Hapi Lab The following leaks were detected:lr

Question

Here Hapi Lab why Test failed when all the tests are passed why the test is failed.

In this new question why I get The following leaks were detected:lr even if there is no global var in the code.

Running this simple test

var Code = require('code');
var Lab = require('lab');
var lab = exports.lab = Lab.script();
var server = require('../../');


lab.experiment('Users', function () {

    lab.test('create joi required', function (done) {

        var options = {
            method: 'POST',
            url: '/api/users',
            payload: {
                lastname: 'Bedini',
                username: 'whisher',
                email: 'me@ilwebdifabio.it',
                password: 'mysecret'
            }
        };

        server.inject(options, function(response) {
            var result = response.result;
            Code.expect(response.statusCode).to.equal(422);
            Code.expect(result.message).to.equal('child "firstname" fails because ["firstname" is required]');
            done();
        });

    });

    lab.test('create', function (done) {

        var options = {
            method: 'POST',
            url: '/api/users',
            payload:{
                firstname: 'Fabio',
                lastname: 'Bedini',
                username: 'whisher',
                email: 'me@ilwebdifabio.it',
                password: 'mysecret'
            }
        };

        server.inject(options, function(response) {
            var token = response.result.token;
            var payload = options.payload;
            Code.expect(response.statusCode).to.equal(201);
            done();
        });

    });

});

2 tests complete

Test duration: 363 ms

The following leaks were detected:lr

but I don't see any lr var !

and the strange is if I run this

payload.passdword

instead of

payload.password

var Code = require('code');
var Lab = require('lab');
var lab = exports.lab = Lab.script();
var server = require('../../');


lab.experiment('Users', function () {

    lab.test('create joi required', function (done) {

        var options = {
            method: 'POST',
            url: '/api/users',
            payload: {
                lastname: 'Bedini',
                username: 'whisher',
                email: 'me@ilwebdifabio.it',
                password: 'mysecret'
            }
        };

        server.inject(options, function(response) {
            var result = response.result;
            Code.expect(response.statusCode).to.equal(422);
            Code.expect(result.message).to.equal('child "firstname" fails because ["firstname" is required]');
            done();
        });

    });

    lab.test('create', function (done) {

        var options = {
            method: 'POST',
            url: '/api/users',
            payload:{
                firstname: 'Fabio',
                lastname: 'Bedini',
                username: 'whisher',
                email: 'me@ilwebdifabio.it',
                passdword: 'mysecret'
            }
        };

        server.inject(options, function(response) {
            var token = response.result.token;
            var payload = options.payload;
            Code.expect(response.statusCode).to.equal(201);
            done();
        });

    });

});

I've got

1 of 2 tests failed

Test duration: 73 ms

No global variable leaks detected

with no warning about lr var.

So I don't know which way to turn :(

Can help me, please ?

UPDATE

controller

'use strict';

/**
 * Module dependencies.
 */
var BcryptUtil = require('../utils/bcrypt');
var JwtUtil = require('../utils/jwt');
var Models = require('../models');
var ReplyUtil = require('../utils/reply');
var  User = Models.users;

exports.create =  function create(request, reply) {

    var params = request.payload;
    params.password = BcryptUtil.generateHash(params.password);
    params.roles =JSON.stringify(['user']);
    User
        .create(params)
        .then(function(user) {
            var token = JwtUtil.getUserToken(user);
            var redisClient = request.server.plugins['hapi-redis'].client;
            redisClient.set('user_'+user.userId, token);
            return reply(ReplyUtil.ok(token)).created('/api/users/' + user.userId);
        })
        .catch(function(err){
            if(err instanceof Models.Sequelize.ValidationError){
       return reply(ReplyUtil.badData(err,params));
    }
    return reply(ReplyUtil.badImplementation(err));
        });

};

exports.findAll = function (request, reply) {

    User
        .findAll({
            order: [['createdAt','DESC']],
            attributes: ['userId', 'firstname', 'lastname', 'username', 'email']
        })
        .then(function(users) {
            return reply(ReplyUtil.ok(users));
        })
        .catch(function(err){
    return reply(ReplyUtil.badImplementation(err));
        });

};

exports.findById = function (request, reply) {

    var userId = request.params.userId;
    User
        .findById(
            userId,
            {
                attributes: ['userId', 'firstname', 'lastname', 'username', 'email']
            })
        .then(function(user) {
            if(!user){
       return reply(ReplyUtil.notFound({userId:userId}));
    }
    return reply(ReplyUtil.ok(user));
        })
        .catch(function(err){
            return reply(ReplyUtil.badImplementation(err));
        });

};

exports.update = function (request, reply) {

    var userId = request.params.userId;
    var params =request.payload;
    User
        .update(params,{
            where: {
       userId: userId
    }
        })
        .then(function(rows) {
            var affectedRows = rows.pop();
    if(!affectedRows){
       return reply(ReplyUtil.notFound({userId:userId}));
    }
    return reply(ReplyUtil.ok(affectedRows));
        })
        .catch(function(err){
            if(err instanceof Models.Sequelize.ValidationError){
       return reply(ReplyUtil.badData(err,params));
    }
    return reply(ReplyUtil.badImplementation(err));
        });

};

exports.destroy = function (request, reply) {

    var userId = request.params.userId;
    User
        .destroy({
            where: {
           userId: userId
    }
        })
        .then(function(rows) {
            if(!rows){
       return reply(ReplyUtil.notFound({userId:userId}));
    }
    return reply(ReplyUtil.ok(rows));
        })
        .catch(function(err){
            return reply(ReplyUtil.badImplementation(err));
        });

};

exports.signIn = function (request, reply) {

    var params = request.payload;
    User
        .findOne({
            where: {
                email: params.email
            }
        })
        .then(function(user) {
            if(!user){
                return reply(ReplyUtil.invalidPassword());
            }
            if(BcryptUtil.authenticate(params.password, user.password)){
                var token = JwtUtil.getUserToken(user);
                var redisClient = request.server.plugins['hapi-redis'].client;
                redisClient.set('user_'+user.userId, token);
                return reply(ReplyUtil.ok(token));
            }
            return reply(ReplyUtil.invalidPassword());

        })
        .catch(function(err){
            return reply(ReplyUtil.badImplementation(err));
        });

};

exports.logOut = function (request, reply) {
    var userId = request.auth.credentials.jti;
    var redisClient = request.server.plugins['hapi-redis'].client;
    redisClient.del('user_'+userId);
    return reply();
};

exports.methodNotAllowed = function (request, reply) {
    return reply( ReplyUtil.methodNotAllowed() );
};

route

'use strict';

/**
 * Module dependencies.
 */
var User      = require('../controllers/users');
var Validator = require('../validations/users');

/**
 * Resource configuration.
 */
var internals = {};
internals.resourcePath = '/users';

module.exports = function() {
    return [
        {
            method: 'POST',
            path:  internals.resourcePath,
            config : {
                handler: User.create,
                validate: Validator.create
            }
        },
        {
            method: 'GET',
        path:  internals.resourcePath,
        config : {
               handler : User.findAll,
               auth: {
                    strategy: 'token',
                    scope: ['admin']
                }
        }
        },
        {
            method: 'GET',
        path:  internals.resourcePath + '/{userId}',
        config : {
                handler : User.findById,
                validate: Validator.findById,
                auth: {
                    strategy: 'token',
                    scope: ['user']
                }
        }
        },
        {
            method: 'PUT',
        path:  internals.resourcePath + '/{userId}',
        config : {
               handler: User.update,
               validate: Validator.update,
               auth: {
                    strategy: 'token',
                    scope: ['user']
                }
        }
        },
        {
            method: 'DELETE',
        path:  internals.resourcePath + '/{userId}',
        config : {
               handler: User.destroy,
               validate: Validator.destroy,
               auth: {
                    strategy: 'token',
                    scope: ['user']
                }
        }
        },
        {
            method: 'POST',
            path:  internals.resourcePath + '/signin',
            config : {
               handler: User.signIn,
               validate: Validator.signIn
            }
        },
        {
            method: 'GET',
            path:  internals.resourcePath + '/logout',
            config : {
                handler : User.logOut,
                auth: {
                    strategy: 'token',
                    scope: ['user']
                }
            }
        },
        {
            method: '*',
            path: internals.resourcePath + '/{somethingss*}',
            config : {
                handler: User.methodNotAllowed
            }
        }
    ];
}();

`lr` is probably being defined in your server file as a global sometime after payload is being validated (in a handler or a pre or a function called within there? https://pbs.twimg.com/media/CL-bp3_W8AAimRi.png:large). Can you post your handler for the `'/api/users'` route? — Matt Harrison, Aug 10 '15 at 17:19
I've tried to run find for lr in code but this no lr var at least in my code — Whisher, Aug 10 '15 at 19:25
possible duplicate of [Hapi Lab why Test failed when all the tests are passed](http://stackoverflow.com/questions/31790540/hapi-lab-why-test-failed-when-all-the-tests-are-passed) — Matt Harrison, Aug 10 '15 at 19:34

score 3 · Answer 1 · answered Dec 21 '16 at 23:50

I no I am a little late, but just in case anyone else has this problem. It's a problem with bcrypt. I had a similar problem where whenever I used bcrypt-nodejs it would give me The following leaks were detected:lr, password, but when I changed to reqular bycrypt it worked with no leaks. Try updating your bycrypt version.

score 1 · Answer 2 · answered Sep 29 '21 at 11:43

1

Just add all leakimg elements to ignore list

"test": "lab -c -L -I 'Reflect,core,_babelPolyfill,regeneratorRuntime,__core-js_shared__ css'",

answered Sep 29 '21 at 11:43

jiz

308
3
7

Hapi Lab The following leaks were detected:lr

UPDATE

controller

route

2 Answers2