]>
Commit | Line | Data |
---|---|---|
1 | 'use strict' | |
2 | ||
3 | const request = require('supertest') | |
4 | const series = require('async/series') | |
5 | ||
6 | const loginUtils = require('../../utils/login') | |
7 | const requestsUtils = require('../../utils/requests') | |
8 | const serversUtils = require('../../utils/servers') | |
9 | const usersUtils = require('../../utils/users') | |
10 | ||
11 | describe('Test users API validators', function () { | |
12 | const path = '/api/v1/users/' | |
13 | let userId = null | |
14 | let rootId = null | |
15 | let server = null | |
16 | let userAccessToken = null | |
17 | ||
18 | // --------------------------------------------------------------- | |
19 | ||
20 | before(function (done) { | |
21 | this.timeout(20000) | |
22 | ||
23 | series([ | |
24 | function (next) { | |
25 | serversUtils.flushTests(next) | |
26 | }, | |
27 | function (next) { | |
28 | serversUtils.runServer(1, function (server1) { | |
29 | server = server1 | |
30 | ||
31 | next() | |
32 | }) | |
33 | }, | |
34 | function (next) { | |
35 | loginUtils.loginAndGetAccessToken(server, function (err, token) { | |
36 | if (err) throw err | |
37 | server.accessToken = token | |
38 | ||
39 | next() | |
40 | }) | |
41 | }, | |
42 | function (next) { | |
43 | const username = 'user1' | |
44 | const password = 'my super password' | |
45 | ||
46 | usersUtils.createUser(server.url, server.accessToken, username, password, next) | |
47 | }, | |
48 | function (next) { | |
49 | const user = { | |
50 | username: 'user1', | |
51 | password: 'my super password' | |
52 | } | |
53 | ||
54 | loginUtils.getUserAccessToken(server, user, function (err, accessToken) { | |
55 | if (err) throw err | |
56 | ||
57 | userAccessToken = accessToken | |
58 | ||
59 | next() | |
60 | }) | |
61 | } | |
62 | ], done) | |
63 | }) | |
64 | ||
65 | describe('When listing users', function () { | |
66 | it('Should fail with a bad start pagination', function (done) { | |
67 | request(server.url) | |
68 | .get(path) | |
69 | .query({ start: 'hello' }) | |
70 | .set('Accept', 'application/json') | |
71 | .expect(400, done) | |
72 | }) | |
73 | ||
74 | it('Should fail with a bad count pagination', function (done) { | |
75 | request(server.url) | |
76 | .get(path) | |
77 | .query({ count: 'hello' }) | |
78 | .set('Accept', 'application/json') | |
79 | .expect(400, done) | |
80 | }) | |
81 | ||
82 | it('Should fail with an incorrect sort', function (done) { | |
83 | request(server.url) | |
84 | .get(path) | |
85 | .query({ sort: 'hello' }) | |
86 | .set('Accept', 'application/json') | |
87 | .expect(400, done) | |
88 | }) | |
89 | }) | |
90 | ||
91 | describe('When adding a new user', function () { | |
92 | it('Should fail with a too small username', function (done) { | |
93 | const data = { | |
94 | username: 'ji', | |
95 | email: 'test@example.com', | |
96 | password: 'mysuperpassword' | |
97 | } | |
98 | ||
99 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
100 | }) | |
101 | ||
102 | it('Should fail with a too long username', function (done) { | |
103 | const data = { | |
104 | username: 'mysuperusernamewhichisverylong', | |
105 | email: 'test@example.com', | |
106 | password: 'mysuperpassword' | |
107 | } | |
108 | ||
109 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
110 | }) | |
111 | ||
112 | it('Should fail with an incorrect username', function (done) { | |
113 | const data = { | |
114 | username: 'my username', | |
115 | email: 'test@example.com', | |
116 | password: 'mysuperpassword' | |
117 | } | |
118 | ||
119 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
120 | }) | |
121 | ||
122 | it('Should fail with a missing email', function (done) { | |
123 | const data = { | |
124 | username: 'ji', | |
125 | password: 'mysuperpassword' | |
126 | } | |
127 | ||
128 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
129 | }) | |
130 | ||
131 | it('Should fail with an invalid email', function (done) { | |
132 | const data = { | |
133 | username: 'mysuperusernamewhichisverylong', | |
134 | email: 'testexample.com', | |
135 | password: 'mysuperpassword' | |
136 | } | |
137 | ||
138 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
139 | }) | |
140 | ||
141 | it('Should fail with a too small password', function (done) { | |
142 | const data = { | |
143 | username: 'myusername', | |
144 | email: 'test@example.com', | |
145 | password: 'bla' | |
146 | } | |
147 | ||
148 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
149 | }) | |
150 | ||
151 | it('Should fail with a too long password', function (done) { | |
152 | const data = { | |
153 | username: 'myusername', | |
154 | email: 'test@example.com', | |
155 | password: 'my super long password which is very very very very very very very very very very very very very very' + | |
156 | 'very very very very very very very very very very very very very very very veryv very very very very' + | |
157 | 'very very very very very very very very very very very very very very very very very very very very long' | |
158 | } | |
159 | ||
160 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done) | |
161 | }) | |
162 | ||
163 | it('Should fail with an non authenticated user', function (done) { | |
164 | const data = { | |
165 | username: 'myusername', | |
166 | email: 'test@example.com', | |
167 | password: 'my super password' | |
168 | } | |
169 | ||
170 | requestsUtils.makePostBodyRequest(server.url, path, 'super token', data, done, 401) | |
171 | }) | |
172 | ||
173 | it('Should fail if we add a user with the same username', function (done) { | |
174 | const data = { | |
175 | username: 'user1', | |
176 | email: 'test@example.com', | |
177 | password: 'my super password' | |
178 | } | |
179 | ||
180 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 409) | |
181 | }) | |
182 | ||
183 | it('Should fail if we add a user with the same email', function (done) { | |
184 | const data = { | |
185 | username: 'myusername', | |
186 | email: 'user1@example.com', | |
187 | password: 'my super password' | |
188 | } | |
189 | ||
190 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 409) | |
191 | }) | |
192 | ||
193 | it('Should succeed with the correct params', function (done) { | |
194 | const data = { | |
195 | username: 'user2', | |
196 | email: 'test@example.com', | |
197 | password: 'my super password' | |
198 | } | |
199 | ||
200 | requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 204) | |
201 | }) | |
202 | ||
203 | it('Should fail with a non admin user', function (done) { | |
204 | server.user = { | |
205 | username: 'user1', | |
206 | email: 'test@example.com', | |
207 | password: 'my super password' | |
208 | } | |
209 | ||
210 | loginUtils.loginAndGetAccessToken(server, function (err, accessToken) { | |
211 | if (err) throw err | |
212 | ||
213 | userAccessToken = accessToken | |
214 | ||
215 | const data = { | |
216 | username: 'user3', | |
217 | email: 'test@example.com', | |
218 | password: 'my super password' | |
219 | } | |
220 | ||
221 | requestsUtils.makePostBodyRequest(server.url, path, userAccessToken, data, done, 403) | |
222 | }) | |
223 | }) | |
224 | }) | |
225 | ||
226 | describe('When updating a user', function () { | |
227 | before(function (done) { | |
228 | usersUtils.getUsersList(server.url, function (err, res) { | |
229 | if (err) throw err | |
230 | ||
231 | userId = res.body.data[1].id | |
232 | rootId = res.body.data[2].id | |
233 | done() | |
234 | }) | |
235 | }) | |
236 | ||
237 | it('Should fail with a too small password', function (done) { | |
238 | const data = { | |
239 | password: 'bla' | |
240 | } | |
241 | ||
242 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done) | |
243 | }) | |
244 | ||
245 | it('Should fail with a too long password', function (done) { | |
246 | const data = { | |
247 | password: 'my super long password which is very very very very very very very very very very very very very very' + | |
248 | 'very very very very very very very very very very very very very very very veryv very very very very' + | |
249 | 'very very very very very very very very very very very very very very very very very very very very long' | |
250 | } | |
251 | ||
252 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done) | |
253 | }) | |
254 | ||
255 | it('Should fail with an non authenticated user', function (done) { | |
256 | const data = { | |
257 | password: 'my super password' | |
258 | } | |
259 | ||
260 | requestsUtils.makePutBodyRequest(server.url, path + userId, 'super token', data, done, 401) | |
261 | }) | |
262 | ||
263 | it('Should succeed with the correct params', function (done) { | |
264 | const data = { | |
265 | password: 'my super password' | |
266 | } | |
267 | ||
268 | requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done, 204) | |
269 | }) | |
270 | }) | |
271 | ||
272 | describe('When getting my information', function () { | |
273 | it('Should fail with a non authenticated user', function (done) { | |
274 | request(server.url) | |
275 | .get(path + 'me') | |
276 | .set('Authorization', 'Bearer faketoken') | |
277 | .set('Accept', 'application/json') | |
278 | .expect(401, done) | |
279 | }) | |
280 | ||
281 | it('Should success with the correct parameters', function (done) { | |
282 | request(server.url) | |
283 | .get(path + 'me') | |
284 | .set('Authorization', 'Bearer ' + userAccessToken) | |
285 | .set('Accept', 'application/json') | |
286 | .expect(200, done) | |
287 | }) | |
288 | }) | |
289 | ||
290 | describe('When removing an user', function () { | |
291 | it('Should fail with an incorrect id', function (done) { | |
292 | request(server.url) | |
293 | .delete(path + 'bla-bla') | |
294 | .set('Authorization', 'Bearer ' + server.accessToken) | |
295 | .expect(400, done) | |
296 | }) | |
297 | ||
298 | it('Should fail with the root user', function (done) { | |
299 | request(server.url) | |
300 | .delete(path + rootId) | |
301 | .set('Authorization', 'Bearer ' + server.accessToken) | |
302 | .expect(400, done) | |
303 | }) | |
304 | ||
305 | it('Should return 404 with a non existing id', function (done) { | |
306 | request(server.url) | |
307 | .delete(path + '45') | |
308 | .set('Authorization', 'Bearer ' + server.accessToken) | |
309 | .expect(404, done) | |
310 | }) | |
311 | }) | |
312 | ||
313 | after(function (done) { | |
314 | process.kill(-server.app.pid) | |
315 | ||
316 | // Keep the logs if the test failed | |
317 | if (this.ok) { | |
318 | serversUtils.flushTests(done) | |
319 | } else { | |
320 | done() | |
321 | } | |
322 | }) | |
323 | }) |