Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-02-17 23:44:39 -05:00
Code Issues Activity

Reduced some functional tests

Browse source 
refs #9866

- just some 🤪
- some were really slow in general, because they had to start/stop Ghost within the test file twice or so
- removed some obvious test cases
- if we copy over the controllers and add functional tests for v2, we can maybe remove some more test cases for v2
This commit is contained in:
kirrg001 2018-10-07 21:14:00 +02:00
parent d2baf80d58
commit f55a9ad412
3 changed files with 138 additions and 651 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

370
core/test/functional/api/v0.1/posts_spec.js
View file

@ -11,6 +11,7 @@ var should = require('should'),
request; request;
describe('Post API', function () { describe('Post API', function () {
let authorAccessToken, contributorAccessToken, author, contributor;
var ghostServer; var ghostServer;
describe('As Owner', function () { describe('As Owner', function () {
@ -27,6 +28,32 @@ describe('Post API', function () {
}) })
.then(function (token) { .then(function (token) {
ownerAccessToken = token; ownerAccessToken = token;
// create author
return testUtils.createUser({
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+2@ghost.org'}),
role: testUtils.DataGenerator.Content.roles[2].name
});
})
.then((_author) => {
request.user = author = _author;
return localUtils.doAuth(request);
})
.then(function (token) {
authorAccessToken = token;
// create contributor
return testUtils.createUser({
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+3@ghost.org'}),
role: testUtils.DataGenerator.Content.roles[4].name
});
})
.then(function (_contributor) {
request.user = contributor = _contributor;
return localUtils.doAuth(request);
})
.then(function (token) {
contributorAccessToken = token;
}); });
}); });
@ -228,30 +255,7 @@ describe('Post API', function () {
}); });
it('can retrieve all published posts and pages', function (done) { it('can retrieve all published posts and pages', function (done) {
request.get(localUtils.API.getApiQuery('posts/?filter=page:[false,true]')) request.get(localUtils.API.getApiQuery('posts/?filter=page:[false,true]&status=all'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse.posts);
testUtils.API.checkResponse(jsonResponse, 'posts');
jsonResponse.posts.should.have.length(12);
testUtils.API.checkResponse(jsonResponse.posts[0], 'post');
testUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination');
done();
});
});
// Test bits of the API we don't use in the app yet to ensure the API behaves properly
it('can retrieve all status posts and pages', function (done) {
request.get(localUtils.API.getApiQuery('posts/?staticPages=all&status=all'))
.set('Authorization', 'Bearer ' + ownerAccessToken) .set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private) .expect('Cache-Control', testUtils.cacheRules.private)
@ -273,7 +277,7 @@ describe('Post API', function () {
}); });
it('can retrieve just published pages', function (done) { it('can retrieve just published pages', function (done) {
request.get(localUtils.API.getApiQuery('posts/?staticPages=true')) request.get(localUtils.API.getApiQuery('posts/?filter=page:true'))
.set('Authorization', 'Bearer ' + ownerAccessToken) .set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private) .expect('Cache-Control', testUtils.cacheRules.private)
@ -320,32 +324,6 @@ describe('Post API', function () {
}); });
}); });
it('can retrieve just non featured posts', function (done) {
request.get(localUtils.API.getApiQuery('posts/?filter=featured:false'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse.posts);
testUtils.API.checkResponse(jsonResponse, 'posts');
jsonResponse.posts.should.be.an.Array().with.lengthOf(9);
testUtils.API.checkResponse(jsonResponse.posts[0], 'post');
testUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination');
const featured = _.map(jsonResponse.posts, 'featured');
featured.should.matchEach(false);
done();
});
});
it('can retrieve just draft posts', function (done) { it('can retrieve just draft posts', function (done) {
request.get(localUtils.API.getApiQuery('posts/?status=draft')) request.get(localUtils.API.getApiQuery('posts/?status=draft'))
.set('Authorization', 'Bearer ' + ownerAccessToken) .set('Authorization', 'Bearer ' + ownerAccessToken)
@ -577,48 +555,6 @@ describe('Post API', function () {
done(); done();
}); });
}); });
it('can\'t retrieve a draft post', function (done) {
request.get(localUtils.API.getApiQuery('posts/5/'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.set('Accept', 'application/json')
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse);
should.exist(jsonResponse.errors);
testUtils.API.checkResponseValue(jsonResponse.errors[0], ['message', 'errorType']);
done();
});
});
it('can\'t retrieve a draft page', function (done) {
request.get(localUtils.API.getApiQuery('posts/8/'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.set('Accept', 'application/json')
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse);
should.exist(jsonResponse.errors);
testUtils.API.checkResponseValue(jsonResponse.errors[0], ['message', 'errorType']);
done();
});
});
}); });
// ## Add // ## Add
@ -1179,42 +1115,6 @@ describe('Post API', function () {
}); });
}); });
it('can\'t edit non existent post', function (done) {
request.get(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[0].id + '/'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.end(function (err, res) {
if (err) {
return done(err);
}
var jsonResponse = res.body,
changedValue = 'My new Title';
should.exist(jsonResponse.posts[0].title);
jsonResponse.posts[0].testvalue = changedValue;
jsonResponse.posts[0].id = ObjectId.generate();
request.put(localUtils.API.getApiQuery('posts/' + jsonResponse.posts[0].id + '/'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.send(jsonResponse)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
jsonResponse = res.body;
should.exist(jsonResponse.errors);
testUtils.API.checkResponseValue(jsonResponse.errors[0], ['message', 'errorType']);
done();
});
});
});
it('check which fields can be modified', function (done) { it('check which fields can be modified', function (done) {
var existingPostData, modifiedPostData; var existingPostData, modifiedPostData;
@ -1306,197 +1206,10 @@ describe('Post API', function () {
done(); done();
}); });
}); });
it('can delete a new draft', function (done) {
var newTitle = 'My Post',
publishedState = 'draft',
newPost = {
posts: [{
status: publishedState,
title: newTitle,
mobiledoc: markdownToMobiledoc('my post')
}]
};
request.post(localUtils.API.getApiQuery('posts/'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.send(newPost)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(201)
.end(function (err, res) {
if (err) {
return done(err);
}
var draftPost = res.body;
should.exist(draftPost);
draftPost.posts[0].title.should.eql(newTitle);
draftPost.posts[0].status = publishedState;
testUtils.API.checkResponse(draftPost.posts[0], 'post');
request.del(localUtils.API.getApiQuery('posts/' + draftPost.posts[0].id + '/'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(204)
.end(function (err, res) {
if (err) {
return done(err);
}
res.body.should.be.empty();
done();
});
});
});
});
describe('Dated Permalinks', function () {
before(function (done) {
request.get(localUtils.API.getApiQuery('settings/'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.end(function (err, res) {
if (err) {
return done(err);
}
var jsonResponse = res.body;
jsonResponse.permalinks = '/:year/:month/:day/:slug/';
request.put(localUtils.API.getApiQuery('settings/'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.send(jsonResponse)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.end(function (err) {
if (err) {
return done(err);
}
done();
});
});
});
after(function (done) {
request.get(localUtils.API.getApiQuery('settings/'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.end(function (err, res) {
if (err) {
return done(err);
}
var jsonResponse = res.body;
jsonResponse.permalinks = '/:slug/';
request.put(localUtils.API.getApiQuery('settings/'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.send(jsonResponse)
.end(function (err, res) {
if (err) {
return done(err);
}
done();
});
});
});
it('Can read a post', function (done) {
// nothing should have changed here
request.get(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[1].id + '/'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse);
should.exist(jsonResponse.posts);
testUtils.API.checkResponse(jsonResponse.posts[0], 'post');
jsonResponse.posts[0].slug.should.not.match(/^\/[0-9]{4}\/[0-9]{2}\/[0-9]{2}/);
jsonResponse.posts[0].page.should.not.be.ok();
done();
});
});
it('Can edit a post', function (done) {
request.get(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[1].id + '/?include=tags'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.end(function (err, res) {
if (err) {
return done(err);
}
var jsonResponse = res.body,
changedValue = 'My new Title';
should.exist(jsonResponse);
should.exist(jsonResponse.posts);
jsonResponse.posts[0].title = changedValue;
request.put(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[1].id + '/'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.send(jsonResponse)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
var putBody = res.body;
res.headers['x-cache-invalidate'].should.eql('/*');
should.exist(putBody);
putBody.posts[0].title.should.eql(changedValue);
testUtils.API.checkResponse(putBody.posts[0], 'post');
done();
});
});
});
}); });
}); });
describe('As Author', function () { describe('As Author', function () {
var authorAccessToken, author;
before(function () {
return ghost()
.then(function (_ghostServer) {
ghostServer = _ghostServer;
request = supertest.agent(config.get('url'));
// create author
return testUtils.createUser({
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+2@ghost.org'}),
role: testUtils.DataGenerator.Content.roles[2].name
});
})
.then(function (_author) {
request.user = author = _author;
return localUtils.doAuth(request, 'posts');
})
.then(function (token) {
authorAccessToken = token;
});
});
describe('Add', function () { describe('Add', function () {
it('can add own post', function (done) { it('can add own post', function (done) {
var post = { var post = {
@ -1614,29 +1327,6 @@ describe('Post API', function () {
}); });
describe('As Contributor', function () { describe('As Contributor', function () {
var contributorAccessToken, contributor;
before(function () {
return ghost()
.then(function (_ghostServer) {
ghostServer = _ghostServer;
request = supertest.agent(config.get('url'));
// create contributor
return testUtils.createUser({
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+3@ghost.org'}),
role: testUtils.DataGenerator.Content.roles[4].name
});
})
.then(function (_contributor) {
request.user = contributor = _contributor;
return localUtils.doAuth(request, 'posts');
})
.then(function (token) {
contributorAccessToken = token;
});
});
describe('Add', function () { describe('Add', function () {
it('can add own post', function (done) { it('can add own post', function (done) {
var post = { var post = {
@ -1697,7 +1387,7 @@ describe('Post API', function () {
var jsonResponse = res.body, var jsonResponse = res.body,
changedTitle = 'My new Title', changedTitle = 'My new Title',
changedSlug = 'my-new-slug'; changedSlug = 'my-new-slug-contributor';
should.exist(jsonResponse.posts[0]); should.exist(jsonResponse.posts[0]);
jsonResponse.posts[0].title = changedTitle; jsonResponse.posts[0].title = changedTitle;

154
core/test/functional/api/v0.1/redirects_spec.js
View file

@ -15,13 +15,11 @@ should.equal(true, true);
describe('Redirects API', function () { describe('Redirects API', function () {
var ghostServer; var ghostServer;
afterEach(function () {
configUtils.restore();
});
describe('Download', function () { describe('Download', function () {
beforeEach(function () { let originalContentPath;
return ghost()
before(function () {
return ghost({redirectsFile: true})
.then(function (_ghostServer) { .then(function (_ghostServer) {
ghostServer = _ghostServer; ghostServer = _ghostServer;
request = supertest.agent(config.get('url')); request = supertest.agent(config.get('url'));
@ -31,9 +29,15 @@ describe('Redirects API', function () {
}) })
.then(function (token) { .then(function (token) {
accesstoken = token; accesstoken = token;
originalContentPath = configUtils.config.get('paths:contentPath');
}); });
}); });
afterEach(function () {
configUtils.config.set('paths:contentPath', originalContentPath);
});
it('file does not exist', function (done) { it('file does not exist', function (done) {
// Just set any content folder, which does not contain a redirects file. // Just set any content folder, which does not contain a redirects file.
configUtils.set('paths:contentPath', path.join(__dirname, '../../../utils/fixtures/data')); configUtils.set('paths:contentPath', path.join(__dirname, '../../../utils/fixtures/data'));
@ -82,6 +86,68 @@ describe('Redirects API', function () {
}); });
describe('Upload', function () { describe('Upload', function () {
describe('Error cases', function () {
it('syntax error', function (done) {
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), 'something');
request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.set('Authorization', 'Bearer ' + accesstoken)
.set('Origin', testUtils.API.getURL())
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
.expect(400)
.end(function (err) {
if (err) {
return done(err);
}
done();
});
});
it('wrong format: no array', function (done) {
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), JSON.stringify({
from: 'c',
to: 'd'
}));
request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.set('Authorization', 'Bearer ' + accesstoken)
.set('Origin', testUtils.API.getURL())
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
.expect(422)
.end(function (err) {
if (err) {
return done(err);
}
done();
});
});
it('wrong format: no from/to', function (done) {
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), JSON.stringify([{to: 'd'}]));
request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.set('Authorization', 'Bearer ' + accesstoken)
.set('Origin', testUtils.API.getURL())
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
.expect(422)
.end(function (err) {
if (err) {
return done(err);
}
done();
});
});
});
describe('Ensure re-registering redirects works', function () { describe('Ensure re-registering redirects works', function () {
var startGhost = function (options) { var startGhost = function (options) {
return ghost(options) return ghost(options)
@ -209,81 +275,5 @@ describe('Redirects API', function () {
}); });
}); });
}); });
describe('Error cases', function () {
beforeEach(function () {
return ghost()
.then(function (_ghostServer) {
ghostServer = _ghostServer;
request = supertest.agent(config.get('url'));
})
.then(function () {
return localUtils.doAuth(request, 'client:trusted-domain');
})
.then(function (token) {
accesstoken = token;
});
});
it('syntax error', function (done) {
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), 'something');
request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.set('Authorization', 'Bearer ' + accesstoken)
.set('Origin', testUtils.API.getURL())
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
.expect(400)
.end(function (err) {
if (err) {
return done(err);
}
done();
});
});
it('wrong format: no array', function (done) {
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), JSON.stringify({
from: 'c',
to: 'd'
}));
request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.set('Authorization', 'Bearer ' + accesstoken)
.set('Origin', testUtils.API.getURL())
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
.expect(422)
.end(function (err) {
if (err) {
return done(err);
}
done();
});
});
it('wrong format: no from/to', function (done) {
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), JSON.stringify([{to: 'd'}]));
request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.set('Authorization', 'Bearer ' + accesstoken)
.set('Origin', testUtils.API.getURL())
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
.expect(422)
.end(function (err) {
if (err) {
return done(err);
}
done();
});
});
});
}); });
}); });

265
core/test/functional/api/v0.1/users_spec.js
View file

@ -122,7 +122,7 @@ describe('User API', function () {
}); });
}); });
it('can retrieve all users with roles', function (done) { it('can retrieve all users with includes', function (done) {
request.get(localUtils.API.getApiQuery('users/?include=roles')) request.get(localUtils.API.getApiQuery('users/?include=roles'))
.set('Authorization', 'Bearer ' + ownerAccessToken) .set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
@ -234,8 +234,8 @@ describe('User API', function () {
}); });
}); });
it('can retrieve a user with role', function (done) { it('can retrieve a user with includes', function (done) {
request.get(localUtils.API.getApiQuery('users/me/?include=roles')) request.get(localUtils.API.getApiQuery('users/me/?include=roles,roles.permissions,count.posts'))
.set('Authorization', 'Bearer ' + ownerAccessToken) .set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private) .expect('Cache-Control', testUtils.cacheRules.private)
@ -251,104 +251,8 @@ describe('User API', function () {
should.not.exist(jsonResponse.meta); should.not.exist(jsonResponse.meta);
jsonResponse.users.should.have.length(1); jsonResponse.users.should.have.length(1);
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['roles']); testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['roles', 'count']);
testUtils.API.checkResponse(jsonResponse.users[0].roles[0], 'role');
done();
});
});
it('can retrieve a user with role and permissions', function (done) {
request.get(localUtils.API.getApiQuery('users/me/?include=roles,roles.permissions'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse.users);
should.not.exist(jsonResponse.meta);
jsonResponse.users.should.have.length(1);
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['roles']);
testUtils.API.checkResponse(jsonResponse.users[0].roles[0], 'role', ['permissions']); testUtils.API.checkResponse(jsonResponse.users[0].roles[0], 'role', ['permissions']);
// testUtils.API.checkResponse(jsonResponse.users[0].roles[0].permissions[0], 'permission');
done();
});
});
it('can retrieve a user by slug with role and permissions', function (done) {
request.get(localUtils.API.getApiQuery('users/slug/joe-bloggs/?include=roles,roles.permissions'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse.users);
should.not.exist(jsonResponse.meta);
jsonResponse.users.should.have.length(1);
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['roles']);
testUtils.API.checkResponse(jsonResponse.users[0].roles[0], 'role', ['permissions']);
// testUtils.API.checkResponse(jsonResponse.users[0].roles[0].permissions[0], 'permission');
done();
});
});
it('can retrieve a user by slug with count.posts', function (done) {
request.get(localUtils.API.getApiQuery('users/slug/joe-bloggs/?include=count.posts'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse.users);
should.not.exist(jsonResponse.meta);
jsonResponse.users.should.have.length(1);
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['count']);
done();
});
});
it('can retrieve a user by id with count.posts', function (done) {
request.get(localUtils.API.getApiQuery('users/1/?include=count.posts'))
.set('Authorization', 'Bearer ' + ownerAccessToken)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
var jsonResponse = res.body;
should.exist(jsonResponse.users);
should.not.exist(jsonResponse.meta);
jsonResponse.users.should.have.length(1);
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['count']);
done(); done();
}); });
}); });
@ -398,8 +302,14 @@ describe('User API', function () {
describe('Edit', function () { describe('Edit', function () {
it('can edit a user', function (done) { it('can edit a user', function (done) {
request.get(localUtils.API.getApiQuery('users/me/')) request.put(localUtils.API.getApiQuery('users/me/'))
.set('Authorization', 'Bearer ' + ownerAccessToken) .set('Authorization', 'Bearer ' + ownerAccessToken)
.send({
users: [{
website: 'http://joe-bloggs.ghost.org',
password: 'mynewfancypasswordwhichisnotallowed'
}]
})
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private) .expect('Cache-Control', testUtils.cacheRules.private)
.expect(200) .expect(200)
@ -408,86 +318,37 @@ describe('User API', function () {
return done(err); return done(err);
} }
var jsonResponse = res.body, var putBody = res.body;
changedValue = 'http://joe-bloggs.ghost.org', res.headers['x-cache-invalidate'].should.eql('/*');
dataToSend; should.exist(putBody.users[0]);
putBody.users[0].website.should.eql('http://joe-bloggs.ghost.org');
putBody.users[0].email.should.eql('jbloggs@example.com');
testUtils.API.checkResponse(putBody.users[0], 'user');
should.exist(jsonResponse.users[0]); should.not.exist(putBody.users[0].password);
testUtils.API.checkResponse(jsonResponse.users[0], 'user');
dataToSend = { models.User.findOne({id: putBody.users[0].id})
users: [ .then((user) => {
{ return models.User.isPasswordCorrect({
website: changedValue, plainPassword: 'mynewfancypasswordwhichisnotallowed',
password: 'mynewfancypasswordwhichisnotallowed' hashedPassword: user.get('password')
} });
] })
}; .then(Promise.reject)
.catch((err) => {
request.put(localUtils.API.getApiQuery('users/me/')) err.code.should.eql('PASSWORD_INCORRECT');
.set('Authorization', 'Bearer ' + ownerAccessToken) done();
.send(dataToSend)
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
var putBody = res.body;
res.headers['x-cache-invalidate'].should.eql('/*');
should.exist(putBody.users[0]);
putBody.users[0].website.should.eql(changedValue);
putBody.users[0].email.should.eql(jsonResponse.users[0].email);
testUtils.API.checkResponse(putBody.users[0], 'user');
should.not.exist(putBody.users[0].password);
models.User.findOne({id: putBody.users[0].id})
.then((user) => {
return models.User.isPasswordCorrect({
plainPassword: 'mynewfancypasswordwhichisnotallowed',
hashedPassword: user.get('password')
});
})
.then(Promise.reject)
.catch((err) => {
err.code.should.eql('PASSWORD_INCORRECT');
done();
});
}); });
}); });
}); });
it('can\'t edit a user with invalid accesstoken', function (done) { it('can\'t edit a user with invalid accesstoken', function () {
request.get(localUtils.API.getApiQuery('users/me/')) return request.put(localUtils.API.getApiQuery('users/me/'))
.set('Authorization', 'Bearer ' + ownerAccessToken) .set('Authorization', 'Bearer ' + 'invalidtoken')
.expect('Content-Type', /json/) .send({
.expect('Cache-Control', testUtils.cacheRules.private) posts: []
.end(function (err, res) { })
if (err) { .expect(401);
return done(err);
}
var jsonResponse = res.body,
changedValue = 'joe-bloggs.ghost.org';
should.exist(jsonResponse.users[0]);
jsonResponse.users[0].website = changedValue;
request.put(localUtils.API.getApiQuery('users/me/'))
.set('Authorization', 'Bearer ' + 'invalidtoken')
.send(jsonResponse)
.expect(401)
.end(function (err) {
if (err) {
return done(err);
}
done();
});
});
}); });
it('check which fields can be modified', function (done) { it('check which fields can be modified', function (done) {
@ -607,60 +468,6 @@ describe('User API', function () {
}); });
describe('As Editor', function () { describe('As Editor', function () {
before(function () {
return ghost()
.then(function (_ghostServer) {
ghostServer = _ghostServer;
request = supertest.agent(config.get('url'));
})
.then(function () {
// create editor
return testUtils.createUser({
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+1@ghost.org'}),
role: testUtils.DataGenerator.Content.roles[1].name
});
})
.then(function (_user1) {
editor = _user1;
// create author
return testUtils.createUser({
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+2@ghost.org'}),
role: testUtils.DataGenerator.Content.roles[2].name
});
})
.then(function (_user2) {
author = _user2;
// create inactive user
return testUtils.createUser({
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+3@ghost.org', status: 'inactive'}),
role: testUtils.DataGenerator.Content.roles[2].name
});
})
.then(function (_user3) {
inactiveUser = _user3;
// by default we login with the owner
return localUtils.doAuth(request);
})
.then(function (token) {
ownerAccessToken = token;
request.user = editor;
return localUtils.doAuth(request);
})
.then(function (token) {
editorAccessToken = token;
request.user = author;
return localUtils.doAuth(request);
})
.then(function (token) {
authorAccessToken = token;
});
});
describe('success cases', function () { describe('success cases', function () {
it('can edit himself', function (done) { it('can edit himself', function (done) {
request.put(localUtils.API.getApiQuery('users/' + editor.id + '/')) request.put(localUtils.API.getApiQuery('users/' + editor.id + '/'))