Feat/safe mode quickjs (#2848)

Safe Mode Sandbox using QuickJS
Co-authored-by: Anoop M D <anoop.md1421@gmail.com>
Co-authored-by: lohit <lohit.jiddimani@gmail.com>
This commit is contained in:
Anoop M D 2024-08-21 12:52:49 +05:30 committed by GitHub
parent 3ad4eda861
commit 753a576c3c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
92 changed files with 8880 additions and 20951 deletions

View File

@ -25,8 +25,14 @@ jobs:
run: |
npm run build --workspace=packages/bruno-common
npm run build --workspace=packages/bruno-query
npm run sandbox:bundle-libraries --workspace=packages/bruno-js
# tests
- name: Test Package bruno-js
run: npm run test --workspace=packages/bruno-js
- name: Test Package bruno-cli
run: npm run test --workspace=packages/bruno-cli
# test
- name: Test Package bruno-query
run: npm run test --workspace=packages/bruno-query
- name: Test Package bruno-lang
@ -35,12 +41,8 @@ jobs:
run: npm run test --workspace=packages/bruno-schema
- name: Test Package bruno-app
run: npm run test --workspace=packages/bruno-app
- name: Test Package bruno-js
run: npm run test --workspace=packages/bruno-js
- name: Test Package bruno-common
run: npm run test --workspace=packages/bruno-common
- name: Test Package bruno-cli
run: npm run test --workspace=packages/bruno-cli
- name: Test Package bruno-electron
run: npm run test --workspace=packages/bruno-electron
@ -62,6 +64,7 @@ jobs:
run: |
npm run build --workspace=packages/bruno-query
npm run build --workspace=packages/bruno-common
npm run sandbox:bundle-libraries --workspace=packages/bruno-js
- name: Run tests
run: |

View File

@ -57,6 +57,9 @@ npm run build:graphql-docs
npm run build:bruno-query
npm run build:bruno-common
# bundle js sandbox libraries
npm run sandbox:bundle-libraries --workspace=packages/bruno-js
# run next app (terminal 1)
npm run dev:web

27082
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@ -47,7 +47,6 @@
"test:prettier:web": "npm run test:prettier --workspace=packages/bruno-app",
"prepare": "husky install"
},
"overrides": {
"rollup": "3.2.5"
},

View File

@ -1,10 +1,10 @@
import React, { useEffect, useState } from 'react';
import StyledWrapper from './StyledWrapper';
const ModalHeader = ({ title, handleCancel, customHeader }) => (
const ModalHeader = ({ title, handleCancel, customHeader, hideClose }) => (
<div className="bruno-modal-header">
{customHeader ? customHeader : <>{title ? <div className="bruno-modal-header-title">{title}</div> : null}</>}
{handleCancel ? (
{handleCancel && !hideClose ? (
<div className="close cursor-pointer" onClick={handleCancel ? () => handleCancel() : null}>
×
</div>
@ -63,6 +63,7 @@ const Modal = ({
confirmDisabled,
hideCancel,
hideFooter,
hideClose,
disableCloseOnOutsideClick,
disableEscapeKey,
onClick,
@ -100,7 +101,12 @@ const Modal = ({
return (
<StyledWrapper className={classes} onClick={onClick ? (e) => onClick(e) : null}>
<div className={`bruno-modal-card modal-${size}`}>
<ModalHeader title={title} handleCancel={() => closeModal({ type: 'icon' })} customHeader={customHeader} />
<ModalHeader
title={title}
hideClose={hideClose}
handleCancel={() => closeModal({ type: 'icon' })}
customHeader={customHeader}
/>
<ModalContent>{children}</ModalContent>
<ModalFooter
confirmText={confirmText}

View File

@ -18,6 +18,7 @@ import CollectionSettings from 'components/CollectionSettings';
import { DocExplorer } from '@usebruno/graphql-docs';
import StyledWrapper from './StyledWrapper';
import SecuritySettings from 'components/SecuritySettings';
import FolderSettings from 'components/FolderSettings';
const MIN_LEFT_PANE_WIDTH = 300;
@ -137,6 +138,10 @@ const RequestTabPanel = () => {
return <FolderSettings collection={collection} folder={folder} />;
}
if (focusedTab.type === 'security-settings') {
return <SecuritySettings collection={collection} />;
}
const item = findItemInCollection(collection, activeTabUid);
if (!item || !item.uid) {
return <RequestNotFound itemUid={activeTabUid} />;

View File

@ -5,6 +5,7 @@ import EnvironmentSelector from 'components/Environments/EnvironmentSelector';
import { addTab } from 'providers/ReduxStore/slices/tabs';
import { useDispatch } from 'react-redux';
import StyledWrapper from './StyledWrapper';
import JsSandboxMode from 'components/SecuritySettings/JsSandboxMode';
const CollectionToolBar = ({ collection }) => {
const dispatch = useDispatch();
@ -47,6 +48,9 @@ const CollectionToolBar = ({ collection }) => {
<span className="ml-2 mr-4 font-semibold">{collection?.name}</span>
</div>
<div className="flex flex-1 items-center justify-end">
<span className="mr-2">
<JsSandboxMode collection={collection} />
</span>
<span className="mr-2">
<IconRun className="cursor-pointer" size={20} strokeWidth={1.5} onClick={handleRun} />
</span>

View File

@ -1,5 +1,5 @@
import React from 'react';
import { IconVariable, IconSettings, IconRun, IconFolder } from '@tabler/icons';
import { IconVariable, IconSettings, IconRun, IconFolder, IconShieldLock } from '@tabler/icons';
const SpecialTab = ({ handleCloseClick, type, tabName }) => {
const getTabInfo = (type, tabName) => {
@ -12,6 +12,14 @@ const SpecialTab = ({ handleCloseClick, type, tabName }) => {
</>
);
}
case 'security-settings': {
return (
<>
<IconShieldLock size={18} strokeWidth={1.5} className="text-yellow-600" />
<span className="ml-1">Security</span>
</>
)
}
case 'folder-settings': {
return (
<div className="flex items-center flex-nowrap overflow-hidden">

View File

@ -66,7 +66,7 @@ const RequestTab = ({ tab, collection, tabIndex, collectionRequestTabs, folderUi
};
const folder = folderUid ? findItemInCollection(collection, folderUid) : null;
if (['collection-settings', 'folder-settings', 'variables', 'collection-runner'].includes(tab.type)) {
if (['collection-settings', 'folder-settings', 'variables', 'collection-runner', 'security-settings'].includes(tab.type)) {
return (
<StyledWrapper className="flex items-center justify-between tab-container px-1">
{tab.type === 'folder-settings' ? (

View File

@ -3,6 +3,7 @@ import styled from 'styled-components';
const StyledWrapper = styled.div`
position: absolute;
height: 100%;
width: calc(100% - 0.75rem);
z-index: 1;
background-color: ${(props) => props.theme.requestTabPanel.responseOverlayBg};

View File

@ -13,7 +13,7 @@ const ResponseLoadingOverlay = ({ item, collection }) => {
};
return (
<StyledWrapper className="px-3 w-full">
<StyledWrapper className="w-full">
<div className="overlay">
<div style={{ marginBottom: 15, fontSize: 26 }}>
<div style={{ display: 'inline-block', fontSize: 20, marginLeft: 5, marginRight: 5 }}>

View File

@ -0,0 +1,16 @@
import styled from 'styled-components';
const StyledWrapper = styled.div`
.safe-mode {
padding: 0.15rem 0.3rem;
color: ${(props) => props.theme.colors.text.green};
border: solid 1px ${(props) => props.theme.colors.text.green} !important;
}
.developer-mode {
padding: 0.15rem 0.3rem;
color: ${(props) => props.theme.colors.text.yellow};
border: solid 1px ${(props) => props.theme.colors.text.yellow} !important;
}
`;
export default StyledWrapper;

View File

@ -0,0 +1,45 @@
import { useDispatch } from 'react-redux';
import { IconShieldLock } from '@tabler/icons';
import { addTab } from 'providers/ReduxStore/slices/tabs';
import { uuid } from 'utils/common/index';
import JsSandboxModeModal from '../JsSandboxModeModal';
import StyledWrapper from './StyledWrapper';
const JsSandboxMode = ({ collection }) => {
const jsSandboxMode = collection?.securityConfig?.jsSandboxMode;
const dispatch = useDispatch();
const viewSecuritySettings = () => {
dispatch(
addTab({
uid: uuid(),
collectionUid: collection.uid,
type: 'security-settings'
})
);
};
return (
<StyledWrapper className='flex'>
{jsSandboxMode === 'safe' && (
<div
className="flex items-center border rounded-md text-xs cursor-pointer safe-mode"
onClick={viewSecuritySettings}
>
Safe Mode
</div>
)}
{jsSandboxMode === 'developer' && (
<div
className="flex items-center border rounded-md text-xs cursor-pointer developer-mode"
onClick={viewSecuritySettings}
>
Developer Mode
</div>
)}
{!jsSandboxMode ? <JsSandboxModeModal collection={collection} /> : null}
</StyledWrapper>
);
};
export default JsSandboxMode;

View File

@ -0,0 +1,22 @@
import styled from 'styled-components';
const StyledWrapper = styled.div`
max-width: 800px;
span.beta-tag {
display: flex;
align-items: center;
padding: 0.1rem 0.25rem;
font-size: 0.75rem;
border-radius: 0.25rem;
color: ${(props) => props.theme.colors.text.green};
border: solid 1px ${(props) => props.theme.colors.text.green} !important;
}
span.developer-mode-warning {
font-weight: 400;
color: ${(props) => props.theme.colors.text.yellow};
}
`;
export default StyledWrapper;

View File

@ -0,0 +1,99 @@
import { saveCollectionSecurityConfig } from 'providers/ReduxStore/slices/collections/actions';
import { useDispatch } from 'react-redux';
import toast from 'react-hot-toast';
import { useState } from 'react';
import Portal from 'components/Portal';
import Modal from 'components/Modal';
import StyledWrapper from './StyledWrapper';
const JsSandboxModeModal = ({ collection, onClose }) => {
const dispatch = useDispatch();
const [jsSandboxMode, setJsSandboxMode] = useState(collection?.securityConfig?.jsSandboxMode || 'safe');
const handleChange = (e) => {
setJsSandboxMode(e.target.value);
};
const handleSave = () => {
dispatch(
saveCollectionSecurityConfig(collection?.uid, {
jsSandboxMode: jsSandboxMode
})
)
.then(() => {
toast.success('Sandbox mode updated successfully');
onClose();
})
.catch((err) => console.log(err) && toast.error('Failed to update sandbox mode'));
};
return (
<Portal>
<Modal
size="sm"
title={'JavaScript Sandbox'}
confirmText="Save"
handleConfirm={handleSave}
hideCancel={true}
hideClose={true}
disableCloseOnOutsideClick={true}
disableEscapeKey={true}
>
<StyledWrapper>
<div>
The collection might include JavaScript code in Variables, Scripts, Tests, and Assertions.
</div>
<div className='text-muted mt-6'>
Please choose the security level for the JavaScript code execution.
</div>
<div className="flex flex-col mt-4">
<label htmlFor="safe" className="flex flex-row items-center gap-2 cursor-pointer">
<input
type="radio"
id="safe"
name="jsSandboxMode"
value="safe"
checked={jsSandboxMode === 'safe'}
onChange={handleChange}
className="cursor-pointer"
/>
<span className={jsSandboxMode === 'safe' ? 'font-medium' : 'font-normal'}>
Safe Mode
</span>
<span className='beta-tag'>BETA</span>
</label>
<p className='text-sm text-muted mt-1'>
JavaScript code is executed in a secure sandbox and cannot excess your filesystem or execute system commands.
</p>
<label htmlFor="developer" className="flex flex-row gap-2 mt-6 cursor-pointer">
<input
type="radio"
id="developer"
name="jsSandboxMode"
value="developer"
checked={jsSandboxMode === 'developer'}
onChange={handleChange}
className="cursor-pointer"
/>
<span className={jsSandboxMode === 'developer' ? 'font-medium' : 'font-normal'}>
Developer Mode
<span className='ml-1 developer-mode-warning'>(use only if you trust the collections authors)</span>
</span>
</label>
<p className='text-sm text-muted mt-1'>
JavaScript code has access to the filesystem, can execute system commands and access sensitive information.
</p>
<small className='text-muted mt-6'>
* SAFE mode has been introduced v1.25 onwards and is in beta. Please report any issues on github.
</small>
</div>
</StyledWrapper>
</Modal>
</Portal>
);
};
export default JsSandboxModeModal;

View File

@ -0,0 +1,22 @@
import styled from 'styled-components';
const StyledWrapper = styled.div`
max-width: 800px;
span.beta-tag {
display: flex;
align-items: center;
padding: 0.1rem 0.25rem;
font-size: 0.75rem;
border-radius: 0.25rem;
color: ${(props) => props.theme.colors.text.green};
border: solid 1px ${(props) => props.theme.colors.text.green} !important;
}
span.developer-mode-warning {
font-weight: 400;
color: ${(props) => props.theme.colors.text.yellow};
}
`;
export default StyledWrapper;

View File

@ -0,0 +1,86 @@
import { useState } from 'react';
import { saveCollectionSecurityConfig } from 'providers/ReduxStore/slices/collections/actions';
import toast from 'react-hot-toast';
import StyledWrapper from './StyledWrapper';
import { useDispatch } from 'react-redux';
const SecuritySettings = ({ collection }) => {
const dispatch = useDispatch();
const [jsSandboxMode, setJsSandboxMode] = useState(collection?.securityConfig?.jsSandboxMode || 'safe');
const handleChange = (e) => {
setJsSandboxMode(e.target.value);
};
const handleSave = () => {
dispatch(
saveCollectionSecurityConfig(collection?.uid, {
jsSandboxMode: jsSandboxMode
})
)
.then(() => {
toast.success('Sandbox mode updated successfully');
})
.catch((err) => console.log(err) && toast.error('Failed to update sandbox mode'));
};
return (
<StyledWrapper className="flex flex-col h-full relative px-4 py-4">
<div className='font-semibold mt-2'>JavaScript Sandbox</div>
<div className='mt-4'>
The collection might include JavaScript code in Variables, Scripts, Tests, and Assertions.
</div>
<div className="flex flex-col mt-4">
<div className="flex flex-col">
<label htmlFor="safe" className="flex flex-row items-center gap-2 cursor-pointer">
<input
type="radio"
id="safe"
name="jsSandboxMode"
value="safe"
checked={jsSandboxMode === 'safe'}
onChange={handleChange}
className="cursor-pointer"
/>
<span className={jsSandboxMode === 'safe' ? 'font-medium' : 'font-normal'}>
Safe Mode
</span>
<span className='beta-tag'>BETA</span>
</label>
<p className='text-sm text-muted mt-1'>
JavaScript code is executed in a secure sandbox and cannot excess your filesystem or execute system commands.
</p>
<label htmlFor="developer" className="flex flex-row gap-2 mt-6 cursor-pointer">
<input
type="radio"
id="developer"
name="jsSandboxMode"
value="developer"
checked={jsSandboxMode === 'developer'}
onChange={handleChange}
className="cursor-pointer"
/>
<span className={jsSandboxMode === 'developer' ? 'font-medium' : 'font-normal'}>
Developer Mode
<span className='ml-1 developer-mode-warning'>(use only if you trust the collections authors)</span>
</span>
</label>
<p className='text-sm text-muted mt-1'>
JavaScript code has access to the filesystem, can execute system commands and access sensitive information.
</p>
</div>
<button onClick={handleSave} className="submit btn btn-sm btn-secondary w-fit mt-6">
Save
</button>
<small className='text-muted mt-6'>
* SAFE mode has been introduced v1.25 onwards and is in beta. Please report any issues on github.
</small>
</div>
</StyledWrapper>
);
};
export default SecuritySettings;

View File

@ -115,7 +115,7 @@ const Collections = () => {
)}
</div>
<div className="mt-4 flex flex-col overflow-y-auto absolute top-32 bottom-10 left-0 right-0">
<div className="mt-4 flex flex-col overflow-hidden hover:overflow-y-auto absolute top-32 bottom-10 left-0 right-0">
{collections && collections.length
? collections.map((c) => {
return (

View File

@ -33,7 +33,8 @@ import {
requestCancelled,
resetRunResults,
responseReceived,
updateLastAction
updateLastAction,
setCollectionSecurityConfig
} from './index';
import { each } from 'lodash';
@ -1051,12 +1052,14 @@ export const openCollectionEvent = (uid, pathname, brunoConfig) => (dispatch, ge
};
return new Promise((resolve, reject) => {
ipcRenderer.invoke('renderer:get-collection-security-config', pathname).then((securityConfig) => {
collectionSchema
.validate(collection)
.then(() => dispatch(_createCollection(collection)))
.then(() => dispatch(_createCollection({ ...collection, securityConfig })))
.then(resolve)
.catch(reject);
});
});
};
export const createCollection = (collectionName, collectionFolderName, collectionLocation) => () => {
@ -1120,3 +1123,19 @@ export const importCollection = (collection, collectionLocation) => (dispatch, g
ipcRenderer.invoke('renderer:import-collection', collection, collectionLocation).then(resolve).catch(reject);
});
};
export const saveCollectionSecurityConfig = (collectionUid, securityConfig) => (dispatch, getState) => {
return new Promise((resolve, reject) => {
const { ipcRenderer } = window;
const state = getState();
const collection = findCollectionByUid(state.collections.collections, collectionUid);
ipcRenderer
.invoke('renderer:save-collection-security-config', collection?.pathname, securityConfig)
.then(async () => {
await dispatch(setCollectionSecurityConfig({ collectionUid, securityConfig }));
resolve();
})
.catch(reject);
});
};

View File

@ -33,7 +33,6 @@ export const collectionsSlice = createSlice({
const collection = action.payload;
collection.settingsSelectedTab = 'headers';
collection.folderLevelSettingsSelectedTab = {};
// TODO: move this to use the nextAction approach
@ -51,6 +50,12 @@ export const collectionsSlice = createSlice({
state.collections.push(collection);
}
},
setCollectionSecurityConfig: (state, action) => {
const collection = findCollectionByUid(state.collections, action.payload.collectionUid);
if (collection) {
collection.securityConfig = action.payload.securityConfig;
}
},
brunoConfigUpdateEvent: (state, action) => {
const { collectionUid, brunoConfig } = action.payload;
const collection = findCollectionByUid(state.collections, collectionUid);
@ -1622,6 +1627,7 @@ export const collectionsSlice = createSlice({
export const {
createCollection,
setCollectionSecurityConfig,
brunoConfigUpdateEvent,
renameCollection,
removeCollection,

View File

@ -24,7 +24,9 @@ export const tabsSlice = createSlice({
return;
}
if (['variables', 'collection-settings', 'collection-runner'].includes(action.payload.type)) {
if (
['variables', 'collection-settings', 'collection-runner', 'security-settings'].includes(action.payload.type)
) {
const tab = tabTypeAlreadyExists(state.tabs, action.payload.collectionUid, action.payload.type);
if (tab) {
state.activeTabUid = tab.uid;

View File

@ -14,7 +14,7 @@
"url": "git+https://github.com/usebruno/bruno.git"
},
"scripts": {
"test": "jest"
"test": "node --experimental-vm-modules $(npx --no-install which jest)"
},
"files": [
"src",

View File

@ -190,6 +190,10 @@ const getFolderRoot = (dir) => {
return collectionBruToJson(content);
};
const getJsSandboxRuntime = (sandbox) => {
return sandbox === 'safe' ? 'quickjs' : 'vm2';
};
const builder = async (yargs) => {
yargs
.option('r', {
@ -215,6 +219,11 @@ const builder = async (yargs) => {
describe: 'Overwrite a single environment variable, multiple usages possible',
type: 'string'
})
.option('sandbox', {
describe: 'Javscript sandbox to use; available sandboxes are "developer" (default) or "safe"',
default: 'developer',
type: 'string'
})
.option('output', {
alias: 'o',
describe: 'Path to write file results to',
@ -282,6 +291,7 @@ const handler = async function (argv) {
r: recursive,
output: outputPath,
format,
sandbox,
testsOnly,
bail
} = argv;
@ -451,6 +461,7 @@ const handler = async function (argv) {
}
}
const runtime = getJsSandboxRuntime(sandbox);
let currentRequestIndex = 0;
let nJumps = 0; // count the number of jumps to avoid infinite loops
while (currentRequestIndex < bruJsons.length) {
@ -466,7 +477,8 @@ const handler = async function (argv) {
envVars,
processEnvVars,
brunoConfig,
collectionRoot
collectionRoot,
runtime
);
results.push({

View File

@ -21,6 +21,10 @@ const { shouldUseProxy, PatchedHttpsProxyAgent } = require('../utils/proxy-util'
const path = require('path');
const protocolRegex = /^([-+\w]{1,25})(:?\/\/|:)/;
const onConsoleLog = (type, args) => {
console[type](...args);
};
const runSingleRequest = async function (
filename,
bruJson,
@ -29,7 +33,8 @@ const runSingleRequest = async function (
envVariables,
processEnvVars,
brunoConfig,
collectionRoot
collectionRoot,
runtime
) {
try {
let request;
@ -38,6 +43,7 @@ const runSingleRequest = async function (
request = prepareRequest(bruJson.request, collectionRoot);
const scriptingConfig = get(brunoConfig, 'scripts', {});
scriptingConfig.runtime = runtime;
// make axios work in node using form data
// reference: https://github.com/axios/axios/issues/1006#issuecomment-320165427
@ -57,7 +63,7 @@ const runSingleRequest = async function (
// run pre-request vars
const preRequestVars = get(bruJson, 'request.vars.req');
if (preRequestVars?.length) {
const varsRuntime = new VarsRuntime();
const varsRuntime = new VarsRuntime({ runtime: scriptingConfig?.runtime });
varsRuntime.runPreRequestVars(
preRequestVars,
request,
@ -74,14 +80,14 @@ const runSingleRequest = async function (
get(bruJson, 'request.script.req')
]).join(os.EOL);
if (requestScriptFile?.length) {
const scriptRuntime = new ScriptRuntime();
const scriptRuntime = new ScriptRuntime({ runtime: scriptingConfig?.runtime });
const result = await scriptRuntime.runRequestScript(
decomment(requestScriptFile),
request,
envVariables,
runtimeVariables,
collectionPath,
null,
onConsoleLog,
processEnvVars,
scriptingConfig
);
@ -276,7 +282,7 @@ const runSingleRequest = async function (
// run post-response vars
const postResponseVars = get(bruJson, 'request.vars.res');
if (postResponseVars?.length) {
const varsRuntime = new VarsRuntime();
const varsRuntime = new VarsRuntime({ runtime: scriptingConfig?.runtime });
varsRuntime.runPostResponseVars(
postResponseVars,
request,
@ -294,7 +300,7 @@ const runSingleRequest = async function (
get(bruJson, 'request.script.res')
]).join(os.EOL);
if (responseScriptFile?.length) {
const scriptRuntime = new ScriptRuntime();
const scriptRuntime = new ScriptRuntime({ runtime: scriptingConfig?.runtime });
const result = await scriptRuntime.runResponseScript(
decomment(responseScriptFile),
request,
@ -315,7 +321,7 @@ const runSingleRequest = async function (
let assertionResults = [];
const assertions = get(bruJson, 'request.assertions');
if (assertions) {
const assertRuntime = new AssertRuntime();
const assertRuntime = new AssertRuntime({ runtime: scriptingConfig?.runtime });
assertionResults = assertRuntime.runAssertions(
assertions,
request,
@ -339,7 +345,7 @@ const runSingleRequest = async function (
let testResults = [];
const testFile = compact([get(collectionRoot, 'request.tests'), get(bruJson, 'request.tests')]).join(os.EOL);
if (typeof testFile === 'string') {
const testRuntime = new TestRuntime();
const testRuntime = new TestRuntime({ runtime: scriptingConfig?.runtime });
const result = await testRuntime.runTests(
decomment(testFile),
request,

View File

@ -16,7 +16,7 @@
"dist:rpm": "electron-builder --linux rpm --config electron-builder-config.js",
"dist:snap": "electron-builder --linux snap --config electron-builder-config.js",
"pack": "electron-builder --dir",
"test": "jest"
"test": "node --experimental-vm-modules $(npx --no-install which jest)"
},
"jest": {
"modulePaths": ["node_modules"]
@ -65,7 +65,6 @@
},
"devDependencies": {
"electron": "31.2.1",
"electron-builder": "23.0.2",
"electron-icon-maker": "^0.0.5"
"electron-builder": "23.0.2"
}
}

View File

@ -20,8 +20,10 @@ const { generateUidBasedOnHash, stringifyJson, safeParseJSON, safeStringifyJSON
const { moveRequestUid, deleteRequestUid } = require('../cache/requestUids');
const { deleteCookiesForDomain, getDomainsWithCookies } = require('../utils/cookies');
const EnvironmentSecretsStore = require('../store/env-secrets');
const CollectionSecurityStore = require('../store/collection-security');
const environmentSecretsStore = new EnvironmentSecretsStore();
const collectionSecurityStore = new CollectionSecurityStore();
const envHasSecrets = (environment = {}) => {
const secrets = _.filter(environment.variables, (v) => v.secret);
@ -665,6 +667,24 @@ const registerRendererEventHandlers = (mainWindow, watcher, lastOpenedCollection
return Promise.reject(error);
}
});
ipcMain.handle('renderer:save-collection-security-config', async (event, collectionPath, securityConfig) => {
try {
collectionSecurityStore.setSecurityConfigForCollection(collectionPath, {
jsSandboxMode: securityConfig.jsSandboxMode
});
} catch (error) {
return Promise.reject(error);
}
});
ipcMain.handle('renderer:get-collection-security-config', async (event, collectionPath) => {
try {
return collectionSecurityStore.getSecurityConfigForCollection(collectionPath);
} catch (error) {
return Promise.reject(error);
}
});
};
const registerMainEventHandlers = (mainWindow, watcher, lastOpenedCollections) => {

View File

@ -81,6 +81,11 @@ const getEnvVars = (environment = {}) => {
};
};
const getJsSandboxRuntime = (collection) => {
const securityConfig = get(collection, 'securityConfig', {});
return securityConfig.jsSandboxMode === 'safe' ? 'quickjs' : 'vm2';
};
const protocolRegex = /^([-+\w]{1,25})(:?\/\/|:)/;
const configureRequest = async (
@ -315,7 +320,7 @@ const registerNetworkIpc = (mainWindow) => {
// run pre-request vars
const preRequestVars = get(request, 'vars.req', []);
if (preRequestVars?.length) {
const varsRuntime = new VarsRuntime();
const varsRuntime = new VarsRuntime({ runtime: scriptingConfig?.runtime });
varsRuntime.runPreRequestVars(
preRequestVars,
request,
@ -330,7 +335,7 @@ const registerNetworkIpc = (mainWindow) => {
let scriptResult;
const requestScript = compact([get(collectionRoot, 'request.script.req'), get(request, 'script.req')]).join(os.EOL);
if (requestScript?.length) {
const scriptRuntime = new ScriptRuntime();
const scriptRuntime = new ScriptRuntime({ runtime: scriptingConfig?.runtime });
scriptResult = await scriptRuntime.runRequestScript(
decomment(requestScript),
request,
@ -382,7 +387,7 @@ const registerNetworkIpc = (mainWindow) => {
// run post-response vars
const postResponseVars = get(request, 'vars.res', []);
if (postResponseVars?.length) {
const varsRuntime = new VarsRuntime();
const varsRuntime = new VarsRuntime({ runtime: scriptingConfig?.runtime });
const result = varsRuntime.runPostResponseVars(
postResponseVars,
request,
@ -416,7 +421,7 @@ const registerNetworkIpc = (mainWindow) => {
let scriptResult;
if (responseScript?.length) {
const scriptRuntime = new ScriptRuntime();
const scriptRuntime = new ScriptRuntime({ runtime: scriptingConfig?.runtime });
scriptResult = await scriptRuntime.runResponseScript(
decomment(responseScript),
request,
@ -460,6 +465,7 @@ const registerNetworkIpc = (mainWindow) => {
const processEnvVars = getProcessEnvVars(collectionUid);
const brunoConfig = getBrunoConfig(collectionUid);
const scriptingConfig = get(brunoConfig, 'scripts', {});
scriptingConfig.runtime = getJsSandboxRuntime(collection);
try {
const controller = new AbortController();
@ -575,7 +581,7 @@ const registerNetworkIpc = (mainWindow) => {
// run assertions
const assertions = get(request, 'assertions');
if (assertions) {
const assertRuntime = new AssertRuntime();
const assertRuntime = new AssertRuntime({ runtime: scriptingConfig?.runtime });
const results = assertRuntime.runAssertions(
assertions,
request,
@ -603,7 +609,7 @@ const registerNetworkIpc = (mainWindow) => {
]).join(os.EOL);
if (typeof testFile === 'string') {
const testRuntime = new TestRuntime();
const testRuntime = new TestRuntime({ runtime: scriptingConfig?.runtime });
const testResults = await testRuntime.runTests(
decomment(testFile),
request,
@ -661,6 +667,7 @@ const registerNetworkIpc = (mainWindow) => {
const processEnvVars = getProcessEnvVars(collectionUid);
const brunoConfig = getBrunoConfig(collectionUid);
const scriptingConfig = get(brunoConfig, 'scripts', {});
scriptingConfig.runtime = getJsSandboxRuntime(collection);
await runPreRequest(
request,
@ -766,6 +773,7 @@ const registerNetworkIpc = (mainWindow) => {
const processEnvVars = getProcessEnvVars(collectionUid);
const brunoConfig = getBrunoConfig(collection.uid);
const scriptingConfig = get(brunoConfig, 'scripts', {});
scriptingConfig.runtime = getJsSandboxRuntime(collection);
await runPreRequest(
request,
@ -832,6 +840,7 @@ const registerNetworkIpc = (mainWindow) => {
const cancelTokenUid = uuid();
const brunoConfig = getBrunoConfig(collectionUid);
const scriptingConfig = get(brunoConfig, 'scripts', {});
scriptingConfig.runtime = getJsSandboxRuntime(collection);
const collectionRoot = get(collection, 'root', {});
const abortController = new AbortController();
@ -1028,7 +1037,7 @@ const registerNetworkIpc = (mainWindow) => {
// run assertions
const assertions = get(item, 'request.assertions');
if (assertions) {
const assertRuntime = new AssertRuntime();
const assertRuntime = new AssertRuntime({ runtime: scriptingConfig?.runtime });
const results = assertRuntime.runAssertions(
assertions,
request,
@ -1055,7 +1064,7 @@ const registerNetworkIpc = (mainWindow) => {
]).join(os.EOL);
if (typeof testFile === 'string') {
const testRuntime = new TestRuntime();
const testRuntime = new TestRuntime({ runtime: scriptingConfig?.runtime });
const testResults = await testRuntime.runTests(
decomment(testFile),
request,

View File

@ -0,0 +1,39 @@
const _ = require('lodash');
const Store = require('electron-store');
class CollectionSecurityStore {
constructor() {
this.store = new Store({
name: 'collection-security',
clearInvalidConfig: true
});
}
setSecurityConfigForCollection(collectionPathname, securityConfig) {
const collections = this.store.get('collections') || [];
const collection = _.find(collections, (c) => c.path === collectionPathname);
if (!collection) {
collections.push({
path: collectionPathname,
securityConfig: {
jsSandboxMode: securityConfig.jsSandboxMode
}
});
this.store.set('collections', collections);
return;
}
collection.securityConfig = securityConfig || {};
this.store.set('collections', collections);
}
getSecurityConfigForCollection(collectionPathname) {
const collections = this.store.get('collections') || [];
const collection = _.find(collections, (c) => c.path === collectionPathname);
return collection?.securityConfig || {};
}
}
module.exports = CollectionSecurityStore;

View File

@ -86,7 +86,11 @@ function decryptString(str) {
}
if (algo === ELECTRONSAFESTORAGE_ALGO) {
if (safeStorage && safeStorage.isEncryptionAvailable()) {
return safeStorageDecrypt(encryptedString);
} else {
return '';
}
}
if (algo === AES256_ALGO) {

1
packages/bruno-js/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
src/sandbox/bundle-browser-rollup.js

View File

@ -11,7 +11,8 @@
"@n8n/vm2": "^3.9.23"
},
"scripts": {
"test": "jest --testPathIgnorePatterns test.js"
"test": "node --experimental-vm-modules $(npx --no-install which jest) --testPathIgnorePatterns test.js",
"sandbox:bundle-libraries": "node ./src/sandbox/bundle-libraries.js"
},
"dependencies": {
"@usebruno/common": "0.1.0",
@ -24,12 +25,29 @@
"chai": "^4.3.7",
"chai-string": "^1.5.0",
"crypto-js": "^4.1.1",
"crypto-js-3.1.9-1": "npm:crypto-js@^3.1.9-1",
"json-query": "^2.2.2",
"lodash": "^4.17.21",
"moment": "^2.29.4",
"nanoid": "3.3.4",
"node-fetch": "2.*",
"node-fetch": "^2.7.0",
"node-vault": "^0.10.2",
"path": "^0.12.7",
"quickjs-emscripten": "^0.29.2",
"uuid": "^9.0.0"
},
"devDependencies": {
"@rollup/plugin-commonjs": "^23.0.2",
"@rollup/plugin-json": "^6.1.0",
"@rollup/plugin-node-resolve": "^15.0.1",
"rollup": "3.2.5",
"rollup-plugin-node-builtins": "^2.1.2",
"rollup-plugin-node-globals": "^1.4.0",
"rollup-plugin-polyfill-node": "^0.13.0",
"rollup-plugin-terser": "^7.0.2",
"stream": "^0.0.2",
"terser": "^5.31.1",
"uglify-js": "^3.18.0",
"util": "^0.12.5"
}
}

View File

@ -100,6 +100,10 @@ class Bru {
setNextRequest(nextRequest) {
this.nextRequest = nextRequest;
}
sleep(ms) {
return new Promise((resolve) => setTimeout(resolve, ms));
}
}
module.exports = Bru;

View File

@ -5,6 +5,7 @@ const Bru = require('../bru');
const BrunoRequest = require('../bruno-request');
const { evaluateJsTemplateLiteral, evaluateJsExpression, createResponseParser } = require('../utils');
const { interpolateString } = require('../interpolate-string');
const { executeQuickJsVm } = require('../sandbox/quickjs');
const { expect } = chai;
chai.use(require('chai-string'));
@ -161,7 +162,31 @@ const isUnaryOperator = (operator) => {
return unaryOperators.includes(operator);
};
const evaluateRhsOperand = (rhsOperand, operator, context) => {
const evaluateJsTemplateLiteralBasedOnRuntime = (literal, context, runtime) => {
if (runtime === 'quickjs') {
return executeQuickJsVm({
script: literal,
context,
scriptType: 'template-literal'
});
}
return evaluateJsTemplateLiteral(literal, context);
};
const evaluateJsExpressionBasedOnRuntime = (expr, context, runtime) => {
if (runtime === 'quickjs') {
return executeQuickJsVm({
script: expr,
context,
scriptType: 'expression'
});
}
return evaluateJsExpression(expr, context);
};
const evaluateRhsOperand = (rhsOperand, operator, context, runtime) => {
if (isUnaryOperator(operator)) {
return;
}
@ -181,13 +206,17 @@ const evaluateRhsOperand = (rhsOperand, operator, context) => {
return rhsOperand
.split(',')
.map((v) => evaluateJsTemplateLiteral(interpolateString(v.trim(), interpolationContext), context));
.map((v) =>
evaluateJsTemplateLiteralBasedOnRuntime(interpolateString(v.trim(), interpolationContext), context, runtime)
);
}
if (operator === 'between') {
const [lhs, rhs] = rhsOperand
.split(',')
.map((v) => evaluateJsTemplateLiteral(interpolateString(v.trim(), interpolationContext), context));
.map((v) =>
evaluateJsTemplateLiteralBasedOnRuntime(interpolateString(v.trim(), interpolationContext), context, runtime)
);
return [lhs, rhs];
}
@ -200,10 +229,14 @@ const evaluateRhsOperand = (rhsOperand, operator, context) => {
return interpolateString(rhsOperand, interpolationContext);
}
return evaluateJsTemplateLiteral(interpolateString(rhsOperand, interpolationContext), context);
return evaluateJsTemplateLiteralBasedOnRuntime(interpolateString(rhsOperand, interpolationContext), context, runtime);
};
class AssertRuntime {
constructor(props) {
this.runtime = props?.runtime || 'vm2';
}
runAssertions(assertions, request, response, envVariables, runtimeVariables, processEnvVars) {
const requestVariables = request?.requestVariables || {};
const enabledAssertions = _.filter(assertions, (a) => a.enabled);
@ -238,8 +271,8 @@ class AssertRuntime {
const { operator, value: rhsOperand } = parseAssertionOperator(rhsExpr);
try {
const lhs = evaluateJsExpression(lhsExpr, context);
const rhs = evaluateRhsOperand(rhsOperand, operator, context);
const lhs = evaluateJsExpressionBasedOnRuntime(lhsExpr, context, this.runtime);
const rhs = evaluateRhsOperand(rhsOperand, operator, context, this.runtime);
switch (operator) {
case 'eq':

View File

@ -28,9 +28,12 @@ const fetch = require('node-fetch');
const chai = require('chai');
const CryptoJS = require('crypto-js');
const NodeVault = require('node-vault');
const { executeQuickJsVmAsync } = require('../sandbox/quickjs');
class ScriptRuntime {
constructor() {}
constructor(props) {
this.runtime = props?.runtime || 'vm2';
}
// This approach is getting out of hand
// Need to refactor this to use a single arg (object) instead of 7
@ -86,6 +89,22 @@ class ScriptRuntime {
};
}
if (this.runtime === 'quickjs') {
await executeQuickJsVmAsync({
script: script,
context: context,
collectionPath
});
return {
request,
envVariables: cleanJson(envVariables),
runtimeVariables: cleanJson(runtimeVariables),
nextRequestName: bru.nextRequest
};
}
// default runtime is vm2
const vm = new NodeVM({
sandbox: context,
require: {
@ -123,6 +142,7 @@ class ScriptRuntime {
});
const asyncVM = vm.run(`module.exports = async () => { ${script} }`, path.join(collectionPath, 'vm.js'));
await asyncVM();
return {
request,
envVariables: cleanJson(envVariables),
@ -176,10 +196,27 @@ class ScriptRuntime {
log: customLogger('log'),
info: customLogger('info'),
warn: customLogger('warn'),
error: customLogger('error')
error: customLogger('error'),
debug: customLogger('debug')
};
}
if (this.runtime === 'quickjs') {
await executeQuickJsVmAsync({
script: script,
context: context,
collectionPath
});
return {
response,
envVariables: cleanJson(envVariables),
runtimeVariables: cleanJson(runtimeVariables),
nextRequestName: bru.nextRequest
};
}
// default runtime is vm2
const vm = new NodeVM({
sandbox: context,
require: {

View File

@ -15,7 +15,7 @@ const BrunoRequest = require('../bruno-request');
const BrunoResponse = require('../bruno-response');
const Test = require('../test');
const TestResults = require('../test-results');
const { cleanJson } = require('../utils');
const { cleanJson, appendAwaitToTestFunc } = require('../utils');
// Inbuilt Library Support
const ajv = require('ajv');
@ -30,9 +30,12 @@ const axios = require('axios');
const fetch = require('node-fetch');
const CryptoJS = require('crypto-js');
const NodeVault = require('node-vault');
const { executeQuickJsVmAsync } = require('../sandbox/quickjs');
class TestRuntime {
constructor() {}
constructor(props) {
this.runtime = props?.runtime || 'vm2';
}
async runTests(
testsFile,
@ -81,6 +84,9 @@ class TestRuntime {
};
}
// add 'await' prefix to the test function calls
testsFile = appendAwaitToTestFunc(testsFile);
const context = {
test,
bru,
@ -101,10 +107,18 @@ class TestRuntime {
log: customLogger('log'),
info: customLogger('info'),
warn: customLogger('warn'),
debug: customLogger('debug'),
error: customLogger('error')
};
}
if (this.runtime === 'quickjs') {
await executeQuickJsVmAsync({
script: testsFile,
context: context
});
} else {
// default runtime is vm2
const vm = new NodeVM({
sandbox: context,
require: {
@ -140,9 +154,9 @@ class TestRuntime {
}
}
});
const asyncVM = vm.run(`module.exports = async () => { ${testsFile}}`, path.join(collectionPath, 'vm.js'));
await asyncVM();
}
return {
request,

View File

@ -3,7 +3,38 @@ const Bru = require('../bru');
const BrunoRequest = require('../bruno-request');
const { evaluateJsTemplateLiteral, evaluateJsExpression, createResponseParser } = require('../utils');
const { executeQuickJsVm } = require('../sandbox/quickjs');
const evaluateJsTemplateLiteralBasedOnRuntime = (literal, context, runtime) => {
if (runtime === 'quickjs') {
return executeQuickJsVm({
script: literal,
context,
scriptType: 'template-literal'
});
}
return evaluateJsTemplateLiteral(literal, context);
};
const evaluateJsExpressionBasedOnRuntime = (expr, context, runtime, mode) => {
if (runtime === 'quickjs') {
return executeQuickJsVm({
script: expr,
context,
scriptType: 'expression'
});
}
return evaluateJsExpression(expr, context);
};
class VarsRuntime {
constructor(props) {
this.runtime = props?.runtime || 'vm2';
this.mode = props?.mode || 'developer';
}
runPreRequestVars(vars, request, envVariables, runtimeVariables, collectionPath, processEnvVars) {
if (!request?.requestVariables) {
request.requestVariables = {};
@ -28,7 +59,7 @@ class VarsRuntime {
};
_.each(enabledVars, (v) => {
const value = evaluateJsTemplateLiteral(v.value, context);
const value = evaluateJsTemplateLiteralBasedOnRuntime(v.value, context, this.runtime);
request?.requestVariables && (request.requestVariables[v.name] = value);
});
}
@ -59,7 +90,7 @@ class VarsRuntime {
const errors = new Map();
_.each(enabledVars, (v) => {
try {
const value = evaluateJsExpression(v.value, context);
const value = evaluateJsExpressionBasedOnRuntime(v.value, context, this.runtime);
bru.setVar(v.name, value);
} catch (error) {
errors.set(v.name, error);

View File

@ -0,0 +1,88 @@
const rollup = require('rollup');
const { nodeResolve } = require('@rollup/plugin-node-resolve');
const commonjs = require('@rollup/plugin-commonjs');
const fs = require('fs');
const { terser } = require('rollup-plugin-terser');
const bundleLibraries = async () => {
const codeScript = `
import { expect, assert } from 'chai';
import { Buffer } from "buffer";
import moment from "moment";
import btoa from "btoa";
import atob from "atob";
import * as CryptoJS from "crypto-js-3.1.9-1";
globalThis.expect = expect;
globalThis.assert = assert;
globalThis.moment = moment;
globalThis.btoa = btoa;
globalThis.atob = atob;
globalThis.Buffer = Buffer;
globalThis.CryptoJS = CryptoJS;
globalThis.requireObject = {
...(globalThis.requireObject || {}),
'chai': { expect, assert },
'moment': moment,
'buffer': { Buffer },
'btoa': btoa,
'atob': atob,
'crypto-js': CryptoJS
};
`;
const config = {
input: {
input: 'inline-code',
plugins: [
{
name: 'inline-code-plugin',
resolveId(id) {
if (id === 'inline-code') {
return id;
}
return null;
},
load(id) {
if (id === 'inline-code') {
return codeScript;
}
return null;
}
},
nodeResolve({
preferBuiltins: false,
browser: false
}),
commonjs(),
terser()
]
},
output: {
file: './src/sandbox/bundle-browser-rollup.js',
format: 'iife',
name: 'MyBundle'
}
};
try {
const bundle = await rollup.rollup(config.input);
const { output } = await bundle.generate(config.output);
fs.writeFileSync(
'./src/sandbox/bundle-browser-rollup.js',
`
const getBundledCode = () => {
return function(){
${output?.map((o) => o.code).join('\n')}
}()
}
module.exports = getBundledCode;
`
);
} catch (error) {
console.error('Error while bundling:', error);
}
};
bundleLibraries();
module.exports = bundleLibraries;

View File

@ -0,0 +1,153 @@
const addBruShimToContext = require('./shims/bru');
const addBrunoRequestShimToContext = require('./shims/bruno-request');
const addConsoleShimToContext = require('./shims/console');
const addBrunoResponseShimToContext = require('./shims/bruno-response');
const addTestShimToContext = require('./shims/test');
const addLibraryShimsToContext = require('./shims/lib');
const addLocalModuleLoaderShimToContext = require('./shims/local-module');
const { newQuickJSWASMModule, memoizePromiseFactory } = require('quickjs-emscripten');
// execute `npm run sandbox:bundle-libraries` if the below file doesn't exist
const getBundledCode = require('../bundle-browser-rollup');
const addPathShimToContext = require('./shims/lib/path');
let QuickJSSyncContext;
const loader = memoizePromiseFactory(() => newQuickJSWASMModule());
const getContext = (opts) => loader().then((mod) => (QuickJSSyncContext = mod.newContext(opts)));
getContext();
const toNumber = (value) => {
const num = Number(value);
return Number.isInteger(num) ? parseInt(value, 10) : parseFloat(value);
};
const executeQuickJsVm = ({ script: externalScript, context: externalContext, scriptType = 'template-literal' }) => {
if (!isNaN(Number(externalScript))) {
return Number(externalScript);
}
const vm = QuickJSSyncContext;
try {
const { bru, req, res } = externalContext;
bru && addBruShimToContext(vm, bru);
req && addBrunoRequestShimToContext(vm, req);
res && addBrunoResponseShimToContext(vm, res);
const templateLiteralText = `\`${externalScript}\`;`;
const jsExpressionText = `${externalScript};`;
let scriptText = scriptType === 'template-literal' ? templateLiteralText : jsExpressionText;
const result = vm.evalCode(scriptText);
if (result.error) {
let e = vm.dump(result.error);
result.error.dispose();
return e;
} else {
let v = vm.dump(result.value);
let vString = v.toString();
result.value.dispose();
return v;
}
} catch (error) {
console.error('Error executing the script!', error);
}
};
const executeQuickJsVmAsync = async ({ script: externalScript, context: externalContext, collectionPath }) => {
if (!isNaN(Number(externalScript))) {
return toNumber(externalScript);
}
try {
const module = await newQuickJSWASMModule();
const vm = module.newContext();
const bundledCode = getBundledCode?.toString() || '';
const moduleLoaderCode = function () {
return `
globalThis.require = (mod) => {
let lib = globalThis.requireObject[mod];
let isModuleAPath = (module) => (module?.startsWith('.') || module?.startsWith?.(bru.cwd()))
if (lib) {
return lib;
}
else if (isModuleAPath(mod)) {
// fetch local module
let localModuleCode = globalThis.__brunoLoadLocalModule(mod);
// compile local module as iife
(function (){
const initModuleExportsCode = "const module = { exports: {} };"
const copyModuleExportsCode = "\\n;globalThis.requireObject[mod] = module.exports;";
const patchedRequire = ${`
"\\n;" +
"let require = (subModule) => isModuleAPath(subModule) ? globalThis.require(path.resolve(bru.cwd(), mod, '..', subModule)) : globalThis.require(subModule)" +
"\\n;"
`}
eval(initModuleExportsCode + patchedRequire + localModuleCode + copyModuleExportsCode);
})();
// resolve module
return globalThis.requireObject[mod];
}
}
`;
};
vm.evalCode(
`
(${bundledCode})()
${moduleLoaderCode()}
`
);
const { bru, req, res, test, __brunoTestResults, console: consoleFn } = externalContext;
bru && addBruShimToContext(vm, bru);
req && addBrunoRequestShimToContext(vm, req);
res && addBrunoResponseShimToContext(vm, res);
consoleFn && addConsoleShimToContext(vm, consoleFn);
addLocalModuleLoaderShimToContext(vm, collectionPath);
addPathShimToContext(vm);
await addLibraryShimsToContext(vm);
test && __brunoTestResults && addTestShimToContext(vm, __brunoTestResults);
const script = `
(async () => {
const setTimeout = async(fn, timer) => {
v = await bru.sleep(timer);
fn.apply();
}
await bru.sleep(0);
try {
${externalScript}
}
catch(error) {
console?.debug?.('quick-js:execution-end:with-error', error?.message);
}
return 'done';
})()
`;
const result = vm.evalCode(script);
const promiseHandle = vm.unwrapResult(result);
const resolvedResult = await vm.resolvePromise(promiseHandle);
promiseHandle.dispose();
const resolvedHandle = vm.unwrapResult(resolvedResult);
resolvedHandle.dispose();
// vm.dispose();
return;
} catch (error) {
console.error('Error executing the script!', error);
throw new Error(error);
}
};
module.exports = {
executeQuickJsVm,
executeQuickJsVmAsync
};

View File

@ -0,0 +1,81 @@
const { marshallToVm } = require('../utils');
const addBruShimToContext = (vm, bru) => {
const bruObject = vm.newObject();
let cwd = vm.newFunction('cwd', function () {
return marshallToVm(bru.cwd(), vm);
});
vm.setProp(bruObject, 'cwd', cwd);
cwd.dispose();
let getEnvName = vm.newFunction('getEnvName', function () {
return marshallToVm(bru.getEnvName(), vm);
});
vm.setProp(bruObject, 'getEnvName', getEnvName);
getEnvName.dispose();
let getProcessEnv = vm.newFunction('getProcessEnv', function (key) {
return marshallToVm(bru.getProcessEnv(vm.dump(key)), vm);
});
vm.setProp(bruObject, 'getProcessEnv', getProcessEnv);
getProcessEnv.dispose();
let getEnvVar = vm.newFunction('getEnvVar', function (key) {
return marshallToVm(bru.getEnvVar(vm.dump(key)), vm);
});
vm.setProp(bruObject, 'getEnvVar', getEnvVar);
getEnvVar.dispose();
let setEnvVar = vm.newFunction('setEnvVar', function (key, value) {
bru.setEnvVar(vm.dump(key), vm.dump(value));
});
vm.setProp(bruObject, 'setEnvVar', setEnvVar);
setEnvVar.dispose();
let getVar = vm.newFunction('getVar', function (key) {
return marshallToVm(bru.getVar(vm.dump(key)), vm);
});
vm.setProp(bruObject, 'getVar', getVar);
getVar.dispose();
let setVar = vm.newFunction('setVar', function (key, value) {
bru.setVar(vm.dump(key), vm.dump(value));
});
vm.setProp(bruObject, 'setVar', setVar);
setVar.dispose();
let setNextRequest = vm.newFunction('setNextRequest', function (nextRequest) {
bru.setNextRequest(vm.dump(nextRequest));
});
vm.setProp(bruObject, 'setNextRequest', setNextRequest);
setNextRequest.dispose();
let visualize = vm.newFunction('visualize', function (htmlString) {
bru.visualize(vm.dump(htmlString));
});
vm.setProp(bruObject, 'visualize', visualize);
visualize.dispose();
let getSecretVar = vm.newFunction('getSecretVar', function (key) {
return marshallToVm(bru.getSecretVar(vm.dump(key)), vm);
});
vm.setProp(bruObject, 'getSecretVar', getSecretVar);
getSecretVar.dispose();
const sleep = vm.newFunction('sleep', (timer) => {
const t = vm.getString(timer);
const promise = vm.newPromise();
setTimeout(() => {
promise.resolve(vm.newString('slept'));
}, t);
promise.settled.then(vm.runtime.executePendingJobs);
return promise.handle;
});
sleep.consume((handle) => vm.setProp(bruObject, 'sleep', handle));
vm.setProp(vm.global, 'bru', bruObject);
bruObject.dispose();
};
module.exports = addBruShimToContext;

View File

@ -0,0 +1,112 @@
const { marshallToVm } = require('../utils');
const addBrunoRequestShimToContext = (vm, req) => {
const reqObject = vm.newObject();
const url = marshallToVm(req.getUrl(), vm);
const method = marshallToVm(req.getMethod(), vm);
const headers = marshallToVm(req.getHeaders(), vm);
const body = marshallToVm(req.getBody(), vm);
const timeout = marshallToVm(req.getTimeout(), vm);
vm.setProp(reqObject, 'url', url);
vm.setProp(reqObject, 'method', method);
vm.setProp(reqObject, 'headers', headers);
vm.setProp(reqObject, 'body', body);
vm.setProp(reqObject, 'timeout', timeout);
url.dispose();
method.dispose();
headers.dispose();
body.dispose();
timeout.dispose();
let getUrl = vm.newFunction('getUrl', function () {
return marshallToVm(req.getUrl(), vm);
});
vm.setProp(reqObject, 'getUrl', getUrl);
getUrl.dispose();
let setUrl = vm.newFunction('setUrl', function (url) {
req.setUrl(vm.dump(url));
});
vm.setProp(reqObject, 'setUrl', setUrl);
setUrl.dispose();
let getMethod = vm.newFunction('getMethod', function () {
return marshallToVm(req.getMethod(), vm);
});
vm.setProp(reqObject, 'getMethod', getMethod);
getMethod.dispose();
let getAuthMode = vm.newFunction('getAuthMode', function () {
return marshallToVm(req.getAuthMode(), vm);
});
vm.setProp(reqObject, 'getAuthMode', getAuthMode);
getAuthMode.dispose();
let setMethod = vm.newFunction('setMethod', function (method) {
req.setMethod(vm.dump(method));
});
vm.setProp(reqObject, 'setMethod', setMethod);
setMethod.dispose();
let getHeaders = vm.newFunction('getHeaders', function () {
return marshallToVm(req.getHeaders(), vm);
});
vm.setProp(reqObject, 'getHeaders', getHeaders);
getHeaders.dispose();
let setHeaders = vm.newFunction('setHeaders', function (headers) {
req.setHeaders(vm.dump(headers));
});
vm.setProp(reqObject, 'setHeaders', setHeaders);
setHeaders.dispose();
let getHeader = vm.newFunction('getHeader', function (name) {
return marshallToVm(req.getHeader(vm.dump(name)), vm);
});
vm.setProp(reqObject, 'getHeader', getHeader);
getHeader.dispose();
let setHeader = vm.newFunction('setHeader', function (name, value) {
req.setHeader(vm.dump(name), vm.dump(value));
});
vm.setProp(reqObject, 'setHeader', setHeader);
setHeader.dispose();
let getBody = vm.newFunction('getBody', function () {
return marshallToVm(req.getBody(), vm);
});
vm.setProp(reqObject, 'getBody', getBody);
getBody.dispose();
let setBody = vm.newFunction('setBody', function (data) {
req.setBody(vm.dump(data));
});
vm.setProp(reqObject, 'setBody', setBody);
setBody.dispose();
let setMaxRedirects = vm.newFunction('setMaxRedirects', function (maxRedirects) {
req.setMaxRedirects(vm.dump(maxRedirects));
});
vm.setProp(reqObject, 'setMaxRedirects', setMaxRedirects);
setMaxRedirects.dispose();
let getTimeout = vm.newFunction('getTimeout', function () {
return marshallToVm(req.getTimeout(), vm);
});
vm.setProp(reqObject, 'getTimeout', getTimeout);
getTimeout.dispose();
let setTimeout = vm.newFunction('setTimeout', function (timeout) {
req.setTimeout(vm.dump(timeout));
});
vm.setProp(reqObject, 'setTimeout', setTimeout);
setTimeout.dispose();
vm.setProp(vm.global, 'req', reqObject);
reqObject.dispose();
};
module.exports = addBrunoRequestShimToContext;

View File

@ -0,0 +1,55 @@
const { marshallToVm } = require('../utils');
const addBrunoResponseShimToContext = (vm, res) => {
const resObject = vm.newObject();
const status = marshallToVm(res?.status, vm);
const headers = marshallToVm(res?.headers, vm);
const body = marshallToVm(res?.body, vm);
const responseTime = marshallToVm(res?.responseTime, vm);
vm.setProp(resObject, 'status', status);
vm.setProp(resObject, 'headers', headers);
vm.setProp(resObject, 'body', body);
vm.setProp(resObject, 'responseTime', responseTime);
status.dispose();
headers.dispose();
body.dispose();
responseTime.dispose();
let getStatus = vm.newFunction('getStatus', function () {
return marshallToVm(res.getStatus(), vm);
});
vm.setProp(resObject, 'getStatus', getStatus);
getStatus.dispose();
let getHeader = vm.newFunction('getHeader', function (name) {
return marshallToVm(res.getHeader(vm.dump(name)), vm);
});
vm.setProp(resObject, 'getHeader', getHeader);
getHeader.dispose();
let getHeaders = vm.newFunction('getHeaders', function () {
return marshallToVm(res.getHeaders(), vm);
});
vm.setProp(resObject, 'getHeaders', getHeaders);
getHeaders.dispose();
let getBody = vm.newFunction('getBody', function () {
return marshallToVm(res.getBody(), vm);
});
vm.setProp(resObject, 'getBody', getBody);
getBody.dispose();
let getResponseTime = vm.newFunction('getResponseTime', function () {
return marshallToVm(res.getResponseTime(), vm);
});
vm.setProp(resObject, 'getResponseTime', getResponseTime);
getResponseTime.dispose();
vm.setProp(vm.global, 'res', resObject);
resObject.dispose();
};
module.exports = addBrunoResponseShimToContext;

View File

@ -0,0 +1,46 @@
const addConsoleShimToContext = (vm, console) => {
if (!console) return;
const consoleHandle = vm.newObject();
const logHandle = vm.newFunction('log', (...args) => {
const nativeArgs = args.map(vm.dump);
console?.log?.(...nativeArgs);
});
const debugHandle = vm.newFunction('debug', (...args) => {
const nativeArgs = args.map(vm.dump);
console?.debug?.(...nativeArgs);
});
const infoHandle = vm.newFunction('info', (...args) => {
const nativeArgs = args.map(vm.dump);
console?.info?.(...nativeArgs);
});
const warnHandle = vm.newFunction('warn', (...args) => {
const nativeArgs = args.map(vm.dump);
console?.warn?.(...nativeArgs);
});
const errorHandle = vm.newFunction('error', (...args) => {
const nativeArgs = args.map(vm.dump);
console?.error?.(...nativeArgs);
});
vm.setProp(consoleHandle, 'log', logHandle);
vm.setProp(consoleHandle, 'debug', debugHandle);
vm.setProp(consoleHandle, 'info', infoHandle);
vm.setProp(consoleHandle, 'warn', warnHandle);
vm.setProp(consoleHandle, 'error', errorHandle);
vm.setProp(vm.global, 'console', consoleHandle);
consoleHandle.dispose();
logHandle.dispose();
debugHandle.dispose();
infoHandle.dispose();
warnHandle.dispose();
errorHandle.dispose();
};
module.exports = addConsoleShimToContext;

View File

@ -0,0 +1,72 @@
const axios = require('axios');
const { cleanJson } = require('../../../../utils');
const { marshallToVm } = require('../../utils');
const methods = ['get', 'post', 'put', 'patch', 'delete'];
const addAxiosShimToContext = async (vm) => {
methods?.forEach((method) => {
const axiosHandle = vm.newFunction(method, (...args) => {
const nativeArgs = args.map(vm.dump);
const promise = vm.newPromise();
axios[method](...nativeArgs)
.then((response) => {
const { status, headers, data } = response || {};
promise.resolve(marshallToVm(cleanJson({ status, headers, data }), vm));
})
.catch((err) => {
promise.resolve(
marshallToVm(
cleanJson({
message: err.message
}),
vm
)
);
});
promise.settled.then(vm.runtime.executePendingJobs);
return promise.handle;
});
axiosHandle.consume((handle) => vm.setProp(vm.global, `__bruno__axios__${method}`, handle));
});
const axiosHandle = vm.newFunction('axios', (...args) => {
const nativeArgs = args.map(vm.dump);
const promise = vm.newPromise();
axios(...nativeArgs)
.then((response) => {
const { status, headers, data } = response || {};
promise.resolve(marshallToVm(cleanJson({ status, headers, data }), vm));
})
.catch((err) => {
promise.resolve(
marshallToVm(
cleanJson({
message: err.message
}),
vm
)
);
});
promise.settled.then(vm.runtime.executePendingJobs);
return promise.handle;
});
axiosHandle.consume((handle) => vm.setProp(vm.global, `__bruno__axios`, handle));
vm.evalCode(
`
globalThis.axios = __bruno__axios;
${methods
?.map((method) => {
return `globalThis.axios.${method} = __bruno__axios__${method};`;
})
?.join('\n')}
globalThis.requireObject = {
...globalThis.requireObject,
axios: globalThis.axios,
}
`
);
};
module.exports = addAxiosShimToContext;

View File

@ -0,0 +1,13 @@
const addAxiosShimToContext = require('./axios');
const addNanoidShimToContext = require('./nanoid');
const addPathShimToContext = require('./path');
const addUuidShimToContext = require('./uuid');
const addLibraryShimsToContext = async (vm) => {
await addNanoidShimToContext(vm);
await addAxiosShimToContext(vm);
await addUuidShimToContext(vm);
await addPathShimToContext(vm);
};
module.exports = addLibraryShimsToContext;

View File

@ -0,0 +1,24 @@
const { nanoid } = require('nanoid');
const { marshallToVm } = require('../../utils');
const addNanoidShimToContext = async (vm) => {
let _nanoid = vm.newFunction('nanoid', function () {
let v = nanoid();
return marshallToVm(v, vm);
});
vm.setProp(vm.global, '__bruno__nanoid', _nanoid);
_nanoid.dispose();
vm.evalCode(
`
globalThis.nanoid = {};
globalThis.nanoid.nanoid = globalThis.__bruno__nanoid;
globalThis.requireObject = {
...globalThis.requireObject,
'nanoid': globalThis.nanoid
}
`
);
};
module.exports = addNanoidShimToContext;

View File

@ -0,0 +1,28 @@
const path = require('path');
const { marshallToVm } = require('../../utils');
const fns = ['resolve'];
const addPathShimToContext = async (vm) => {
fns.forEach((fn) => {
let fnHandle = vm.newFunction(fn, function (...args) {
const nativeArgs = args.map(vm.dump);
return marshallToVm(path[fn](...nativeArgs), vm);
});
vm.setProp(vm.global, `__bruno__path__${fn}`, fnHandle);
fnHandle.dispose();
});
vm.evalCode(
`
globalThis.path = {};
${fns?.map((fn, idx) => `globalThis.path.${fn} = __bruno__path__${fn}`).join('\n')}
globalThis.requireObject = {
...(globalThis.requireObject || {}),
path: globalThis.path,
}
`
);
};
module.exports = addPathShimToContext;

View File

@ -0,0 +1,30 @@
const uuid = require('uuid');
const { marshallToVm } = require('../../utils');
const fns = ['version', 'parse', 'stringify', 'v1', 'v1ToV6', 'v3', 'v4', 'v5', 'v6', 'v6ToV1', 'v7', 'validate'];
const addUuidShimToContext = async (vm) => {
fns.forEach((fn) => {
let fnHandle = vm.newFunction(fn, function (...args) {
const nativeArgs = args.map(vm.dump);
return marshallToVm(uuid[fn](...nativeArgs), vm);
});
vm.setProp(vm.global, `__bruno__uuid__${fn}`, fnHandle);
fnHandle.dispose();
});
vm.evalCode(
`
globalThis.uuid = {};
${['version', 'parse', 'stringify', 'v1', 'v1ToV6', 'v3', 'v4', 'v5', 'v6', 'v6ToV1', 'v7', 'validate']
?.map((fn, idx) => `globalThis.uuid.${fn} = __bruno__uuid__${fn}`)
.join('\n')}
globalThis.requireObject = {
...globalThis.requireObject,
uuid: globalThis.uuid,
}
`
);
};
module.exports = addUuidShimToContext;

View File

@ -0,0 +1,31 @@
const path = require('path');
const fs = require('fs');
const { marshallToVm } = require('../utils');
const addLocalModuleLoaderShimToContext = (vm, collectionPath) => {
let loadLocalModuleHandle = vm.newFunction('loadLocalModule', function (module) {
const filename = vm.dump(module);
// Check if the filename has an extension
const hasExtension = path.extname(filename) !== '';
const resolvedFilename = hasExtension ? filename : `${filename}.js`;
// Resolve the file path and check if it's within the collectionPath
const filePath = path.resolve(collectionPath, resolvedFilename);
const relativePath = path.relative(collectionPath, filePath);
// Ensure the resolved file path is inside the collectionPath
if (relativePath.startsWith('..') || path.isAbsolute(relativePath)) {
throw new Error('Access to files outside of the collectionPath is not allowed.');
}
let code = fs.readFileSync(filePath).toString();
return marshallToVm(code, vm);
});
vm.setProp(vm.global, '__brunoLoadLocalModule', loadLocalModuleHandle);
loadLocalModuleHandle.dispose();
};
module.exports = addLocalModuleLoaderShimToContext;

View File

@ -0,0 +1,63 @@
const { marshallToVm } = require('../utils');
const addBruShimToContext = (vm, __brunoTestResults) => {
let addResult = vm.newFunction('addResult', function (v) {
__brunoTestResults.addResult(vm.dump(v));
});
vm.setProp(vm.global, '__bruno__addResult', addResult);
addResult.dispose();
let getResults = vm.newFunction('getResults', function () {
return marshallToVm(__brunoTestResults.getResults(), vm);
});
vm.setProp(vm.global, '__bruno__getResults', getResults);
getResults.dispose();
vm.evalCode(
`
globalThis.expect = require('chai').expect;
globalThis.assert = require('chai').assert;
globalThis.__brunoTestResults = {
addResult: globalThis.__bruno__addResult,
getResults: globalThis.__bruno__getResults,
}
globalThis.DummyChaiAssertionError = class DummyChaiAssertionError extends Error {
constructor(message, props, ssf) {
super(message);
this.name = "AssertionError";
Object.assign(this, props);
}
}
globalThis.Test = (__brunoTestResults) => async (description, callback) => {
try {
await callback();
__brunoTestResults.addResult({ description, status: "pass" });
} catch (error) {
if (error instanceof DummyChaiAssertionError) {
const { message, actual, expected } = error;
__brunoTestResults.addResult({
description,
status: "fail",
error: message,
actual,
expected,
});
} else {
globalThis.__bruno__addResult({
description,
status: "fail",
error: error.message || "An unexpected error occurred.",
});
}
}
};
globalThis.test = Test(__brunoTestResults);
`
);
};
module.exports = addBruShimToContext;

View File

@ -0,0 +1,33 @@
const marshallToVm = (value, vm) => {
if (value === undefined) {
return vm.undefined;
}
if (value === null) {
return vm.null;
}
if (typeof value === 'string') {
return vm.newString(value);
} else if (typeof value === 'number') {
return vm.newNumber(value);
} else if (typeof value === 'boolean') {
return vm.newBoolean(value);
} else if (typeof value === 'object') {
if (Array.isArray(value)) {
const arr = vm.newArray();
for (let i = 0; i < value.length; i++) {
vm.setProp(arr, i, marshallToVm(value[i], vm));
}
return arr;
} else {
const obj = vm.newObject();
for (const key in value) {
vm.setProp(obj, key, marshallToVm(value[key], vm));
}
return obj;
}
}
};
module.exports = {
marshallToVm
};

View File

@ -142,10 +142,15 @@ const cleanJson = (data) => {
}
};
const appendAwaitToTestFunc = (str) => {
return str.replace(/(?<!\.\s*)(?<!await\s)(test\()/g, 'await $1');
};
module.exports = {
evaluateJsExpression,
evaluateJsTemplateLiteral,
createResponseParser,
internalExpressionCache,
cleanJson
cleanJson,
appendAwaitToTestFunc
};

View File

@ -35,7 +35,7 @@ describe('runtime', () => {
})
`;
const runtime = new TestRuntime();
const runtime = new TestRuntime({ runtime: 'vm2' });
const result = await runtime.runTests(
testFile,
{ ...baseRequest },
@ -71,7 +71,7 @@ describe('runtime', () => {
})
`;
const runtime = new TestRuntime();
const runtime = new TestRuntime({ runtime: 'vm2' });
const result = await runtime.runTests(
testFile,
{ ...baseRequest },
@ -114,7 +114,7 @@ describe('runtime', () => {
bru.setVar('validation', validate(new Date().toISOString()))
`;
const runtime = new ScriptRuntime();
const runtime = new ScriptRuntime({ runtime: 'vm2' });
const result = await runtime.runRequestScript(script, { ...baseRequest }, {}, {}, '.', null, process.env);
expect(result.runtimeVariables.validation).toBeTruthy();
});
@ -160,7 +160,7 @@ describe('runtime', () => {
bru.setVar('validation', validate(new Date().toISOString()))
`;
const runtime = new ScriptRuntime();
const runtime = new ScriptRuntime({ runtime: 'vm2' });
const result = await runtime.runResponseScript(
script,
{ ...baseRequest },

View File

@ -1,5 +1,10 @@
const { describe, it, expect } = require('@jest/globals');
const { evaluateJsExpression, internalExpressionCache: cache, createResponseParser } = require('../src/utils');
const {
evaluateJsExpression,
internalExpressionCache: cache,
createResponseParser,
appendAwaitToTestFunc
} = require('../src/utils');
describe('utils', () => {
describe('expression evaluation', () => {
@ -137,4 +142,70 @@ describe('utils', () => {
expect(value).toBe(20);
});
});
describe('appendAwaitToTestFunc function', () => {
it('example 1', () => {
const inputTestsString = `
test("should return json", function() {
const data = res.getBody();
expect(res.getBody()).to.eql({
"hello": "bruno"
});
});
`;
const ouutputTestsString = appendAwaitToTestFunc(inputTestsString);
expect(ouutputTestsString).toBe(`
await test("should return json", function() {
const data = res.getBody();
expect(res.getBody()).to.eql({
"hello": "bruno"
});
});
`);
});
it('example 2', () => {
const inputTestsString = `
await test("should return json", function() {
const data = res.getBody();
expect(res.getBody()).to.eql({
"hello": "bruno"
});
});
test("should return json", function() {
const data = res.getBody();
expect(res.getBody()).to.eql({
"hello": "bruno"
});
});
test("should return json", function() {
const data = res.getBody();
expect(res.getBody()).to.eql({
"hello": "bruno"
});
});
`;
const ouutputTestsString = appendAwaitToTestFunc(inputTestsString);
expect(ouutputTestsString).toBe(`
await test("should return json", function() {
const data = res.getBody();
expect(res.getBody()).to.eql({
"hello": "bruno"
});
});
await test("should return json", function() {
const data = res.getBody();
expect(res.getBody()).to.eql({
"hello": "bruno"
});
});
await test("should return json", function() {
const data = res.getBody();
expect(res.getBody()).to.eql({
"hello": "bruno"
});
});
`);
});
});
});

View File

@ -1,7 +1,7 @@
meta {
name: echo json
type: http
seq: 1
seq: 2
}
post {

View File

@ -1,7 +1,7 @@
meta {
name: echo plaintext
type: http
seq: 2
seq: 3
}
post {

View File

@ -1,7 +1,7 @@
meta {
name: echo xml parsed
type: http
seq: 3
seq: 4
}
post {

View File

@ -1,7 +1,7 @@
meta {
name: echo xml raw
type: http
seq: 4
seq: 5
}
post {

View File

@ -5,4 +5,6 @@ vars {
env.var1: envVar1
env-var2: envVar2
bark: {{process.env.PROC_ENV_VAR}}
foo: bar
testSetEnvVar: bruno-29653
}

View File

@ -0,0 +1,5 @@
const PI = 3.14;
module.exports = {
PI
};

View File

@ -1,5 +1,9 @@
const { PI } = require('./constants');
const sum = (a, b) => a + b;
const areaOfCircle = (radius) => PI * radius * radius;
module.exports = {
sum
sum,
areaOfCircle
};

View File

@ -9,52 +9,3 @@ get {
body: none
auth: none
}
auth:awsv4 {
accessKeyId: a
secretAccessKey: b
sessionToken: c
service: d
region: e
profileName: f
}
vars:pre-request {
m4: true
pong: pong
}
assert {
res.status: eq 200
res.responseTime: lte 2000
res.body: eq {{pong}}
}
tests {
test("should ping pong", function() {
const data = res.getBody();
expect(data).to.equal(bru.getRequestVar("pong"));
});
}
docs {
# API Documentation
## Introduction
Welcome to the API documentation for [Your API Name]. This document provides instructions on how to make requests to the API and covers available authentication methods.
## Authentication
Before making requests to the API, you need to authenticate your application. [Your API Name] supports the following authentication methods:
### API Key
To use API key authentication, include your API key in the request headers as follows:
```http
GET /api/endpoint
Host: api.example.com
Authorization: Bearer YOUR_API_KEY
}

View File

@ -0,0 +1,23 @@
meta {
name: getEnvName
type: http
seq: 1
}
get {
url: {{host}}/ping
body: none
auth: none
}
script:pre-request {
const envName = bru.getEnvName();
bru.setVar("testEnvName", envName);
}
tests {
test("should get env name in scripts", function() {
const testEnvName = bru.getVar("testEnvName");
expect(testEnvName).to.equal("Prod");
});
}

View File

@ -0,0 +1,19 @@
meta {
name: getEnvVar
type: http
seq: 2
}
get {
url: {{host}}/ping
body: none
auth: none
}
tests {
test("should get env var in scripts", function() {
const host = bru.getEnvVar("host")
expect(host).to.equal("https://testbench-sanity.usebruno.com");
});
}

View File

@ -0,0 +1,19 @@
meta {
name: getProcessEnv
type: http
seq: 6
}
get {
url: {{host}}/ping
body: none
auth: none
}
tests {
test("bru.getProcessEnv()", function() {
const v = bru.getProcessEnv("PROC_ENV_VAR");
expect(v).to.equal("woof");
});
}

View File

@ -0,0 +1,19 @@
meta {
name: getVar
type: http
seq: 5
}
get {
url: {{host}}/ping
body: none
auth: none
}
tests {
test("should get var in scripts", function() {
const testSetVar = bru.getVar("testSetVar");
expect(testSetVar).to.equal("bruno-test-87267");
});
}

View File

@ -0,0 +1,23 @@
meta {
name: setEnvVar
type: http
seq: 3
}
get {
url: {{host}}/ping
body: none
auth: none
}
script:post-response {
bru.setEnvVar("testSetEnvVar", "bruno-29653")
}
tests {
test("should set env var in scripts", function() {
const testSetEnvVar = bru.getEnvVar("testSetEnvVar")
expect(testSetEnvVar).to.equal("bruno-29653");
});
}

View File

@ -0,0 +1,22 @@
meta {
name: setVar
type: http
seq: 4
}
get {
url: {{host}}/ping
body: none
auth: none
}
script:post-response {
bru.setVar("testSetVar", "bruno-test-87267")
}
tests {
test("should get var in scripts", function() {
const testSetVar = bru.getVar("testSetVar");
expect(testSetVar).to.equal("bruno-test-87267");
});
}

View File

@ -0,0 +1,40 @@
meta {
name: getBody
type: http
seq: 9
}
post {
url: {{host}}/api/echo/json
body: json
auth: none
}
auth:basic {
username: asd
password: j
}
auth:bearer {
token:
}
body:json {
{
"hello": "bruno"
}
}
assert {
res.status: eq 200
}
tests {
test("req.getBody()", function() {
const data = res.getBody();
expect(data).to.eql({
"hello": "bruno"
});
});
}

View File

@ -0,0 +1,28 @@
meta {
name: getHeader
type: http
seq: 5
}
get {
url: {{host}}/ping
body: none
auth: none
}
headers {
bruno: is-awesome
}
assert {
res.status: eq 200
res.body: eq pong
}
tests {
test("req.getHeader(name)", function() {
const h = req.getHeader('bruno');
expect(h).to.equal("is-awesome");
});
}

View File

@ -0,0 +1,30 @@
meta {
name: getHeaders
type: http
seq: 7
}
get {
url: {{host}}/ping
body: none
auth: none
}
headers {
bruno: is-awesome
della: is-beautiful
}
assert {
res.status: eq 200
res.body: eq pong
}
tests {
test("req.getHeaders()", function() {
const h = req.getHeaders();
expect(h.bruno).to.equal("is-awesome");
expect(h.della).to.equal("is-beautiful");
});
}

View File

@ -0,0 +1,24 @@
meta {
name: getMethod
type: http
seq: 3
}
get {
url: {{host}}/ping
body: none
auth: none
}
assert {
res.status: eq 200
res.body: eq pong
}
tests {
test("req.getMethod()()", function() {
const method = req.getMethod();
expect(method).to.equal("GET");
});
}

View File

@ -0,0 +1,23 @@
meta {
name: getUrl
type: http
seq: 1
}
get {
url: {{host}}/ping
body: none
auth: none
}
assert {
res.status: eq 200
res.body: eq pong
}
tests {
test("req.getUrl()", function() {
const url = req.getUrl();
expect(url).to.equal("https://testbench-sanity.usebruno.com/ping");
});
}

View File

@ -0,0 +1,46 @@
meta {
name: setBody
type: http
seq: 10
}
post {
url: {{host}}/api/echo/json
body: json
auth: none
}
auth:basic {
username: asd
password: j
}
auth:bearer {
token:
}
body:json {
{
"hello": "bruno"
}
}
assert {
res.status: eq 200
}
script:pre-request {
req.setBody({
"bruno": "is awesome"
});
}
tests {
test("req.setBody()", function() {
const data = res.getBody();
expect(data).to.eql({
"bruno": "is awesome"
});
});
}

View File

@ -0,0 +1,32 @@
meta {
name: setHeader
type: http
seq: 6
}
get {
url: {{host}}/ping
body: none
auth: none
}
headers {
bruno: is-awesome
}
assert {
res.status: eq 200
res.body: eq pong
}
script:pre-request {
req.setHeader('bruno', 'is-the-future');
}
tests {
test("req.setHeader(name)", function() {
const h = req.getHeader('bruno');
expect(h).to.equal("is-the-future");
});
}

View File

@ -0,0 +1,37 @@
meta {
name: setHeaders
type: http
seq: 8
}
get {
url: {{host}}/ping
body: none
auth: none
}
headers {
bruno: is-awesome
della: is-beautiful
}
assert {
res.status: eq 200
res.body: eq pong
}
script:pre-request {
req.setHeaders({
"content-type": "application/text",
"transaction-id": "foobar"
});
}
tests {
test("req.setHeaders()", function() {
const h = req.getHeaders();
expect(h['content-type']).to.equal("application/text");
expect(h['transaction-id']).to.equal("foobar");
});
}

View File

@ -0,0 +1,28 @@
meta {
name: setMethod
type: http
seq: 4
}
post {
url: {{host}}/ping
body: none
auth: none
}
assert {
res.status: eq 200
res.body: eq pong
}
script:pre-request {
req.setMethod("GET");
}
tests {
test("req.setMethod()()", function() {
const method = req.getMethod();
expect(method).to.equal("GET");
});
}

View File

@ -0,0 +1,28 @@
meta {
name: setUrl
type: http
seq: 2
}
get {
url: {{host}}/ping/invalid
body: none
auth: none
}
assert {
res.status: eq 200
res.body: eq pong
}
script:pre-request {
req.setUrl("https://testbench-sanity.usebruno.com/ping");
}
tests {
test("req.setUrl()", function() {
const url = req.getUrl();
expect(url).to.equal("https://testbench-sanity.usebruno.com/ping");
});
}

View File

@ -0,0 +1,40 @@
meta {
name: getBody
type: http
seq: 4
}
post {
url: {{host}}/api/echo/json
body: json
auth: none
}
auth:basic {
username: asd
password: j
}
auth:bearer {
token:
}
body:json {
{
"hello": "bruno"
}
}
assert {
res.status: eq 200
}
tests {
test("res.getBody()", function() {
const data = res.getBody();
expect(data).to.eql({
"hello": "bruno"
});
});
}

View File

@ -0,0 +1,38 @@
meta {
name: getHeader
type: http
seq: 2
}
post {
url: {{host}}/api/echo/json
body: json
auth: none
}
auth:basic {
username: asd
password: j
}
auth:bearer {
token:
}
body:json {
{
"hello": "bruno"
}
}
assert {
res.status: eq 200
}
tests {
test("res.getHeader(name)", function() {
const server = res.getHeader('x-powered-by');
expect(server).to.eql('Express');
});
}

View File

@ -0,0 +1,39 @@
meta {
name: getHeaders
type: http
seq: 3
}
post {
url: {{host}}/api/echo/json
body: json
auth: none
}
auth:basic {
username: asd
password: j
}
auth:bearer {
token:
}
body:json {
{
"hello": "bruno"
}
}
assert {
res.status: eq 200
}
tests {
test("res.getHeaders(name)", function() {
const h = res.getHeaders();
expect(h['x-powered-by']).to.eql('Express');
expect(h['content-length']).to.eql('17');
});
}

View File

@ -0,0 +1,39 @@
meta {
name: getResponseTime
type: http
seq: 5
}
post {
url: {{host}}/api/echo/json
body: json
auth: none
}
auth:basic {
username: asd
password: j
}
auth:bearer {
token:
}
body:json {
{
"hello": "bruno"
}
}
assert {
res.status: eq 200
}
tests {
test("res.getResponseTime()", function() {
const responseTime = res.getResponseTime();
expect(typeof responseTime).to.eql("number");
expect(responseTime > 0).to.be.true;
});
}

View File

@ -0,0 +1,24 @@
meta {
name: getStatus
type: http
seq: 1
}
get {
url: {{host}}/ping
body: none
auth: none
}
assert {
res.status: eq 200
res.body: eq pong
}
tests {
test("res.getStatus()", function() {
const status = res.getStatus()
expect(status).to.equal(200);
});
}

View File

@ -1,54 +0,0 @@
meta {
name: get-env-name
type: http
seq: 1
}
get {
url: {{host}}/ping
body: none
auth: none
}
auth:awsv4 {
accessKeyId: a
secretAccessKey: b
sessionToken: c
service: d
region: e
profileName: f
}
script:pre-request {
const envName = bru.getEnvName();
bru.setVar("testEnvName", envName);
}
tests {
test("should get env name in scripts", function() {
const testEnvName = bru.getVar("testEnvName");
expect(testEnvName).to.equal("Prod");
});
}
docs {
# API Documentation
## Introduction
Welcome to the API documentation for [Your API Name]. This document provides instructions on how to make requests to the API and covers available authentication methods.
## Authentication
Before making requests to the API, you need to authenticate your application. [Your API Name] supports the following authentication methods:
### API Key
To use API key authentication, include your API key in the request headers as follows:
```http
GET /api/endpoint
Host: api.example.com
Authorization: Bearer YOUR_API_KEY
}

View File

@ -1,49 +0,0 @@
meta {
name: get-env-var
type: http
seq: 2
}
get {
url: {{host}}/ping
body: none
auth: none
}
auth:awsv4 {
accessKeyId: a
secretAccessKey: b
sessionToken: c
service: d
region: e
profileName: f
}
tests {
test("should get env var in scripts", function() {
const host = bru.getEnvVar("host")
expect(host).to.equal("https://testbench-sanity.usebruno.com");
});
}
docs {
# API Documentation
## Introduction
Welcome to the API documentation for [Your API Name]. This document provides instructions on how to make requests to the API and covers available authentication methods.
## Authentication
Before making requests to the API, you need to authenticate your application. [Your API Name] supports the following authentication methods:
### API Key
To use API key authentication, include your API key in the request headers as follows:
```http
GET /api/endpoint
Host: api.example.com
Authorization: Bearer YOUR_API_KEY
}

View File

@ -0,0 +1,34 @@
meta {
name: axios-pre-req-script
type: http
seq: 1
}
get {
url: {{host}}/ping
body: none
auth: none
}
script:pre-request {
const axios = require("axios");
const url = "https://testbench-sanity.usebruno.com/api/echo/json";
const response = await axios.post(url, {
"hello": "bruno"
});
req.setBody(response.data);
req.setMethod("POST");
req.setUrl(url);
}
tests {
test("req.getBody()", function() {
const data = res.getBody();
expect(data).to.eql({
"hello": "bruno"
});
});
}

View File

@ -0,0 +1,33 @@
meta {
name: crypto-js-pre-request-script
type: http
seq: 1
}
get {
url: {{host}}/ping
body: none
auth: none
}
script:pre-request {
var CryptoJS = require("crypto-js");
// Encrypt
var ciphertext = CryptoJS.AES.encrypt('my message', 'secret key 123').toString();
// Decrypt
var bytes = CryptoJS.AES.decrypt(ciphertext, 'secret key 123');
var originalText = bytes.toString(CryptoJS.enc.Utf8);
bru.setVar('crypto-test-message', originalText);
}
tests {
test("crypto message", function() {
const data = bru.getVar('crypto-test-message');
bru.setVar('crypto-test-message', null);
expect(data).to.eql('my message');
});
}

View File

@ -0,0 +1,26 @@
meta {
name: nanoid
type: http
seq: 1
}
get {
url: {{host}}/ping
body: none
auth: none
}
script:pre-request {
const { nanoid } = require("nanoid");
bru.setVar("nanoid-test-id", nanoid());
}
tests {
test("nanoid var", function() {
const id = bru.getVar('nanoid-test-id');
let isValidNanoid = /^[a-zA-Z0-9_-]{21}$/.test(id)
bru.setVar('nanoid-test-id', null);
expect(isValidNanoid).to.eql(true);
});
}

View File

@ -0,0 +1,26 @@
meta {
name: uuid
type: http
seq: 1
}
get {
url: {{host}}/ping
body: none
auth: none
}
script:pre-request {
const { v4 } = require("uuid");
bru.setVar("uuid-test-id", v4());
}
tests {
test("uuid var", function() {
const id = bru.getVar('uuid-test-id');
let isValidUuid = /^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(id);
bru.setVar('uuid-test-id', null);
expect(isValidUuid).to.eql(true);
});
}

View File

@ -0,0 +1,32 @@
meta {
name: setTimeout
type: http
seq: 1
}
get {
url: {{host}}/ping
body: none
auth: none
}
script:pre-request {
bru.setVar("test-js-set-timeout", "");
await new Promise((resolve, reject) => {
setTimeout(() => {
bru.setVar("test-js-set-timeout", "bruno");
resolve();
}, 1000);
});
const v = bru.getVar("test-js-set-timeout");
bru.setVar("test-js-set-timeout", v + "-is-awesome");
}
tests {
test("setTimeout()", function() {
const v = bru.getVar("test-js-set-timeout")
expect(v).to.eql("bruno-is-awesome");
});
}

View File

@ -0,0 +1,45 @@
meta {
name: sum (without js extn)
type: http
seq: 2
}
post {
url: {{host}}/api/echo/json
body: json
auth: none
}
body:json {
{
"a": 1,
"b": 2
}
}
assert {
res.status: eq 200
}
script:pre-request {
const math = require("./lib/math");
console.log(math, 'math');
const body = req.getBody();
body.sum = math.sum(body.a, body.b);
body.areaOfCircle = math.areaOfCircle(2);
req.setBody(body);
}
tests {
test("should return json", function() {
const data = res.getBody();
expect(res.getBody()).to.eql({
"a": 1,
"b": 2,
"sum": 3,
"areaOfCircle": 12.56
});
});
}

View File

@ -22,10 +22,9 @@ assert {
}
script:pre-request {
const math = require("./lib/math");
const math = require("./lib/math.js");
const body = req.getBody();
body.sum = body.a + body.b;
body.sum = math.sum(body.a, body.b);
req.setBody(body);
}
@ -39,4 +38,22 @@ tests {
"sum": 3
});
});
test("should return json", function() {
const data = res.getBody();
expect(res.getBody()).to.eql({
"a": 1,
"b": 2,
"sum": 3
});
});
test("should return json", function() {
const data = res.getBody();
expect(res.getBody()).to.eql({
"a": 1,
"b": 2,
"sum": 3
});
});
}

View File

@ -1,54 +0,0 @@
meta {
name: set-env-var
type: http
seq: 3
}
get {
url: {{host}}/ping
body: none
auth: none
}
auth:awsv4 {
accessKeyId: a
secretAccessKey: b
sessionToken: c
service: d
region: e
profileName: f
}
script:post-response {
bru.setEnvVar("testSetEnvVar", "bruno-29653")
}
tests {
test("should set env var in scripts", function() {
const testSetEnvVar = bru.getEnvVar("testSetEnvVar")
console.log(testSetEnvVar);
expect(testSetEnvVar).to.equal("bruno-29653");
});
}
docs {
# API Documentation
## Introduction
Welcome to the API documentation for [Your API Name]. This document provides instructions on how to make requests to the API and covers available authentication methods.
## Authentication
Before making requests to the API, you need to authenticate your application. [Your API Name] supports the following authentication methods:
### API Key
To use API key authentication, include your API key in the request headers as follows:
```http
GET /api/endpoint
Host: api.example.com
Authorization: Bearer YOUR_API_KEY
}