From efe923bcdaf15b47593ad8583df09a92c715ac6c Mon Sep 17 00:00:00 2001
From: Chocobozzz <florian.bigard@gmail.com>
Date: Fri, 30 Dec 2016 12:23:53 +0100
Subject: Server: split check params tests

---
 server/tests/api/check-params/requests.js | 87 +++++++++++++++++++++++++++++++
 1 file changed, 87 insertions(+)
 create mode 100644 server/tests/api/check-params/requests.js

(limited to 'server/tests/api/check-params/requests.js')

diff --git a/server/tests/api/check-params/requests.js b/server/tests/api/check-params/requests.js
new file mode 100644
index 000000000..08f58db43
--- /dev/null
+++ b/server/tests/api/check-params/requests.js
@@ -0,0 +1,87 @@
+'use strict'
+
+const request = require('supertest')
+const series = require('async/series')
+
+const loginUtils = require('../../utils/login')
+const usersUtils = require('../../utils/users')
+const serversUtils = require('../../utils/servers')
+
+describe('Test requests API validators', function () {
+  const path = '/api/v1/requests/stats'
+  let server = null
+  let userAccessToken = null
+
+  // ---------------------------------------------------------------
+
+  before(function (done) {
+    this.timeout(20000)
+
+    series([
+      function (next) {
+        serversUtils.flushTests(next)
+      },
+      function (next) {
+        serversUtils.runServer(1, function (server1) {
+          server = server1
+
+          next()
+        })
+      },
+      function (next) {
+        loginUtils.loginAndGetAccessToken(server, function (err, token) {
+          if (err) throw err
+          server.accessToken = token
+
+          next()
+        })
+      },
+      function (next) {
+        const username = 'user'
+        const password = 'my super password'
+
+        usersUtils.createUser(server.url, server.accessToken, username, password, next)
+      },
+      function (next) {
+        const user = {
+          username: 'user',
+          password: 'my super password'
+        }
+
+        loginUtils.getUserAccessToken(server, user, function (err, accessToken) {
+          if (err) throw err
+
+          userAccessToken = accessToken
+
+          next()
+        })
+      }
+    ], done)
+  })
+
+  it('Should fail with an non authenticated user', function (done) {
+    request(server.url)
+      .get(path)
+      .set('Accept', 'application/json')
+      .expect(401, done)
+  })
+
+  it('Should fail with a non admin user', function (done) {
+    request(server.url)
+      .get(path)
+      .set('Authorization', 'Bearer ' + userAccessToken)
+      .set('Accept', 'application/json')
+      .expect(403, done)
+  })
+
+  after(function (done) {
+    process.kill(-server.app.pid)
+
+    // Keep the logs if the test failed
+    if (this.ok) {
+      serversUtils.flushTests(done)
+    } else {
+      done()
+    }
+  })
+})
-- 
cgit v1.2.3