tests: added tests for VaultsSecretsWriteFile

MatrixAI · Nov 1, 2024 · 1031db4 · 1031db4
1 parent 995e1b3
commit 1031db4
Show file tree

Hide file tree

Showing 2 changed files with 115 additions and 11 deletions.
diff --git a/src/vaults/VaultOps.ts b/src/vaults/VaultOps.ts
@@ -276,9 +276,25 @@ async function writeSecret(
   logger?: Logger,
 ): Promise<void> {
   await vault.writeF(async (efs) => {
-    await efs.writeFile(secretName, content);
+    try {
+      await efs.writeFile(secretName, content);
+      logger?.info(`Wrote secret ${secretName} in vault ${vault.vaultId}`);
+    } catch (e) {
+      if (e.code === 'ENOENT') {
+        throw new vaultsErrors.ErrorSecretsSecretUndefined(
+          `One or more parent directories for '${secretName}' do not exist`,
+          { cause: e },
+        );
+      }
+      if (e.code === 'EISDIR') {
+        throw new vaultsErrors.ErrorSecretsIsDirectory(
+          `Secret path '${secretName}' is a directory`,
+          { cause: e },
+        );
+      }
+      throw e;
+    }
   });
-  logger?.info(`Wrote secret ${secretName} in vault ${vault.vaultId}`);
 }
 
 export {

diff --git a/tests/client/handlers/vaults.test.ts b/tests/client/handlers/vaults.test.ts
@@ -944,10 +944,27 @@ describe('vaultsSecretsWriteFile', () => {
       recursive: true,
     });
   });
+  test('should fail with an invalid vault name', async () => {
+    const writeP = async () => {
+      try {
+        await rpcClient.methods.vaultsSecretsWriteFile({
+          nameOrId: 'doesnt-exist',
+          secretName: 'doesnt-matter',
+          secretContent: 'doesnt-matter',
+        });
+      } catch (e) {
+        throw e.cause;
+      }
+    };
+    await expect(writeP).rejects.toThrow(
+      vaultsErrors.ErrorVaultsVaultUndefined,
+    );
+  });
   test('should edit a secret', async () => {
     const vaultName = 'test-vault';
-    const secretName = 'test-secret';
     const vaultId = await vaultManager.createVault(vaultName);
+    const secretName = 'test-secret';
+    const newContent = 'content-changed';
     await vaultManager.withVaults([vaultId], async (vault) => {
       await vault.writeF(async (efs) => {
         await efs.writeFile(secretName, secretName);
@@ -956,32 +973,103 @@ describe('vaultsSecretsWriteFile', () => {
     const response = await rpcClient.methods.vaultsSecretsWriteFile({
       nameOrId: vaultsUtils.encodeVaultId(vaultId),
       secretName: secretName,
-      secretContent: Buffer.from('content-change').toString('binary'),
+      secretContent: Buffer.from(newContent).toString('binary'),
     });
     expect(response.success).toBeTruthy();
     await vaultManager.withVaults([vaultId], async (vault) => {
       await vault.readF(async (efs) => {
         expect((await efs.readFile(secretName)).toString()).toStrictEqual(
-          'content-change',
+          newContent,
         );
       });
     });
   });
-  test('should create target file with contents if it does not exist', async () => {
+  test('should create file if it does not exist', async () => {
     const vaultName = 'test-vault';
-    const secretName = 'test-secret';
     const vaultId = await vaultManager.createVault(vaultName);
+    const secretName = 'test-secret';
     const response = await rpcClient.methods.vaultsSecretsWriteFile({
       nameOrId: vaultsUtils.encodeVaultId(vaultId),
       secretName: secretName,
-      secretContent: Buffer.from('content-change').toString('binary'),
+      secretContent: Buffer.from(secretName).toString('binary'),
     });
     expect(response.success).toBeTruthy();
     await vaultManager.withVaults([vaultId], async (vault) => {
       await vault.readF(async (efs) => {
-        expect((await efs.readFile(secretName)).toString()).toStrictEqual(
-          'content-change',
-        );
+        const content = await efs.readFile(secretName);
+        expect(content.toString()).toStrictEqual(secretName);
+      });
+    });
+  });
+  test('should fail when writing to a directory', async () => {
+    const vaultName = 'test-vault';
+    const vaultId = await vaultManager.createVault(vaultName);
+    const dirName = 'test-secret';
+    // Make the directory
+    await vaultManager.withVaults([vaultId], async (vault) => {
+      await vault.writeF(async (efs) => {
+        efs.mkdir(dirName);
+      });
+    });
+    // Try writing to directory
+    const writeP = async () => {
+      try {
+        await rpcClient.methods.vaultsSecretsWriteFile({
+          nameOrId: vaultsUtils.encodeVaultId(vaultId),
+          secretName: dirName,
+          secretContent: Buffer.from(dirName).toString('binary'),
+        });
+      } catch (e) {
+        throw e.cause;
+      }
+    };
+    await expect(writeP).rejects.toThrow(vaultsErrors.ErrorSecretsIsDirectory);
+  });
+  test('should fail when parent does not exist', async () => {
+    const vaultName = 'test-vault';
+    const vaultId = await vaultManager.createVault(vaultName);
+    const dirName = 'dir';
+    const secretName = 'secret-name';
+    const secretPath = path.join(dirName, secretName);
+    // Try writing
+    const writeP = async () => {
+      try {
+        await rpcClient.methods.vaultsSecretsWriteFile({
+          nameOrId: vaultsUtils.encodeVaultId(vaultId),
+          secretName: secretPath,
+          secretContent: Buffer.from(secretName).toString('binary'),
+        });
+      } catch (e) {
+        throw e.cause;
+      }
+    };
+    await expect(writeP).rejects.toThrow(
+      vaultsErrors.ErrorSecretsSecretUndefined,
+    );
+  });
+  test('should write to nested path', async () => {
+    const vaultName = 'test-vault';
+    const vaultId = await vaultManager.createVault(vaultName);
+    const dirName = 'dir';
+    const secretName = 'secret-name';
+    const secretPath = path.join(dirName, secretName);
+    // Make the directory
+    await vaultManager.withVaults([vaultId], async (vault) => {
+      await vault.writeF(async (efs) => {
+        efs.mkdir(dirName);
+      });
+    });
+    // Try writing
+    const response = await rpcClient.methods.vaultsSecretsWriteFile({
+      nameOrId: vaultsUtils.encodeVaultId(vaultId),
+      secretName: secretPath,
+      secretContent: Buffer.from(secretName).toString('binary'),
+    });
+    expect(response.success).toBeTruthy();
+    await vaultManager.withVaults([vaultId], async (vault) => {
+      await vault.readF(async (efs) => {
+        const content = await efs.readFile(secretPath);
+        expect(content.toString()).toStrictEqual(secretName);
       });
     });
   });