]>
Commit | Line | Data |
---|---|---|
72329aaa C |
1 | /* eslint-disable no-unused-expressions */ |
2 | ||
efe923bc C |
3 | 'use strict' |
4 | ||
5 | const request = require('supertest') | |
6 | const series = require('async/series') | |
7 | ||
8 | const loginUtils = require('../../utils/login') | |
9 | const requestsUtils = require('../../utils/requests') | |
10 | const serversUtils = require('../../utils/servers') | |
11 | const usersUtils = require('../../utils/users') | |
12 | ||
13 | describe('Test users API validators', function () { | |
14 | const path = '/api/v1/users/' | |
15 | let userId = null | |
16 | let rootId = null | |
17 | let server = null | |
18 | let userAccessToken = null | |
19 | ||
20 | // --------------------------------------------------------------- | |
21 | ||
22 | before(function (done) { | |
23 | this.timeout(20000) | |
24 | ||
25 | series([ | |
26 | function (next) { | |
27 | serversUtils.flushTests(next) | |
28 | }, | |
29 | function (next) { | |
30 | serversUtils.runServer(1, function (server1) { | |
31 | server = server1 | |
32 | ||
33 | next() | |
34 | }) | |
35 | }, | |
36 | function (next) { | |
37 | loginUtils.loginAndGetAccessToken(server, function (err, token) { | |
38 | if (err) throw err | |
39 | server.accessToken = token | |
40 | ||
41 | next() | |
42 | }) | |
43 | }, | |
44 | function (next) { | |
45 | const username = 'user1' | |
46 | const password = 'my super password' | |
47 | ||
48 | usersUtils.createUser(server.url, server.accessToken, username, password, next) | |
49 | }, | |
50 | function (next) { | |
51 | const user = { | |
52 | username: 'user1', | |
53 | password: 'my super password' | |
54 | } | |
55 | ||
56 | loginUtils.getUserAccessToken(server, user, function (err, accessToken) { | |
57 | if (err) throw err | |
58 | ||
59 | userAccessToken = accessToken | |
60 | ||
61 | next() | |
62 | }) | |
63 | } | |
64 | ], done) | |
65 | }) | |
66 | ||
67 | describe('When listing users', function () { | |
68 | it('Should fail with a bad start pagination', function (done) { | |
69 | request(server.url) | |
70 | .get(path) | |
71 | .query({ start: 'hello' }) | |
72 | .set('Accept', 'application/json') | |
73 | .expect(400, done) | |
74 | }) | |
75 | ||
76 | it('Should fail with a bad count pagination', function (done) { | |
77 | request(server.url) | |
78 | .get(path) | |
79 | .query({ count: 'hello' }) | |
80 | .set('Accept', 'application/json') | |
81 | .expect(400, done) | |
82 | }) | |
83 | ||
84 | it('Should fail with an incorrect sort', function (done) { | |
85 | request(server.url) | |
86 | .get(path) | |
87 | .query({ sort: 'hello' }) | |
88 | .set('Accept', 'application/json') | |
89 | .expect(400, done) | |
90 | }) | |
91 | }) | |
92 | ||
93 | describe('When adding a new user', function () { | |
94 | it('Should fail with a too small username', function (done) { | |
95 | const data = { | |
96 | username: 'ji', | |
ad4a8a1c | 97 | email: 'test@example.com', |
efe923bc C |
98 | password: 'mysuperpassword' |
99 | } | |
100 | ||
101 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
102 | }) | |
103 | ||
104 | it('Should fail with a too long username', function (done) { | |
105 | const data = { | |
106 | username: 'mysuperusernamewhichisverylong', | |
ad4a8a1c | 107 | email: 'test@example.com', |
efe923bc C |
108 | password: 'mysuperpassword' |
109 | } | |
110 | ||
111 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
112 | }) | |
113 | ||
114 | it('Should fail with an incorrect username', function (done) { | |
115 | const data = { | |
116 | username: 'my username', | |
ad4a8a1c C |
117 | email: 'test@example.com', |
118 | password: 'mysuperpassword' | |
119 | } | |
120 | ||
121 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
122 | }) | |
123 | ||
124 | it('Should fail with a missing email', function (done) { | |
125 | const data = { | |
126 | username: 'ji', | |
127 | password: 'mysuperpassword' | |
128 | } | |
129 | ||
130 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
131 | }) | |
132 | ||
133 | it('Should fail with an invalid email', function (done) { | |
134 | const data = { | |
135 | username: 'mysuperusernamewhichisverylong', | |
136 | email: 'testexample.com', | |
efe923bc C |
137 | password: 'mysuperpassword' |
138 | } | |
139 | ||
140 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
141 | }) | |
142 | ||
143 | it('Should fail with a too small password', function (done) { | |
144 | const data = { | |
145 | username: 'myusername', | |
ad4a8a1c | 146 | email: 'test@example.com', |
efe923bc C |
147 | password: 'bla' |
148 | } | |
149 | ||
150 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
151 | }) | |
152 | ||
153 | it('Should fail with a too long password', function (done) { | |
154 | const data = { | |
155 | username: 'myusername', | |
ad4a8a1c | 156 | email: 'test@example.com', |
efe923bc C |
157 | password: 'my super long password which is very very very very very very very very very very very very very very' + |
158 | 'very very very very very very very very very very very very very very very veryv very very very very' + | |
159 | 'very very very very very very very very very very very very very very very very very very very very long' | |
160 | } | |
161 | ||
162 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
163 | }) | |
164 | ||
165 | it('Should fail with an non authenticated user', function (done) { | |
166 | const data = { | |
167 | username: 'myusername', | |
ad4a8a1c | 168 | email: 'test@example.com', |
efe923bc C |
169 | password: 'my super password' |
170 | } | |
171 | ||
172 | requestsUtils.makePostBodyRequest(server.url, path, 'super token', data, done, 401) | |
173 | }) | |
174 | ||
175 | it('Should fail if we add a user with the same username', function (done) { | |
176 | const data = { | |
177 | username: 'user1', | |
ad4a8a1c C |
178 | email: 'test@example.com', |
179 | password: 'my super password' | |
180 | } | |
181 | ||
182 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 409) | |
183 | }) | |
184 | ||
185 | it('Should fail if we add a user with the same email', function (done) { | |
186 | const data = { | |
187 | username: 'myusername', | |
188 | email: 'user1@example.com', | |
efe923bc C |
189 | password: 'my super password' |
190 | } | |
191 | ||
192 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 409) | |
193 | }) | |
194 | ||
195 | it('Should succeed with the correct params', function (done) { | |
196 | const data = { | |
197 | username: 'user2', | |
ad4a8a1c | 198 | email: 'test@example.com', |
efe923bc C |
199 | password: 'my super password' |
200 | } | |
201 | ||
202 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 204) | |
203 | }) | |
204 | ||
205 | it('Should fail with a non admin user', function (done) { | |
206 | server.user = { | |
207 | username: 'user1', | |
ad4a8a1c | 208 | email: 'test@example.com', |
efe923bc C |
209 | password: 'my super password' |
210 | } | |
211 | ||
212 | loginUtils.loginAndGetAccessToken(server, function (err, accessToken) { | |
213 | if (err) throw err | |
214 | ||
215 | userAccessToken = accessToken | |
216 | ||
217 | const data = { | |
218 | username: 'user3', | |
ad4a8a1c | 219 | email: 'test@example.com', |
efe923bc C |
220 | password: 'my super password' |
221 | } | |
222 | ||
223 | requestsUtils.makePostBodyRequest(server.url, path, userAccessToken, data, done, 403) | |
224 | }) | |
225 | }) | |
226 | }) | |
227 | ||
228 | describe('When updating a user', function () { | |
229 | before(function (done) { | |
230 | usersUtils.getUsersList(server.url, function (err, res) { | |
231 | if (err) throw err | |
232 | ||
233 | userId = res.body.data[1].id | |
234 | rootId = res.body.data[2].id | |
235 | done() | |
236 | }) | |
237 | }) | |
238 | ||
239 | it('Should fail with a too small password', function (done) { | |
240 | const data = { | |
241 | password: 'bla' | |
242 | } | |
243 | ||
244 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done) | |
245 | }) | |
246 | ||
247 | it('Should fail with a too long password', function (done) { | |
248 | const data = { | |
249 | password: 'my super long password which is very very very very very very very very very very very very very very' + | |
250 | 'very very very very very very very very very very very very very very very veryv very very very very' + | |
251 | 'very very very very very very very very very very very very very very very very very very very very long' | |
252 | } | |
253 | ||
254 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done) | |
255 | }) | |
256 | ||
257 | it('Should fail with an non authenticated user', function (done) { | |
258 | const data = { | |
259 | password: 'my super password' | |
260 | } | |
261 | ||
262 | requestsUtils.makePutBodyRequest(server.url, path + userId, 'super token', data, done, 401) | |
263 | }) | |
264 | ||
265 | it('Should succeed with the correct params', function (done) { | |
266 | const data = { | |
267 | password: 'my super password' | |
268 | } | |
269 | ||
270 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done, 204) | |
271 | }) | |
272 | }) | |
273 | ||
274 | describe('When getting my information', function () { | |
275 | it('Should fail with a non authenticated user', function (done) { | |
276 | request(server.url) | |
277 | .get(path + 'me') | |
278 | .set('Authorization', 'Bearer faketoken') | |
279 | .set('Accept', 'application/json') | |
280 | .expect(401, done) | |
281 | }) | |
282 | ||
283 | it('Should success with the correct parameters', function (done) { | |
284 | request(server.url) | |
285 | .get(path + 'me') | |
286 | .set('Authorization', 'Bearer ' + userAccessToken) | |
287 | .set('Accept', 'application/json') | |
288 | .expect(200, done) | |
289 | }) | |
290 | }) | |
291 | ||
292 | describe('When removing an user', function () { | |
293 | it('Should fail with an incorrect id', function (done) { | |
294 | request(server.url) | |
295 | .delete(path + 'bla-bla') | |
296 | .set('Authorization', 'Bearer ' + server.accessToken) | |
297 | .expect(400, done) | |
298 | }) | |
299 | ||
300 | it('Should fail with the root user', function (done) { | |
301 | request(server.url) | |
302 | .delete(path + rootId) | |
303 | .set('Authorization', 'Bearer ' + server.accessToken) | |
304 | .expect(400, done) | |
305 | }) | |
306 | ||
307 | it('Should return 404 with a non existing id', function (done) { | |
308 | request(server.url) | |
309 | .delete(path + '45') | |
310 | .set('Authorization', 'Bearer ' + server.accessToken) | |
311 | .expect(404, done) | |
312 | }) | |
313 | }) | |
314 | ||
315 | after(function (done) { | |
316 | process.kill(-server.app.pid) | |
317 | ||
318 | // Keep the logs if the test failed | |
319 | if (this.ok) { | |
320 | serversUtils.flushTests(done) | |
321 | } else { | |
322 | done() | |
323 | } | |
324 | }) | |
325 | }) |