From 1a42d118f64b6af90ffa6787e58079e1dcd34e05 Mon Sep 17 00:00:00 2001 From: ItzNotABug Date: Sat, 1 Jun 2024 19:18:35 +0530 Subject: [PATCH 1/4] add: test to validate user-id isn't overridden. --- .../Functions/FunctionsCustomClientTest.php | 88 +++++++++++++++++++ 1 file changed, 88 insertions(+) diff --git a/tests/e2e/Services/Functions/FunctionsCustomClientTest.php b/tests/e2e/Services/Functions/FunctionsCustomClientTest.php index 119c1a22239..0acf297ea79 100644 --- a/tests/e2e/Services/Functions/FunctionsCustomClientTest.php +++ b/tests/e2e/Services/Functions/FunctionsCustomClientTest.php @@ -716,4 +716,92 @@ public function testSynchronousExecution(): array return []; } + + public function testExecutionWithUserId(): array + { + /** + * Test for SUCCESS + */ + $projectId = $this->getProject()['$id']; + $apikey = $this->getProject()['apiKey']; + + $function = $this->client->call(Client::METHOD_POST, '/functions', [ + 'content-type' => 'application/json', + 'x-appwrite-project' => $projectId, + 'x-appwrite-key' => $apikey, + ], [ + 'functionId' => ID::unique(), + 'name' => 'Test', + 'execute' => [Role::any()->toString()], + 'runtime' => 'node-18.0', + 'entrypoint' => 'index.js' + ]); + + $functionId = $function['body']['$id'] ?? ''; + + $this->assertEquals(201, $function['headers']['status-code']); + + $folder = 'node'; + $code = realpath(__DIR__ . '/../../../resources/functions') . "/$folder/code.tar.gz"; + $this->packageCode($folder); + + $deployment = $this->client->call(Client::METHOD_POST, '/functions/' . $functionId . '/deployments', [ + 'content-type' => 'multipart/form-data', + 'x-appwrite-project' => $projectId, + 'x-appwrite-key' => $apikey, + ], [ + 'entrypoint' => 'index.js', + 'code' => new CURLFile($code, 'application/x-gzip', \basename($code)), //different tarball names intentional + 'activate' => true + ]); + + $deploymentId = $deployment['body']['$id'] ?? ''; + + $this->assertEquals(202, $deployment['headers']['status-code']); + + // Poll until deployment is built + while (true) { + $deployment = $this->client->call(Client::METHOD_GET, '/functions/' . $function['body']['$id'] . '/deployments/' . $deploymentId, [ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + 'x-appwrite-key' => $this->getProject()['apiKey'], + ]); + + if ( + $deployment['headers']['status-code'] >= 400 + || \in_array($deployment['body']['status'], ['ready', 'failed']) + ) { + break; + } + + \sleep(1); + } + + $this->assertEquals('ready', $deployment['body']['status']); + + $execution = $this->client->call(Client::METHOD_POST, '/functions/' . $functionId . '/executions', array_merge([ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + ], $this->getHeaders()), [ + 'x-appwrite-user-id' => "665b0df20031bdf527fb", + ]); + + $output = json_decode($execution['body']['responseBody'], true); + $this->assertNotEquals('665b0df20031bdf527fb', $this->getUser()['$id']); + $this->assertEquals($this->getUser()['$id'], $output['APPWRITE_FUNCTION_USER_ID']); + // Client should never see logs and errors + $this->assertEmpty($execution['body']['logs']); + $this->assertEmpty($execution['body']['errors']); + + // Cleanup : Delete function + $response = $this->client->call(Client::METHOD_DELETE, '/functions/' . $functionId, [ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + 'x-appwrite-key' => $this->getProject()['apiKey'], + ], []); + + $this->assertEquals(204, $response['headers']['status-code']); + + return []; + } } From 52f5a5c40c6a637a66cb34325cbd67034bd73b39 Mon Sep 17 00:00:00 2001 From: ItzNotABug Date: Mon, 3 Jun 2024 14:10:20 +0530 Subject: [PATCH 2/4] update test. --- .../Functions/FunctionsCustomClientTest.php | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/tests/e2e/Services/Functions/FunctionsCustomClientTest.php b/tests/e2e/Services/Functions/FunctionsCustomClientTest.php index 0acf297ea79..0adf11d0578 100644 --- a/tests/e2e/Services/Functions/FunctionsCustomClientTest.php +++ b/tests/e2e/Services/Functions/FunctionsCustomClientTest.php @@ -783,15 +783,19 @@ public function testExecutionWithUserId(): array 'content-type' => 'application/json', 'x-appwrite-project' => $this->getProject()['$id'], ], $this->getHeaders()), [ - 'x-appwrite-user-id' => "665b0df20031bdf527fb", + 'x-appwrite-event' => "OVERRIDDEN", + 'x-appwrite-trigger' => "OVERRIDDEN", + 'x-appwrite-user-id' => "OVERRIDDEN", + 'x-appwrite-user-jwt' => "OVERRIDDEN", ]); $output = json_decode($execution['body']['responseBody'], true); - $this->assertNotEquals('665b0df20031bdf527fb', $this->getUser()['$id']); + $this->assertNotEquals('OVERRIDDEN', $output['APPWRITE_FUNCTION_JWT']); + $this->assertNotEquals('OVERRIDDEN', $output['APPWRITE_FUNCTION_EVENT']); + $this->assertNotEquals('OVERRIDDEN', $output['APPWRITE_FUNCTION_TRIGGER']); + $this->assertNotEquals('OVERRIDDEN', $output['APPWRITE_FUNCTION_USER_ID']); + $this->assertEquals($this->getUser()['$id'], $output['APPWRITE_FUNCTION_USER_ID']); - // Client should never see logs and errors - $this->assertEmpty($execution['body']['logs']); - $this->assertEmpty($execution['body']['errors']); // Cleanup : Delete function $response = $this->client->call(Client::METHOD_DELETE, '/functions/' . $functionId, [ From b54a599960dbd21e52d8ef923bb4857f666eab9a Mon Sep 17 00:00:00 2001 From: ItzNotABug Date: Mon, 3 Jun 2024 14:13:08 +0530 Subject: [PATCH 3/4] update test name for clarity. --- tests/e2e/Services/Functions/FunctionsCustomClientTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/e2e/Services/Functions/FunctionsCustomClientTest.php b/tests/e2e/Services/Functions/FunctionsCustomClientTest.php index 0adf11d0578..e10aef840c5 100644 --- a/tests/e2e/Services/Functions/FunctionsCustomClientTest.php +++ b/tests/e2e/Services/Functions/FunctionsCustomClientTest.php @@ -717,7 +717,7 @@ public function testSynchronousExecution(): array return []; } - public function testExecutionWithUserId(): array + public function testNonOverrideOfHeaders(): array { /** * Test for SUCCESS From 37da4a0cd39e20aa9a1be37c8ef7a401a5843783 Mon Sep 17 00:00:00 2001 From: ItzNotABug Date: Mon, 3 Jun 2024 14:19:59 +0530 Subject: [PATCH 4/4] review comments. --- tests/e2e/Services/Functions/FunctionsCustomClientTest.php | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/e2e/Services/Functions/FunctionsCustomClientTest.php b/tests/e2e/Services/Functions/FunctionsCustomClientTest.php index e10aef840c5..0b8ea71aada 100644 --- a/tests/e2e/Services/Functions/FunctionsCustomClientTest.php +++ b/tests/e2e/Services/Functions/FunctionsCustomClientTest.php @@ -795,8 +795,6 @@ public function testNonOverrideOfHeaders(): array $this->assertNotEquals('OVERRIDDEN', $output['APPWRITE_FUNCTION_TRIGGER']); $this->assertNotEquals('OVERRIDDEN', $output['APPWRITE_FUNCTION_USER_ID']); - $this->assertEquals($this->getUser()['$id'], $output['APPWRITE_FUNCTION_USER_ID']); - // Cleanup : Delete function $response = $this->client->call(Client::METHOD_DELETE, '/functions/' . $functionId, [ 'content-type' => 'application/json',