0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
ghost/test/e2e-api/admin/posts.test.js
Simon Backx 5657019e47
Fixed wrong newsletter used when sending scheduled post (#14734)
refs https://ghost.slack.com/archives/C02G9E68C/p1651939076681719

Cause:
- When a scheduled post was published via the post scheduler, no `newsletter_id` option is passed when editing the post.
- When editing a post via the posts service, without the `newsletter_id` option, the `newsletter_id` option is automatically set to the default newsletter's id.
- Inside the post model, this new `newsletter_id` was not saved, because it was already set, and changing it is prevented.
- The `mega` service wasn't using the (unchanged) post's newsletter_id, but used the option instead, which contained the default newsletter's id.

Fix:
- Always using the newsletter_id from the post and requiring the newsletter associated with a post to exist.
- This behaviour can be/is tested by publishing a scheduled post without any option.

Also cleaned up some `Object.assign` usages.
2022-05-09 17:30:50 +02:00

1000 lines
41 KiB
JavaScript

const should = require('should');
const nock = require('nock');
const path = require('path');
const supertest = require('supertest');
const _ = require('lodash');
const ObjectId = require('bson-objectid');
const moment = require('moment-timezone');
const testUtils = require('../../utils');
const config = require('../../../core/shared/config');
const models = require('../../../core/server/models');
const localUtils = require('./utils');
const configUtils = require('../../utils/configUtils');
describe('Posts API', function () {
let request;
before(async function () {
await localUtils.startGhost();
request = supertest.agent(config.get('url'));
/**
* Members are needed to enable mega to create an email record so that we can test that newsletter_id
* can't be overwritten after an email record is created.
*/
await localUtils.doAuth(request, 'users:extra', 'posts', 'emails', 'newsletters', 'members:newsletters');
// Assign a newsletter to one of the posts
const newsletterId = testUtils.DataGenerator.Content.newsletters[0].id;
const postId = testUtils.DataGenerator.Content.posts[0].id;
await models.Post.edit({newsletter_id: newsletterId}, {id: postId});
});
afterEach(function () {
nock.cleanAll();
});
it('Can retrieve all posts', async function () {
const res = await request.get(localUtils.API.getApiQuery('posts/'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
should.not.exist(res.headers['x-cache-invalidate']);
const jsonResponse = res.body;
should.exist(jsonResponse.posts);
localUtils.API.checkResponse(jsonResponse, 'posts');
jsonResponse.posts.should.have.length(13);
localUtils.API.checkResponse(jsonResponse.posts[0], 'post');
localUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination');
_.isBoolean(jsonResponse.posts[0].featured).should.eql(true);
_.isBoolean(jsonResponse.posts[0].email_only).should.eql(true);
jsonResponse.posts[0].email_only.should.eql(false);
// Ensure default order
jsonResponse.posts[0].slug.should.eql('scheduled-post');
jsonResponse.posts[12].slug.should.eql('html-ipsum');
// Absolute urls by default
jsonResponse.posts[0].url.should.match(new RegExp(`${config.get('url')}/p/[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}`));
jsonResponse.posts[2].url.should.eql(`${config.get('url')}/welcome/`);
jsonResponse.posts[11].feature_image.should.eql(`${config.get('url')}/content/images/2018/hey.jpg`);
jsonResponse.posts[0].tags.length.should.eql(0);
jsonResponse.posts[2].tags.length.should.eql(1);
jsonResponse.posts[2].authors.length.should.eql(1);
jsonResponse.posts[2].tags[0].url.should.eql(`${config.get('url')}/tag/getting-started/`);
jsonResponse.posts[2].authors[0].url.should.eql(`${config.get('url')}/author/ghost/`);
// Check if the newsletter relation is loaded by default and newsletter_id is not returned
jsonResponse.posts[12].id.should.eql(testUtils.DataGenerator.Content.posts[0].id);
jsonResponse.posts[12].newsletter.id.should.eql(testUtils.DataGenerator.Content.newsletters[0].id);
should.not.exist(jsonResponse.posts[12].newsletter_id);
should(jsonResponse.posts[0].newsletter).be.null();
should.not.exist(jsonResponse.posts[0].newsletter_id);
});
it('Can retrieve multiple post formats', async function () {
const res = await request.get(localUtils.API.getApiQuery('posts/?formats=plaintext,mobiledoc&limit=3&order=title%20ASC'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
should.not.exist(res.headers['x-cache-invalidate']);
const jsonResponse = res.body;
should.exist(jsonResponse.posts);
localUtils.API.checkResponse(jsonResponse, 'posts');
jsonResponse.posts.should.have.length(3);
localUtils.API.checkResponse(jsonResponse.posts[0], 'post', ['plaintext']);
localUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination');
_.isBoolean(jsonResponse.posts[0].featured).should.eql(true);
// ensure order works
jsonResponse.posts[0].slug.should.eql('portal');
});
it('Can include single relation', async function () {
const res = await request.get(localUtils.API.getApiQuery('posts/?include=tags'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
should.not.exist(res.headers['x-cache-invalidate']);
const jsonResponse = res.body;
should.exist(jsonResponse.posts);
localUtils.API.checkResponse(jsonResponse, 'posts');
jsonResponse.posts.should.have.length(13);
localUtils.API.checkResponse(
jsonResponse.posts[0],
'post',
null,
['authors', 'primary_author', 'email', 'tiers', 'newsletter']
);
localUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination');
});
it('Can filter posts', async function () {
const res = await request.get(localUtils.API.getApiQuery('posts/?filter=featured:true'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
should.not.exist(res.headers['x-cache-invalidate']);
const jsonResponse = res.body;
should.exist(jsonResponse.posts);
localUtils.API.checkResponse(jsonResponse, 'posts');
jsonResponse.posts.should.have.length(2);
localUtils.API.checkResponse(jsonResponse.posts[0], 'post');
localUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination');
});
it('Cannot receive pages', async function () {
const res = await request.get(localUtils.API.getApiQuery('posts/?filter=page:true'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
should.not.exist(res.headers['x-cache-invalidate']);
const jsonResponse = res.body;
should.exist(jsonResponse.posts);
localUtils.API.checkResponse(jsonResponse, 'posts');
jsonResponse.posts.should.have.length(0);
});
it('Can paginate posts', async function () {
const res = await request.get(localUtils.API.getApiQuery('posts/?page=2'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
const jsonResponse = res.body;
should.equal(jsonResponse.meta.pagination.page, 2);
});
it('Can request a post by id', async function () {
const res = await request.get(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[0].id + '/'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
should.not.exist(res.headers['x-cache-invalidate']);
const jsonResponse = res.body;
should.exist(jsonResponse);
should.exist(jsonResponse.posts);
localUtils.API.checkResponse(jsonResponse.posts[0], 'post');
jsonResponse.posts[0].id.should.equal(testUtils.DataGenerator.Content.posts[0].id);
_.isBoolean(jsonResponse.posts[0].featured).should.eql(true);
testUtils.API.isISO8601(jsonResponse.posts[0].created_at).should.be.true();
// Check if the newsletter relation is loaded by default and newsletter_id is not returned
jsonResponse.posts[0].newsletter.id.should.eql(testUtils.DataGenerator.Content.newsletters[0].id);
should.not.exist(jsonResponse.posts[0].newsletter_id);
});
it('Can request a post by id without newsletter', async function () {
const res = await request.get(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[1].id + '/'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
should.not.exist(res.headers['x-cache-invalidate']);
const jsonResponse = res.body;
should.exist(jsonResponse);
should.exist(jsonResponse.posts);
localUtils.API.checkResponse(jsonResponse.posts[0], 'post');
jsonResponse.posts[0].id.should.equal(testUtils.DataGenerator.Content.posts[1].id);
_.isBoolean(jsonResponse.posts[0].featured).should.eql(true);
testUtils.API.isISO8601(jsonResponse.posts[0].created_at).should.be.true();
// Newsletter should be returned as null
should(jsonResponse.posts[0].newsletter).be.null();
should.not.exist(jsonResponse.posts[0].newsletter_id);
});
it('Can retrieve a post by slug', async function () {
const res = await request.get(localUtils.API.getApiQuery('posts/slug/welcome/'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
should.not.exist(res.headers['x-cache-invalidate']);
const jsonResponse = res.body;
should.exist(jsonResponse);
should.exist(jsonResponse.posts);
localUtils.API.checkResponse(jsonResponse.posts[0], 'post');
jsonResponse.posts[0].slug.should.equal('welcome');
_.isBoolean(jsonResponse.posts[0].featured).should.eql(true);
// Newsletter should be returned as null
should(jsonResponse.posts[0].newsletter).be.null();
should.not.exist(jsonResponse.posts[0].newsletter_id);
});
it('Can include relations for a single post', async function () {
const res = await request
.get(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[0].id + '/?include=authors,tags,email,tiers,newsletter'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
should.not.exist(res.headers['x-cache-invalidate']);
const jsonResponse = res.body;
should.exist(jsonResponse);
should.exist(jsonResponse.posts);
localUtils.API.checkResponse(jsonResponse.posts[0], 'post');
jsonResponse.posts[0].authors[0].should.be.an.Object();
localUtils.API.checkResponse(jsonResponse.posts[0].authors[0], 'user');
jsonResponse.posts[0].tags[0].should.be.an.Object();
localUtils.API.checkResponse(jsonResponse.posts[0].tags[0], 'tag', ['url']);
jsonResponse.posts[0].email.should.be.an.Object();
localUtils.API.checkResponse(jsonResponse.posts[0].email, 'email');
jsonResponse.posts[0].newsletter.id.should.eql(testUtils.DataGenerator.Content.newsletters[0].id);
should.not.exist(jsonResponse.posts[0].newsletter_id);
});
it('Can add a post', async function () {
const post = {
title: 'My post',
status: 'draft',
feature_image_alt: 'Testing feature image alt',
feature_image_caption: 'Testing <b>feature image caption</b>',
published_at: '2016-05-30T07:00:00.000Z',
mobiledoc: testUtils.DataGenerator.markdownToMobiledoc('my post'),
created_at: moment().subtract(2, 'days').toDate(),
updated_at: moment().subtract(2, 'days').toDate(),
created_by: ObjectId().toHexString(),
updated_by: ObjectId().toHexString()
};
const res = await request.post(localUtils.API.getApiQuery('posts'))
.set('Origin', config.get('url'))
.send({posts: [post]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(201);
res.body.posts.length.should.eql(1);
localUtils.API.checkResponse(res.body.posts[0], 'post');
res.body.posts[0].url.should.match(new RegExp(`${config.get('url')}/p/[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}`));
should.not.exist(res.headers['x-cache-invalidate']);
should.exist(res.headers.location);
res.headers.location.should.equal(`http://127.0.0.1:2369${localUtils.API.getApiQuery('posts/')}${res.body.posts[0].id}/`);
// Newsletter should be returned as null
should(res.body.posts[0].newsletter).be.null();
should.not.exist(res.body.posts[0].newsletter_id);
const model = await models.Post.findOne({
id: res.body.posts[0].id,
status: 'draft'
}, testUtils.context.internal);
const modelJson = model.toJSON();
modelJson.title.should.eql(post.title);
modelJson.status.should.eql(post.status);
modelJson.published_at.toISOString().should.eql('2016-05-30T07:00:00.000Z');
modelJson.created_at.toISOString().should.not.eql(post.created_at.toISOString());
modelJson.updated_at.toISOString().should.not.eql(post.updated_at.toISOString());
modelJson.updated_by.should.not.eql(post.updated_by);
modelJson.created_by.should.not.eql(post.created_by);
modelJson.posts_meta.feature_image_alt.should.eql(post.feature_image_alt);
modelJson.posts_meta.feature_image_caption.should.eql(post.feature_image_caption);
});
it('Can include free and paid tiers for public post', async function () {
const publicPost = testUtils.DataGenerator.forKnex.createPost({
slug: 'free-to-see',
visibility: 'public',
published_at: moment().add(15, 'seconds').toDate() // here to ensure sorting is not modified
});
await models.Post.add(publicPost, {context: {internal: true}});
const publicPostRes = await request
.get(localUtils.API.getApiQuery(`posts/${publicPost.id}/`))
.set('Origin', config.get('url'))
.expect(200);
const publicPostData = publicPostRes.body.posts[0];
publicPostData.tiers.length.should.eql(2);
});
it('Can include free and paid tiers for members only post', async function () {
const membersPost = testUtils.DataGenerator.forKnex.createPost({
slug: 'thou-shalt-not-be-seen',
visibility: 'members',
published_at: moment().add(45, 'seconds').toDate() // here to ensure sorting is not modified
});
await models.Post.add(membersPost, {context: {internal: true}});
const membersPostRes = await request
.get(localUtils.API.getApiQuery(`posts/${membersPost.id}/`))
.set('Origin', config.get('url'))
.expect(200);
const membersPostData = membersPostRes.body.posts[0];
membersPostData.tiers.length.should.eql(2);
});
it('Can include only paid tier for paid post', async function () {
const paidPost = testUtils.DataGenerator.forKnex.createPost({
slug: 'thou-shalt-be-paid-for',
visibility: 'paid',
published_at: moment().add(30, 'seconds').toDate() // here to ensure sorting is not modified
});
await models.Post.add(paidPost, {context: {internal: true}});
const paidPostRes = await request
.get(localUtils.API.getApiQuery(`posts/${paidPost.id}/`))
.set('Origin', config.get('url'))
.expect(200);
const paidPostData = paidPostRes.body.posts[0];
paidPostData.tiers.length.should.eql(1);
});
it('Can include specific tier for post with tiers visibility', async function () {
const res = await request.get(localUtils.API.getApiQuery('products/'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
const jsonResponse = res.body;
const paidTier = jsonResponse.products.find(p => p.type === 'paid');
const tiersPost = testUtils.DataGenerator.forKnex.createPost({
slug: 'thou-shalt-be-for-specific-tiers',
visibility: 'tiers',
published_at: moment().add(30, 'seconds').toDate() // here to ensure sorting is not modified
});
tiersPost.tiers = [paidTier];
await models.Post.add(tiersPost, {context: {internal: true}});
const tiersPostRes = await request
.get(localUtils.API.getApiQuery(`posts/${tiersPost.id}/`))
.set('Origin', config.get('url'))
.expect(200);
const tiersPostData = tiersPostRes.body.posts[0];
tiersPostData.tiers.length.should.eql(1);
});
it('Can update draft', async function () {
const post = {
title: 'update draft'
};
const res = await request
.get(localUtils.API.getApiQuery(`posts/${testUtils.DataGenerator.Content.posts[3].id}/`))
.set('Origin', config.get('url'))
.expect(200);
post.updated_at = res.body.posts[0].updated_at;
const res2 = await request.put(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[3].id))
.set('Origin', config.get('url'))
.send({posts: [post]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
res2.headers['x-cache-invalidate'].should.eql('/p/' + res2.body.posts[0].uuid + '/');
// Newsletter should be returned as null
should(res2.body.posts[0].newsletter).be.null();
should.not.exist(res2.body.posts[0].newsletter_id);
});
it('Can update and force re-render', async function () {
const unsplashMock = nock('https://images.unsplash.com/')
.get('/favicon_too_large')
.query(true)
.replyWithFile(200, path.join(__dirname, '../../utils/fixtures/images/ghost-logo.png'), {
'Content-Type': 'image/png'
});
const mobiledoc = JSON.parse(testUtils.DataGenerator.Content.posts[3].mobiledoc);
mobiledoc.cards.push(['image', {src: 'https://images.unsplash.com/favicon_too_large?ixlib=rb-1.2.1&q=80&fm=jpg&crop=entropy&cs=tinysrgb&w=2000&fit=max&ixid=eyJhcHBfaWQiOjExNzczfQ'}]);
mobiledoc.sections.push([10, mobiledoc.cards.length - 1]);
const post = {
mobiledoc: JSON.stringify(mobiledoc)
};
const res = await request
.get(localUtils.API.getApiQuery(`posts/${testUtils.DataGenerator.Content.posts[3].id}/`))
.set('Origin', config.get('url'))
.expect(200);
post.updated_at = res.body.posts[0].updated_at;
const res2 = await request
.put(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[3].id + '/?force_rerender=true&formats=mobiledoc,html'))
.set('Origin', config.get('url'))
.send({posts: [post]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private);
res2.headers['x-cache-invalidate'].should.eql('/p/' + res2.body.posts[0].uuid + '/');
unsplashMock.isDone().should.be.true();
// mobiledoc is updated with image sizes
const resMobiledoc = JSON.parse(res2.body.posts[0].mobiledoc);
const cardPayload = resMobiledoc.cards[mobiledoc.cards.length - 1][1];
cardPayload.width.should.eql(800);
cardPayload.height.should.eql(257);
// html is re-rendered to include srcset
res2.body.posts[0].html.should.match(/srcset="https:\/\/images\.unsplash\.com\/favicon_too_large\?ixlib=rb-1\.2\.1&amp;q=80&amp;fm=jpg&amp;crop=entropy&amp;cs=tinysrgb&amp;w=600&amp;fit=max&amp;ixid=eyJhcHBfaWQiOjExNzczfQ 600w, https:\/\/images\.unsplash\.com\/favicon_too_large\?ixlib=rb-1\.2\.1&amp;q=80&amp;fm=jpg&amp;crop=entropy&amp;cs=tinysrgb&amp;w=800&amp;fit=max&amp;ixid=eyJhcHBfaWQiOjExNzczfQ 800w"/);
});
it('Can unpublish a post', async function () {
const post = {
status: 'draft'
};
const res = await request
.get(localUtils.API.getApiQuery(`posts/${testUtils.DataGenerator.Content.posts[1].id}/?`))
.set('Origin', config.get('url'))
.expect(200);
post.updated_at = res.body.posts[0].updated_at;
const res2 = await request
.put(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[1].id + '/'))
.set('Origin', config.get('url'))
.send({posts: [post]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
res2.headers['x-cache-invalidate'].should.eql('/*');
res2.body.posts[0].status.should.eql('draft');
});
it(`Can't change the newsletter_id of a post from the post body`, async function () {
const post = {
newsletter_id: testUtils.DataGenerator.Content.newsletters[0].id
};
const postId = testUtils.DataGenerator.Content.posts[2].id;
const modelBefore = await models.Post.findOne({
id: postId
}, testUtils.context.internal);
should(modelBefore.get('newsletter_id')).eql(null, 'This test requires the initial post to not have a newsletter');
const res = await request
.get(localUtils.API.getApiQuery(`posts/${postId}/?`))
.set('Origin', config.get('url'))
.expect(200);
post.updated_at = res.body.posts[0].updated_at;
const res2 = await request
.put(localUtils.API.getApiQuery('posts/' + postId + '/'))
.set('Origin', config.get('url'))
.send({posts: [post]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(422);
const model = await models.Post.findOne({
id: postId
}, testUtils.context.internal);
should(model.get('newsletter_id')).eql(null);
});
it(`Can't change the newsletter of a post from the post body`, async function () {
const post = {
newsletter: {
id: testUtils.DataGenerator.Content.newsletters[0].id
}
};
const postId = testUtils.DataGenerator.Content.posts[2].id;
const modelBefore = await models.Post.findOne({
id: postId
}, testUtils.context.internal);
should(modelBefore.get('newsletter_id')).eql(null, 'This test requires the initial post to not have a newsletter');
const res = await request
.get(localUtils.API.getApiQuery(`posts/${postId}/?`))
.set('Origin', config.get('url'))
.expect(200);
post.updated_at = res.body.posts[0].updated_at;
const res2 = await request
.put(localUtils.API.getApiQuery('posts/' + postId + '/'))
.set('Origin', config.get('url'))
.send({posts: [post]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
const model = await models.Post.findOne({
id: postId
}, testUtils.context.internal);
should(model.get('newsletter_id')).eql(null);
});
it('Cannot change the newsletter via body when adding', async function () {
const post = {
title: 'My newsletter post',
status: 'draft',
feature_image_alt: 'Testing newsletter',
feature_image_caption: 'Testing <b>feature image caption</b>',
mobiledoc: testUtils.DataGenerator.markdownToMobiledoc('my post'),
created_at: moment().subtract(2, 'days').toDate(),
updated_at: moment().subtract(2, 'days').toDate(),
created_by: ObjectId().toHexString(),
updated_by: ObjectId().toHexString(),
newsletter: {
// This should be ignored, the default one should be used instead
id: testUtils.DataGenerator.Content.newsletters[0].id
}
};
const res = await request.post(localUtils.API.getApiQuery('posts'))
.set('Origin', config.get('url'))
.send({posts: [post]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(201);
// Check that the default newsletter is used instead of the one in body (not allowed)
should(res.body.posts[0].status).eql('draft');
should(res.body.posts[0].newsletter).eql(null);
should.not.exist(res.body.posts[0].newsletter_id);
const id = res.body.posts[0].id;
const model = await models.Post.findOne({
id,
status: 'draft' // Fix for default filter
}, testUtils.context.internal);
should(model.get('newsletter_id')).eql(null);
});
it('Can change the newsletter_id of a post when publishing', async function () {
const newsletterId = testUtils.DataGenerator.Content.newsletters[2].id;
const post = {
title: 'My newsletter_id post',
status: 'draft',
feature_image_alt: 'Testing newsletter_id',
feature_image_caption: 'Testing <b>feature image caption</b>',
mobiledoc: testUtils.DataGenerator.markdownToMobiledoc('my post'),
created_at: moment().subtract(2, 'days').toDate(),
updated_at: moment().subtract(2, 'days').toDate(),
created_by: ObjectId().toHexString(),
updated_by: ObjectId().toHexString()
};
const res = await request.post(localUtils.API.getApiQuery('posts'))
.set('Origin', config.get('url'))
.send({posts: [post]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(201);
// Check newsletter relation is loaded, but null in response.
should(res.body.posts[0].newsletter).eql(null);
should.not.exist(res.body.posts[0].newsletter_id);
const id = res.body.posts[0].id;
const updatedPost = res.body.posts[0];
updatedPost.status = 'published';
const finalPost = await request
.put(localUtils.API.getApiQuery('posts/' + id + '/?email_recipient_filter=all&newsletter_id=' + newsletterId))
.set('Origin', config.get('url'))
.send({posts: [updatedPost]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
// Check newsletter relation is loaded in response
should(finalPost.body.posts[0].newsletter.id).eql(newsletterId);
should.not.exist(finalPost.body.posts[0].newsletter_id);
const model = await models.Post.findOne({
id
}, testUtils.context.internal);
should(model.get('newsletter_id')).eql(newsletterId);
// Check email
// Note: we only create an email if we have members susbcribed to the newsletter
const email = await models.Email.findOne({
post_id: id
}, testUtils.context.internal);
should.exist(email);
should(email.get('newsletter_id')).eql(newsletterId);
should(email.get('status')).eql('pending');
});
it('Can publish a scheduled post', async function () {
const newsletterId = testUtils.DataGenerator.Content.newsletters[2].id;
const post = {
title: 'My scheduled post',
status: 'draft',
feature_image_alt: 'Testing newsletter_id in scheduled posts',
feature_image_caption: 'Testing <b>feature image caption</b>',
mobiledoc: testUtils.DataGenerator.markdownToMobiledoc('my post'),
created_at: moment().subtract(2, 'days').toDate(),
updated_at: moment().subtract(2, 'days').toDate(),
created_by: ObjectId().toHexString(),
updated_by: ObjectId().toHexString()
};
const res = await request.post(localUtils.API.getApiQuery('posts'))
.set('Origin', config.get('url'))
.send({posts: [post]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(201);
const id = res.body.posts[0].id;
const updatedPost = res.body.posts[0];
updatedPost.status = 'scheduled';
updatedPost.published_at = moment().add(2, 'days').toDate();
const scheduledRes = await request
.put(localUtils.API.getApiQuery('posts/' + id + '/?email_recipient_filter=all&newsletter_id=' + newsletterId))
.set('Origin', config.get('url'))
.send({posts: [updatedPost]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
const scheduledPost = scheduledRes.body.posts[0];
scheduledPost.newsletter.id.should.eql(newsletterId);
should.not.exist(scheduledPost.newsletter_id);
let model = await models.Post.findOne({
id,
status: 'scheduled'
}, testUtils.context.internal);
should(model.get('newsletter_id')).eql(newsletterId);
// We should not have an email
let email = await models.Email.findOne({
post_id: id
}, testUtils.context.internal);
should.not.exist(email);
// Publish now, without passing the newsletter_id or other options again!
scheduledPost.status = 'published';
scheduledPost.published_at = moment().toDate();
const publishedRes = await request
.put(localUtils.API.getApiQuery('posts/' + id + '/'))
.set('Origin', config.get('url'))
.send({posts: [scheduledPost]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
const publishedPost = publishedRes.body.posts[0];
model = await models.Post.findOne({
id
}, testUtils.context.internal);
should(model.get('newsletter_id')).eql(newsletterId);
publishedPost.newsletter.id.should.eql(newsletterId);
should.not.exist(publishedPost.newsletter_id);
// Check email is sent to the correct newsletter
email = await models.Email.findOne({
post_id: id
}, testUtils.context.internal);
should(email.get('newsletter_id')).eql(newsletterId);
should(email.get('status')).eql('pending');
});
it('Defaults to the default newsletter when publishing without a newsletter_id', async function () {
const defaultNewsletter = await models.Newsletter.getDefaultNewsletter();
const post = {
title: 'My post without newsletter_id',
status: 'draft',
feature_image_alt: 'Testing newsletter_id',
feature_image_caption: 'Testing <b>feature image caption</b>',
mobiledoc: testUtils.DataGenerator.markdownToMobiledoc('my post'),
created_at: moment().subtract(2, 'days').toDate(),
updated_at: moment().subtract(2, 'days').toDate(),
created_by: ObjectId().toHexString(),
updated_by: ObjectId().toHexString()
};
const res = await request.post(localUtils.API.getApiQuery('posts'))
.set('Origin', config.get('url'))
.send({posts: [post]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(201);
const id = res.body.posts[0].id;
const updatedPost = {
status: 'published',
updated_at: res.body.posts[0].updated_at
};
const finalPost = await request
.put(localUtils.API.getApiQuery('posts/' + id + '/?email_recipient_filter=all'))
.set('Origin', config.get('url'))
.send({posts: [updatedPost]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
// Check newsletter relation is loaded in response
should(finalPost.body.posts[0].newsletter.id).eql(defaultNewsletter.get('id'));
should.not.exist(finalPost.body.posts[0].newsletter_id);
const model = await models.Post.findOne({
id
}, testUtils.context.internal);
should(model.get('newsletter_id')).eql(defaultNewsletter.get('id'));
});
it('Can\'t change the newsletter_id once it has been set', async function () {
// Note: this test only works if there are members subscribed to the initial newsletter
// (so it won't get reset when changing the post status to draft again)
let model;
const post = {
title: 'My post without newsletter_id',
status: 'draft',
feature_image_alt: 'Testing newsletter_id',
feature_image_caption: 'Testing <b>feature image caption</b>',
mobiledoc: testUtils.DataGenerator.markdownToMobiledoc('my post'),
created_at: moment().subtract(2, 'days').toDate(),
updated_at: moment().subtract(2, 'days').toDate(),
created_by: ObjectId().toHexString(),
updated_by: ObjectId().toHexString()
};
const res = await request.post(localUtils.API.getApiQuery('posts'))
.set('Origin', config.get('url'))
.send({posts: [post]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(201);
const id = res.body.posts[0].id;
const newsletterId = testUtils.DataGenerator.Content.newsletters[0].id;
const newsletterId2 = testUtils.DataGenerator.Content.newsletters[1].id;
const updatedPost = {
status: 'published',
updated_at: res.body.posts[0].updated_at
};
const res2 = await request
.put(localUtils.API.getApiQuery('posts/' + id + '/?email_recipient_filter=status:-free&send_email_when_published=true&newsletter_id=' + newsletterId))
.set('Origin', config.get('url'))
.send({posts: [updatedPost]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
// Check newsletter relation is loaded in response
should(res2.body.posts[0].newsletter.id).eql(newsletterId);
should.not.exist(res2.body.posts[0].newsletter_id);
model = await models.Post.findOne({
id: id,
status: 'published'
}, testUtils.context.internal);
should(model.get('newsletter_id')).eql(newsletterId);
// Check email is sent to the correct newsletter
let email = await models.Email.findOne({
post_id: id
}, testUtils.context.internal);
should(email.get('newsletter_id')).eql(newsletterId);
should(email.get('status')).eql('pending');
const unpublished = {
status: 'draft',
updated_at: res2.body.posts[0].updated_at
};
const res3 = await request
.put(localUtils.API.getApiQuery('posts/' + id + '/'))
.set('Origin', config.get('url'))
.send({posts: [unpublished]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
// Check newsletter relation is loaded in response
should(res3.body.posts[0].newsletter.id).eql(newsletterId);
should.not.exist(res3.body.posts[0].newsletter_id);
model = await models.Post.findOne({
id: id,
status: 'draft'
}, testUtils.context.internal);
should(model.get('newsletter_id')).eql(newsletterId);
// Check email
// Note: we only create an email if we have members susbcribed to the newsletter
email = await models.Email.findOne({
post_id: id
}, testUtils.context.internal);
should.exist(email);
should(email.get('newsletter_id')).eql(newsletterId);
const republished = {
status: 'published',
updated_at: res3.body.posts[0].updated_at
};
const res4 = await request
.put(localUtils.API.getApiQuery('posts/' + id + '/?email_recipient_filter=all&newsletter_id=' + newsletterId2))
.set('Origin', config.get('url'))
.send({posts: [republished]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
// Check newsletter relation is loaded in response
// + did update the newsletter id
should(res4.body.posts[0].newsletter.id).eql(newsletterId);
should.not.exist(res4.body.posts[0].newsletter_id);
model = await models.Post.findOne({
id: id,
status: 'published'
}, testUtils.context.internal);
should(model.get('newsletter_id')).eql(newsletterId);
// Should not change if status remains published
const res5 = await request
.put(localUtils.API.getApiQuery('posts/' + id + '/?email_recipient_filter=all&newsletter_id=' + newsletterId))
.set('Origin', config.get('url'))
.send({posts: [republished]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200);
// Check newsletter relation is loaded in response
// + did not update the newsletter id
should(res5.body.posts[0].newsletter.id).eql(newsletterId);
should.not.exist(res5.body.posts[0].newsletter_id);
model = await models.Post.findOne({
id: id,
status: 'published'
}, testUtils.context.internal);
// Test if the newsletter_id option was ignored
should(model.get('newsletter_id')).eql(newsletterId);
});
it('Can destroy a post', async function () {
const res = await request
.del(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[0].id + '/'))
.set('Origin', config.get('url'))
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(204);
res.body.should.be.empty();
res.headers['x-cache-invalidate'].should.eql('/*');
});
it('Cannot get post via pages endpoint', async function () {
await request.get(localUtils.API.getApiQuery(`pages/${testUtils.DataGenerator.Content.posts[3].id}/`))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404);
});
it('Cannot update post via pages endpoint', async function () {
const post = {
title: 'fails',
updated_at: new Date().toISOString()
};
await request.put(localUtils.API.getApiQuery('pages/' + testUtils.DataGenerator.Content.posts[3].id))
.set('Origin', config.get('url'))
.send({pages: [post]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404);
});
describe('Host Settings: emails limits', function () {
afterEach(function () {
configUtils.set('hostSettings:limits', undefined);
});
it('Request fails when emails limit is in place', async function () {
configUtils.set('hostSettings:limits', {
emails: {
disabled: true,
error: 'No email shalt be sent'
}
});
// NOTE: need to do a full reboot to reinitialize hostSettings
await localUtils.startGhost();
request = supertest.agent(config.get('url'));
await localUtils.doAuth(request, 'users:extra', 'posts', 'emails');
const draftPostResponse = await request
.get(localUtils.API.getApiQuery(`posts/${testUtils.DataGenerator.Content.posts[3].id}/`))
.set('Origin', config.get('url'))
.expect(200);
const draftPost = draftPostResponse.body.posts[0];
const response = await request
.put(localUtils.API.getApiQuery(`posts/${draftPost.id}/?email_recipient_filter=all&send_email_when_published=true`))
.set('Origin', config.get('url'))
.send({posts: [{
status: 'published',
updated_at: draftPost.updated_at
}]})
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(403);
response.body.errors[0].type.should.equal('HostLimitError');
response.body.errors[0].context.should.equal('No email shalt be sent');
});
});
});