1 files changed, 87 insertions, 0 deletions
diff --git a/server/tests/api/check-params/requests.js b/server/tests/api/check-params/requests.js
new file mode 100644
index 000000000..08f58db43
--- /dev/null
+++ b/server/tests/api/check-params/requests.js
@@ -0,0 +1,87 @@
+'use strict'
+const request = require('supertest')
+const series = require('async/series')
+const loginUtils = require('../../utils/login')
+const usersUtils = require('../../utils/users')
+const serversUtils = require('../../utils/servers')
+describe('Test requests API validators', function () {
+  const path = '/api/v1/requests/stats'
+  let server = null
+  let userAccessToken = null
+  // ---------------------------------------------------------------
+  before(function (done) {
+    this.timeout(20000)
+    series([
+      function (next) {
+        serversUtils.flushTests(next)
+      },
+      function (next) {
+        serversUtils.runServer(1, function (server1) {
+          server = server1
+          next()
+        })
+      },
+      function (next) {
+        loginUtils.loginAndGetAccessToken(server, function (err, token) {
+          if (err) throw err
+          server.accessToken = token
+          next()
+        })
+      },
+      function (next) {
+        const username = 'user'
+        const password = 'my super password'
+        usersUtils.createUser(server.url, server.accessToken, username, password, next)
+      },
+      function (next) {
+        const user = {
+          username: 'user',
+          password: 'my super password'
+        }
+        loginUtils.getUserAccessToken(server, user, function (err, accessToken) {
+          if (err) throw err
+          userAccessToken = accessToken
+          next()
+        })
+      }
+    ], done)
+  })
+  it('Should fail with an non authenticated user', function (done) {
+    request(server.url)
+      .get(path)
+      .set('Accept', 'application/json')
+      .expect(401, done)
+  })
+  it('Should fail with a non admin user', function (done) {
+    request(server.url)
+      .get(path)
+      .set('Authorization', 'Bearer ' + userAccessToken)
+      .set('Accept', 'application/json')
+      .expect(403, done)
+  })
+  after(function (done) {
+    process.kill(-server.app.pid)
+    // Keep the logs if the test failed
+    if (this.ok) {
+      serversUtils.flushTests(done)
+    } else {
+      done()
+    }
+  })
+})

diff --git a/server/tests/api/check-params/requests.js b/server/tests/api/check-params/requests.js new file mode 100644 index 000000000..08f58db43 --- /dev/null +++ b/server/tests/api/check-params/requests.js
@@ -0,0 +1,87 @@
	1	'use strict'
	2
	3	const request = require('supertest')
	4	const series = require('async/series')
	5
	6	const loginUtils = require('../../utils/login')
	7	const usersUtils = require('../../utils/users')
	8	const serversUtils = require('../../utils/servers')
	9
	10	describe('Test requests API validators', function () {
	11	const path = '/api/v1/requests/stats'
	12	let server = null
	13	let userAccessToken = null
	14
	15	// ---------------------------------------------------------------
	16
	17	before(function (done) {
	18	this.timeout(20000)
	19
	20	series([
	21	function (next) {
	22	serversUtils.flushTests(next)
	23	},
	24	function (next) {
	25	serversUtils.runServer(1, function (server1) {
	26	server = server1
	27
	28	next()
	29	})
	30	},
	31	function (next) {
	32	loginUtils.loginAndGetAccessToken(server, function (err, token) {
	33	if (err) throw err
	34	server.accessToken = token
	35
	36	next()
	37	})
	38	},
	39	function (next) {
	40	const username = 'user'
	41	const password = 'my super password'
	42
	43	usersUtils.createUser(server.url, server.accessToken, username, password, next)
	44	},
	45	function (next) {
	46	const user = {
	47	username: 'user',
	48	password: 'my super password'
	49	}
	50
	51	loginUtils.getUserAccessToken(server, user, function (err, accessToken) {
	52	if (err) throw err
	53
	54	userAccessToken = accessToken
	55
	56	next()
	57	})
	58	}
	59	], done)
	60	})
	61
	62	it('Should fail with an non authenticated user', function (done) {
	63	request(server.url)
	64	.get(path)
	65	.set('Accept', 'application/json')
	66	.expect(401, done)
	67	})
	68
	69	it('Should fail with a non admin user', function (done) {
	70	request(server.url)
	71	.get(path)
	72	.set('Authorization', 'Bearer ' + userAccessToken)
	73	.set('Accept', 'application/json')
	74	.expect(403, done)
	75	})
	76
	77	after(function (done) {
	78	process.kill(-server.app.pid)
	79
	80	// Keep the logs if the test failed
	81	if (this.ok) {
	82	serversUtils.flushTests(done)
	83	} else {
	84	done()
	85	}
	86	})
	87	})