Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-02-03 23:00:14 -05:00
Code Issues Activity

Changed users content api to v2 (#10003)

Browse source 
refs #9866
This commit is contained in:
Katharina Irrgang 2018-10-13 00:11:16 +02:00 committed by GitHub
parent 4aaff31890
commit c907237540
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 248 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
core/server/web/api/v2/content/routes.js
View file

@ -25,9 +25,9 @@ module.exports = function apiRoutes() {
router.get('/pages', mw.authenticatePublic, apiv2.http(apiv2.pages.browse)); router.get('/pages', mw.authenticatePublic, apiv2.http(apiv2.pages.browse));
// ## Users // ## Users
router.get('/users', mw.authenticatePublic, api.http(api.users.browse)); router.get('/users', mw.authenticatePublic, apiv2.http(apiv2.users.browse));
router.get('/users/:id', mw.authenticatePublic, api.http(api.users.read)); router.get('/users/:id', mw.authenticatePublic, apiv2.http(apiv2.users.read));
router.get('/users/slug/:slug', mw.authenticatePublic, api.http(api.users.read)); router.get('/users/slug/:slug', mw.authenticatePublic, apiv2.http(apiv2.users.read));
// ## Tags // ## Tags
router.get('/tags', mw.authenticatePublic, api.http(api.tags.browse)); router.get('/tags', mw.authenticatePublic, api.http(api.tags.browse));

245
core/test/functional/api/v2/content/users_spec.js Normal file
View file

@ -0,0 +1,245 @@
const should = require('should');
const supertest = require('supertest');
const _ = require('lodash');
const url = require('url');
const configUtils = require('../../../../utils/configUtils');
const config = require('../../../../../../core/server/config');
const models = require('../../../../../../core/server/models');
const testUtils = require('../../../../utils');
const localUtils = require('./utils');
const ghost = testUtils.startGhost;
let request;
describe('Users Content API V2', function () {
let ghostServer;
before(function () {
return ghost()
.then(function (_ghostServer) {
ghostServer = _ghostServer;
request = supertest.agent(config.get('url'));
})
.then(function () {
return testUtils.initFixtures('users:no-owner', 'user:inactive', 'posts', 'client:trusted-domain');
});
});
afterEach(function () {
configUtils.restore();
});
it('browse users', function (done) {
request.get(localUtils.API.getApiQuery('users/?client_id=ghost-admin&client_secret=not_available'))
.set('Origin', testUtils.API.getURL())
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse.users);
testUtils.API.checkResponse(jsonResponse, 'users');
jsonResponse.users.should.have.length(7);
// We don't expose the email address, status and other attrs.
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['url'], null, null, {public: true});
should.exist(res.body.users[0].url);
should.exist(url.parse(res.body.users[0].url).protocol);
should.exist(url.parse(res.body.users[0].url).host);
// Public api returns all users, but no status! Locked/Inactive users can still have written articles.
models.User.findPage(Object.assign({status: 'all'}, testUtils.context.internal))
.then((response) => {
_.map(response.data, (model) => model.toJSON()).length.should.eql(7);
done();
});
});
});
it('browse users: ignores fetching roles', function (done) {
request.get(localUtils.API.getApiQuery('users/?client_id=ghost-admin&client_secret=not_available&include=roles'))
.set('Origin', testUtils.API.getURL())
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse.users);
testUtils.API.checkResponse(jsonResponse, 'users');
jsonResponse.users.should.have.length(7);
// We don't expose the email address.
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['url'], null, null, {public: true});
done();
});
});
it('browse user by slug: ignores fetching roles', function (done) {
request.get(localUtils.API.getApiQuery('users/slug/ghost/?client_id=ghost-admin&client_secret=not_available&include=roles'))
.set('Origin', testUtils.API.getURL())
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse.users);
jsonResponse.users.should.have.length(1);
// We don't expose the email address.
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['url'], null, null, {public: true});
done();
});
});
it('browse user by slug: count.posts', function (done) {
request.get(localUtils.API.getApiQuery('users/slug/ghost/?client_id=ghost-admin&client_secret=not_available&include=count.posts'))
.set('Origin', testUtils.API.getURL())
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse.users);
jsonResponse.users.should.have.length(1);
// We don't expose the email address.
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['count', 'url'], null, null, {public: true});
done();
});
});
it('browse user by id: count.posts', function (done) {
request.get(localUtils.API.getApiQuery('users/1/?client_id=ghost-admin&client_secret=not_available&include=count.posts'))
.set('Origin', testUtils.API.getURL())
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse.users);
jsonResponse.users.should.have.length(1);
// We don't expose the email address.
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['count', 'url'], null, null, {public: true});
done();
});
});
it('browse user with count.posts', function (done) {
request.get(localUtils.API.getApiQuery('users/?client_id=ghost-admin&client_secret=not_available&include=count.posts&order=count.posts ASC'))
.set('Origin', testUtils.API.getURL())
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
var jsonResponse = res.body;
should.exist(jsonResponse.users);
jsonResponse.users.should.have.length(7);
// We don't expose the email address.
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['count', 'url'], null, null, {public: true});
// Each user should have the correct count
_.find(jsonResponse.users, {slug:'joe-bloggs'}).count.posts.should.eql(4);
_.find(jsonResponse.users, {slug:'contributor'}).count.posts.should.eql(0);
_.find(jsonResponse.users, {slug:'slimer-mcectoplasm'}).count.posts.should.eql(0);
_.find(jsonResponse.users, {slug:'jimothy-bogendath'}).count.posts.should.eql(0);
_.find(jsonResponse.users, {slug: 'smith-wellingsworth'}).count.posts.should.eql(0);
_.find(jsonResponse.users, {slug:'ghost'}).count.posts.should.eql(7);
_.find(jsonResponse.users, {slug:'inactive'}).count.posts.should.eql(0);
const ids = jsonResponse.users
.filter(user => (user.slug !== 'ghost'))
.filter(user => (user.slug !== 'inactive'))
.map(user=> user.id);
ids.should.eql([
testUtils.DataGenerator.Content.users[1].id,
testUtils.DataGenerator.Content.users[2].id,
testUtils.DataGenerator.Content.users[3].id,
testUtils.DataGenerator.Content.users[7].id,
testUtils.DataGenerator.Content.users[0].id
]);
done();
});
});
it('browse user by id: ignores fetching roles', function (done) {
request.get(localUtils.API.getApiQuery('users/1/?client_id=ghost-admin&client_secret=not_available&include=roles'))
.set('Origin', testUtils.API.getURL())
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse.users);
jsonResponse.users.should.have.length(1);
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['url'], null, null, {public: true});
done();
});
});
it('browse users: post count', function (done) {
request.get(localUtils.API.getApiQuery('users/?client_id=ghost-admin&client_secret=not_available&include=count.posts'))
.set('Origin', testUtils.API.getURL())
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse.users);
testUtils.API.checkResponse(jsonResponse, 'users');
jsonResponse.users.should.have.length(7);
// We don't expose the email address.
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['count', 'url'], null, null, {public: true});
done();
});
});
});