diff --git a/src/routes/cloudron.js b/src/routes/cloudron.js index 2c9f985d2..62fa8db69 100644 --- a/src/routes/cloudron.js +++ b/src/routes/cloudron.js @@ -163,9 +163,9 @@ function setCertificate(req, res, next) { function feedback(req, res, next) { assert.strictEqual(typeof req.user, 'object'); - if (typeof req.body.type !== 'string') return next(new HttpError(400, 'type must be either "ticket" or "feedback"')); - if (typeof req.body.subject !== 'string') return next(new HttpError(400, 'subject must be string')); - if (typeof req.body.description !== 'string') return next(new HttpError(400, 'description must be string')); + if (req.body.type !== mailer.FEEDBACK_TYPE_FEEDBACK && req.body.type !== mailer.FEEDBACK_TYPE_TICKET) return next(new HttpError(400, 'type must be either "ticket" or "feedback"')); + if (typeof req.body.subject !== 'string' || !req.body.subject) return next(new HttpError(400, 'subject must be string')); + if (typeof req.body.description !== 'string' || !req.body.description) return next(new HttpError(400, 'description must be string')); mailer.sendFeedback(req.user, req.body.type, req.body.subject, req.body.description); diff --git a/src/routes/test/cloudron-test.js b/src/routes/test/cloudron-test.js index 70615f2ec..6d75529a9 100644 --- a/src/routes/test/cloudron-test.js +++ b/src/routes/test/cloudron-test.js @@ -26,6 +26,7 @@ var token = null; // authentication token var server; function setup(done) { + nock.cleanAll(); config.set('version', '0.5.0'); server.start(done); } @@ -501,6 +502,147 @@ describe('Cloudron', function () { }); }); }); + + describe('feedback', function () { + before(function (done) { + async.series([ + setup, + + function (callback) { + var scope1 = nock(config.apiServerOrigin()).get('/api/v1/boxes/' + config.fqdn() + '/setup/verify?setupToken=somesetuptoken').reply(200, {}); + var scope2 = nock(config.apiServerOrigin()).post('/api/v1/boxes/' + config.fqdn() + '/setup/done?setupToken=somesetuptoken').reply(201, {}); + + config._reset(); + + request.post(SERVER_URL + '/api/v1/cloudron/activate') + .query({ setupToken: 'somesetuptoken' }) + .send({ username: USERNAME, password: PASSWORD, email: EMAIL }) + .end(function (error, result) { + expect(error).to.not.be.ok(); + expect(result).to.be.ok(); + expect(scope1.isDone()).to.be.ok(); + expect(scope2.isDone()).to.be.ok(); + + // stash token for further use + token = result.body.token; + + callback(); + }); + }, + ], done); + }); + + after(cleanup); + + it('fails without token', function (done) { + request.post(SERVER_URL + '/api/v1/cloudron/feedback') + .send({ type: 'ticket', subject: 'some subject', description: 'some description' }) + .end(function (error, result) { + expect(error).to.not.be.ok(); + expect(result.statusCode).to.equal(401); + done(); + }); + }); + + it('fails without type', function (done) { + request.post(SERVER_URL + '/api/v1/cloudron/feedback') + .send({ subject: 'some subject', description: 'some description' }) + .query({ access_token: token }) + .end(function (error, result) { + expect(error).to.not.be.ok(); + expect(result.statusCode).to.equal(400); + done(); + }); + }); + + it('fails with empty type', function (done) { + request.post(SERVER_URL + '/api/v1/cloudron/feedback') + .send({ type: '', subject: 'some subject', description: 'some description' }) + .query({ access_token: token }) + .end(function (error, result) { + expect(error).to.not.be.ok(); + expect(result.statusCode).to.equal(400); + done(); + }); + }); + + it('fails with unknown type', function (done) { + request.post(SERVER_URL + '/api/v1/cloudron/feedback') + .send({ type: 'foobar', subject: 'some subject', description: 'some description' }) + .query({ access_token: token }) + .end(function (error, result) { + expect(error).to.not.be.ok(); + expect(result.statusCode).to.equal(400); + done(); + }); + }); + + it('succeeds with ticket type', function (done) { + request.post(SERVER_URL + '/api/v1/cloudron/feedback') + .send({ type: 'ticket', subject: 'some subject', description: 'some description' }) + .query({ access_token: token }) + .end(function (error, result) { + expect(error).to.not.be.ok(); + expect(result.statusCode).to.equal(201); + done(); + }); + }); + + it('fails without description', function (done) { + request.post(SERVER_URL + '/api/v1/cloudron/feedback') + .send({ type: 'ticket', subject: 'some subject' }) + .query({ access_token: token }) + .end(function (error, result) { + expect(error).to.not.be.ok(); + expect(result.statusCode).to.equal(400); + done(); + }); + }); + + it('fails with empty subject', function (done) { + request.post(SERVER_URL + '/api/v1/cloudron/feedback') + .send({ type: 'ticket', subject: '', description: 'some description' }) + .query({ access_token: token }) + .end(function (error, result) { + expect(error).to.not.be.ok(); + expect(result.statusCode).to.equal(400); + done(); + }); + }); + + it('fails with empty description', function (done) { + request.post(SERVER_URL + '/api/v1/cloudron/feedback') + .send({ type: 'ticket', subject: 'some subject', description: '' }) + .query({ access_token: token }) + .end(function (error, result) { + expect(error).to.not.be.ok(); + expect(result.statusCode).to.equal(400); + done(); + }); + }); + + it('succeeds with feedback type', function (done) { + request.post(SERVER_URL + '/api/v1/cloudron/feedback') + .send({ type: 'feedback', subject: 'some subject', description: 'some description' }) + .query({ access_token: token }) + .end(function (error, result) { + expect(error).to.not.be.ok(); + expect(result.statusCode).to.equal(201); + done(); + }); + }); + + it('fails without subject', function (done) { + request.post(SERVER_URL + '/api/v1/cloudron/feedback') + .send({ type: 'ticket', description: 'some description' }) + .query({ access_token: token }) + .end(function (error, result) { + expect(error).to.not.be.ok(); + expect(result.statusCode).to.equal(400); + done(); + }); + }); + }); });