fix(backend): APIエラーのHTTP status code変更 (#11047)

2023-06-26 03:09:12 +02:00 · 2023-06-26 03:09:12 +02:00 · d23ad8b511
commit d23ad8b511
parent 8099bc24e1
2 changed files with 49 additions and 3 deletions
--- a/packages/backend/test/e2e/api.ts
+++ b/packages/backend/test/e2e/api.ts
@ -1,7 +1,7 @@
 process.env.NODE_ENV = 'test';

 import * as assert from 'assert';
-import { signup, api, startServer } from '../utils.js';
+import { signup, api, startServer, successfulApiCall, failedApiCall } from '../utils.js';
 import type { INestApplicationContext } from '@nestjs/common';
 import type * as misskey from 'misskey-js';

@ -81,4 +81,46 @@ describe('API', () => {
 			assert.strictEqual(res.body.nullableDefault, 'hello');
 		});
 	});
+
+	test('管理者専用のAPIのアクセス制限', async () => {
+		// aliceは管理者、APIを使える
+		await successfulApiCall({
+			endpoint: '/admin/get-index-stats',
+			parameters: {},
+			user: alice,
+		});
+
+		// bobは一般ユーザーだからダメ
+		await failedApiCall({
+			endpoint: '/admin/get-index-stats',
+			parameters: {},
+			user: bob,
+		}, {
+			status: 403,
+			code: 'ROLE_PERMISSION_DENIED',
+			id: 'c3d38592-54c0-429d-be96-5636b0431a61',
+		});
+
+		// publicアクセスももちろんダメ
+		await failedApiCall({
+			endpoint: '/admin/get-index-stats',
+			parameters: {},
+			user: undefined,
+		}, {
+			status: 401,
+			code: 'CREDENTIAL_REQUIRED',
+			id: '1384574d-a912-4b81-8601-c7b1c4085df1',
+		});
+
+		// ごまがしもダメ
+		await failedApiCall({
+			endpoint: '/admin/get-index-stats',
+			parameters: {},
+			user: { token: 'tsukawasete' },
+		}, {
+			status: 401,
+			code: 'AUTHENTICATION_FAILED',
+			id: 'b0a7f5f8-dc2f-4171-b91f-de88ad238e14',
+		});
+	});
 });