Skip to content

Commit 3d67331

Browse files
ggazzoggazzo
committed
test(federation): refine end-to-end tests for user invitation permissions in federated rooms
1 parent 1ba65cb commit 3d67331

File tree

1 file changed

+60
-23
lines changed

1 file changed

+60
-23
lines changed

ee/packages/federation-matrix/tests/end-to-end/permissions.spec.ts

Lines changed: 60 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -101,7 +101,7 @@ import { SynapseClient } from '../helper/synapse-client';
101101
matrixRoomId = await hs1AdminApp.createRoom(channelName);
102102
});
103103

104-
it('should throw an error if a user without access-federation permission tries to invite a user to a room', async () => {
104+
it('should throw an error if a remote user tries to invite a user without access-federation permission to a room', async () => {
105105
await expect(hs1AdminApp.matrixClient.invite(matrixRoomId, `@${user.username}:${federationConfig.rc1.url}`)).rejects.toThrow();
106106
const subscriptions = await getSubscriptions(rc1AdminRequestConfig);
107107
const invitedSub = subscriptions.update.find((sub) => sub.fname?.includes(channelName));
@@ -139,33 +139,70 @@ import { SynapseClient } from '../helper/synapse-client';
139139
expect(createResponse.body).toHaveProperty('errorType', 'error-not-authorized-federation');
140140
});
141141

142-
it('should not be able to add a user without access-federation permission to a room', async () => {
143-
const createResponse = await createRoom({
144-
type: 'p',
145-
name: `federated-room-${Date.now()}`,
146-
members: [],
147-
extraData: {
148-
federated: true,
149-
},
150-
config: rc1AdminRequestConfig,
142+
describe('Inviting from a local server', () => {
143+
let channelName: string;
144+
145+
let createResponse;
146+
let addUserResponse;
147+
148+
beforeAll(async () => {
149+
channelName = `federated-room-${Date.now()}`;
150+
createResponse = await createRoom({
151+
type: 'p',
152+
name: channelName,
153+
members: [],
154+
extraData: {
155+
federated: true,
156+
},
157+
config: rc1AdminRequestConfig,
158+
});
159+
expect(createResponse.status).toBe(200);
160+
expect(createResponse.body).toHaveProperty('success', true);
161+
expect(createResponse.body).toHaveProperty('group');
162+
expect(createResponse.body.group).toHaveProperty('_id');
163+
expect(createResponse.body.group).toHaveProperty('t', 'p');
164+
expect(createResponse.body.group).toHaveProperty('federated', true);
151165
});
166+
let user: TestUser<IUser>;
152167

153-
expect(createResponse.status).toBe(200);
154-
expect(createResponse.body).toHaveProperty('success', true);
155-
expect(createResponse.body).toHaveProperty('group');
156-
expect(createResponse.body.group).toHaveProperty('_id');
157-
expect(createResponse.body.group).toHaveProperty('t', 'p');
158-
expect(createResponse.body.group).toHaveProperty('federated', true);
168+
beforeAll(async () => {
169+
user = await createUser(
170+
{
171+
username: `g3-${Date.now()}`,
172+
password: '1',
173+
roles: ['user'],
174+
},
175+
rc1AdminRequestConfig,
176+
);
177+
});
159178

160-
const addUserResponse = await addUserToRoom({
161-
usernames: [federationConfig.hs1.adminMatrixUserId],
162-
rid: createResponse.body.group._id,
163-
config: rc1User1RequestConfig,
179+
afterAll(async () => {
180+
await deleteUser(user, {}, rc1AdminRequestConfig);
164181
});
182+
it('should not be able to add a user without access-federation permission to a room', async () => {
183+
const addUserResponse = await addUserToRoom({
184+
usernames: [user.username],
185+
rid: createResponse.body.group._id,
186+
config: rc1AdminRequestConfig,
187+
});
188+
189+
expect(addUserResponse.status).toBe(200);
190+
expect(addUserResponse.body).toHaveProperty('success', true);
191+
expect(addUserResponse.body.message).toMatch(/error-not-authorized-federation/);
192+
});
193+
194+
it("should be able to add a remote user to a room regardless of the user's access-federation permission defined locally", async () => {
195+
addUserResponse = await addUserToRoom({
196+
usernames: [federationConfig.hs1.adminMatrixUserId],
197+
rid: createResponse.body.group._id,
198+
config: rc1AdminRequestConfig,
199+
});
165200

166-
expect(addUserResponse.status).toBe(200);
167-
expect(addUserResponse.body).toHaveProperty('success', true);
168-
expect(addUserResponse.body.message).toMatch(/error-not-allowed/);
201+
expect(addUserResponse.status).toBe(200);
202+
expect(addUserResponse.body).toHaveProperty('success', true);
203+
expect(addUserResponse.body).toHaveProperty('message');
204+
expect(addUserResponse.body.message).toMatch('{"msg":"result","id":"id","result":true}');
205+
});
169206
});
170207
});
171208

0 commit comments

Comments
 (0)