ghost/core/test/unit/auth/validation_spec.js

var should = require('should'),
    sinon = require('sinon'),
    Promise = require('bluebird'),
    auth = require('../../../server/auth'),
    models = require('../../../server/models'),

    sandbox = sinon.sandbox.create();

/**
 * See https://github.com/TryGhost/Ghost/issues/8342
 * We have disabled Ghost authentication temporary.
 * That's why some tests are skipped for now.
 */
describe('UNIT: auth validation', function () {
    before(function () {
        models.init();
    });

    afterEach(function () {
        sandbox.restore();
    });

    describe('ghost is enabled', function () {
        it('[failure]', function () {
            return auth.validation.validate({
                authType: 'ghost'
            }).catch(function (err) {
                should.exist(err);
                err.code.should.eql('AUTH_TYPE');
            });
        });

        it.skip('[success]', function () {
            sandbox.stub(models.User, 'isSetup').returns(Promise.resolve(false));

            return auth.validation.validate({
                authType: 'ghost'
            });
        });

        it.skip('[success]', function () {
            sandbox.stub(models.User, 'isSetup').returns(Promise.resolve(true));
            sandbox.stub(models.Client, 'findOne').returns(Promise.resolve(true));

            return auth.validation.validate({
                authType: 'ghost'
            });
        });

        it.skip('[failure]', function () {
            sandbox.stub(models.User, 'isSetup').returns(Promise.resolve(true));
            sandbox.stub(models.Client, 'findOne').returns(Promise.resolve(true));

            return auth.validation.validate({
                authType: 'password'
            }).catch(function (err) {
                should.exist(err);
                err.code.should.eql('AUTH_SWITCH');
            });
        });
    });

    describe('password is enabled', function () {
        it('[success]', function () {
            sandbox.stub(models.User, 'isSetup').returns(Promise.resolve(false));

            return auth.validation.validate({
                authType: 'password'
            });
        });

        it('[success]', function () {
            sandbox.stub(models.User, 'isSetup').returns(Promise.resolve(true));
            sandbox.stub(models.Client, 'findOne').returns(Promise.resolve(false));

            return auth.validation.validate({
                authType: 'password'
            });
        });

        it.skip('[failure]', function () {
            sandbox.stub(models.User, 'isSetup').returns(Promise.resolve(true));
            sandbox.stub(models.Client, 'findOne').returns(Promise.resolve(true));

            return auth.validation.validate({
                authType: 'ghost'
            }).catch(function (err) {
                should.exist(err);
                err.code.should.eql('AUTH_SWITCH');
            });
        });
    });
});
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`var should = require('should'),`
			`sinon = require('sinon'),`
			`Promise = require('bluebird'),`
			`auth = require('../../../server/auth'),`
			`models = require('../../../server/models'),`
💄 🐷 Test consistency (#8199) no issue - change out should.equal for // jshint ignore:line - ensure should is the first require in every test, and ALWAYS require - make sinon the second require, and sandbox the last thing - ALWAYS use sandbox, futureproofs tests against contributors who don't know it - change require formatting 2017-03-21 08:24:11 +00:00
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`sandbox = sinon.sandbox.create();`

🚑 Disable remote authentication (#8346) closes #8342 - extend auth validation to deny auth type "ghost" for now - skip some tests 2017-04-24 19:56:49 +02:00			`/**`
			`* See https://github.com/TryGhost/Ghost/issues/8342`
			`* We have disabled Ghost authentication temporary.`
			`* That's why some tests are skipped for now.`
			`*/`
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`describe('UNIT: auth validation', function () {`
			`before(function () {`
			`models.init();`
			`});`

🐛 subscriber: sanitize email vol. 2 (#8280) no issue 🐛 subscriber: sanitize email vol. 2 - ensure email get's sanitized for every error case 🐛 validator.isEmptyOrURL doesn't accept non strings - otherwise it shows a weird error message in the client ✨ new tests for subscriber app - routing tests * change tests for Ghost 1.0 * it took me 15min to find this 😡 2017-04-05 23:02:16 +02:00			`afterEach(function () {`
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`sandbox.restore();`
			`});`

			`describe('ghost is enabled', function () {`
🚑 Disable remote authentication (#8346) closes #8342 - extend auth validation to deny auth type "ghost" for now - skip some tests 2017-04-24 19:56:49 +02:00			`it('[failure]', function () {`
			`return auth.validation.validate({`
			`authType: 'ghost'`
			`}).catch(function (err) {`
			`should.exist(err);`
			`err.code.should.eql('AUTH_TYPE');`
			`});`
			`});`

			`it.skip('[success]', function () {`
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`sandbox.stub(models.User, 'isSetup').returns(Promise.resolve(false));`

🚑 Disable remote authentication (#8346) closes #8342 - extend auth validation to deny auth type "ghost" for now - skip some tests 2017-04-24 19:56:49 +02:00			`return auth.validation.validate({`
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`authType: 'ghost'`
			`});`
			`});`

🚑 Disable remote authentication (#8346) closes #8342 - extend auth validation to deny auth type "ghost" for now - skip some tests 2017-04-24 19:56:49 +02:00			`it.skip('[success]', function () {`
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`sandbox.stub(models.User, 'isSetup').returns(Promise.resolve(true));`
			`sandbox.stub(models.Client, 'findOne').returns(Promise.resolve(true));`

🚑 Disable remote authentication (#8346) closes #8342 - extend auth validation to deny auth type "ghost" for now - skip some tests 2017-04-24 19:56:49 +02:00			`return auth.validation.validate({`
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`authType: 'ghost'`
			`});`
			`});`

🚑 Disable remote authentication (#8346) closes #8342 - extend auth validation to deny auth type "ghost" for now - skip some tests 2017-04-24 19:56:49 +02:00			`it.skip('[failure]', function () {`
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`sandbox.stub(models.User, 'isSetup').returns(Promise.resolve(true));`
			`sandbox.stub(models.Client, 'findOne').returns(Promise.resolve(true));`

🚑 Disable remote authentication (#8346) closes #8342 - extend auth validation to deny auth type "ghost" for now - skip some tests 2017-04-24 19:56:49 +02:00			`return auth.validation.validate({`
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`authType: 'password'`
			`}).catch(function (err) {`
			`should.exist(err);`
			`err.code.should.eql('AUTH_SWITCH');`
			`});`
			`});`
			`});`

			`describe('password is enabled', function () {`
			`it('[success]', function () {`
			`sandbox.stub(models.User, 'isSetup').returns(Promise.resolve(false));`

🚑 Disable remote authentication (#8346) closes #8342 - extend auth validation to deny auth type "ghost" for now - skip some tests 2017-04-24 19:56:49 +02:00			`return auth.validation.validate({`
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`authType: 'password'`
			`});`
			`});`

			`it('[success]', function () {`
			`sandbox.stub(models.User, 'isSetup').returns(Promise.resolve(true));`
			`sandbox.stub(models.Client, 'findOne').returns(Promise.resolve(false));`

🚑 Disable remote authentication (#8346) closes #8342 - extend auth validation to deny auth type "ghost" for now - skip some tests 2017-04-24 19:56:49 +02:00			`return auth.validation.validate({`
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`authType: 'password'`
			`});`
			`});`

🚑 Disable remote authentication (#8346) closes #8342 - extend auth validation to deny auth type "ghost" for now - skip some tests 2017-04-24 19:56:49 +02:00			`it.skip('[failure]', function () {`
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`sandbox.stub(models.User, 'isSetup').returns(Promise.resolve(true));`
			`sandbox.stub(models.Client, 'findOne').returns(Promise.resolve(true));`

🚑 Disable remote authentication (#8346) closes #8342 - extend auth validation to deny auth type "ghost" for now - skip some tests 2017-04-24 19:56:49 +02:00			`return auth.validation.validate({`
🎨 deny auto switch (#8086) * 🎨 deny auto switch no issue - deny auth switch after the blog was setup - setup completed depends on the status of the user right now, see comments * Updates from comments - re-use statuses in user model - update error message 2017-03-02 20:50:58 +01:00			`authType: 'ghost'`
			`}).catch(function (err) {`
			`should.exist(err);`
			`err.code.should.eql('AUTH_SWITCH');`
			`});`
			`});`
			`});`
			`});`