From fe45f91980df1534a48436f922e851ea2f10253e Mon Sep 17 00:00:00 2001
From: Rafal Dziegielewski <rafal.dzieg@gmail.com>
Date: Mon, 21 Feb 2022 11:20:36 +0100
Subject: [PATCH] test: add extra test for detecting non-admin routes

---
 src/authentication/protected-routes.handler.ts | 16 +++++++++-------
 test/protected-routes.test.ts                  |  6 +++++-
 2 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/src/authentication/protected-routes.handler.ts b/src/authentication/protected-routes.handler.ts
index 4be2ec7..23f820f 100644
--- a/src/authentication/protected-routes.handler.ts
+++ b/src/authentication/protected-routes.handler.ts
@@ -43,19 +43,21 @@ export const isAdminRoute = (url: string, adminRootPath: string): boolean => {
     .map((route) => convertToExpressRoute(route.path))
     .filter((route) => route !== "");
 
-  let urlWithoutRootPath = url;
-  if (adminRootPath !== '/') {
-    urlWithoutRootPath = url.replace(adminRootPath, '');
-    if (!urlWithoutRootPath.startsWith('/')) {
-      urlWithoutRootPath = `/${urlWithoutRootPath}`
+  let urlWithoutAdminRootPath = url;
+  if (adminRootPath !== "/") {
+    urlWithoutAdminRootPath = url.replace(adminRootPath, "");
+    if (!urlWithoutAdminRootPath.startsWith("/")) {
+      urlWithoutAdminRootPath = `/${urlWithoutAdminRootPath}`;
     }
   }
 
-  const isAdminRootUrl = url === adminRootPath || urlWithoutRootPath === '/';
+  const isAdminRootUrl = url === adminRootPath;
 
   return (
     isAdminRootUrl ||
-    !!adminRoutes.find((route) => pathToRegexp(route).test(urlWithoutRootPath))
+    !!adminRoutes.find((route) =>
+      pathToRegexp(route).test(urlWithoutAdminRootPath)
+    )
   );
 };
 
diff --git a/test/protected-routes.test.ts b/test/protected-routes.test.ts
index b379114..bdacd84 100644
--- a/test/protected-routes.test.ts
+++ b/test/protected-routes.test.ts
@@ -56,8 +56,12 @@ describe("Protected routes", () => {
       });
     });
 
-    it("should detect non-admin routes", () => {
+    it("should detect non-admin routes when root path is /", () => {
       expect(isAdminRoute("/api/my-endpoint", "/")).toBeFalsy();
     });
+
+    it("should detect non-admin routes when root path is not /", () => {
+      expect(isAdminRoute("/admin/api/my-endpoint", "/admin")).toBeFalsy();
+    });
   });
 });