Merge pull request #239 from codecov/fix-uuid-token

fix: Validate UUID tokens
codecov · Jul 22, 2021 · 300eb11 · 300eb11
2 parents b3d01c0 + 1756b26
commit 300eb11
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 11 deletions.
diff --git a/src/helpers/validate.js b/src/helpers/validate.js
@@ -6,7 +6,7 @@ const validator = require('validator')
  * @returns boolean
  */
 function validateToken(token) {
-  return validator.isAlphanumeric(token)
+  return validator.isAlphanumeric(token) || validator.isUUID(token)
 }
 
 function validateURL(url) {

diff --git a/test/helpers/validate.test.js b/test/helpers/validate.test.js
@@ -5,9 +5,13 @@ const realEnv = { ...process.env }
 
 describe('Input Validators', () => {
   describe('Tokens', () => {
-    it('Returns true with a valid token', () => {
+    it('Returns true with a valid alphanumeric token', () => {
       expect(validate.validateToken('1bc123')).toBe(true)
     })
+    it('Returns true with a valid UUID token', () => {
+      // Use a randomly generated UUIDv4
+      expect(validate.validateToken('5becd1a9-efa8-4bd8-8f94-e9f8613820c3')).toBe(true)
+    })
     it('Returns false with an invalid token', () => {
       expect(validate.validateToken('1bc1 23')).toBe(false)
     })

diff --git a/test/index.test.js b/test/index.test.js
@@ -4,6 +4,9 @@ const { version } = require('../package.json')
 const nock = require('nock')
 const fs = require('fs')
 
+// Backup the env
+const realEnv = { ...process.env }
+
 describe('Uploader Core', () => {
   const env = process.env
 
@@ -68,16 +71,26 @@ describe('Uploader Core', () => {
     expect(log).toHaveBeenCalledWith(expect.stringMatching(/<<<<<< ENV/))
   })
 
-  it('Can upload without token', async () => {
-    jest.spyOn(process, 'exit').mockImplementation(() => {})
-    const log = jest.spyOn(console, 'log').mockImplementation(() => {})
-    await app.main({
-      name: 'customname',
-      url: 'https://codecov.io',
-      dryRun: true,
-      env: 'SOMETHING,ANOTHER',
+  describe('Token', () => {
+    beforeEach(() => {
+      delete process.env.CODECOV_TOKEN
+    })
+
+    afterEach(() => {
+      process.env = realEnv
+    })
+
+    it('Can upload without token', async () => {
+      jest.spyOn(process, 'exit').mockImplementation(() => {})
+      const log = jest.spyOn(console, 'log').mockImplementation(() => {})
+      await app.main({
+        name: 'customname',
+        url: 'https://codecov.io',
+        dryRun: true,
+        env: 'SOMETHING,ANOTHER',
+      })
+      expect(log).toHaveBeenCalledWith(expect.stringMatching('-> No token specified or token is empty'))
     })
-    expect(log).toHaveBeenCalledWith(expect.stringMatching('-> No token specified or token is empty'))
   })
 
   describe('Flags', () => {