diff --git a/package.json b/package.json index c089525ef..42ee7db7b 100644 --- a/package.json +++ b/package.json @@ -96,6 +96,7 @@ "source-map-support": "0.5.21", "supertest": "6.2.4", "ts-jest": "28.0.5", + "ts-mockery": "1.2.0", "ts-node": "10.8.2", "tsconfig-paths": "4.0.0", "typescript": "4.7.4" diff --git a/src/app-init.ts b/src/app-init.ts index 742bf99f8..04a4d6853 100644 --- a/src/app-init.ts +++ b/src/app-init.ts @@ -8,11 +8,11 @@ import { NestExpressApplication } from '@nestjs/platform-express'; import { AppConfig } from './config/app.config'; import { AuthConfig } from './config/auth.config'; -import { DatabaseConfig } from './config/database.config'; import { MediaConfig } from './config/media.config'; import { ErrorExceptionMapping } from './errors/error-mapping'; import { ConsoleLoggerService } from './logger/console-logger.service'; import { BackendType } from './media/backends/backend-type.enum'; +import { SessionService } from './session/session.service'; import { setupSpecialGroups } from './utils/createSpecialGroups'; import { setupFrontendProxy } from './utils/frontend-integration'; import { setupSessionMiddleware } from './utils/session'; @@ -26,7 +26,6 @@ export async function setupApp( app: NestExpressApplication, appConfig: AppConfig, authConfig: AuthConfig, - databaseConfig: DatabaseConfig, mediaConfig: MediaConfig, logger: ConsoleLoggerService, ): Promise { @@ -48,7 +47,11 @@ export async function setupApp( await setupSpecialGroups(app); - setupSessionMiddleware(app, authConfig, databaseConfig); + setupSessionMiddleware( + app, + authConfig, + app.get(SessionService).getTypeormStore(), + ); app.enableCors({ origin: appConfig.rendererOrigin, diff --git a/src/app.module.ts b/src/app.module.ts index a9f7f2a91..9ec7596b6 100644 --- a/src/app.module.ts +++ b/src/app.module.ts @@ -34,6 +34,7 @@ import { MonitoringModule } from './monitoring/monitoring.module'; import { NotesModule } from './notes/notes.module'; import { PermissionsModule } from './permissions/permissions.module'; import { RevisionsModule } from './revisions/revisions.module'; +import { SessionModule } from './session/session.module'; import { UsersModule } from './users/users.module'; const routes: Routes = [ @@ -101,6 +102,7 @@ const routes: Routes = [ AuthModule, FrontendConfigModule, IdentityModule, + SessionModule, ], controllers: [], providers: [FrontendConfigService], diff --git a/src/history/history.service.spec.ts b/src/history/history.service.spec.ts index cdcf68004..08bf0a96e 100644 --- a/src/history/history.service.spec.ts +++ b/src/history/history.service.spec.ts @@ -6,11 +6,12 @@ import { ConfigModule } from '@nestjs/config'; import { Test, TestingModule } from '@nestjs/testing'; import { getDataSourceToken, getRepositoryToken } from '@nestjs/typeorm'; -import { DataSource, Repository } from 'typeorm'; +import { DataSource, EntityManager, Repository } from 'typeorm'; import { AuthToken } from '../auth/auth-token.entity'; import { Author } from '../authors/author.entity'; import appConfigMock from '../config/mock/app.config.mock'; +import databaseConfigMock from '../config/mock/database.config.mock'; import noteConfigMock from '../config/mock/note.config.mock'; import { NotInDBError } from '../errors/errors'; import { Group } from '../groups/group.entity'; @@ -48,6 +49,16 @@ describe('HistoryService', () => { } beforeEach(async () => { + noteRepo = new Repository( + '', + new EntityManager( + new DataSource({ + type: 'sqlite', + database: ':memory:', + }), + ), + undefined, + ); const module: TestingModule = await Test.createTestingModule({ providers: [ HistoryService, @@ -61,7 +72,7 @@ describe('HistoryService', () => { }, { provide: getRepositoryToken(Note), - useClass: Repository, + useValue: noteRepo, }, ], imports: [ @@ -70,7 +81,7 @@ describe('HistoryService', () => { NotesModule, ConfigModule.forRoot({ isGlobal: true, - load: [appConfigMock, noteConfigMock], + load: [appConfigMock, databaseConfigMock, noteConfigMock], }), ], }) @@ -85,7 +96,7 @@ describe('HistoryService', () => { .overrideProvider(getRepositoryToken(Revision)) .useValue({}) .overrideProvider(getRepositoryToken(Note)) - .useClass(Repository) + .useValue(noteRepo) .overrideProvider(getRepositoryToken(Tag)) .useValue({}) .overrideProvider(getRepositoryToken(NoteGroupPermission)) diff --git a/src/main.ts b/src/main.ts index d5fb234a1..24c594f29 100644 --- a/src/main.ts +++ b/src/main.ts @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file) + * SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file) * * SPDX-License-Identifier: AGPL-3.0-only */ @@ -31,24 +31,16 @@ async function bootstrap(): Promise { // Initialize config and abort if we don't have a valid config const configService = app.get(ConfigService); const appConfig = configService.get('appConfig'); - const databaseConfig = configService.get('databaseConfig'); const authConfig = configService.get('authConfig'); const mediaConfig = configService.get('mediaConfig'); - if (!appConfig || !databaseConfig || !authConfig || !mediaConfig) { + if (!appConfig || !authConfig || !mediaConfig) { logger.error('Could not initialize config, aborting.', 'AppBootstrap'); process.exit(1); } // Call common setup function which handles the rest // Setup code must be added there! - await setupApp( - app, - appConfig, - authConfig, - databaseConfig, - mediaConfig, - logger, - ); + await setupApp(app, appConfig, authConfig, mediaConfig, logger); // Start the server await app.listen(appConfig.port); diff --git a/src/media/media.service.spec.ts b/src/media/media.service.spec.ts index 623fb9ab7..440d28486 100644 --- a/src/media/media.service.spec.ts +++ b/src/media/media.service.spec.ts @@ -12,6 +12,7 @@ import { Repository } from 'typeorm'; import appConfigMock from '../../src/config/mock/app.config.mock'; import { AuthToken } from '../auth/auth-token.entity'; import { Author } from '../authors/author.entity'; +import databaseConfigMock from '../config/mock/database.config.mock'; import mediaConfigMock from '../config/mock/media.config.mock'; import noteConfigMock from '../config/mock/note.config.mock'; import { ClientError, NotInDBError } from '../errors/errors'; @@ -52,7 +53,12 @@ describe('MediaService', () => { imports: [ ConfigModule.forRoot({ isGlobal: true, - load: [mediaConfigMock, appConfigMock, noteConfigMock], + load: [ + mediaConfigMock, + appConfigMock, + databaseConfigMock, + noteConfigMock, + ], }), LoggerModule, NotesModule, diff --git a/src/notes/alias.service.spec.ts b/src/notes/alias.service.spec.ts index c659f72eb..954a0343a 100644 --- a/src/notes/alias.service.spec.ts +++ b/src/notes/alias.service.spec.ts @@ -6,11 +6,12 @@ import { ConfigModule, ConfigService } from '@nestjs/config'; import { Test, TestingModule } from '@nestjs/testing'; import { getRepositoryToken } from '@nestjs/typeorm'; -import { Repository } from 'typeorm'; +import { DataSource, EntityManager, Repository } from 'typeorm'; import { AuthToken } from '../auth/auth-token.entity'; import { Author } from '../authors/author.entity'; import appConfigMock from '../config/mock/app.config.mock'; +import databaseConfigMock from '../config/mock/database.config.mock'; import noteConfigMock from '../config/mock/note.config.mock'; import { AlreadyInDBError, @@ -43,13 +44,23 @@ describe('AliasService', () => { let aliasRepo: Repository; let forbiddenNoteId: string; beforeEach(async () => { + noteRepo = new Repository( + '', + new EntityManager( + new DataSource({ + type: 'sqlite', + database: ':memory:', + }), + ), + undefined, + ); const module: TestingModule = await Test.createTestingModule({ providers: [ AliasService, NotesService, { provide: getRepositoryToken(Note), - useClass: Repository, + useValue: noteRepo, }, { provide: getRepositoryToken(Alias), @@ -67,7 +78,7 @@ describe('AliasService', () => { imports: [ ConfigModule.forRoot({ isGlobal: true, - load: [appConfigMock, noteConfigMock], + load: [appConfigMock, databaseConfigMock, noteConfigMock], }), LoggerModule, UsersModule, @@ -77,7 +88,7 @@ describe('AliasService', () => { ], }) .overrideProvider(getRepositoryToken(Note)) - .useClass(Repository) + .useValue(noteRepo) .overrideProvider(getRepositoryToken(Tag)) .useClass(Repository) .overrideProvider(getRepositoryToken(Alias)) diff --git a/src/notes/notes.service.spec.ts b/src/notes/notes.service.spec.ts index 2e984bd1f..bfd53b9f5 100644 --- a/src/notes/notes.service.spec.ts +++ b/src/notes/notes.service.spec.ts @@ -11,6 +11,7 @@ import { DataSource, EntityManager, Repository } from 'typeorm'; import { AuthToken } from '../auth/auth-token.entity'; import { Author } from '../authors/author.entity'; import appConfigMock from '../config/mock/app.config.mock'; +import databaseConfigMock from '../config/mock/database.config.mock'; import noteConfigMock from '../config/mock/note.config.mock'; import { AlreadyInDBError, @@ -135,13 +136,23 @@ describe('NotesService', () => { ), undefined, ); + noteRepo = new Repository( + '', + new EntityManager( + new DataSource({ + type: 'sqlite', + database: ':memory:', + }), + ), + undefined, + ); const module: TestingModule = await Test.createTestingModule({ providers: [ NotesService, AliasService, { provide: getRepositoryToken(Note), - useClass: Repository, + useValue: noteRepo, }, { provide: getRepositoryToken(Tag), @@ -157,18 +168,18 @@ describe('NotesService', () => { }, ], imports: [ - ConfigModule.forRoot({ - isGlobal: true, - load: [appConfigMock, noteConfigMock], - }), LoggerModule, UsersModule, GroupsModule, RevisionsModule, + ConfigModule.forRoot({ + isGlobal: true, + load: [appConfigMock, databaseConfigMock, noteConfigMock], + }), ], }) .overrideProvider(getRepositoryToken(Note)) - .useClass(Repository) + .useValue(noteRepo) .overrideProvider(getRepositoryToken(Tag)) .useClass(Repository) .overrideProvider(getRepositoryToken(Alias)) diff --git a/src/permissions/permissions.service.spec.ts b/src/permissions/permissions.service.spec.ts index b6c2379c2..84b25e026 100644 --- a/src/permissions/permissions.service.spec.ts +++ b/src/permissions/permissions.service.spec.ts @@ -11,6 +11,7 @@ import { DataSource, EntityManager, Repository } from 'typeorm'; import { AuthToken } from '../auth/auth-token.entity'; import { Author } from '../authors/author.entity'; import appConfigMock from '../config/mock/app.config.mock'; +import databaseConfigMock from '../config/mock/database.config.mock'; import noteConfigMock from '../config/mock/note.config.mock'; import { PermissionsUpdateInconsistentError } from '../errors/errors'; import { Group } from '../groups/group.entity'; @@ -86,17 +87,13 @@ describe('PermissionsService', () => { }, ], imports: [ - ConfigModule.forRoot({ - isGlobal: true, - load: [appConfigMock], - }), LoggerModule, PermissionsModule, UsersModule, NotesModule, ConfigModule.forRoot({ isGlobal: true, - load: [appConfigMock, noteConfigMock], + load: [appConfigMock, databaseConfigMock, noteConfigMock], }), GroupsModule, ], diff --git a/src/revisions/revisions.service.spec.ts b/src/revisions/revisions.service.spec.ts index 321bb882e..017c57fd6 100644 --- a/src/revisions/revisions.service.spec.ts +++ b/src/revisions/revisions.service.spec.ts @@ -11,6 +11,7 @@ import { Repository } from 'typeorm'; import { AuthToken } from '../auth/auth-token.entity'; import { Author } from '../authors/author.entity'; import appConfigMock from '../config/mock/app.config.mock'; +import databaseConfigMock from '../config/mock/database.config.mock'; import noteConfigMock from '../config/mock/note.config.mock'; import { NotInDBError } from '../errors/errors'; import { Group } from '../groups/group.entity'; @@ -48,7 +49,7 @@ describe('RevisionsService', () => { LoggerModule, ConfigModule.forRoot({ isGlobal: true, - load: [appConfigMock, noteConfigMock], + load: [appConfigMock, databaseConfigMock, noteConfigMock], }), ], }) diff --git a/src/session/session.module.ts b/src/session/session.module.ts new file mode 100644 index 000000000..3044bad10 --- /dev/null +++ b/src/session/session.module.ts @@ -0,0 +1,17 @@ +/* + * SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file) + * + * SPDX-License-Identifier: AGPL-3.0-only + */ +import { Module } from '@nestjs/common'; +import { TypeOrmModule } from '@nestjs/typeorm'; + +import { Session } from '../users/session.entity'; +import { SessionService } from './session.service'; + +@Module({ + imports: [TypeOrmModule.forFeature([Session])], + exports: [SessionService], + providers: [SessionService], +}) +export class SessionModule {} diff --git a/src/session/session.service.spec.ts b/src/session/session.service.spec.ts new file mode 100644 index 000000000..d02af232f --- /dev/null +++ b/src/session/session.service.spec.ts @@ -0,0 +1,55 @@ +/* + * SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file) + * + * SPDX-License-Identifier: AGPL-3.0-only + */ +import * as ConnectTypeormModule from 'connect-typeorm'; +import { TypeormStore } from 'connect-typeorm'; +import { Mock } from 'ts-mockery'; +import { Repository } from 'typeorm'; + +import { DatabaseType } from '../config/database-type.enum'; +import { DatabaseConfig } from '../config/database.config'; +import { Session } from '../users/session.entity'; +import { SessionService } from './session.service'; + +jest.mock('cookie'); +jest.mock('cookie-signature'); + +describe('SessionService', () => { + let mockedTypeormStore: TypeormStore; + let mockedSessionRepository: Repository; + let databaseConfigMock: DatabaseConfig; + let typeormStoreConstructorMock: jest.SpyInstance; + let sessionService: SessionService; + + beforeEach(() => { + jest.resetModules(); + jest.restoreAllMocks(); + mockedTypeormStore = Mock.of({ + connect: jest.fn(() => mockedTypeormStore), + }); + mockedSessionRepository = Mock.of>({}); + databaseConfigMock = Mock.of({ + type: DatabaseType.SQLITE, + }); + + typeormStoreConstructorMock = jest + .spyOn(ConnectTypeormModule, 'TypeormStore') + .mockReturnValue(mockedTypeormStore); + + sessionService = new SessionService( + mockedSessionRepository, + databaseConfigMock, + ); + }); + + it('creates a new TypeormStore on create', () => { + expect(typeormStoreConstructorMock).toBeCalledWith({ + cleanupLimit: 2, + limitSubquery: true, + }); + expect(mockedTypeormStore.connect).toBeCalledWith(mockedSessionRepository); + expect(sessionService.getTypeormStore()).toBe(mockedTypeormStore); + }); +}); diff --git a/src/session/session.service.ts b/src/session/session.service.ts new file mode 100644 index 000000000..9275d5580 --- /dev/null +++ b/src/session/session.service.ts @@ -0,0 +1,35 @@ +/* + * SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file) + * + * SPDX-License-Identifier: AGPL-3.0-only + */ +import { Inject, Injectable } from '@nestjs/common'; +import { InjectRepository } from '@nestjs/typeorm'; +import { TypeormStore } from 'connect-typeorm'; +import { Repository } from 'typeorm'; + +import { DatabaseType } from '../config/database-type.enum'; +import databaseConfiguration, { + DatabaseConfig, +} from '../config/database.config'; +import { Session } from '../users/session.entity'; + +@Injectable() +export class SessionService { + private readonly typeormStore: TypeormStore; + + constructor( + @InjectRepository(Session) private sessionRepository: Repository, + @Inject(databaseConfiguration.KEY) + private dbConfig: DatabaseConfig, + ) { + this.typeormStore = new TypeormStore({ + cleanupLimit: 2, + limitSubquery: dbConfig.type !== DatabaseType.MARIADB, + }).connect(sessionRepository); + } + + getTypeormStore(): TypeormStore { + return this.typeormStore; + } +} diff --git a/src/utils/session.ts b/src/utils/session.ts index f3c359270..f5f14b0bd 100644 --- a/src/utils/session.ts +++ b/src/utils/session.ts @@ -4,40 +4,34 @@ * SPDX-License-Identifier: AGPL-3.0-only */ import { INestApplication } from '@nestjs/common'; -import { getRepositoryToken } from '@nestjs/typeorm'; import { TypeormStore } from 'connect-typeorm'; import session from 'express-session'; -import { Repository } from 'typeorm'; import { AuthConfig } from '../config/auth.config'; -import { DatabaseType } from '../config/database-type.enum'; -import { DatabaseConfig } from '../config/database.config'; -import { Session } from '../users/session.entity'; + +export const HEDGEDOC_SESSION = 'hedgedoc-session'; /** - * Setup the session middleware via the given authConfig. + * Set up the session middleware via the given authConfig. * @param {INestApplication} app - the nest application to configure the middleware for. * @param {AuthConfig} authConfig - the authConfig to configure the middleware with. - * @param {DatabaseConfig} dbConfig - the DatabaseConfig to configure the middleware with. + * @param {TypeormStore} typeormStore - the typeormStore to handle session data. */ export function setupSessionMiddleware( app: INestApplication, authConfig: AuthConfig, - dbConfig: DatabaseConfig, + typeormStore: TypeormStore, ): void { app.use( session({ - name: 'hedgedoc-session', + name: HEDGEDOC_SESSION, secret: authConfig.session.secret, cookie: { maxAge: authConfig.session.lifetime, }, resave: false, saveUninitialized: false, - store: new TypeormStore({ - cleanupLimit: 2, - limitSubquery: dbConfig.type !== DatabaseType.MARIADB, - }).connect(app.get>(getRepositoryToken(Session))), + store: typeormStore, }), ); } diff --git a/test/test-setup.ts b/test/test-setup.ts index b28a1f5ab..056c8c6a3 100644 --- a/test/test-setup.ts +++ b/test/test-setup.ts @@ -50,6 +50,9 @@ import { NotesService } from '../src/notes/notes.service'; import { PermissionsModule } from '../src/permissions/permissions.module'; import { PermissionsService } from '../src/permissions/permissions.service'; import { RevisionsModule } from '../src/revisions/revisions.module'; +import { RevisionsService } from '../src/revisions/revisions.service'; +import { SessionModule } from '../src/session/session.module'; +import { SessionService } from '../src/session/session.service'; import { User } from '../src/users/user.entity'; import { UsersModule } from '../src/users/users.module'; import { UsersService } from '../src/users/users.service'; @@ -67,6 +70,8 @@ export class TestSetup { historyService: HistoryService; aliasService: AliasService; authService: AuthService; + sessionService: SessionService; + revisionsService: RevisionsService; users: User[] = []; authTokens: AuthTokenWithSecretDto[] = []; @@ -226,6 +231,7 @@ export class TestSetupBuilder { AuthModule, FrontendConfigModule, IdentityModule, + SessionModule, ], providers: [ { @@ -269,6 +275,10 @@ export class TestSetupBuilder { this.testSetup.moduleRef.get(AuthService); this.testSetup.permissionsService = this.testSetup.moduleRef.get(PermissionsService); + this.testSetup.sessionService = + this.testSetup.moduleRef.get(SessionService); + this.testSetup.revisionsService = + this.testSetup.moduleRef.get(RevisionsService); this.testSetup.app = this.testSetup.moduleRef.createNestApplication(); @@ -276,7 +286,6 @@ export class TestSetupBuilder { this.testSetup.app, this.testSetup.configService.get('appConfig'), this.testSetup.configService.get('authConfig'), - this.testSetup.configService.get('databaseConfig'), this.testSetup.configService.get('mediaConfig'), await this.testSetup.app.resolve(ConsoleLoggerService), ); diff --git a/yarn.lock b/yarn.lock index 67a74d880..320031b5c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5325,6 +5325,7 @@ __metadata: supertest: 6.2.4 swagger-ui-express: 4.4.0 ts-jest: 28.0.5 + ts-mockery: ^1.2.0 ts-node: 10.8.2 tsconfig-paths: 4.0.0 typeorm: 0.3.7 @@ -9176,6 +9177,15 @@ __metadata: languageName: node linkType: hard +"ts-mockery@npm:^1.2.0": + version: 1.2.0 + resolution: "ts-mockery@npm:1.2.0" + peerDependencies: + typescript: ">= 2.8" + checksum: 01c5b8cbbc2b716ed96acbcc78679a27cc787b575a76fed7eb1beaa8deed8da274e091a9e7dcc77941e290f46481307b550b6e9799ba631410c5173a7be3f442 + languageName: node + linkType: hard + "ts-node@npm:10.8.2": version: 10.8.2 resolution: "ts-node@npm:10.8.2"