[ADF-2139] extra cookie availability check (#2865)

* extra cookie availability check * code style and test fixes * unit tests
2025-07-24 17:32:15 +00:00 · 2018-01-31 17:37:42 +00:00
parent 900fd70d63
commit 49456b3fcd
4 changed files with 59 additions and 5 deletions
--- a/lib/core/mock/cookie.service.mock.ts
+++ b/lib/core/mock/cookie.service.mock.ts
@@ -15,7 +15,9 @@
 * limitations under the License.
 */

-export class CookieServiceMock {
+import { CookieService } from '../services/cookie.service';
+
+export class CookieServiceMock extends CookieService {

    getItem(key: string): string | null {
        return this[key] && this[key].data || null;
--- a/lib/core/services/authentication.service.spec.ts
+++ b/lib/core/services/authentication.service.spec.ts
@@ -75,7 +75,7 @@ describe('AuthenticationService', () => {
        jasmine.Ajax.uninstall();
    });

-    describe('remembe me', () => {
+    describe('remember me', () => {

        beforeEach(() => {
            preferences.authType = 'ECM';
@@ -139,6 +139,24 @@ describe('AuthenticationService', () => {
            preferences.authType = 'ECM';
        });

+        it('should require remember me set for ECM check', () => {
+            spyOn(cookie, 'isEnabled').and.returnValue(true);
+            spyOn(authService, 'isRememberMeSet').and.returnValue(false);
+            spyOn(apiService, 'getInstance').and.callThrough();
+
+            expect(authService.isEcmLoggedIn()).toBeFalsy();
+            expect(apiService.getInstance).not.toHaveBeenCalled();
+        });
+
+        it('should not require cookie service enabled for ECM check', () => {
+            spyOn(cookie, 'isEnabled').and.returnValue(false);
+            spyOn(authService, 'isRememberMeSet').and.returnValue(false);
+            spyOn(apiService, 'getInstance').and.callThrough();
+
+            expect(authService.isEcmLoggedIn()).toBeFalsy();
+            expect(apiService.getInstance).toHaveBeenCalled();
+        });
+
        it('[ECM] should return an ECM ticket after the login done', (done) => {
            authService.login('fake-username', 'fake-password').subscribe(() => {
                expect(authService.isLoggedIn()).toBe(true);
@@ -284,6 +302,24 @@ describe('AuthenticationService', () => {
            preferences.authType = 'BPM';
        });

+        it('should require remember me set for BPM check', () => {
+            spyOn(cookie, 'isEnabled').and.returnValue(true);
+            spyOn(authService, 'isRememberMeSet').and.returnValue(false);
+            spyOn(apiService, 'getInstance').and.callThrough();
+
+            expect(authService.isBpmLoggedIn()).toBeFalsy();
+            expect(apiService.getInstance).not.toHaveBeenCalled();
+        });
+
+        it('should not require cookie service enabled for BPM check', () => {
+            spyOn(cookie, 'isEnabled').and.returnValue(false);
+            spyOn(authService, 'isRememberMeSet').and.returnValue(false);
+            spyOn(apiService, 'getInstance').and.callThrough();
+
+            expect(authService.isBpmLoggedIn()).toBeFalsy();
+            expect(apiService.getInstance).toHaveBeenCalled();
+        });
+
        it('[BPM] should return an BPM ticket after the login done', (done) => {
            authService.login('fake-username', 'fake-password').subscribe(() => {
                expect(authService.isLoggedIn()).toBe(true);
--- a/lib/core/services/authentication.service.ts
+++ b/lib/core/services/authentication.service.ts
@@ -96,7 +96,7 @@ export class AuthenticationService {
     *
     * @returns {boolean}
     */
-    private isRememberMeSet(): boolean {
+    isRememberMeSet(): boolean {
        return (this.cookie.getItem(REMEMBER_ME_COOKIE_KEY) === null) ? false : true;
    }

@@ -200,7 +200,10 @@ export class AuthenticationService {
     * @returns {boolean}
     */
    isEcmLoggedIn(): boolean {
-        return this.isRememberMeSet() && this.alfrescoApi.getInstance().ecmAuth && !!this.alfrescoApi.getInstance().ecmAuth.isLoggedIn();
+        if (this.cookie.isEnabled() && !this.isRememberMeSet()) {
+            return false;
+        }
+        return this.alfrescoApi.getInstance().ecmAuth && !!this.alfrescoApi.getInstance().ecmAuth.isLoggedIn();
    }

    /**
@@ -209,7 +212,10 @@ export class AuthenticationService {
     * @returns {boolean}
     */
    isBpmLoggedIn(): boolean {
-        return this.isRememberMeSet() && this.alfrescoApi.getInstance().bpmAuth && !!this.alfrescoApi.getInstance().bpmAuth.isLoggedIn();
+        if (this.cookie.isEnabled() && !this.isRememberMeSet()) {
+            return false;
+        }
+        return this.alfrescoApi.getInstance().bpmAuth && !!this.alfrescoApi.getInstance().bpmAuth.isLoggedIn();
    }

    /**
--- a/lib/core/services/cookie.service.ts
+++ b/lib/core/services/cookie.service.ts
@@ -20,6 +20,16 @@ import { Injectable } from '@angular/core';
@Injectable()
 export class CookieService {

+    isEnabled(): boolean {
+        // for certain scenarios Chrome may say 'true' but have cookies still disabled
+        if (navigator.cookieEnabled === false) {
+            return false;
+        }
+
+        document.cookie = 'test-cookie';
+        return document.cookie.indexOf('test-cookie') > 0;
+    }
+
    /**
     * Retrieve cookie by key.
     *