+import { faker } from '@faker-js/faker';
+import { createAppConfig } from './app-config.js';
+import AppAuthClient from '../../src/models/app-auth-client';
+
+const formattedAuthDefaults = {
+  oAuthRedirectUrl: faker.internet.url(),
+  instanceUrl: faker.internet.url(),
+  clientId: faker.string.uuid(),
+  clientSecret: faker.string.uuid(),
+};
+
+export const createAppAuthClient = async (params = {}) => {
+  params.name = params?.name || faker.person.fullName();
+  params.id = params?.id || faker.string.uuid();
+  params.appConfigId = params?.appConfigId || (await createAppConfig()).id;
+  params.active = params?.active ?? true;
+  params.formattedAuthDefaults =
+    params?.formattedAuthDefaults || formattedAuthDefaults;
+
+  const appAuthClient = await AppAuthClient.query()
+    .insert(params)
+    .returning('*');
+
+  return appAuthClient;
+};
diff --git a/packages/backend/test/factories/app-config.js b/packages/backend/test/factories/app-config.js
new file mode 100644
index 00000000..c3f296af
--- /dev/null
+++ b/packages/backend/test/factories/app-config.js
@@ -0,0 +1,13 @@
+import AppConfig from '../../src/models/app-config.js';
+
+export const createAppConfig = async (params = {}) => {
+  const appConfigData = {
+    key: params?.key || 'gitlab',
+  };
+
+  const appConfig = await AppConfig.query()
+    .insert(appConfigData)
+    .returning('*');
+
+  return appConfig;
+};
diff --git a/packages/backend/test/mocks/rest/api/v1/admin/get-app-auth-client.js b/packages/backend/test/mocks/rest/api/v1/admin/get-app-auth-client.js
new file mode 100644
index 00000000..7d4446d5
--- /dev/null
+++ b/packages/backend/test/mocks/rest/api/v1/admin/get-app-auth-client.js
@@ -0,0 +1,19 @@
+const getAdminAppAuthClientMock = (appAuthClient) => {
+  return {
+    data: {
+      appConfigId: appAuthClient.appConfigId,
+      name: appAuthClient.name,
+      id: appAuthClient.id,
+      active: appAuthClient.active,
+    },
+    meta: {
+      count: 1,
+      currentPage: null,
+      isArray: false,
+      totalPages: null,
+      type: 'AppAuthClient',
+    },
+  };
+};
+
+export default getAdminAppAuthClientMock;
diff --git a/packages/backend/test/mocks/rest/api/v1/get-app-auth-client.js b/packages/backend/test/mocks/rest/api/v1/get-app-auth-client.js
new file mode 100644
index 00000000..3789ffe7
--- /dev/null
+++ b/packages/backend/test/mocks/rest/api/v1/get-app-auth-client.js
@@ -0,0 +1,19 @@
+const getAppAuthClientMock = (appAuthClient) => {
+  return {
+    data: {
+      name: appAuthClient.name,
+      id: appAuthClient.id,
+      appConfigId: appAuthClient.appConfigId,
+      active: appAuthClient.active,
+    },
+    meta: {
+      count: 1,
+      currentPage: null,
+      isArray: false,
+      totalPages: null,
+      type: 'AppAuthClient',
+    },
+  };
+};
+
+export default getAppAuthClientMock;