make org names case insensitive; add more installation event tests

Author: ajschmidt8

src/authorizer.ts

@@ -63,23 +63,31 @@ export const authorizer = async ({
   const lambdaEvent = { "@gh_event": ghEvent, ...payload };
   logger("start", lambdaEvent);
 
-  if (
-    ghEvent === "installation" &&
-    payload.action === "created" &&
-    !allowedOrgs.includes(payload.installation.account.login)
-  ) {
-    logger("unauthorized installation created", lambdaEvent);
-    try {
-      await deleteInstallation(payload);
-      return {
-        msg: "Application was automatically uninstalled from an unauthorized account.",
-        httpCode: 200,
-        isAuthorized: false,
-      };
-    } catch (error) {
-      console.error(error);
-      return UNINSTALL_FAILED_RESPONSE;
+  allowedOrgs = allowedOrgs.map((org) => org.toLowerCase());
+
+  if (ghEvent === "installation" && payload.action === "created") {
+    if (
+      !allowedOrgs.includes(payload.installation.account.login.toLowerCase())
+    ) {
+      logger("unauthorized installation created", lambdaEvent);
+      try {
+        await deleteInstallation(payload);
+        return {
+          msg: "Application was automatically uninstalled from an unauthorized account.",
+          httpCode: 200,
+          isAuthorized: false,
+        };
+      } catch (error) {
+        console.error(error);
+        return UNINSTALL_FAILED_RESPONSE;
+      }
     }
+    logger("authorized installation created", lambdaEvent);
+    return {
+      msg: "New installation from authorized organization.",
+      httpCode: 200,
+      isAuthorized: true,
+    };
   }
 
   const organizationObj = payload.organization;
@@ -96,7 +104,7 @@ export const authorizer = async ({
     };
   }
 
-  if (!allowedOrgs.includes(organizationObj.login)) {
+  if (!allowedOrgs.includes(organizationObj.login.toLowerCase())) {
     logger("unauthorized webhook received", lambdaEvent);
 
     try {

tests/authorizer.test.ts

@@ -75,6 +75,54 @@ describe("default", () => {
     });
   });
 
+  test("authorized installation created", async () => {
+    const result = await authorizer({
+      allowedOrgs: ["rapidsai"],
+      event: makeInstallationEvent({
+        action: "created",
+        orgName: "rapidsai",
+      }),
+    });
+    expect(mockDeleteInstallation).not.toHaveBeenCalled();
+    expect(result).toStrictEqual({
+      msg: "New installation from authorized organization.",
+      httpCode: 200,
+      isAuthorized: true,
+    });
+  });
+
+  test("authorized installation created (case insensitive 1)", async () => {
+    const result = await authorizer({
+      allowedOrgs: ["RAPIDSAI"],
+      event: makeInstallationEvent({
+        action: "created",
+        orgName: "rapidsai",
+      }),
+    });
+    expect(mockDeleteInstallation).not.toHaveBeenCalled();
+    expect(result).toStrictEqual({
+      msg: "New installation from authorized organization.",
+      httpCode: 200,
+      isAuthorized: true,
+    });
+  });
+
+  test("authorized installation created (case insensitive 2)", async () => {
+    const result = await authorizer({
+      allowedOrgs: ["rapidsai"],
+      event: makeInstallationEvent({
+        action: "created",
+        orgName: "RAPIDSAI",
+      }),
+    });
+    expect(mockDeleteInstallation).not.toHaveBeenCalled();
+    expect(result).toStrictEqual({
+      msg: "New installation from authorized organization.",
+      httpCode: 200,
+      isAuthorized: true,
+    });
+  });
+
   test("installation deleted (no org object)", async () => {
     const result = await authorizer({
       allowedOrgs: ["rapidsai"],
@@ -91,7 +139,7 @@ describe("default", () => {
     });
   });
 
-  test("issue_comment created | delete success", async () => {
+  test("unauthorized org issue_comment | delete success", async () => {
     mockDeleteInstallation.mockReturnValueOnce("deleted successfully");
     const result = await authorizer({
       allowedOrgs: ["rapidsai"],
@@ -106,7 +154,7 @@ describe("default", () => {
     });
   });
 
-  test("issue_comment created | delete failed", async () => {
+  test("unauthorized org issue_comment | delete failed", async () => {
     mockDeleteInstallation.mockRejectedValueOnce("error deleting installation");
     const result = await authorizer({
       allowedOrgs: ["rapidsai"],
@@ -121,7 +169,7 @@ describe("default", () => {
     });
   });
 
-  test("issue_comment created | delete success", async () => {
+  test("authorized org issue_comment", async () => {
     mockDeleteInstallation.mockReturnValueOnce("deleted successfully");
     const result = await authorizer({
       allowedOrgs: ["rapidsai"],
@@ -135,4 +183,34 @@ describe("default", () => {
       isAuthorized: true,
     });
   });
+
+  test("authorized org issue_comment (case insensitive 1)", async () => {
+    mockDeleteInstallation.mockReturnValueOnce("deleted successfully");
+    const result = await authorizer({
+      allowedOrgs: ["rapidsai"],
+      event: makeIssueCommentEvent({
+        orgName: "RAPIDSAI",
+      }),
+    });
+    expect(result).toStrictEqual({
+      msg: "Organization is authorized.",
+      httpCode: 200,
+      isAuthorized: true,
+    });
+  });
+
+  test("authorized org issue_comment (case insensitive 2)", async () => {
+    mockDeleteInstallation.mockReturnValueOnce("deleted successfully");
+    const result = await authorizer({
+      allowedOrgs: ["RAPIDSAI"],
+      event: makeIssueCommentEvent({
+        orgName: "rapidsai",
+      }),
+    });
+    expect(result).toStrictEqual({
+      msg: "Organization is authorized.",
+      httpCode: 200,
+      isAuthorized: true,
+    });
+  });
 });