mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-01-13 22:41:32 -05:00
293 lines
9 KiB
JavaScript
293 lines
9 KiB
JavaScript
/*globals describe, beforeEach, afterEach, it*/
|
|
/*jshint expr:true*/
|
|
var assert = require('assert'),
|
|
should = require('should'),
|
|
sinon = require('sinon'),
|
|
_ = require('lodash'),
|
|
api = require('../../server/api'),
|
|
middleware = require('../../server/middleware').middleware;
|
|
|
|
describe('Middleware', function () {
|
|
|
|
describe('auth', function () {
|
|
var req, res;
|
|
|
|
beforeEach(function (done) {
|
|
req = {
|
|
session: {}
|
|
};
|
|
|
|
res = {
|
|
redirect: sinon.spy()
|
|
};
|
|
|
|
api.notifications.destroyAll().then(function () {
|
|
done();
|
|
}).catch(done);
|
|
});
|
|
|
|
it('should redirect to signin path', function (done) {
|
|
|
|
req.path = '';
|
|
|
|
middleware.auth(req, res, null).then(function () {
|
|
assert(res.redirect.calledWithMatch('/ghost/signin/'));
|
|
done();
|
|
}).catch(done);
|
|
|
|
});
|
|
|
|
it('should redirect to signin path with redirect paramater stripped of /ghost/', function(done) {
|
|
var path = 'test/path/party';
|
|
|
|
req.path = '/ghost/' + path;
|
|
middleware.auth(req, res, null).then(function () {
|
|
assert(res.redirect.calledWithMatch('/ghost/signin/?r=' + encodeURIComponent(path)));
|
|
done();
|
|
}).catch(done);
|
|
});
|
|
|
|
it('should call next if session user exists', function (done) {
|
|
req.session.user = {};
|
|
|
|
middleware.auth(req, res, function (a) {
|
|
should.not.exist(a);
|
|
assert(res.redirect.calledOnce.should.be.false);
|
|
done();
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('authAPI', function () {
|
|
var req, res;
|
|
|
|
beforeEach(function () {
|
|
req = {
|
|
session: {}
|
|
};
|
|
|
|
res = {
|
|
redirect: sinon.spy(),
|
|
json: sinon.spy()
|
|
};
|
|
});
|
|
|
|
it('should return a json 401 error response', function () {
|
|
middleware.authAPI(req, res, null);
|
|
assert(res.json.calledWith(401, { error: 'Please sign in' }));
|
|
});
|
|
|
|
it('should call next if a user exists in session', function (done) {
|
|
req.session.user = {};
|
|
|
|
middleware.authAPI(req, res, function (a) {
|
|
should.not.exist(a);
|
|
assert(res.redirect.calledOnce.should.be.false);
|
|
done();
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('redirectToDashboard', function () {
|
|
var req, res;
|
|
|
|
beforeEach(function () {
|
|
req = {
|
|
session: {}
|
|
};
|
|
|
|
res = {
|
|
redirect: sinon.spy()
|
|
};
|
|
});
|
|
|
|
it('should redirect to dashboard', function () {
|
|
req.session.user = {};
|
|
|
|
middleware.redirectToDashboard(req, res, null);
|
|
assert(res.redirect.calledWithMatch('/ghost/'));
|
|
});
|
|
|
|
it('should call next if no user in session', function (done) {
|
|
middleware.redirectToDashboard(req, res, function (a) {
|
|
should.not.exist(a);
|
|
assert(res.redirect.calledOnce.should.be.false);
|
|
done();
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('cleanNotifications', function () {
|
|
|
|
beforeEach(function (done) {
|
|
api.notifications.add({ notifications: [{
|
|
id: 0,
|
|
status: 'passive',
|
|
message: 'passive-one'
|
|
}] }).then(function () {
|
|
return api.notifications.add({ notifications: [{
|
|
id: 1,
|
|
status: 'passive',
|
|
message: 'passive-two'
|
|
}] });
|
|
}).then(function () {
|
|
return api.notifications.add({ notifications: [{
|
|
id: 2,
|
|
status: 'aggressive',
|
|
message: 'aggressive'
|
|
}] });
|
|
}).then(function () {
|
|
done();
|
|
}).catch(done);
|
|
});
|
|
|
|
it('should clean all passive messages', function (done) {
|
|
middleware.cleanNotifications(null, null, function () {
|
|
api.notifications.browse().then(function (notifications) {
|
|
should(notifications.notifications.length).eql(1);
|
|
var passiveMsgs = _.filter(notifications.notifications, function (notification) {
|
|
return notification.status === 'passive';
|
|
});
|
|
assert.equal(passiveMsgs.length, 0);
|
|
done();
|
|
}).catch(done);
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('cacheControl', function () {
|
|
var res;
|
|
|
|
beforeEach(function () {
|
|
res = {
|
|
set: sinon.spy()
|
|
};
|
|
});
|
|
|
|
it('correctly sets the public profile headers', function (done) {
|
|
middleware.cacheControl('public')(null, res, function (a) {
|
|
should.not.exist(a);
|
|
res.set.calledOnce.should.be.true;
|
|
res.set.calledWith({'Cache-Control': 'public, max-age=0'});
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('correctly sets the private profile headers', function (done) {
|
|
middleware.cacheControl('private')(null, res, function (a) {
|
|
should.not.exist(a);
|
|
res.set.calledOnce.should.be.true;
|
|
res.set.calledWith({
|
|
'Cache-Control':
|
|
'no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0'
|
|
});
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('will not set headers without a profile', function (done) {
|
|
middleware.cacheControl()(null, res, function (a) {
|
|
should.not.exist(a);
|
|
res.set.called.should.be.false;
|
|
done();
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('whenEnabled', function () {
|
|
var cbFn, server;
|
|
|
|
beforeEach(function () {
|
|
cbFn = sinon.spy();
|
|
server = {
|
|
enabled: function (setting) {
|
|
if (setting === 'enabled') {
|
|
return true;
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
};
|
|
middleware.cacheServer(server);
|
|
});
|
|
|
|
it('should call function if setting is enabled', function (done) {
|
|
var req = 1, res = 2, next = 3;
|
|
|
|
middleware.whenEnabled('enabled', function (a, b, c) {
|
|
assert.equal(a, 1);
|
|
assert.equal(b, 2);
|
|
assert.equal(c, 3);
|
|
done();
|
|
})(req, res, next);
|
|
});
|
|
|
|
it('should call next() if setting is disabled', function (done) {
|
|
middleware.whenEnabled('rando', cbFn)(null, null, function (a) {
|
|
should.not.exist(a);
|
|
cbFn.calledOnce.should.be.false;
|
|
done();
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('staticTheme', function () {
|
|
beforeEach(function () {
|
|
sinon.stub(middleware, 'forwardToExpressStatic').yields();
|
|
});
|
|
|
|
afterEach(function () {
|
|
middleware.forwardToExpressStatic.restore();
|
|
});
|
|
|
|
it('should call next if hbs file type', function (done) {
|
|
var req = {
|
|
url: 'mytemplate.hbs'
|
|
};
|
|
|
|
middleware.staticTheme(null)(req, null, function (a) {
|
|
should.not.exist(a);
|
|
middleware.forwardToExpressStatic.calledOnce.should.be.false;
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('should call next if md file type', function (done) {
|
|
var req = {
|
|
url: 'README.md'
|
|
};
|
|
|
|
middleware.staticTheme(null)(req, null, function (a) {
|
|
should.not.exist(a);
|
|
middleware.forwardToExpressStatic.calledOnce.should.be.false;
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('should call next if json file type', function (done) {
|
|
var req = {
|
|
url: 'sample.json'
|
|
};
|
|
|
|
middleware.staticTheme(null)(req, null, function (a) {
|
|
should.not.exist(a);
|
|
middleware.forwardToExpressStatic.calledOnce.should.be.false;
|
|
done();
|
|
});
|
|
});
|
|
|
|
it('should call express.static if valid file type', function (done) {
|
|
var req = {
|
|
url: 'myvalidfile.css'
|
|
};
|
|
|
|
middleware.staticTheme(null)(req, null, function (reqArg, res, next) {
|
|
/*jshint unused:false */
|
|
middleware.forwardToExpressStatic.calledOnce.should.be.true;
|
|
assert.deepEqual(middleware.forwardToExpressStatic.args[0][0], req);
|
|
done();
|
|
});
|
|
});
|
|
});
|
|
});
|
|
|