Add Tests for route authentications; Rename subproject-folders

pull/1/head
Florian Hartwich 2017-05-11 15:12:17 +02:00
parent edbcecab46
commit 11e80be2aa
181 changed files with 565 additions and 16 deletions

View File

@ -9,7 +9,7 @@
"scripts": {
"start": "node server.js",
"dev": "nodemon server.js",
"test": "mocha --require ./test/spec_helper.js"
"test": "mocha --require ./test/config/spec_helper.js"
},
"dependencies": {
"async": "^2.4.0",

View File

Before

Width:  |  Height:  |  Size: 7.6 KiB

After

Width:  |  Height:  |  Size: 7.6 KiB

View File

Before

Width:  |  Height:  |  Size: 17 KiB

After

Width:  |  Height:  |  Size: 17 KiB

View File

Before

Width:  |  Height:  |  Size: 106 KiB

After

Width:  |  Height:  |  Size: 106 KiB

13
api/routes/api-url.js Normal file
View File

@ -0,0 +1,13 @@
module.exports = {
auth: '/authenticate',
signUp: '/authenticate/signup',
awards: '/awardings',
command: '/cmd',
cmdCreateSig: '/cmd/createSignature',
decorations: '/decorations',
overview: '/overview',
ranks: '/ranks',
signatures: '/signatures',
squads: '/squads',
users: '/users',
};

View File

Before

Width:  |  Height:  |  Size: 53 KiB

After

Width:  |  Height:  |  Size: 53 KiB

View File

Before

Width:  |  Height:  |  Size: 61 KiB

After

Width:  |  Height:  |  Size: 61 KiB

View File

Before

Width:  |  Height:  |  Size: 10 KiB

After

Width:  |  Height:  |  Size: 10 KiB

View File

Before

Width:  |  Height:  |  Size: 18 KiB

After

Width:  |  Height:  |  Size: 18 KiB

112
api/test/awardings.spec.js Normal file
View File

@ -0,0 +1,112 @@
let mongoose = require("mongoose");
let AwardingModel = require('../models/awarding');
let urls = require('../routes/api-url');
let codes = require('../routes/http-codes');
//Require the dev-dependencies
let chai = require('chai');
let chaiHttp = require('chai-http');
let server = require('../server');
let should = chai.should();
chai.use(chaiHttp);
//Our parent block
describe('Awardings', () => {
beforeEach((done) => { //Before each test we empty the database
AwardingModel.remove({}, (err) => {
done();
});
});
/*
* Test the /GET awardings
*/
describe('/GET awardings', () => {
it('it should not GET awardings without auth-token provided', (done) => {
chai.request(server)
.get(urls.awards)
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
/*
* Test the /POST awardings
*/
describe('/POST awardings', () => {
it('it should not POST an awarding without auth-token provided', (done) => {
chai.request(server)
.post(urls.awards)
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
/*
* Test the /PATCH awardings
*/
describe('/PATCH awardings', () => {
it('it should not PATCH an awarding without auth-token provided', (done) => {
chai.request(server)
.patch(urls.awards + '/someId')
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
/*
* Test the /DELETE awardings
*/
describe('/DELETE awardings', () => {
it('it should not accept DELETE method without id in url - ' +
'already fails on auth-token not provided', (done) => {
chai.request(server)
.delete(urls.awards)
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
it('it should not DELETE an awarding without auth-token provided', (done) => {
chai.request(server)
.delete(urls.awards + '/someId')
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
});

39
api/test/command.spec.js Normal file
View File

@ -0,0 +1,39 @@
let mongoose = require("mongoose");
let AwardingModel = require('../models/awarding');
let urls = require('../routes/api-url');
let codes = require('../routes/http-codes');
//Require the dev-dependencies
let chai = require('chai');
let chaiHttp = require('chai-http');
let server = require('../server');
let should = chai.should();
chai.use(chaiHttp);
//Our parent block
describe('Command', () => {
beforeEach((done) => { //Before each test we empty the database
AwardingModel.remove({}, (err) => {
done();
});
});
/*
* Test the /GET awardings
*/
describe('/POST command to create signature', () => {
it('it should not succeed without auth-token provided', (done) => {
chai.request(server)
.post(urls.cmdCreateSig + "/someId")
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
});

View File

@ -1,3 +1,3 @@
const config = require('../config');
const config = require('../../config');
process.env.NODE_ENV = config.test.env;

View File

@ -22,7 +22,7 @@ mongoose.connection.on('connected', () => {
const createString = (possible, length) => {
let text = "";
for( let i=0; i < length; i++ )
for (let i = 0; i < length; i++)
text += possible.charAt(Math.floor(Math.random() * possible.length));
return text;

View File

@ -0,0 +1,109 @@
let mongoose = require("mongoose");
let DecorationModel = require('../models/decoration');
let urls = require('../routes/api-url');
let codes = require('../routes/http-codes');
//Require the dev-dependencies
let chai = require('chai');
let chaiHttp = require('chai-http');
let server = require('../server');
let should = chai.should();
chai.use(chaiHttp);
//Our parent block
describe('Decorations', () => {
beforeEach((done) => { //Before each test we empty the database
DecorationModel.remove({}, (err) => {
done();
});
});
/*
* Test the /GET decorations
*/
describe('/GET decorations', () => {
it('it should GET all the decorations', (done) => {
chai.request(server)
.get(urls.decorations)
.end((err, res) => {
res.should.have.status(codes.success);
res.body.should.be.a('array');
res.body.length.should.be.eql(0);
done();
});
});
});
/*
* Test the /POST decorations
*/
describe('/POST decorations', () => {
it('it should not POST a decoration without auth-token provided', (done) => {
chai.request(server)
.post(urls.decorations)
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
/*
* Test the /PATCH decoration
*/
describe('/PATCH decorations', () => {
it('it should not PATCH a decoration without auth-token provided', (done) => {
chai.request(server)
.patch(urls.decorations + '/someId')
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
/*
* Test the /DELETE decorations
*/
describe('/DELETE decorations', () => {
it('it should not accept DELETE method without id in url', (done) => {
chai.request(server)
.delete(urls.decorations)
.send({})
.end((err, res) => {
res.should.have.status(codes.wrongmethod);
res.body.should.be.a('object');
res.body.should.have.property('error').property('message')
.eql('this method is not allowed at ' + urls.decorations);
done();
});
});
it('it should not DELETE a decoration without auth-token provided', (done) => {
chai.request(server)
.delete(urls.decorations + '/someId')
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
});

110
api/test/ranks.spec.js Normal file
View File

@ -0,0 +1,110 @@
let mongoose = require("mongoose");
let RankModel = require('../models/rank');
let urls = require('../routes/api-url');
let codes = require('../routes/http-codes');
//Require the dev-dependencies
let chai = require('chai');
let chaiHttp = require('chai-http');
let server = require('../server');
let should = chai.should();
chai.use(chaiHttp);
//Our parent block
describe('Ranks', () => {
beforeEach((done) => { //Before each test we empty the database
RankModel.remove({}, (err) => {
done();
});
});
/*
* Test the /GET ranks
*/
describe('/GET ranks', () => {
it('it should GET all the ranks', (done) => {
chai.request(server)
.get(urls.ranks)
.end((err, res) => {
res.should.have.status(codes.success);
res.body.should.be.a('array');
res.body.length.should.be.eql(0);
done();
});
});
});
/*
* Test the /POST ranks
*/
describe('/POST ranks', () => {
it('it should not POST a rank without auth-token provided', (done) => {
chai.request(server)
.post(urls.ranks)
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
})
/*
* Test the /PATCH rank
*/
describe('/PATCH ranks', () => {
it('it should not PATCH a rank without auth-token provided', (done) => {
chai.request(server)
.patch(urls.ranks + '/someId')
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
/*
* Test the /DELETE rank
*/
describe('/DELETE ranks', () => {
it('it should not accept DELETE method without id in url', (done) => {
chai.request(server)
.delete(urls.ranks)
.send({})
.end((err, res) => {
res.should.have.status(codes.wrongmethod);
res.body.should.be.a('object');
res.body.should.have.property('error').property('message')
.eql('this method is not allowed at ' + urls.ranks);
done();
});
});
it('it should not DELETE a rank without auth-token provided', (done) => {
chai.request(server)
.delete(urls.ranks + '/someId')
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
});

109
api/test/squads.spec.js Normal file
View File

@ -0,0 +1,109 @@
let mongoose = require("mongoose");
let SquadModel = require('../models/squad');
let urls = require('../routes/api-url');
let codes = require('../routes/http-codes');
//Require the dev-dependencies
let chai = require('chai');
let chaiHttp = require('chai-http');
let server = require('../server');
let should = chai.should();
chai.use(chaiHttp);
//Our parent block
describe('Squads', () => {
beforeEach((done) => { //Before each test we empty the database
SquadModel.remove({}, (err) => {
done();
});
});
/*
* Test the /GET route
*/
describe('/GET squads', () => {
it('it should GET all the squads', (done) => {
chai.request(server)
.get(urls.squads)
.end((err, res) => {
res.should.have.status(codes.success);
res.body.should.be.a('array');
res.body.length.should.be.eql(0);
done();
});
});
});
/*
* Test the /POST squad
*/
describe('/POST squads', () => {
it('it should not POST a squad without auth-token provided', (done) => {
chai.request(server)
.post(urls.squads)
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
/*
* Test the /PATCH squad
*/
describe('/PATCH squads', () => {
it('it should not PATCH a squad without auth-token provided', (done) => {
chai.request(server)
.patch(urls.squads + '/someId')
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
/*
* Test the /DELETE squad
*/
describe('/DELETE squads', () => {
it('it should not accept DELETE method without id in url', (done) => {
chai.request(server)
.delete(urls.squads)
.send({})
.end((err, res) => {
res.should.have.status(codes.wrongmethod);
res.body.should.be.a('object');
res.body.should.have.property('error').property('message')
.eql('this method is not allowed at ' + urls.squads);
done();
});
});
it('it should not DELETE a squad without auth-token provided', (done) => {
chai.request(server)
.delete(urls.squads + '/someId')
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
});

View File

@ -1,6 +1,9 @@
let mongoose = require("mongoose");
let UserModel = require('../models/user');
let AppUserModel = require('../models/app-user');
let urls = require('../routes/api-url');
let codes = require('../routes/http-codes');
//Require the dev-dependencies
let chai = require('chai');
@ -22,9 +25,9 @@ describe('Users', () => {
describe('/GET users', () => {
it('it should GET all the users', (done) => {
chai.request(server)
.get('/users')
.get(urls.users)
.end((err, res) => {
res.should.have.status(200);
res.should.have.status(codes.success);
res.body.should.be.a('array');
res.body.length.should.be.eql(0);
done();
@ -58,7 +61,7 @@ describe('Users', () => {
appUserModel.save();
chai.request(server)
.post('/authenticate')
.post(urls.auth)
.send(appUserEncoded)
.end(function (err, res) {
const result = JSON.parse(res.text);
@ -67,12 +70,12 @@ describe('Users', () => {
});
});
it('it should not POST a user without auth-token in header', (done) => {
it('it should not POST a user without auth-token provided', (done) => {
chai.request(server)
.post('/users')
.post(urls.users)
.send({})
.end((err, res) => {
res.should.have.status(403);
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
@ -83,11 +86,11 @@ describe('Users', () => {
it('it should POST a user with provided username', (done) => {
const user = {username: 'john'};
chai.request(server)
.post('/users')
.post(urls.users)
.set('x-access-token', token)
.send(user)
.end((err, res) => {
res.should.have.status(201);
res.should.have.status(codes.created);
res.body.should.be.a('object');
res.body.should.have.property('username').eql(user.username);
res.body.should.have.property('squadId').eql(null);
@ -97,4 +100,57 @@ describe('Users', () => {
});
});
/*
* Test the /PATCH route
*/
describe('/PATCH users', () => {
it('it should not PATCH a user without auth-token provided', (done) => {
chai.request(server)
.patch(urls.users + '/someId')
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
/*
* Test the /DELETE route
*/
describe('/DELETE users', () => {
it('it should not accept DELETE method without id in url', (done) => {
chai.request(server)
.delete(urls.users)
.send({})
.end((err, res) => {
res.should.have.status(codes.wrongmethod);
res.body.should.be.a('object');
res.body.should.have.property('error').property('message')
.eql('this method is not allowed at ' + urls.users);
done();
});
});
it('it should not DELETE a user without auth-token provided', (done) => {
chai.request(server)
.delete(urls.users + '/someId')
.send({})
.end((err, res) => {
res.should.have.status(codes.forbidden);
res.body.should.be.a('object');
res.body.should.have.property('success').eql(false);
res.body.should.have.property('message').eql('No token provided.');
done();
});
});
});
});

View File

@ -5,10 +5,11 @@
"private": true,
"scripts": {
"start": "npm run deploy-static-prod && node ./rest-server/server.js",
"dev": "npm run deploy-static && nodemon opt-cc-api/server.js",
"deploy-static": "cd opt-cc-static && ng build && ln -s ../opt-cc-api/resource/ ../public/resource",
"deploy-static-prod": "cd opt-cc-static && ng build --env=prod && ln -s ../opt-cc-api/resource/ ../public/resource",
"postinstall": "npm install --prefix ./opt-cc-static ./opt-cc-static && npm install --prefix ./opt-cc-api ./opt-cc-api",
"mongodb": "mongod --dbpath ./mongodb-data"
"dev": "npm run deploy-static && nodemon api/server.js",
"deploy-static": "cd static && ng build && ln -s ../api/resource/ ../public/resource",
"deploy-static-prod": "cd static && ng build --env=prod && ln -s ../api/resource/ ../public/resource",
"postinstall": "npm install --prefix ./static && npm install --prefix ./api",
"mongodb": "mongod --dbpath ./mongodb-data",
"test": "npm test --prefix ./api"
}
}

Some files were not shown because too many files have changed in this diff Show More