33 lines
1.6 KiB
JavaScript
33 lines
1.6 KiB
JavaScript
"use strict";
|
|
const test = require("node:test");
|
|
const assert = require("node:assert/strict");
|
|
const fs = require("node:fs");
|
|
const source = fs.readFileSync(__dirname + "/engine-v3.js", "utf8");
|
|
const actions = require(__dirname + "/authorized-actions.js");
|
|
|
|
test("direct email bypass is removed", () => {
|
|
assert.doesNotMatch(source, /requestEmail|email_mode:\s*requestEmail|直接使用,不查白名单/);
|
|
assert.match(source, /禁止客户端指定邮箱/);
|
|
});
|
|
test("work-session lifecycle endpoints exist", () => {
|
|
for (const route of ["/auth/session/request", "/auth/session/confirm", "/auth/session/exec", "/auth/session/end"]) assert.match(source, new RegExp(route.replaceAll("/", "\\/")));
|
|
});
|
|
test("Zhulan and Canger identities are registered", () => {
|
|
assert.match(source, /ICE-GL-ZL-001/);
|
|
assert.match(source, /TCS-GL-009/);
|
|
assert.match(source, /PTS-VA-001-EED/);
|
|
assert.match(source, /ICE-GL-CA001/);
|
|
});
|
|
test("arbitrary shell commands are not accepted by the authorization flow", () => {
|
|
assert.doesNotMatch(source, /execCmd\(body\.cmd/);
|
|
assert.doesNotMatch(source, /execCmd\(op\.cmd/);
|
|
assert.match(source, /必须指定已登记 action/);
|
|
assert.deepEqual(actions.listActions().map((item) => item.id), ["inspect-gatekeeper", "sync-status"]);
|
|
assert.equal(actions.getAction("not-registered"), null);
|
|
});
|
|
test("Gatekeeper and sync-agent ports are separated", () => {
|
|
assert.match(source, /process\.argv\[2\] \|\| '3911'/);
|
|
const syncConfig = fs.readFileSync(__dirname + "/../../../server-tools/fifth-domain-sync-agent/config.example.json", "utf8");
|
|
assert.match(syncConfig, /"listen_port": 3982/);
|
|
});
|