jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

test: fix groups test

Browse Source
This commit is contained in:
Girish Ramakrishnan
2021-06-04 14:24:39 -07:00
parent 9fa63b4ef8
commit dd3600b13c
3 changed files with 134 additions and 230 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/routes/test/common.js
+1 -1
View File
@@ -56,7 +56,7 @@ function setup(done) {
// stash token for further use
owner.token = result.body.token;
owner.id = result.body.id;
owner.id = result.body.userId;
callback();
});
src/routes/test/groups-test.js
+131 -227
View File
@@ -6,280 +6,184 @@
'use strict';
var async = require('async'),
constants = require('../../constants.js'),
database = require('../../database.js'),
const common = require('./common.js'),
expect = require('expect.js'),
hat = require('../../hat.js'),
server = require('../../server.js'),
superagent = require('superagent'),
tokendb = require('../../tokendb.js');
superagent = require('superagent');
var SERVER_URL = 'http://localhost:' + constants.PORT;
var USERNAME = 'superadmin', PASSWORD = 'Foobar?1337', EMAIL ='silly@me.com';
var USERNAME_1 = 'user', PASSWORD_1 = 'Foobar?1337', EMAIL_1 ='happy@me.com';
var token, token_1 = null;
var userId, userId_1 = null;
var GROUP_NAME = 'externals';
var groupObject, group1Object;
function setup(done) {
async.series([
server.start.bind(server),
database._clear,
function createAdmin(callback) {
superagent.post(SERVER_URL + '/api/v1/cloudron/activate')
.query({ setupToken: 'somesetuptoken' })
.send({ username: USERNAME, password: PASSWORD, email: EMAIL })
.end(function (error, result) {
expect(result).to.be.ok();
expect(result.statusCode).to.eql(201);
// stash token for further use
token = result.body.token;
superagent.get(SERVER_URL + '/api/v1/profile')
.query({ access_token: token })
.end(function (error, result) {
expect(result).to.be.ok();
expect(result.statusCode).to.eql(200);
userId = result.body.id;
callback();
});
});
},
function (callback) {
superagent.post(SERVER_URL + '/api/v1/users')
.query({ access_token: token })
.send({ username: USERNAME_1, email: EMAIL_1, invite: false })
.end(function (error, result) {
expect(result).to.be.ok();
expect(result.statusCode).to.eql(201);
token_1 = hat(8 * 32);
userId_1 = result.body.id;
// HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...)
tokendb.add({ id: 'tid-1', accessToken: token_1, identifier: userId_1, clientId: 'test-client-id', expires: Date.now() + 100000, scope: 'unused', name: '' }, callback);
});
}
], done);
}
function cleanup(done) {
database._clear(function (error) {
expect(!error).to.be.ok();
server.stop(done);
});
}
const GROUP_NAME = 'externals';
let group0Object, group1Object;
describe('Groups API', function () {
const { setup, cleanup, serverUrl, owner, user } = common;
before(setup);
after(cleanup);
it('create fails due to mising token', function (done) {
superagent.post(SERVER_URL + '/api/v1/groups')
it('create fails due to mising token', async function () {
const response = await superagent.post(`${serverUrl}/api/v1/groups`)
.send({ name: GROUP_NAME })
.end(function (error, result) {
expect(result.statusCode).to.equal(401);
done();
});
.ok(() => true);
expect(response.statusCode).to.equal(401);
});
it('create succeeds', function (done) {
superagent.post(SERVER_URL + '/api/v1/groups')
.query({ access_token: token })
.send({ name: GROUP_NAME })
.end(function (error, result) {
expect(result.statusCode).to.equal(201);
groupObject = result.body;
done();
});
it('create succeeds', async function () {
const response = await superagent.post(`${serverUrl}/api/v1/groups`)
.query({ access_token: owner.token })
.send({ name: GROUP_NAME });
expect(response.statusCode).to.equal(201);
group0Object = response.body;
});
it('create fails for already exists', function (done) {
superagent.post(SERVER_URL + '/api/v1/groups')
.query({ access_token: token })
it('create fails for already exists', async function () {
const response = await superagent.post(`${serverUrl}/api/v1/groups`)
.query({ access_token: owner.token })
.send({ name: GROUP_NAME})
.end(function (error, result) {
expect(result.statusCode).to.equal(409);
done();
});
.ok(() => true);
expect(response.statusCode).to.equal(409);
});
it('can create another group', function (done) {
superagent.post(SERVER_URL + '/api/v1/groups')
.query({ access_token: token })
.send({ name: 'group1'})
.end(function (error, result) {
expect(result.statusCode).to.equal(201);
group1Object = result.body;
done();
});
it('can create another group', async function () {
const response = await superagent.post(`${serverUrl}/api/v1/groups`)
.query({ access_token: owner.token })
.send({ name: 'group1'});
expect(response.statusCode).to.equal(201);
group1Object = response.body;
});
it('cannot add user to invalid group', function (done) {
superagent.put(SERVER_URL + '/api/v1/users/' + userId + '/groups')
.query({ access_token: token })
.send({ groupIds: [ groupObject.id, 'something' ]})
.end(function (error, result) {
expect(result.statusCode).to.equal(404);
done();
});
it('cannot add user to invalid group', async function () {
const response = await superagent.put(`${serverUrl}/api/v1/users/${user.id}/groups`)
.query({ access_token: owner.token })
.send({ groupIds: [ group0Object.id, 'something' ]})
.ok(() => true);
expect(response.statusCode).to.equal(404);
});
it('can set groups of a user', function (done) {
superagent.put(SERVER_URL + '/api/v1/users/' + userId + '/groups')
.query({ access_token: token })
.send({ groupIds: [ groupObject.id, group1Object.id ]})
.end(function (error, result) {
expect(result.statusCode).to.equal(204);
done();
});
it('can set groups of a user', async function () {
const response = await superagent.put(`${serverUrl}/api/v1/users/${user.id}/groups`)
.query({ access_token: owner.token })
.send({ groupIds: [ group0Object.id, group1Object.id ]});
expect(response.statusCode).to.equal(204);
});
it('cannot set duplicate groups for a user', function (done) {
superagent.put(SERVER_URL + '/api/v1/users/' + userId + '/groups')
.query({ access_token: token })
.send({ groupIds: [ groupObject.id, group1Object.id, groupObject.id ]})
.end(function (error, result) {
expect(result.statusCode).to.equal(409);
done();
});
it('cannot set duplicate groups for a user', async function () {
const response = await superagent.put(`${serverUrl}/api/v1/users/${user.id}/groups`)
.query({ access_token: owner.token })
.send({ groupIds: [ group0Object.id, group1Object.id, group0Object.id ]})
.ok(() => true);
expect(response.statusCode).to.equal(409);
});
it('can set users of a group', function (done) {
superagent.put(SERVER_URL + '/api/v1/groups/' + groupObject.id + '/members')
.query({ access_token: token })
.send({ userIds: [ userId, userId_1 ]})
.end(function (error, result) {
expect(result.statusCode).to.equal(200);
done();
});
it('can set users of a group', async function () {
const response = await superagent.put(`${serverUrl}/api/v1/groups/${group0Object.id}/members`)
.query({ access_token: owner.token })
.send({ userIds: [ owner.id, user.id ]});
expect(response.statusCode).to.equal(200);
});
it('cannot set duplicate users of a group', function (done) {
superagent.put(SERVER_URL + '/api/v1/groups/' + groupObject.id + '/members')
.query({ access_token: token })
.send({ userIds: [ userId, userId_1, userId ]})
.end(function (error, result) {
expect(result.statusCode).to.equal(409);
done();
});
it('cannot set duplicate users of a group', async function () {
const response = await superagent.put(`${serverUrl}/api/v1/groups/${group0Object.id}/members`)
.query({ access_token: owner.token })
.send({ userIds: [ owner.id, user.id, owner.id ]})
.ok(() => true);
expect(response.statusCode).to.equal(409);
});
it('cannot get non-existing group', async function () {
const response = await superagent.get(`${serverUrl}/api/v1/groups/nope`)
.query({ access_token: owner.token })
.ok(() => true);
it('cannot get non-existing group', function (done) {
superagent.get(SERVER_URL + '/api/v1/groups/nope')
.query({ access_token: token })
.end(function (error, result) {
expect(result.statusCode).to.equal(404);
done();
});
expect(response.statusCode).to.equal(404);
});
it('cannot get existing group with normal user', function (done) {
superagent.get(SERVER_URL + '/api/v1/groups/' + groupObject.id)
.query({ access_token: token_1 })
.end(function (error, result) {
expect(result.statusCode).to.equal(403);
done();
});
it('cannot get existing group with normal user', async function () {
const response = await superagent.get(`${serverUrl}/api/v1/groups/${group0Object.id}`)
.query({ access_token: user.token })
.ok(() => true);
expect(response.statusCode).to.equal(403);
});
it('can get existing group', function (done) {
superagent.get(SERVER_URL + '/api/v1/groups/' + groupObject.id)
.query({ access_token: token })
.end(function (error, result) {
expect(result.statusCode).to.equal(200);
expect(result.body.name).to.be(groupObject.name);
expect(result.body.userIds.length).to.be(2);
expect(result.body.userIds).to.contain(userId);
expect(result.body.userIds).to.contain(userId_1);
done();
});
it('can get existing group', async function () {
const response = await superagent.get(`${serverUrl}/api/v1/groups/${group0Object.id}`)
.query({ access_token: owner.token });
expect(response.statusCode).to.equal(200);
expect(response.body.name).to.be(group0Object.name);
expect(response.body.userIds.length).to.be(2);
expect(response.body.userIds).to.contain(owner.id);
expect(response.body.userIds).to.contain(user.id);
});
it('cannot list groups without token', function (done) {
superagent.get(SERVER_URL + '/api/v1/groups')
.end(function (err, res) {
expect(res.statusCode).to.equal(401);
done();
});
it('cannot list groups without token', async function () {
const response = await superagent.get(`${serverUrl}/api/v1/groups`)
.ok(() => true);
expect(response.statusCode).to.equal(401);
});
it('cannot list groups as normal user', function (done) {
superagent.get(SERVER_URL + '/api/v1/groups')
.query({ access_token: token_1 })
.end(function (err, res) {
expect(res.statusCode).to.equal(403);
done();
});
it('cannot list groups as normal user', async function () {
const response = await superagent.get(`${serverUrl}/api/v1/groups`)
.query({ access_token: user.token })
.ok(() => true);
expect(response.statusCode).to.equal(403);
});
it('can list groups', function (done) {
superagent.get(SERVER_URL + '/api/v1/groups')
.query({ access_token: token })
.end(function (err, res) {
expect(res.statusCode).to.equal(200);
expect(res.body.groups).to.be.an(Array);
expect(res.body.groups.length).to.be(2);
expect(res.body.groups[0].name).to.eql(groupObject.name);
expect(res.body.groups[1].name).to.eql(group1Object.name);
done();
});
it('can list groups', async function () {
const response = await superagent.get(`${serverUrl}/api/v1/groups`)
.query({ access_token: owner.token });
expect(response.statusCode).to.equal(200);
expect(response.body.groups).to.be.an(Array);
expect(response.body.groups.length).to.be(2);
expect(response.body.groups[0].name).to.eql(group0Object.name);
expect(response.body.groups[1].name).to.eql(group1Object.name);
});
it('remove user from group', function (done) {
superagent.put(SERVER_URL + '/api/v1/users/' + userId + '/groups')
.query({ access_token: token })
.send({ groupIds: [ groupObject.id ]})
.end(function (error, result) {
expect(result.statusCode).to.equal(204);
done();
});
it('remove user from group', async function () {
const response = await superagent.put(`${serverUrl}/api/v1/users/${user.id}/groups`)
.query({ access_token: owner.token })
.send({ groupIds: [ group0Object.id ]});
expect(response.statusCode).to.equal(204);
});
it('cannot remove without token', function (done) {
superagent.del(SERVER_URL + '/api/v1/groups/externals')
.end(function (error, result) {
expect(result.statusCode).to.equal(401);
done();
});
it('cannot remove without token', async function () {
const response = await superagent.del(`${serverUrl}/api/v1/groups/externals`)
.ok(() => true);
expect(response.statusCode).to.equal(401);
});
it('can clear users of a group', function (done) {
superagent.put(SERVER_URL + '/api/v1/groups/' + group1Object.id + '/members')
.query({ access_token: token })
.send({ userIds: [ ]})
.end(function (error, result) {
expect(result.statusCode).to.equal(200);
done();
});
it('can clear users of a group', async function () {
const response = await superagent.put(`${serverUrl}/api/v1/groups/${group1Object.id}/members`)
.query({ access_token: owner.token })
.send({ userIds: [ ]});
expect(response.statusCode).to.equal(200);
});
it('can remove empty group', function (done) {
superagent.del(SERVER_URL + '/api/v1/groups/' + group1Object.id)
.query({ access_token: token })
.end(function (error, result) {
expect(result.statusCode).to.equal(204);
done();
});
it('can remove empty group', async function () {
const response = await superagent.del(`${serverUrl}/api/v1/groups/${group1Object.id}`)
.query({ access_token: owner.token });
expect(response.statusCode).to.equal(204);
});
it('can remove non-empty group', function (done) {
superagent.del(SERVER_URL + '/api/v1/groups/' + groupObject.id)
.query({ access_token: token })
.end(function (error, result) {
expect(result.statusCode).to.equal(204);
done();
});
it('can remove non-empty group', async function () {
const response = await superagent.del(`${serverUrl}/api/v1/groups/${group0Object.id}`)
.query({ access_token: owner.token });
expect(response.statusCode).to.equal(204);
});
});