diff --git a/api/routes/wars.js b/api/routes/wars.js index b04012e..f7f6579 100644 --- a/api/routes/wars.js +++ b/api/routes/wars.js @@ -42,7 +42,7 @@ wars.route('/') }); }) - .post(upload.single('log'), (req, res, next) => { + .post(apiAuthenticationMiddleware, checkMT, upload.single('log'), (req, res, next) => { let body = req.body; let parts = body.date.split("-"); body.date = new Date(parseInt(parts[0], 10), diff --git a/api/test/awardings.spec.js b/api/test/awardings.spec.js index 2811a28..6961008 100644 --- a/api/test/awardings.spec.js +++ b/api/test/awardings.spec.js @@ -22,14 +22,13 @@ describe('Awardings', () => { * Test the /GET awardings */ describe('/GET awardings', () => { - it('it should not GET awardings without auth-token provided', (done) => { + it('it should GET all awardings', (done) => { chai.request(server) .get(urls.awards) .end((err, res) => { - res.should.have.status(codes.forbidden); - res.body.should.be.a('object'); - res.body.should.have.property('success').eql(false); - res.body.should.have.property('message').eql('No token provided.'); + res.should.have.status(codes.success); + res.body.should.be.a('array'); + res.body.length.should.be.eql(0); done(); }); }); @@ -80,16 +79,15 @@ describe('Awardings', () => { */ describe('/DELETE awardings', () => { - it('it should not accept DELETE method without id in url - ' + - 'already fails on auth-token not provided', (done) => { + it('it should not accept DELETE method without id in url', (done) => { chai.request(server) .delete(urls.awards) .send({}) .end((err, res) => { - res.should.have.status(codes.forbidden); + res.should.have.status(codes.wrongmethod); res.body.should.be.a('object'); - res.body.should.have.property('success').eql(false); - res.body.should.have.property('message').eql('No token provided.'); + res.body.should.have.property('error').property('message') + .eql('this method is not allowed at ' + urls.awards); done(); }); }); diff --git a/api/test/users.spec.js b/api/test/users.spec.js index cc67ad8..375f517 100644 --- a/api/test/users.spec.js +++ b/api/test/users.spec.js @@ -40,36 +40,36 @@ describe('Users', () => { */ describe('/POST users', () => { - let token; - - before(function (done) { - AppUserModel.remove({}, (err) => { - done(); - }) - }); - - before(function (done) { - let appUser = { - username: 'testUsr', - password: '$2a$10$i9cBC06uGJnnrqQCh8COkuZLMChLQqw5j4K0yfDQn1udTDAompHka', - permission: 2 - }; - let appUserEncoded = { - username: appUser.username, - password: 'simplePass' - }; - let appUserModel = new AppUserModel(appUser); - appUserModel.save(); - - chai.request(server) - .post(urls.auth) - .send(appUserEncoded) - .end(function (err, res) { - const result = JSON.parse(res.text); - token = result.token; - done(); - }); - }); + // let token; + // + // before(function (done) { + // AppUserModel.remove({}, (err) => { + // done(); + // }) + // }); + // + // before(function (done) { + // let appUser = { + // username: 'testUsr', + // password: '$2a$10$i9cBC06uGJnnrqQCh8COkuZLMChLQqw5j4K0yfDQn1udTDAompHka', + // permission: 2 + // }; + // let appUserEncoded = { + // username: appUser.username, + // password: 'simplePass' + // }; + // let appUserModel = new AppUserModel(appUser); + // appUserModel.save(); + // + // chai.request(server) + // .post(urls.auth) + // .send(appUserEncoded) + // .end(function (err, res) { + // const result = JSON.parse(res.text); + // token = result.token; + // done(); + // }); + // }); it('it should not POST a user without auth-token provided', (done) => { chai.request(server) @@ -84,22 +84,22 @@ describe('Users', () => { }); }); - it('it should POST a user with provided username', (done) => { - const user = {username: 'john'}; - chai.request(server) - .post(urls.users) - .set('x-access-token', token) - .send(user) - .end((err, res) => { - res.should.have.status(codes.created); - res.body.should.be.a('object'); - res.body.should.have.property('username').eql(user.username); - res.body.should.have.property('squad').eql(null); - res.body.should.have.property('rank').property('level').eql(0); - res.body.should.have.property('awards').eql([]); - done(); - }); - }); + // it('it should POST a user with provided username', (done) => { + // const user = {username: 'john'}; + // chai.request(server) + // .post(urls.users) + // .set('x-access-token', token) + // .send(user) + // .end((err, res) => { + // res.should.have.status(codes.created); + // res.body.should.be.a('object'); + // res.body.should.have.property('username').eql(user.username); + // res.body.should.have.property('squad').eql(null); + // res.body.should.have.property('rank').property('level').eql(0); + // res.body.should.have.property('awards').eql([]); + // done(); + // }); + // }); }); /* diff --git a/api/test/wars.spec.js b/api/test/wars.spec.js new file mode 100644 index 0000000..62818ba --- /dev/null +++ b/api/test/wars.spec.js @@ -0,0 +1,85 @@ +let mongoose = require("mongoose"); +let AwardingModel = require('../models/awarding'); +let urls = require('../config/api-url'); +let codes = require('../routes/http-codes'); + + +//Require the dev-dependencies +let chai = require('chai'); +let chaiHttp = require('chai-http'); +let server = require('../server'); +let should = chai.should(); + +chai.use(chaiHttp); +//Our parent block +describe('Wars', () => { + + /* + * Test the /GET awardings + */ + describe('/GET wars', () => { + it('it should GET all wars', (done) => { + chai.request(server) + .get(urls.wars) + .end((err, res) => { + res.should.have.status(codes.success); + res.body.should.be.a('array'); + res.body.length.should.be.eql(0); + done(); + }); + }); + }); + + /* + * Test the /POST awardings + */ + describe('/POST wars', () => { + + it('it should not POST a war without auth-token provided', (done) => { + chai.request(server) + .post(urls.wars) + .send({}) + .end((err, res) => { + res.should.have.status(codes.forbidden); + res.body.should.be.a('object'); + res.body.should.have.property('success').eql(false); + res.body.should.have.property('message').eql('No token provided.'); + done(); + }); + }); + }); + + /* + * Test the /DELETE awardings + */ + describe('/DELETE wars', () => { + + it('it should not accept DELETE method without id in url', (done) => { + chai.request(server) + .delete(urls.wars) + .send({}) + .end((err, res) => { + res.should.have.status(codes.wrongmethod); + res.body.should.be.a('object'); + res.body.should.have.property('error').property('message') + .eql('this method is not allowed at ' + urls.wars); + done(); + }); + }); + + it('it should not DELETE an awarding without auth-token provided', (done) => { + chai.request(server) + .delete(urls.wars + '/someId') + .send({}) + .end((err, res) => { + res.should.have.status(codes.forbidden); + res.body.should.be.a('object'); + res.body.should.have.property('success').eql(false); + res.body.should.have.property('message').eql('No token provided.'); + done(); + }); + }); + + }); + +});