jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

update superagent

Browse Source 
the latest superchanged changed the meaning of 'error'. Previously,
error implied a network error. With the latest superagent, error means
a REST api error i.e 4xx, 5xx are flagged as errors.

error && !error.response means network error
This commit is contained in:
Girish Ramakrishnan
2015-12-15 09:12:52 -08:00
parent aca443a909
commit a4ea693c3c
22 changed files with 369 additions and 528 deletions
Download Patch File Download Diff File Expand all files Collapse all files

158
src/routes/test/user-test.js
View File

@@ -10,7 +10,7 @@ var config = require('../../config.js'),
database = require('../../database.js'),
tokendb = require('../../tokendb.js'),
expect = require('expect.js'),
request = require('superagent'),
superagent = require('superagent'),
nock = require('nock'),
server = require('../../server.js'),
userdb = require('../../userdb.js');
@@ -50,7 +50,7 @@ describe('User API', function () {
after(cleanup);
it('device is in first time mode', function (done) {
request.get(SERVER_URL + '/api/v1/cloudron/status')
superagent.get(SERVER_URL + '/api/v1/cloudron/status')
.end(function (err, res) {
expect(res.statusCode).to.equal(200);
expect(res.body.activated).to.not.be.ok();
@@ -61,21 +61,21 @@ describe('User API', function () {
it('create admin fails due to missing parameters', function (done) {
var scope = nock(config.apiServerOrigin()).get('/api/v1/boxes/' + config.fqdn() + '/setup/verify?setupToken=somesetuptoken').reply(200, {});
request.post(SERVER_URL + '/api/v1/cloudron/activate')
superagent.post(SERVER_URL + '/api/v1/cloudron/activate')
.query({ setupToken: 'somesetuptoken' })
.send({ username: USERNAME_0 })
.end(function (err, res) {
expect(res.statusCode).to.equal(400);
expect(scope.isDone()).to.be.ok();
done(err);
done();
});
});
it('create admin fails because only POST is allowed', function (done) {
request.get(SERVER_URL + '/api/v1/cloudron/activate')
superagent.get(SERVER_URL + '/api/v1/cloudron/activate')
.end(function (err, res) {
expect(res.statusCode).to.equal(404);
done(err);
done();
});
});
@@ -83,7 +83,7 @@ describe('User API', function () {
var scope1 = nock(config.apiServerOrigin()).get('/api/v1/boxes/' + config.fqdn() + '/setup/verify?setupToken=somesetuptoken').reply(200, {});
var scope2 = nock(config.apiServerOrigin()).post('/api/v1/boxes/' + config.fqdn() + '/setup/done?setupToken=somesetuptoken').reply(201, {});
request.post(SERVER_URL + '/api/v1/cloudron/activate')
superagent.post(SERVER_URL + '/api/v1/cloudron/activate')
.query({ setupToken: 'somesetuptoken' })
.send({ username: USERNAME_0, password: PASSWORD, email: EMAIL })
.end(function (err, res) {
@@ -99,16 +99,16 @@ describe('User API', function () {
});
it('device left first time mode', function (done) {
request.get(SERVER_URL + '/api/v1/cloudron/status')
superagent.get(SERVER_URL + '/api/v1/cloudron/status')
.end(function (err, res) {
expect(res.statusCode).to.equal(200);
expect(res.body.activated).to.be.ok();
done(err);
done();
});
});
it('can get userInfo with token', function (done) {
request.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.query({ access_token: token })
.end(function (err, res) {
expect(res.statusCode).to.equal(200);
@@ -119,7 +119,7 @@ describe('User API', function () {
// stash for further use
user_0 = res.body;
done(err);
done();
});
});
@@ -131,10 +131,9 @@ describe('User API', function () {
expect(error).to.not.be.ok();
setTimeout(function () {
request.get(SERVER_URL + '/api/v1/users/' + user_0.username)
superagent.get(SERVER_URL + '/api/v1/users/' + user_0.username)
.query({ access_token: token })
.end(function (error, result) {
expect(error).to.not.be.ok();
expect(result.statusCode).to.equal(401);
done();
});
@@ -143,46 +142,46 @@ describe('User API', function () {
});
it('can get userInfo with token', function (done) {
request.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.query({ access_token: token })
.end(function (err, res) {
expect(res.statusCode).to.equal(200);
expect(res.body.username).to.equal(USERNAME_0);
expect(res.body.email).to.equal(EMAIL);
expect(res.body.admin).to.be.ok();
done(err);
done();
});
});
it('cannot get userInfo only with basic auth', function (done) {
request.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.auth(USERNAME_0, PASSWORD)
.end(function (err, res) {
expect(res.statusCode).to.equal(401);
done(err);
done();
});
});
it('cannot get userInfo with invalid token (token length)', function (done) {
request.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.query({ access_token: 'x' + token })
.end(function (err, res) {
expect(res.statusCode).to.equal(401);
done(err);
done();
});
});
it('cannot get userInfo with invalid token (wrong token)', function (done) {
request.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.query({ access_token: token.toUpperCase() })
.end(function (err, res) {
expect(res.statusCode).to.equal(401);
done(err);
done();
});
});
it('can get userInfo with token in auth header', function (done) {
request.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.set('Authorization', 'Bearer ' + token)
.end(function (err, res) {
expect(res.statusCode).to.equal(200);
@@ -191,30 +190,30 @@ describe('User API', function () {
expect(res.body.admin).to.be.ok();
expect(res.body.password).to.not.be.ok();
expect(res.body.salt).to.not.be.ok();
done(err);
done();
});
});
it('cannot get userInfo with invalid token in auth header', function (done) {
request.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.set('Authorization', 'Bearer ' + 'x' + token)
.end(function (err, res) {
expect(res.statusCode).to.equal(401);
done(err);
done();
});
});
it('cannot get userInfo with invalid token (wrong token)', function (done) {
request.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.get(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.set('Authorization', 'Bearer ' + 'x' + token.toUpperCase())
.end(function (err, res) {
expect(res.statusCode).to.equal(401);
done(err);
done();
});
});
it('create second user succeeds', function (done) {
request.post(SERVER_URL + '/api/v1/users')
superagent.post(SERVER_URL + '/api/v1/users')
.query({ access_token: token })
.send({ username: USERNAME_1, email: EMAIL_1 })
.end(function (err, res) {
@@ -228,90 +227,86 @@ describe('User API', function () {
it('set second user as admin succeeds', function (done) {
// TODO is USERNAME_1 in body and url redundant?
request.post(SERVER_URL + '/api/v1/users/' + USERNAME_1 + '/admin')
superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_1 + '/admin')
.query({ access_token: token })
.send({ username: USERNAME_1, admin: true })
.end(function (err, res) {
expect(res.statusCode).to.equal(204);
done(err);
done();
});
});
it('remove first user from admins succeeds', function (done) {
request.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/admin')
superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/admin')
.query({ access_token: token_1 })
.send({ username: USERNAME_0, admin: false })
.end(function (err, res) {
expect(res.statusCode).to.equal(204);
done(err);
done();
});
});
it('remove second user by first, now normal, user fails', function (done) {
request.del(SERVER_URL + '/api/v1/users/' + USERNAME_1)
superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_1)
.query({ access_token: token })
.send({ password: PASSWORD })
.end(function (err, res) {
expect(res.statusCode).to.equal(403);
done(err);
done();
});
});
it('remove second user from admins and thus last admin fails', function (done) {
request.post(SERVER_URL + '/api/v1/users/' + USERNAME_1 + '/admin')
superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_1 + '/admin')
.query({ access_token: token_1 })
.send({ username: USERNAME_1, admin: false })
.end(function (err, res) {
expect(res.statusCode).to.equal(403);
done(err);
done();
});
});
it('reset first user as admin succeeds', function (done) {
request.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/admin')
superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/admin')
.query({ access_token: token_1 })
.send({ username: USERNAME_0, admin: true })
.end(function (err, res) {
expect(res.statusCode).to.equal(204);
done(err);
done();
});
});
it('create user missing username fails', function (done) {
request.post(SERVER_URL + '/api/v1/users')
superagent.post(SERVER_URL + '/api/v1/users')
.query({ access_token: token })
.send({ email: EMAIL_2 })
.end(function (error, result) {
expect(error).to.not.be.ok();
expect(result.statusCode).to.equal(400);
done();
});
});
it('create user missing email fails', function (done) {
request.post(SERVER_URL + '/api/v1/users')
superagent.post(SERVER_URL + '/api/v1/users')
.query({ access_token: token })
.send({ username: USERNAME_2 })
.end(function (error, result) {
expect(error).to.not.be.ok();
expect(result.statusCode).to.equal(400);
done();
});
});
it('create second and third user', function (done) {
request.post(SERVER_URL + '/api/v1/users')
superagent.post(SERVER_URL + '/api/v1/users')
.query({ access_token: token })
.send({ username: USERNAME_2, email: EMAIL_2 })
.end(function (error, res) {
expect(error).to.not.be.ok();
expect(res.statusCode).to.equal(201);
request.post(SERVER_URL + '/api/v1/users')
superagent.post(SERVER_URL + '/api/v1/users')
.query({ access_token: token })
.send({ username: USERNAME_3, email: EMAIL_3 })
.end(function (error, res) {
expect(error).to.not.be.ok();
expect(res.statusCode).to.equal(201);
// HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...)
@@ -321,10 +316,9 @@ describe('User API', function () {
});
it('second user userInfo', function (done) {
request.get(SERVER_URL + '/api/v1/users/' + USERNAME_2)
superagent.get(SERVER_URL + '/api/v1/users/' + USERNAME_2)
.query({ access_token: token_1 })
.end(function (error, result) {
expect(error).to.be(null);
expect(result.statusCode).to.equal(200);
expect(result.body.username).to.equal(USERNAME_2);
expect(result.body.email).to.equal(EMAIL_2);
@@ -335,17 +329,17 @@ describe('User API', function () {
});
it('create user with same username should fail', function (done) {
request.post(SERVER_URL + '/api/v1/users')
superagent.post(SERVER_URL + '/api/v1/users')
.query({ access_token: token })
.send({ username: USERNAME_2, email: EMAIL })
.end(function (err, res) {
expect(res.statusCode).to.equal(409);
done(err);
done();
});
});
it('list users', function (done) {
request.get(SERVER_URL + '/api/v1/users')
superagent.get(SERVER_URL + '/api/v1/users')
.query({ access_token: token_2 })
.end(function (error, res) {
expect(error).to.be(null);
@@ -367,106 +361,106 @@ describe('User API', function () {
});
it('user removes himself is not allowed', function (done) {
request.del(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.query({ access_token: token })
.send({ password: PASSWORD })
.end(function (err, res) {
expect(res.statusCode).to.equal(403);
done(err);
done();
});
});
it('admin cannot remove normal user without giving a password', function (done) {
request.del(SERVER_URL + '/api/v1/users/' + USERNAME_3)
superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_3)
.query({ access_token: token })
.end(function (err, res) {
expect(res.statusCode).to.equal(400);
done(err);
done();
});
});
it('admin cannot remove normal user with empty password', function (done) {
request.del(SERVER_URL + '/api/v1/users/' + USERNAME_3)
superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_3)
.query({ access_token: token })
.send({ password: '' })
.end(function (err, res) {
expect(res.statusCode).to.equal(403);
done(err);
done();
});
});
it('admin cannot remove normal user with giving wrong password', function (done) {
request.del(SERVER_URL + '/api/v1/users/' + USERNAME_3)
superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_3)
.query({ access_token: token })
.send({ password: PASSWORD + PASSWORD })
.end(function (err, res) {
expect(res.statusCode).to.equal(403);
done(err);
done();
});
});
it('admin removes normal user', function (done) {
request.del(SERVER_URL + '/api/v1/users/' + USERNAME_3)
superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_3)
.query({ access_token: token })
.send({ password: PASSWORD })
.end(function (err, res) {
expect(res.statusCode).to.equal(204);
done(err);
done();
});
});
it('admin removes himself should not be allowed', function (done) {
request.del(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.query({ access_token: token })
.send({ password: PASSWORD })
.end(function (err, res) {
expect(res.statusCode).to.equal(403);
done(err);
done();
});
});
// Change email
it('change email fails due to missing token', function (done) {
request.put(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.put(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.send({ password: PASSWORD, email: EMAIL_0_NEW })
.end(function (error, result) {
expect(result.statusCode).to.equal(401);
done(error);
done();
});
});
it('change email fails due to missing password', function (done) {
request.put(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.put(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.query({ access_token: token })
.send({ email: EMAIL_0_NEW })
.end(function (error, result) {
expect(result.statusCode).to.equal(400);
done(error);
done();
});
});
it('change email fails due to wrong password', function (done) {
request.put(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.put(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.query({ access_token: token })
.send({ password: PASSWORD+PASSWORD, email: EMAIL_0_NEW })
.end(function (error, result) {
expect(result.statusCode).to.equal(403);
done(error);
done();
});
});
it('change email fails due to invalid email', function (done) {
request.put(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.put(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.query({ access_token: token })
.send({ password: PASSWORD, email: 'foo@bar' })
.end(function (error, result) {
expect(result.statusCode).to.equal(400);
done(error);
done();
});
});
it('change email succeeds', function (done) {
request.put(SERVER_URL + '/api/v1/users/' + USERNAME_0)
superagent.put(SERVER_URL + '/api/v1/users/' + USERNAME_0)
.query({ access_token: token })
.send({ password: PASSWORD, email: EMAIL_0_NEW })
.end(function (error, result) {
@@ -477,52 +471,52 @@ describe('User API', function () {
// Change password
it('change password fails due to missing current password', function (done) {
request.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/password')
superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/password')
.query({ access_token: token })
.send({ newPassword: 'some wrong password' })
.end(function (err, res) {
expect(res.statusCode).to.equal(400);
done(err);
done();
});
});
it('change password fails due to missing new password', function (done) {
request.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/password')
superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/password')
.query({ access_token: token })
.send({ password: PASSWORD })
.end(function (err, res) {
expect(res.statusCode).to.equal(400);
done(err);
done();
});
});
it('change password fails due to wrong password', function (done) {
request.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/password')
superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/password')
.query({ access_token: token })
.send({ password: 'some wrong password', newPassword: 'newpassword' })
.end(function (err, res) {
expect(res.statusCode).to.equal(403);
done(err);
done();
});
});
it('change password fails due to invalid password', function (done) {
request.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/password')
superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/password')
.query({ access_token: token })
.send({ password: PASSWORD, newPassword: 'five' })
.end(function (err, res) {
expect(res.statusCode).to.equal(400);
done(err);
done();
});
});
it('change password succeeds', function (done) {
request.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/password')
superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/password')
.query({ access_token: token })
.send({ password: PASSWORD, newPassword: 'new_password' })
.end(function (err, res) {
expect(res.statusCode).to.equal(204);
done(err);
done();
});
});
});