TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-11-28 22:43:30 +03:00
Code Issues Projects Releases Wiki Activity
5c2f0b9a4b
Ghost/ghost/core/test/utils/e2e-framework.js

409 lines
14 KiB
JavaScript
Raw Normal View History

Started a greenfield e2e test framework refs https://github.com/TryGhost/Toolbox/issues/129 - Having a fresh module should allow building new testing utility concepts from the ground up without being tied by the mystery baggage of the legacy localUtils/testUtils - The outline of the concepts the framework will be handling is in the commont on the top of the e2e-framework file
2021-12-07 12:51:08 +03:00
// Set of common function that should be main building blocks for e2e tests.
// The e2e tests usually consist of following building blocks:
// - request agent
// - state builder
Added e2e framework refs https://github.com/ErisDS/Ghost/commit/24505db918e573c2638df26c168e3ca450a0ba60 - The code is heavily borrowed from the referenced commit by @ErisDS. It starts a fresh abstraction layer for all e2e tests to use, provides simle interface for request agent initialization and state management (read the e2e-framework top file description for more) - Main methods the framework exposes are: - getAgent - to initialize request agent with a fresh Ghost instance - initFixtures - to initializer a fresh db state - resetDb - cleans up the db state if there were state manipulations during the test suite run (POST, PUT requests or non-default fixtures)
2021-12-07 19:21:48 +03:00
// - output state checker (in case we don't get jest snapshots working)
Started a greenfield e2e test framework refs https://github.com/TryGhost/Toolbox/issues/129 - Having a fresh module should allow building new testing utility concepts from the ground up without being tied by the mystery baggage of the legacy localUtils/testUtils - The outline of the concepts the framework will be handling is in the commont on the top of the e2e-framework file
2021-12-07 12:51:08 +03:00
//
Fixed typo
2022-08-30 11:39:46 +03:00
// The request agent is responsible for making HTTP-like requests to an application (express app in case of Ghost).
Started a greenfield e2e test framework refs https://github.com/TryGhost/Toolbox/issues/129 - Having a fresh module should allow building new testing utility concepts from the ground up without being tied by the mystery baggage of the legacy localUtils/testUtils - The outline of the concepts the framework will be handling is in the commont on the top of the e2e-framework file
2021-12-07 12:51:08 +03:00
// Note there's no actual need to make an HTTP request to an actual server, bypassing HTTP and hooking into the application
// directly is enough and reduces dependence on blocking a port (allows to run tests in parallel).
//
// The state builder is responsible for building the state of the application. Usually it's done by using pre-defined fixtures.
// Can include building a DB state, file system state (themes, config files), building configuration state (config files) etc.
//
// The output state checker is responsible for checking the response from the app after performing a request.
Added e2e framework refs https://github.com/ErisDS/Ghost/commit/24505db918e573c2638df26c168e3ca450a0ba60 - The code is heavily borrowed from the referenced commit by @ErisDS. It starts a fresh abstraction layer for all e2e tests to use, provides simle interface for request agent initialization and state management (read the e2e-framework top file description for more) - Main methods the framework exposes are: - getAgent - to initialize request agent with a fresh Ghost instance - initFixtures - to initializer a fresh db state - resetDb - cleans up the db state if there were state manipulations during the test suite run (POST, PUT requests or non-default fixtures)
2021-12-07 19:21:48 +03:00
const _ = require('lodash');
const {sequence} = require('@tryghost/promise');
Removed @tryghost/jest-snapshot dependency refs https://github.com/TryGhost/Toolbox/issues/215 - Ghost tests had difficulty running sometimes when the versions for jest-snapshot package did not match in Ghost and @tryghost/express-test - This is the error that was showing up: `IncorrectUsageError: Unable to run snapshot tests, current test was not configured` - The reason why snapshot tests were misconfigured was multiple instances of SnapshotManager, which broke the singleton pattern - Having jest-snapshot embeded within express-test makes sure the versions stay the same across the clients - The version bump also introduces passing "queryParams" parameter into the Agent constructor - enables configuring query parameters that would appear in each agent's request. Example usecase - Content API authentication parameter "key" would be nice to "remember" and add to every request URL
2022-02-22 05:41:50 +03:00
const {any, stringMatching} = require('@tryghost/express-test').snapshot;
Added content folder initialization to e2e-framework refs https://github.com/TryGhost/Toolbox/issues/129 - Adds content folder creation based on fixtures for e2e tests using the e2e framework - Mostly a copy-paste for now from existing e2e utils with some simplifications, so we can "complicate things" later only if needed
2021-12-09 11:48:01 +03:00
const fs = require('fs-extra');
const path = require('path');
const os = require('os');
const uuid = require('uuid');
Moved email stubbing logic into e2e-framework utils refs https://github.com/TryGhost/Toolbox/issues/158 - Moving common mocking/stubbing/spying logic into an outside utils module allows test suites to keep agnostic towards which framework powers mocking etc. Should also substitute email service stubbing used in multiple places - Bonus, got rid of should dependency, which is deprecated
2021-12-09 14:10:06 +03:00
Cleaned up reference tests refs: https://github.com/TryGhost/Toolbox/issues/158 - continuing to turn this into a reference test suite for how to do things with the new framework - use fixtureManager and mockManager properly - testUtils should _not_ be required anymore! - TODO: cleanup labs mocking and side effect assertion using models
2022-02-08 20:13:30 +03:00
const fixtureUtils = require('./fixture-utils');
Added content folder initialization to e2e-framework refs https://github.com/TryGhost/Toolbox/issues/129 - Adds content folder creation based on fixtures for e2e tests using the e2e framework - Mostly a copy-paste for now from existing e2e utils with some simplifications, so we can "complicate things" later only if needed
2021-12-09 11:48:01 +03:00
const redirectsUtils = require('./redirects');
const configUtils = require('./configUtils');
Fixed e2e-framework not waiting for Ghost to start no-issue Because we were returning the call to `boot`, rather than awaiting it, it meant that once a test was provided with an API Agent the Ghost application hadn't necessarily started. This was noticed whilst working on the Members API which requires the frontend to be loaded. When the frontend is loaded we must also wait for the url service to have finished initialising, so that we do not run into 503 maintenance errors when hitting the frontend.
2022-02-11 16:42:35 +03:00
const urlServiceUtils = require('./url-service-utils');
Renamed mock-utils to mock-manager refs: https://github.com/TryGhost/Toolbox/issues/158 - continuing to try to make the framework as clean as possible
2022-02-08 19:52:38 +03:00
const mockManager = require('./e2e-framework-mock-manager');
Started a greenfield e2e test framework refs https://github.com/TryGhost/Toolbox/issues/129 - Having a fresh module should allow building new testing utility concepts from the ground up without being tied by the mystery baggage of the legacy localUtils/testUtils - The outline of the concepts the framework will be handling is in the commont on the top of the e2e-framework file
2021-12-07 12:51:08 +03:00
const boot = require('../../core/boot');
Moved test agents into subfolder - these agent files are all very similar and should be grouped together - moving them into a subfolder makes the `test/utils` folder a little bit easier to browse
2022-07-26 19:00:37 +03:00
const {AdminAPITestAgent, ContentAPITestAgent, GhostAPITestAgent, MembersAPITestAgent} = require('./agents');
Added e2e framework refs https://github.com/ErisDS/Ghost/commit/24505db918e573c2638df26c168e3ca450a0ba60 - The code is heavily borrowed from the referenced commit by @ErisDS. It starts a fresh abstraction layer for all e2e tests to use, provides simle interface for request agent initialization and state management (read the e2e-framework top file description for more) - Main methods the framework exposes are: - getAgent - to initialize request agent with a fresh Ghost instance - initFixtures - to initializer a fresh db state - resetDb - cleans up the db state if there were state manipulations during the test suite run (POST, PUT requests or non-default fixtures)
2021-12-07 19:21:48 +03:00
const db = require('./db-utils');
Started a greenfield e2e test framework refs https://github.com/TryGhost/Toolbox/issues/129 - Having a fresh module should allow building new testing utility concepts from the ground up without being tied by the mystery baggage of the legacy localUtils/testUtils - The outline of the concepts the framework will be handling is in the commont on the top of the e2e-framework file
2021-12-07 12:51:08 +03:00
Added settingsCache handling to e2e-framework refs: https://github.com/Ghost/Ghost/commit/b5ee17b25 - When moving the site tests into e2e-api they broke because they were getting the changed settings value from the settings test - The solution is to ensure the settingsCache is reset between tests, which is what this commit does - This commit also renames the shutdown method to reset, because this is not a permanent operation - It also renames the resetDb method to resetData, because the concept is we want the internal data to be reset, not just the DB
2022-02-11 19:19:07 +03:00
// Services that need resetting
Renamed settings index.js to settings-service.js - in line with our policy of not keeping logic in index.js files - Note: callign all services service.js is no more helpful :D
2022-05-10 14:55:58 +03:00
const settingsService = require('../../core/server/services/settings/settings-service');
Added E2E test for whole link tracking flow (#15481) refs https://github.com/TryGhost/Team/issues/1967 - Test is good to test if the whole flow works as expected, and works together - We can test independent parts in separate tests that have better coverage of more edge cases - Adds a basic helper to get an agent for the frontend (spent too much time on a better solution so I decided to keep the existing supertest agent)
2022-09-27 19:44:20 +03:00
const supertest = require('supertest');
Added settingsCache handling to e2e-framework refs: https://github.com/Ghost/Ghost/commit/b5ee17b25 - When moving the site tests into e2e-api they broke because they were getting the changed settings value from the settings test - The solution is to ensure the settingsCache is reset between tests, which is what this commit does - This commit also renames the shutdown method to reset, because this is not a permanent operation - It also renames the resetDb method to resetData, because the concept is we want the internal data to be reset, not just the DB
2022-02-11 19:19:07 +03:00
Add option to include member in the adminAPIAgent - The admin API test agent doesn't boot the Ghost frontend, which is where members routes are currently located - This means we can't test members properly as we don't have access to webhooks etc - This change adds a members option to getAdminAPIAgent(), which in turn enables the frontend - We do it this way so that we can easily change the implementation later, e.g. if we have the option to boot members directly
2022-02-11 15:32:08 +03:00
/**
* @param {Object} [options={}]
* @param {Boolean} [options.backend] Boot the backend
* @param {Boolean} [options.frontend] Boot the frontend
* @param {Boolean} [options.server] Start a server
Fixed e2e-framework not waiting for Ghost to start no-issue Because we were returning the call to `boot`, rather than awaiting it, it meant that once a test was provided with an API Agent the Ghost application hadn't necessarily started. This was noticed whilst working on the Members API which requires the frontend to be loaded. When the frontend is loaded we must also wait for the url service to have finished initialising, so that we do not run into 503 maintenance errors when hitting the frontend.
2022-02-11 16:42:35 +03:00
* @returns {Promise<Express.Application>} ghost
Add option to include member in the adminAPIAgent - The admin API test agent doesn't boot the Ghost frontend, which is where members routes are currently located - This means we can't test members properly as we don't have access to webhooks etc - This change adds a members option to getAdminAPIAgent(), which in turn enables the frontend - We do it this way so that we can easily change the implementation later, e.g. if we have the option to boot members directly
2022-02-11 15:32:08 +03:00
*/
const startGhost = async (options = {}) => {
Added content folder initialization to e2e-framework refs https://github.com/TryGhost/Toolbox/issues/129 - Adds content folder creation based on fixtures for e2e tests using the e2e framework - Mostly a copy-paste for now from existing e2e utils with some simplifications, so we can "complicate things" later only if needed
2021-12-09 11:48:01 +03:00
/**
Revert "Fixed theme storage getting confused between tests" This reverts commit 3e7039c47d5b7fdf52fe36517e8180aaa7e562c5.
2022-02-11 14:08:28 +03:00
* We never use the root content folder for testing!
* We use a tmp folder.
*/
Added content folder initialization to e2e-framework refs https://github.com/TryGhost/Toolbox/issues/129 - Adds content folder creation based on fixtures for e2e tests using the e2e framework - Mostly a copy-paste for now from existing e2e utils with some simplifications, so we can "complicate things" later only if needed
2021-12-09 11:48:01 +03:00
const contentFolder = path.join(os.tmpdir(), uuid.v4(), 'ghost-test');
await prepareContentFolder({contentFolder});
// NOTE: need to pass this config to the server instance
configUtils.set('paths:contentPath', contentFolder);
Started a greenfield e2e test framework refs https://github.com/TryGhost/Toolbox/issues/129 - Having a fresh module should allow building new testing utility concepts from the ground up without being tied by the mystery baggage of the legacy localUtils/testUtils - The outline of the concepts the framework will be handling is in the commont on the top of the e2e-framework file
2021-12-07 12:51:08 +03:00
const defaults = {
backend: true,
frontend: false,
server: false
};
Added settingsCache handling to e2e-framework refs: https://github.com/Ghost/Ghost/commit/b5ee17b25 - When moving the site tests into e2e-api they broke because they were getting the changed settings value from the settings test - The solution is to ensure the settingsCache is reset between tests, which is what this commit does - This commit also renames the shutdown method to reset, because this is not a permanent operation - It also renames the resetDb method to resetData, because the concept is we want the internal data to be reset, not just the DB
2022-02-11 19:19:07 +03:00
// Ensure the state of all data, including DB and caches
await resetData();
Added db reset to new e2e framework - Ensure that the DB is always reset between tests - We assume that the DB will be torn down and rebuilt between tests - Without this, previous tests clobber the current tests, and it's not possible to tell when running files in isolation which makes developing really tricky
2022-02-07 18:43:25 +03:00
Fixed e2e-framework not waiting for Ghost to start no-issue Because we were returning the call to `boot`, rather than awaiting it, it meant that once a test was provided with an API Agent the Ghost application hadn't necessarily started. This was noticed whilst working on the Members API which requires the frontend to be loaded. When the frontend is loaded we must also wait for the url service to have finished initialising, so that we do not run into 503 maintenance errors when hitting the frontend.
2022-02-11 16:42:35 +03:00
const bootOptions = Object.assign({}, defaults, options);
const ghostServer = await boot(bootOptions);
if (bootOptions.frontend) {
await urlServiceUtils.isFinished();
}
return ghostServer;
Started a greenfield e2e test framework refs https://github.com/TryGhost/Toolbox/issues/129 - Having a fresh module should allow building new testing utility concepts from the ground up without being tied by the mystery baggage of the legacy localUtils/testUtils - The outline of the concepts the framework will be handling is in the commont on the top of the e2e-framework file
2021-12-07 12:51:08 +03:00
};
Added content folder initialization to e2e-framework refs https://github.com/TryGhost/Toolbox/issues/129 - Adds content folder creation based on fixtures for e2e tests using the e2e framework - Mostly a copy-paste for now from existing e2e utils with some simplifications, so we can "complicate things" later only if needed
2021-12-09 11:48:01 +03:00
/**
* Slightly simplified copy-paste from e2e-utils.
* @param {Object} options
*/
Fixed random test failure due to asynchronous directory creation - we keep seeing random failures that complain about a directory already existing when trying to create it - the error arises from the `fs.copySync` in this `prepareContentFolder` function, because it tries to create the folder if it doesn't exist - it turns out we're using the asynchronous `fs.ensureDir` without an await just before, so it doesn't block on creating the folder - there's a veeeery small window where the code within `copySync` thinks the folder doesn't exist, `ensureDir` creates the folder, and then `copySync` tries to create the folder => 💥 - it looks like we're already `await`-ing `prepareContentFolder`, so we can just switch all the calls to the Promise-based ones and await them - the other `prepareContentFolder` uses the sync versions of the functions, but we can fix that in the future: https://github.com/TryGhost/Ghost/blob/7b7767d4837d15e2dcffc74fbdfc3f2c9ac8f87d/ghost/core/test/utils/e2e-utils.js#L73-L79
2022-07-26 18:28:16 +03:00
const prepareContentFolder = async ({contentFolder, redirectsFile = true, routesFile = true}) => {
Added content folder initialization to e2e-framework refs https://github.com/TryGhost/Toolbox/issues/129 - Adds content folder creation based on fixtures for e2e tests using the e2e framework - Mostly a copy-paste for now from existing e2e utils with some simplifications, so we can "complicate things" later only if needed
2021-12-09 11:48:01 +03:00
const contentFolderForTests = contentFolder;
Fixed random test failure due to asynchronous directory creation - we keep seeing random failures that complain about a directory already existing when trying to create it - the error arises from the `fs.copySync` in this `prepareContentFolder` function, because it tries to create the folder if it doesn't exist - it turns out we're using the asynchronous `fs.ensureDir` without an await just before, so it doesn't block on creating the folder - there's a veeeery small window where the code within `copySync` thinks the folder doesn't exist, `ensureDir` creates the folder, and then `copySync` tries to create the folder => 💥 - it looks like we're already `await`-ing `prepareContentFolder`, so we can just switch all the calls to the Promise-based ones and await them - the other `prepareContentFolder` uses the sync versions of the functions, but we can fix that in the future: https://github.com/TryGhost/Ghost/blob/7b7767d4837d15e2dcffc74fbdfc3f2c9ac8f87d/ghost/core/test/utils/e2e-utils.js#L73-L79
2022-07-26 18:28:16 +03:00
await fs.ensureDir(contentFolderForTests);
await fs.ensureDir(path.join(contentFolderForTests, 'data'));
await fs.ensureDir(path.join(contentFolderForTests, 'themes'));
await fs.ensureDir(path.join(contentFolderForTests, 'images'));
await fs.ensureDir(path.join(contentFolderForTests, 'logs'));
await fs.ensureDir(path.join(contentFolderForTests, 'adapters'));
await fs.ensureDir(path.join(contentFolderForTests, 'settings'));
Added content folder initialization to e2e-framework refs https://github.com/TryGhost/Toolbox/issues/129 - Adds content folder creation based on fixtures for e2e tests using the e2e framework - Mostly a copy-paste for now from existing e2e utils with some simplifications, so we can "complicate things" later only if needed
2021-12-09 11:48:01 +03:00
// Copy all themes into the new test content folder. Default active theme is always casper.
// If you want to use a different theme, you have to set the active theme (e.g. stub)
Fixed random test failure due to asynchronous directory creation - we keep seeing random failures that complain about a directory already existing when trying to create it - the error arises from the `fs.copySync` in this `prepareContentFolder` function, because it tries to create the folder if it doesn't exist - it turns out we're using the asynchronous `fs.ensureDir` without an await just before, so it doesn't block on creating the folder - there's a veeeery small window where the code within `copySync` thinks the folder doesn't exist, `ensureDir` creates the folder, and then `copySync` tries to create the folder => 💥 - it looks like we're already `await`-ing `prepareContentFolder`, so we can just switch all the calls to the Promise-based ones and await them - the other `prepareContentFolder` uses the sync versions of the functions, but we can fix that in the future: https://github.com/TryGhost/Ghost/blob/7b7767d4837d15e2dcffc74fbdfc3f2c9ac8f87d/ghost/core/test/utils/e2e-utils.js#L73-L79
2022-07-26 18:28:16 +03:00
await fs.copy(
Added content folder initialization to e2e-framework refs https://github.com/TryGhost/Toolbox/issues/129 - Adds content folder creation based on fixtures for e2e tests using the e2e framework - Mostly a copy-paste for now from existing e2e utils with some simplifications, so we can "complicate things" later only if needed
2021-12-09 11:48:01 +03:00
path.join(__dirname, 'fixtures', 'themes'),
path.join(contentFolderForTests, 'themes')
);
if (redirectsFile) {
redirectsUtils.setupFile(contentFolderForTests, '.yaml');
}
if (routesFile) {
Fixed random test failure due to asynchronous directory creation - we keep seeing random failures that complain about a directory already existing when trying to create it - the error arises from the `fs.copySync` in this `prepareContentFolder` function, because it tries to create the folder if it doesn't exist - it turns out we're using the asynchronous `fs.ensureDir` without an await just before, so it doesn't block on creating the folder - there's a veeeery small window where the code within `copySync` thinks the folder doesn't exist, `ensureDir` creates the folder, and then `copySync` tries to create the folder => 💥 - it looks like we're already `await`-ing `prepareContentFolder`, so we can just switch all the calls to the Promise-based ones and await them - the other `prepareContentFolder` uses the sync versions of the functions, but we can fix that in the future: https://github.com/TryGhost/Ghost/blob/7b7767d4837d15e2dcffc74fbdfc3f2c9ac8f87d/ghost/core/test/utils/e2e-utils.js#L73-L79
2022-07-26 18:28:16 +03:00
await fs.copy(
Added content folder initialization to e2e-framework refs https://github.com/TryGhost/Toolbox/issues/129 - Adds content folder creation based on fixtures for e2e tests using the e2e framework - Mostly a copy-paste for now from existing e2e utils with some simplifications, so we can "complicate things" later only if needed
2021-12-09 11:48:01 +03:00
path.join(__dirname, 'fixtures', 'settings', 'routes.yaml'),
path.join(contentFolderForTests, 'settings', 'routes.yaml')
);
}
};
Added e2e framework refs https://github.com/ErisDS/Ghost/commit/24505db918e573c2638df26c168e3ca450a0ba60 - The code is heavily borrowed from the referenced commit by @ErisDS. It starts a fresh abstraction layer for all e2e tests to use, provides simle interface for request agent initialization and state management (read the e2e-framework top file description for more) - Main methods the framework exposes are: - getAgent - to initialize request agent with a fresh Ghost instance - initFixtures - to initializer a fresh db state - resetDb - cleans up the db state if there were state manipulations during the test suite run (POST, PUT requests or non-default fixtures)
2021-12-07 19:21:48 +03:00
/**
* Database state builder. By default inserts an owner user into the database.
* @param {...any} [options]
* @returns {Promise<void>}
*/
const initFixtures = async (...options) => {
// No DB setup, but override the owner
options = _.merge({'owner:post': true}, _.transform(options, function (result, val) {
if (val) {
result[val] = true;
}
}));
Cleaned up reference tests refs: https://github.com/TryGhost/Toolbox/issues/158 - continuing to turn this into a reference test suite for how to do things with the new framework - use fixtureManager and mockManager properly - testUtils should _not_ be required anymore! - TODO: cleanup labs mocking and side effect assertion using models
2022-02-08 20:13:30 +03:00
const fixtureOps = fixtureUtils.getFixtureOps(options);
Added e2e framework refs https://github.com/ErisDS/Ghost/commit/24505db918e573c2638df26c168e3ca450a0ba60 - The code is heavily borrowed from the referenced commit by @ErisDS. It starts a fresh abstraction layer for all e2e tests to use, provides simle interface for request agent initialization and state management (read the e2e-framework top file description for more) - Main methods the framework exposes are: - getAgent - to initialize request agent with a fresh Ghost instance - initFixtures - to initializer a fresh db state - resetDb - cleans up the db state if there were state manipulations during the test suite run (POST, PUT requests or non-default fixtures)
2021-12-07 19:21:48 +03:00
return sequence(fixtureOps);
};
const getFixture = (type, index = 0) => {
Cleaned up reference tests refs: https://github.com/TryGhost/Toolbox/issues/158 - continuing to turn this into a reference test suite for how to do things with the new framework - use fixtureManager and mockManager properly - testUtils should _not_ be required anymore! - TODO: cleanup labs mocking and side effect assertion using models
2022-02-08 20:13:30 +03:00
return fixtureUtils.DataGenerator.forKnex[type][index];
Added e2e framework refs https://github.com/ErisDS/Ghost/commit/24505db918e573c2638df26c168e3ca450a0ba60 - The code is heavily borrowed from the referenced commit by @ErisDS. It starts a fresh abstraction layer for all e2e tests to use, provides simle interface for request agent initialization and state management (read the e2e-framework top file description for more) - Main methods the framework exposes are: - getAgent - to initialize request agent with a fresh Ghost instance - initFixtures - to initializer a fresh db state - resetDb - cleans up the db state if there were state manipulations during the test suite run (POST, PUT requests or non-default fixtures)
2021-12-07 19:21:48 +03:00
};
🔒 Prevented member creation when logging in (#15526) fixes https://github.com/TryGhost/Ghost/issues/14508 This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour. **Problem:** When a member tries to login and that member doesn't exist, we created a new member in the past. - This caused the creation of duplicate accounts when members were guessing the email address they used. - This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion. **Fixed:** - Trying to login with an email address that doesn't exist will throw an error now. - Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset. - Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware. - The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token. **Notes:** - Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 13:42:42 +03:00
/**
* Reset rate limit instances (not the brute table)
*/
const resetRateLimits = async () => {
// Reset rate limiting instances
const {spamPrevention} = require('../../core/server/web/shared/middleware/api');
spamPrevention.reset();
};
Added settingsCache handling to e2e-framework refs: https://github.com/Ghost/Ghost/commit/b5ee17b25 - When moving the site tests into e2e-api they broke because they were getting the changed settings value from the settings test - The solution is to ensure the settingsCache is reset between tests, which is what this commit does - This commit also renames the shutdown method to reset, because this is not a permanent operation - It also renames the resetDb method to resetData, because the concept is we want the internal data to be reset, not just the DB
2022-02-11 19:19:07 +03:00
/**
* This function ensures that Ghost's data is reset back to "factory settings"
*
*/
const resetData = async () => {
// Calling reset on the database also causes the fixtures to be re-run
// We need to unhook the settings events and restore the cache before we do this
// Otherwise, the fixtures being restored will refer to the old settings cache data
settingsService.reset();
// Clear out the database
await db.reset({truncate: true});
🔒 Prevented member creation when logging in (#15526) fixes https://github.com/TryGhost/Ghost/issues/14508 This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour. **Problem:** When a member tries to login and that member doesn't exist, we created a new member in the past. - This caused the creation of duplicate accounts when members were guessing the email address they used. - This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion. **Fixed:** - Trying to login with an email address that doesn't exist will throw an error now. - Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset. - Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware. - The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token. **Notes:** - Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 13:42:42 +03:00
// Reset rate limiting instances (resetting the table is not enough!)
await resetRateLimits();
Added e2e framework refs https://github.com/ErisDS/Ghost/commit/24505db918e573c2638df26c168e3ca450a0ba60 - The code is heavily borrowed from the referenced commit by @ErisDS. It starts a fresh abstraction layer for all e2e tests to use, provides simle interface for request agent initialization and state management (read the e2e-framework top file description for more) - Main methods the framework exposes are: - getAgent - to initialize request agent with a fresh Ghost instance - initFixtures - to initializer a fresh db state - resetDb - cleans up the db state if there were state manipulations during the test suite run (POST, PUT requests or non-default fixtures)
2021-12-07 19:21:48 +03:00
};
Added ContentAPITestAgent refs https://github.com/TryGhost/Toolbox/issues/215 - The ContentAPI needs it's own test agent, so we can write e2e tests. - The main method mostly to be used by the test suites is "authenticate" - it add necessary authentication keys to the request. The agent is not authenticated by default because there are suites that need to test the "non authenticated" requests. Also, there's a need to have the default API key inserted from fixtures level before authenticating (it's not strictly necessary because the key is not dynamic, but I think coupling this point would be a bad move)
2022-02-22 06:54:06 +03:00
/**
* Creates a ContentAPITestAgent which is a drop-in substitution for supertest.
* It is automatically hooked up to the Content API so you can make requests to e.g.
* agent.get('/posts/') without having to worry about URL paths
Added post_id filter and total to activity feed API (#15650) fixes https://github.com/TryGhost/Team/issues/2091 fixes https://github.com/TryGhost/Team/issues/2089 - Added new fixtures to make testing easier for the activity feed - Improved E2E test coverage of activity feed with separate test file - Added data.post_id filter to enable filtering by events related to a given post - Fixed return types in JSDoc of test agents (TypeScript interprets these as `typeof Agent` if we don't add `InstanceType<Agent>`) - Added total pagination metadata to activity feed API (to allow a basic type of pagination using filters)
2022-10-18 16:52:04 +03:00
* @returns {Promise<InstanceType<ContentAPITestAgent>>} agent
Added ContentAPITestAgent refs https://github.com/TryGhost/Toolbox/issues/215 - The ContentAPI needs it's own test agent, so we can write e2e tests. - The main method mostly to be used by the test suites is "authenticate" - it add necessary authentication keys to the request. The agent is not authenticated by default because there are suites that need to test the "non authenticated" requests. Also, there's a need to have the default API key inserted from fixtures level before authenticating (it's not strictly necessary because the key is not dynamic, but I think coupling this point would be a bad move)
2022-02-22 06:54:06 +03:00
*/
const getContentAPIAgent = async () => {
try {
const app = await startGhost();
const originURL = configUtils.config.get('url');
return new ContentAPITestAgent(app, {
Aliased canary endpoints to point to non-versioned URLs refs https://github.com/TryGhost/Toolbox/issues/169 - Before releasing Ghost v5 we would like to move all canary-related URLs to a non-versioned format, which will become a default in v5. - 'canary' is by definition unstable, so breaking any unprepared client explicitly using the canary is expected - Removed the aliased /content/ and /admin/ apps from app.js because with updated configuration they become duplicates of 'canary' endpoints
2022-03-11 14:27:43 +03:00
apiURL: '/ghost/api/content/',
Added ContentAPITestAgent refs https://github.com/TryGhost/Toolbox/issues/215 - The ContentAPI needs it's own test agent, so we can write e2e tests. - The main method mostly to be used by the test suites is "authenticate" - it add necessary authentication keys to the request. The agent is not authenticated by default because there are suites that need to test the "non authenticated" requests. Also, there's a need to have the default API key inserted from fixtures level before authenticating (it's not strictly necessary because the key is not dynamic, but I think coupling this point would be a bad move)
2022-02-22 06:54:06 +03:00
originURL
});
} catch (error) {
error.message = `Unable to create test agent. ${error.message}`;
throw error;
}
};
Added e2e framework refs https://github.com/ErisDS/Ghost/commit/24505db918e573c2638df26c168e3ca450a0ba60 - The code is heavily borrowed from the referenced commit by @ErisDS. It starts a fresh abstraction layer for all e2e tests to use, provides simle interface for request agent initialization and state management (read the e2e-framework top file description for more) - Main methods the framework exposes are: - getAgent - to initialize request agent with a fresh Ghost instance - initFixtures - to initializer a fresh db state - resetDb - cleans up the db state if there were state manipulations during the test suite run (POST, PUT requests or non-default fixtures)
2021-12-07 19:21:48 +03:00
/**
Cleaned up JSDocs referencing TestAgent refs https://github.com/TryGhost/Toolbox/issues/214 - Previous docs were out of date
2022-02-21 07:52:22 +03:00
* Creates a AdminAPITestAgent which is a drop-in substitution for supertest.
Improved agentProvider api in e2e-framework refs: https://github.com/TryGhost/Toolbox/issues/158 - Working up to having these be the defacto "reference" tests - Changing this allows for the fact that there will be a getContentAPIAgent, and probably more in future - Abstracting away the path to a single location will make updating API paths easier later too
2022-02-08 17:39:24 +03:00
* It is automatically hooked up to the Admin API so you can make requests to e.g.
* agent.get('/posts/') without having to worry about URL paths
*
Add option to include member in the adminAPIAgent - The admin API test agent doesn't boot the Ghost frontend, which is where members routes are currently located - This means we can't test members properly as we don't have access to webhooks etc - This change adds a members option to getAdminAPIAgent(), which in turn enables the frontend - We do it this way so that we can easily change the implementation later, e.g. if we have the option to boot members directly
2022-02-11 15:32:08 +03:00
* @param {Object} [options={}]
Enabled jsdoc in tests + fixed issue in e2e framework - Enabled jsdoc type checking in tests - Fixed a minor issue I just committed to the e2e framework
2022-02-11 15:44:58 +03:00
* @param {Boolean} [options.members] Include members in the boot process
Added post_id filter and total to activity feed API (#15650) fixes https://github.com/TryGhost/Team/issues/2091 fixes https://github.com/TryGhost/Team/issues/2089 - Added new fixtures to make testing easier for the activity feed - Improved E2E test coverage of activity feed with separate test file - Added data.post_id filter to enable filtering by events related to a given post - Fixed return types in JSDoc of test agents (TypeScript interprets these as `typeof Agent` if we don't add `InstanceType<Agent>`) - Added total pagination metadata to activity feed API (to allow a basic type of pagination using filters)
2022-10-18 16:52:04 +03:00
* @returns {Promise<InstanceType<AdminAPITestAgent>>} agent
Added e2e framework refs https://github.com/ErisDS/Ghost/commit/24505db918e573c2638df26c168e3ca450a0ba60 - The code is heavily borrowed from the referenced commit by @ErisDS. It starts a fresh abstraction layer for all e2e tests to use, provides simle interface for request agent initialization and state management (read the e2e-framework top file description for more) - Main methods the framework exposes are: - getAgent - to initialize request agent with a fresh Ghost instance - initFixtures - to initializer a fresh db state - resetDb - cleans up the db state if there were state manipulations during the test suite run (POST, PUT requests or non-default fixtures)
2021-12-07 19:21:48 +03:00
*/
Add option to include member in the adminAPIAgent - The admin API test agent doesn't boot the Ghost frontend, which is where members routes are currently located - This means we can't test members properly as we don't have access to webhooks etc - This change adds a members option to getAdminAPIAgent(), which in turn enables the frontend - We do it this way so that we can easily change the implementation later, e.g. if we have the option to boot members directly
2022-02-11 15:32:08 +03:00
const getAdminAPIAgent = async (options = {}) => {
const bootOptions = {};
if (options.members) {
bootOptions.frontend = true;
}
Added new express-test framework to our ref tests (#14117)
2022-02-06 19:18:12 +03:00
try {
Add option to include member in the adminAPIAgent - The admin API test agent doesn't boot the Ghost frontend, which is where members routes are currently located - This means we can't test members properly as we don't have access to webhooks etc - This change adds a members option to getAdminAPIAgent(), which in turn enables the frontend - We do it this way so that we can easily change the implementation later, e.g. if we have the option to boot members directly
2022-02-11 15:32:08 +03:00
const app = await startGhost(bootOptions);
Added new express-test framework to our ref tests (#14117)
2022-02-06 19:18:12 +03:00
const originURL = configUtils.config.get('url');
Extracted separate member agent test util refs https://github.com/TryGhost/Toolbox/issues/214 - TestAgent was used to initialize both Admin & Member API agents, which is somewhat confusing because Member API does not have the same "loginAs" functionality like Admin API does - Having distinct agents for each API makes the class API cleaner with possibility to extract common functionality even further
2022-02-21 07:04:47 +03:00
return new AdminAPITestAgent(app, {
Aliased canary endpoints to point to non-versioned URLs refs https://github.com/TryGhost/Toolbox/issues/169 - Before releasing Ghost v5 we would like to move all canary-related URLs to a non-versioned format, which will become a default in v5. - 'canary' is by definition unstable, so breaking any unprepared client explicitly using the canary is expected - Removed the aliased /content/ and /admin/ apps from app.js because with updated configuration they become duplicates of 'canary' endpoints
2022-03-11 14:27:43 +03:00
apiURL: '/ghost/api/admin/',
Added new express-test framework to our ref tests (#14117)
2022-02-06 19:18:12 +03:00
originURL
});
} catch (error) {
Added mockLabsDisabled to e2e framework - Can now easily mock labs flags as enabled or disabled using mockManager - Updated some bits of code that directly mocked labs - Aside: improved error thrown when things go wrong booting Ghost
2022-02-10 15:03:47 +03:00
error.message = `Unable to create test agent. ${error.message}`;
Fixed Ghost boot errors being masked - This was a total derp on my side, wanted to change the error message, not remove the error
2022-02-11 13:21:45 +03:00
throw error;
Added new express-test framework to our ref tests (#14117)
2022-02-06 19:18:12 +03:00
}
Started a greenfield e2e test framework refs https://github.com/TryGhost/Toolbox/issues/129 - Having a fresh module should allow building new testing utility concepts from the ground up without being tied by the mystery baggage of the legacy localUtils/testUtils - The outline of the concepts the framework will be handling is in the commont on the top of the e2e-framework file
2021-12-07 12:51:08 +03:00
};
Added getMembersAPIAgent to e2e-framework no-issue The Members API is served on a different endpoint to the Admin API, and also requires that the frontend is booted. This agent is to be used when testing the Members API, e.g. Stripe webhooks or Members config.
2022-02-11 16:11:37 +03:00
/**
Cleaned up JSDocs referencing TestAgent refs https://github.com/TryGhost/Toolbox/issues/214 - Previous docs were out of date
2022-02-21 07:52:22 +03:00
* Creates a MembersAPITestAgent which is a drop-in substitution for supertest
Added getMembersAPIAgent to e2e-framework no-issue The Members API is served on a different endpoint to the Admin API, and also requires that the frontend is booted. This agent is to be used when testing the Members API, e.g. Stripe webhooks or Members config.
2022-02-11 16:11:37 +03:00
* It is automatically hooked up to the Members API so you can make requests to e.g.
* agent.get('/webhooks/stripe/') without having to worry about URL paths
*
Added post_id filter and total to activity feed API (#15650) fixes https://github.com/TryGhost/Team/issues/2091 fixes https://github.com/TryGhost/Team/issues/2089 - Added new fixtures to make testing easier for the activity feed - Improved E2E test coverage of activity feed with separate test file - Added data.post_id filter to enable filtering by events related to a given post - Fixed return types in JSDoc of test agents (TypeScript interprets these as `typeof Agent` if we don't add `InstanceType<Agent>`) - Added total pagination metadata to activity feed API (to allow a basic type of pagination using filters)
2022-10-18 16:52:04 +03:00
* @returns {Promise<InstanceType<MembersAPITestAgent>>} agent
Added getMembersAPIAgent to e2e-framework no-issue The Members API is served on a different endpoint to the Admin API, and also requires that the frontend is booted. This agent is to be used when testing the Members API, e.g. Stripe webhooks or Members config.
2022-02-11 16:11:37 +03:00
*/
const getMembersAPIAgent = async () => {
const bootOptions = {
frontend: true
};
try {
const app = await startGhost(bootOptions);
const originURL = configUtils.config.get('url');
Extracted separate member agent test util refs https://github.com/TryGhost/Toolbox/issues/214 - TestAgent was used to initialize both Admin & Member API agents, which is somewhat confusing because Member API does not have the same "loginAs" functionality like Admin API does - Having distinct agents for each API makes the class API cleaner with possibility to extract common functionality even further
2022-02-21 07:04:47 +03:00
return new MembersAPITestAgent(app, {
Added getMembersAPIAgent to e2e-framework no-issue The Members API is served on a different endpoint to the Admin API, and also requires that the frontend is booted. This agent is to be used when testing the Members API, e.g. Stripe webhooks or Members config.
2022-02-11 16:11:37 +03:00
apiURL: '/members/',
originURL
});
} catch (error) {
error.message = `Unable to create test agent. ${error.message}`;
throw error;
}
};
Added root Ghost server/API test agent refs https://github.com/TryGhost/Team/issues/1640 - Some tests require making request to the root of the mounted server path like `GET /ghost/.well-known/jwks.json`. These are not stricly APIs like Admin, Content, and Members. They do need a separate agent to distinguish the configuration - for this agetn we can stop loading some parts like "server" in the future to speed things up (didn't work straight out of the box)
2022-05-20 08:17:00 +03:00
/**
* Creates a GhostAPITestAgent, which is a drop-in substitution for supertest
* It is automatically hooked up to the Ghost API so you can make requests to e.g.
* agent.get('/well-known/jwks.json') without having to worry about URL paths
*
Added post_id filter and total to activity feed API (#15650) fixes https://github.com/TryGhost/Team/issues/2091 fixes https://github.com/TryGhost/Team/issues/2089 - Added new fixtures to make testing easier for the activity feed - Improved E2E test coverage of activity feed with separate test file - Added data.post_id filter to enable filtering by events related to a given post - Fixed return types in JSDoc of test agents (TypeScript interprets these as `typeof Agent` if we don't add `InstanceType<Agent>`) - Added total pagination metadata to activity feed API (to allow a basic type of pagination using filters)
2022-10-18 16:52:04 +03:00
* @returns {Promise<InstanceType<GhostAPITestAgent>>} agent
Added root Ghost server/API test agent refs https://github.com/TryGhost/Team/issues/1640 - Some tests require making request to the root of the mounted server path like `GET /ghost/.well-known/jwks.json`. These are not stricly APIs like Admin, Content, and Members. They do need a separate agent to distinguish the configuration - for this agetn we can stop loading some parts like "server" in the future to speed things up (didn't work straight out of the box)
2022-05-20 08:17:00 +03:00
*/
const getGhostAPIAgent = async () => {
const bootOptions = {
frontend: false
};
try {
const app = await startGhost(bootOptions);
const originURL = configUtils.config.get('url');
return new GhostAPITestAgent(app, {
apiURL: '/ghost/',
originURL
});
} catch (error) {
error.message = `Unable to create test agent. ${error.message}`;
throw error;
}
};
Improved webhooks e2e test bootstrap speed refs https://github.com/TryGhost/Toolbox/issues/214 - Calling `getMembersAPIAgent` and `getAdminAPIAgent` separately was booting Ghost twice, which caused a significant performance degradation. - Additionally, having two calls was slightly ugly and having once utility function that delivers multiple agents at once feels like more readable syntax
2022-02-17 11:31:48 +03:00
/**
*
Added post_id filter and total to activity feed API (#15650) fixes https://github.com/TryGhost/Team/issues/2091 fixes https://github.com/TryGhost/Team/issues/2089 - Added new fixtures to make testing easier for the activity feed - Improved E2E test coverage of activity feed with separate test file - Added data.post_id filter to enable filtering by events related to a given post - Fixed return types in JSDoc of test agents (TypeScript interprets these as `typeof Agent` if we don't add `InstanceType<Agent>`) - Added total pagination metadata to activity feed API (to allow a basic type of pagination using filters)
2022-10-18 16:52:04 +03:00
* @returns {Promise<{adminAgent: InstanceType<AdminAPITestAgent>, membersAgent: InstanceType<MembersAPITestAgent>}>} agents
Improved webhooks e2e test bootstrap speed refs https://github.com/TryGhost/Toolbox/issues/214 - Calling `getMembersAPIAgent` and `getAdminAPIAgent` separately was booting Ghost twice, which caused a significant performance degradation. - Additionally, having two calls was slightly ugly and having once utility function that delivers multiple agents at once feels like more readable syntax
2022-02-17 11:31:48 +03:00
*/
const getAgentsForMembers = async () => {
let membersAgent;
let adminAgent;
const bootOptions = {
frontend: true
};
try {
const app = await startGhost(bootOptions);
const originURL = configUtils.config.get('url');
Extracted separate member agent test util refs https://github.com/TryGhost/Toolbox/issues/214 - TestAgent was used to initialize both Admin & Member API agents, which is somewhat confusing because Member API does not have the same "loginAs" functionality like Admin API does - Having distinct agents for each API makes the class API cleaner with possibility to extract common functionality even further
2022-02-21 07:04:47 +03:00
membersAgent = new MembersAPITestAgent(app, {
Improved webhooks e2e test bootstrap speed refs https://github.com/TryGhost/Toolbox/issues/214 - Calling `getMembersAPIAgent` and `getAdminAPIAgent` separately was booting Ghost twice, which caused a significant performance degradation. - Additionally, having two calls was slightly ugly and having once utility function that delivers multiple agents at once feels like more readable syntax
2022-02-17 11:31:48 +03:00
apiURL: '/members/',
originURL
});
Extracted separate member agent test util refs https://github.com/TryGhost/Toolbox/issues/214 - TestAgent was used to initialize both Admin & Member API agents, which is somewhat confusing because Member API does not have the same "loginAs" functionality like Admin API does - Having distinct agents for each API makes the class API cleaner with possibility to extract common functionality even further
2022-02-21 07:04:47 +03:00
adminAgent = new AdminAPITestAgent(app, {
Aliased canary endpoints to point to non-versioned URLs refs https://github.com/TryGhost/Toolbox/issues/169 - Before releasing Ghost v5 we would like to move all canary-related URLs to a non-versioned format, which will become a default in v5. - 'canary' is by definition unstable, so breaking any unprepared client explicitly using the canary is expected - Removed the aliased /content/ and /admin/ apps from app.js because with updated configuration they become duplicates of 'canary' endpoints
2022-03-11 14:27:43 +03:00
apiURL: '/ghost/api/admin/',
Improved webhooks e2e test bootstrap speed refs https://github.com/TryGhost/Toolbox/issues/214 - Calling `getMembersAPIAgent` and `getAdminAPIAgent` separately was booting Ghost twice, which caused a significant performance degradation. - Additionally, having two calls was slightly ugly and having once utility function that delivers multiple agents at once feels like more readable syntax
2022-02-17 11:31:48 +03:00
originURL
});
} catch (error) {
error.message = `Unable to create test agent. ${error.message}`;
throw error;
}
return {
adminAgent,
membersAgent
};
};
Added E2E test for whole link tracking flow (#15481) refs https://github.com/TryGhost/Team/issues/1967 - Test is good to test if the whole flow works as expected, and works together - We can test independent parts in separate tests that have better coverage of more edge cases - Adds a basic helper to get an agent for the frontend (spent too much time on a better solution so I decided to keep the existing supertest agent)
2022-09-27 19:44:20 +03:00
/**
Exposed Content API agent in e2e test utils refs https://github.com/TryGhost/Toolbox/issues/461 - When testing OPTIONS requests there is a need to get all possible agents available in the system. The "getAgentsWithFrontend" serves exactly this purpose - create all possible agents while starting Ghost instance only once - This is groundwork for OPTIONS request caching tests and improvements
2022-11-01 12:26:08 +03:00
* @NOTE: for now method returns a supertest agent for Frontend instead of test agent with snapshot support.
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
* frontendAgent should be returning an instance of TestAgent (related: https://github.com/TryGhost/Toolbox/issues/471)
* @returns {Promise<{adminAgent: InstanceType<AdminAPITestAgent>, membersAgent: InstanceType<MembersAPITestAgent>, frontendAgent: InstanceType<supertest.SuperAgentTest>, contentAPIAgent: InstanceType<ContentAPITestAgent>, ghostServer: Express.Application}>} agents
Added E2E test for whole link tracking flow (#15481) refs https://github.com/TryGhost/Team/issues/1967 - Test is good to test if the whole flow works as expected, and works together - We can test independent parts in separate tests that have better coverage of more edge cases - Adds a basic helper to get an agent for the frontend (spent too much time on a better solution so I decided to keep the existing supertest agent)
2022-09-27 19:44:20 +03:00
*/
const getAgentsWithFrontend = async () => {
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
let ghostServer;
Added E2E test for whole link tracking flow (#15481) refs https://github.com/TryGhost/Team/issues/1967 - Test is good to test if the whole flow works as expected, and works together - We can test independent parts in separate tests that have better coverage of more edge cases - Adds a basic helper to get an agent for the frontend (spent too much time on a better solution so I decided to keep the existing supertest agent)
2022-09-27 19:44:20 +03:00
let membersAgent;
let adminAgent;
let frontendAgent;
Exposed Content API agent in e2e test utils refs https://github.com/TryGhost/Toolbox/issues/461 - When testing OPTIONS requests there is a need to get all possible agents available in the system. The "getAgentsWithFrontend" serves exactly this purpose - create all possible agents while starting Ghost instance only once - This is groundwork for OPTIONS request caching tests and improvements
2022-11-01 12:26:08 +03:00
let contentAPIAgent;
Added E2E test for whole link tracking flow (#15481) refs https://github.com/TryGhost/Team/issues/1967 - Test is good to test if the whole flow works as expected, and works together - We can test independent parts in separate tests that have better coverage of more edge cases - Adds a basic helper to get an agent for the frontend (spent too much time on a better solution so I decided to keep the existing supertest agent)
2022-09-27 19:44:20 +03:00
const bootOptions = {
frontend: true,
server: true
};
try {
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
ghostServer = await startGhost(bootOptions);
const app = ghostServer.rootApp;
Added E2E test for whole link tracking flow (#15481) refs https://github.com/TryGhost/Team/issues/1967 - Test is good to test if the whole flow works as expected, and works together - We can test independent parts in separate tests that have better coverage of more edge cases - Adds a basic helper to get an agent for the frontend (spent too much time on a better solution so I decided to keep the existing supertest agent)
2022-09-27 19:44:20 +03:00
const originURL = configUtils.config.get('url');
membersAgent = new MembersAPITestAgent(app, {
apiURL: '/members/',
originURL
});
adminAgent = new AdminAPITestAgent(app, {
apiURL: '/ghost/api/admin/',
originURL
});
Exposed Content API agent in e2e test utils refs https://github.com/TryGhost/Toolbox/issues/461 - When testing OPTIONS requests there is a need to get all possible agents available in the system. The "getAgentsWithFrontend" serves exactly this purpose - create all possible agents while starting Ghost instance only once - This is groundwork for OPTIONS request caching tests and improvements
2022-11-01 12:26:08 +03:00
contentAPIAgent = new ContentAPITestAgent(app, {
apiURL: '/ghost/api/content/',
originURL
});
Added E2E test for whole link tracking flow (#15481) refs https://github.com/TryGhost/Team/issues/1967 - Test is good to test if the whole flow works as expected, and works together - We can test independent parts in separate tests that have better coverage of more edge cases - Adds a basic helper to get an agent for the frontend (spent too much time on a better solution so I decided to keep the existing supertest agent)
2022-09-27 19:44:20 +03:00
frontendAgent = supertest.agent(originURL);
} catch (error) {
error.message = `Unable to create test agent. ${error.message}`;
throw error;
}
return {
adminAgent,
membersAgent,
Exposed Content API agent in e2e test utils refs https://github.com/TryGhost/Toolbox/issues/461 - When testing OPTIONS requests there is a need to get all possible agents available in the system. The "getAgentsWithFrontend" serves exactly this purpose - create all possible agents while starting Ghost instance only once - This is groundwork for OPTIONS request caching tests and improvements
2022-11-01 12:26:08 +03:00
frontendAgent,
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
contentAPIAgent,
// @NOTE: ghost server should not be exposed ideally, it's a hack (see commit message)
ghostServer
Added E2E test for whole link tracking flow (#15481) refs https://github.com/TryGhost/Team/issues/1967 - Test is good to test if the whole flow works as expected, and works together - We can test independent parts in separate tests that have better coverage of more edge cases - Adds a basic helper to get an agent for the frontend (spent too much time on a better solution so I decided to keep the existing supertest agent)
2022-09-27 19:44:20 +03:00
};
};
Added webhook fixute utils refs https://github.com/TryGhost/Toolbox/issues/320 - There will be more webhook e2e tests coming which require easy webhook fixture creation
2022-05-30 10:05:17 +03:00
const insertWebhook = ({event, url}) => {
return fixtureUtils.fixtures.insertWebhook({
event: event,
target_url: url
});
};
Improved e2e-framework API - encapsulated concerns within individual objects - this will allow us to refactor these into classes or move them around later - also makes it clearer how methods like restore relate to other methods - e.g mocks.restore() restores mocks, whilst fixtureManager.restore() restores the database
2022-02-07 19:02:04 +03:00
module.exports = {
// request agent
agentProvider: {
Added getMembersAPIAgent to e2e-framework no-issue The Members API is served on a different endpoint to the Admin API, and also requires that the frontend is booted. This agent is to be used when testing the Members API, e.g. Stripe webhooks or Members config.
2022-02-11 16:11:37 +03:00
getAdminAPIAgent,
Improved webhooks e2e test bootstrap speed refs https://github.com/TryGhost/Toolbox/issues/214 - Calling `getMembersAPIAgent` and `getAdminAPIAgent` separately was booting Ghost twice, which caused a significant performance degradation. - Additionally, having two calls was slightly ugly and having once utility function that delivers multiple agents at once feels like more readable syntax
2022-02-17 11:31:48 +03:00
getMembersAPIAgent,
Added ContentAPITestAgent refs https://github.com/TryGhost/Toolbox/issues/215 - The ContentAPI needs it's own test agent, so we can write e2e tests. - The main method mostly to be used by the test suites is "authenticate" - it add necessary authentication keys to the request. The agent is not authenticated by default because there are suites that need to test the "non authenticated" requests. Also, there's a need to have the default API key inserted from fixtures level before authenticating (it's not strictly necessary because the key is not dynamic, but I think coupling this point would be a bad move)
2022-02-22 06:54:06 +03:00
getContentAPIAgent,
Added root Ghost server/API test agent refs https://github.com/TryGhost/Team/issues/1640 - Some tests require making request to the root of the mounted server path like `GET /ghost/.well-known/jwks.json`. These are not stricly APIs like Admin, Content, and Members. They do need a separate agent to distinguish the configuration - for this agetn we can stop loading some parts like "server" in the future to speed things up (didn't work straight out of the box)
2022-05-20 08:17:00 +03:00
getAgentsForMembers,
Added E2E test for whole link tracking flow (#15481) refs https://github.com/TryGhost/Team/issues/1967 - Test is good to test if the whole flow works as expected, and works together - We can test independent parts in separate tests that have better coverage of more edge cases - Adds a basic helper to get an agent for the frontend (spent too much time on a better solution so I decided to keep the existing supertest agent)
2022-09-27 19:44:20 +03:00
getGhostAPIAgent,
getAgentsWithFrontend
Improved e2e-framework API - encapsulated concerns within individual objects - this will allow us to refactor these into classes or move them around later - also makes it clearer how methods like restore relate to other methods - e.g mocks.restore() restores mocks, whilst fixtureManager.restore() restores the database
2022-02-07 19:02:04 +03:00
},
// Mocks and Stubs
Renamed mock-utils to mock-manager refs: https://github.com/TryGhost/Toolbox/issues/158 - continuing to try to make the framework as clean as possible
2022-02-08 19:52:38 +03:00
mockManager,
Improved e2e-framework API - encapsulated concerns within individual objects - this will allow us to refactor these into classes or move them around later - also makes it clearer how methods like restore relate to other methods - e.g mocks.restore() restores mocks, whilst fixtureManager.restore() restores the database
2022-02-07 19:02:04 +03:00
// DB State Manipulation
fixtureManager: {
get: getFixture,
Added webhook fixute utils refs https://github.com/TryGhost/Toolbox/issues/320 - There will be more webhook e2e tests coming which require easy webhook fixture creation
2022-05-30 10:05:17 +03:00
insertWebhook: insertWebhook,
Cleaned up reference tests refs: https://github.com/TryGhost/Toolbox/issues/158 - continuing to turn this into a reference test suite for how to do things with the new framework - use fixtureManager and mockManager properly - testUtils should _not_ be required anymore! - TODO: cleanup labs mocking and side effect assertion using models
2022-02-08 20:13:30 +03:00
getCurrentOwnerUser: fixtureUtils.getCurrentOwnerUser,
Improved e2e-framework API - encapsulated concerns within individual objects - this will allow us to refactor these into classes or move them around later - also makes it clearer how methods like restore relate to other methods - e.g mocks.restore() restores mocks, whilst fixtureManager.restore() restores the database
2022-02-07 19:02:04 +03:00
init: initFixtures,
Added fixture path utility to e2e-framework - Always want to be able to safely get a fixture path without needing the path util - Means tests can be moved around more easily
2022-03-21 14:07:21 +03:00
restore: resetData,
getPathForFixture: (fixturePath) => {
return path.join(__dirname, 'fixtures', fixturePath);
}
Switched new e2e-framework to use our own snapshot lib (#14137) refs TryGhost/Toolbox#158 refs TryGhost/Toolbox#129 (comment) We now have @tryghost/jest-snapshot - a suite of utilities for using snapshots with mocha, should, etc The @tryghost/express-test lib also uses it to provide chained snapshot assertions This library was created because all the existing implementations I could find, including the in use @ethanresnick/chai-jest-snapshot didn't properly support property matching. @ethanresnick/chai-jest-snapshot supposedly supported it, but the implementation was incorrect and frequently lead to false test passes. This library also has (after some back and forth) path resolution so that snapshots can live in a local __snapshots__ folder
2022-02-08 17:33:19 +03:00
},
Improved property matchers concept in e2e-framework refs: https://github.com/TryGhost/Toolbox/issues/158 - rather than just exposing any, anything and string matching, expose more specific matchers. - this was triggered by `any(Date)` not working for dates in our API - it seems poor to match `any(String)` for something we want to be a well formatted date - establishes the pattern of using our defined matchers instead of requiring any/anything from jest
2022-02-08 19:36:08 +03:00
matchers: {
Added default comment relations refs https://github.com/TryGhost/Team/issues/1664
2022-07-06 17:44:20 +03:00
anyBoolean: any(Boolean),
Improved property matchers concept in e2e-framework refs: https://github.com/TryGhost/Toolbox/issues/158 - rather than just exposing any, anything and string matching, expose more specific matchers. - this was triggered by `any(Date)` not working for dates in our API - it seems poor to match `any(String)` for something we want to be a well formatted date - establishes the pattern of using our defined matchers instead of requiring any/anything from jest
2022-02-08 19:36:08 +03:00
anyString: any(String),
Updated members tests to use snapshot testing refs: https://github.com/TryGhost/Toolbox/issues/158 - This is a reference suite - it shows how snapshot testing can be used on a larger suite
2022-02-07 15:51:21 +03:00
anyArray: any(Array),
Added comment events to activity feed (#15064) refs https://github.com/TryGhost/Team/issues/1709 - New event type `comment_event` (comments and replies of a member in the activity feed) - Includes member, post and parent relation by default - Added new output mapper for ActivityFeed events **Changes to `Comment` model:** * **Only limit comment fetched to root comments when not authenticated as a user:** `enforcedFilters` is applied to all queries, which is a problem because for the activity feed we also need to fetch comments which have a parent_id that is not null (`Member x replied to a comment`). The current filter in the model is specifically for the members API, not the admin API (so checking the user should fix that, not sure if that is a good pattern but couldn’t find a better alternative). * **Only set default relations for comments when withRelated is empty or not set:** `defaultRelations`: Right now, for every fetch it would force all these relations. But we don’t need all those relations for the activity feed; So I updated the pattern to only set the default relations when it is empty (which we also do on a couple of other places and seems like a good pattern). I also updated the comments-ui frontend to not send ?include
2022-07-25 18:48:23 +03:00
anyObject: any(Object),
Cleaned newsletter e2e tests, improved framework - attempting to make our framework a one-stop-shop for all requires (except assert) - using utils for tests instead of lots of requires makes it easier to reason about how our tests interface with our code - helps with refactoring later, and making sure that tests really do what we expect
2022-05-06 14:15:12 +03:00
anyNumber: any(Number),
Added "anyStringNumber" matcher to e2e framework refs https://github.com/TryGhost/Toolbox/issues/335 - Existing `anyNumber` matcher does not do a job when the number is stringified, so introduced a new string matcher to match stringified numbers
2022-05-19 08:06:50 +03:00
anyStringNumber: stringMatching(/\d+/),
Renamed e2e framework date matchers refs https://github.com/TryGhost/Ghost/commit/f48892028d451a8b3f82d0bd345ec3fa0dd269b8 refs https://github.com/TryGhost/Ghost/commit/33da5841614df2182f0a44488bae9a2ce5a55ca7 - There was another mather added recently: anyDateWithTimezoneOffset. The naming of date-related matchers was getting long and confusing. Renamed existing date matcher to better reflect what they do and they types of matches they are responsible for, following renames have been done: - anyShortDate -> anyISODate - anyDate -> anyISODateTime - anyDateWithTimezoneOffset -> anyISODateTimeWithTZ
2022-03-01 14:17:13 +03:00
anyISODateTime: stringMatching(/\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.000Z/),
anyISODate: stringMatching(/\d{4}-\d{2}-\d{2}/),
anyISODateTimeWithTZ: stringMatching(/\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.000\+\d{2}:\d{2}/),
Improved property matchers concept in e2e-framework refs: https://github.com/TryGhost/Toolbox/issues/158 - rather than just exposing any, anything and string matching, expose more specific matchers. - this was triggered by `any(Date)` not working for dates in our API - it seems poor to match `any(String)` for something we want to be a well formatted date - establishes the pattern of using our defined matchers instead of requiring any/anything from jest
2022-02-08 19:36:08 +03:00
anyEtag: stringMatching(/(?:W\/)?"(?:[ !#-\x7E\x80-\xFF]*|\r\n[\t ]|\\.)*"/),
Added "anyContentVersion" and anyContentVersion matchers to e2e framework refs https://github.com/TryGhost/Toolbox/issues/335 - Similarly to `anyEtag` pattern for `etag` headers there's a need to match dynamic content-length and content-version headers. - The `anyContentLength` is the same as `anyStringNumber` matcher, created a separate one to show the intention over a function when reading the code (maybe we could introduce something like floating number range matcher in the future to be more precise in situations where we expect the content-length to float in +-2 length range)
2022-05-19 08:19:05 +03:00
anyContentLength: stringMatching(/\d+/),
anyContentVersion: stringMatching(/v\d+\.\d+/),
Improved property matchers concept in e2e-framework refs: https://github.com/TryGhost/Toolbox/issues/158 - rather than just exposing any, anything and string matching, expose more specific matchers. - this was triggered by `any(Date)` not working for dates in our API - it seems poor to match `any(String)` for something we want to be a well formatted date - establishes the pattern of using our defined matchers instead of requiring any/anything from jest
2022-02-08 19:36:08 +03:00
anyObjectId: stringMatching(/[a-f0-9]{24}/),
anyErrorId: stringMatching(/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}/),
anyUuid: stringMatching(/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}/),
Added new matcher for location strings - Often in our API we want to check that the location string looks roughly right for a resource - At the moment we're matching any String, this upgrades the check to look for resource URLs
2022-02-16 15:50:58 +03:00
anyLocationFor: (resource) => {
return stringMatching(new RegExp(`https?://.*?/${resource}/[a-f0-9]{24}/`));
},
Moved Ghost agent matcher to common framework refs https://github.com/TryGhost/Ghost/commit/a499f866f325163254056e2feffe361151ff87d8 refs https://github.com/TryGhost/Ghost/commit/d817e5830de0dcae60f045b2a52a88db83246094 - The user-agent used in outgoing Ghost requests (webhooks mostly) is dependent on the Ghost version - snapshots break if the matcher is not dynamic. - There will be a few more webhooks tests coming soon, so makes sense to have this matcher moved to a common "framework matchers"
2022-10-06 03:56:10 +03:00
anyGhostAgent: stringMatching(/Ghost\/\d+\.\d+\.\d+\s\(https:\/\/github.com\/TryGhost\/Ghost\)/),
Abstracted a hacky local URL matcher refs https://github.com/TryGhost/Toolbox/issues/320 - The URL matcher is very likely to be reused in the future, so having it abstracted away gives two benefits: 1. Central place to document hacky behavior and easier future cleanup 2. The implementer of the e2e test does not have to see the "hacky note" and just concentrate on the implementation of the test
2022-10-05 12:22:08 +03:00
// @NOTE: hack here! it's due to https://github.com/TryGhost/Toolbox/issues/341
// this matcher should be removed once the issue is solved - routing is redesigned
// An ideal solution would be removal of this matcher altogether.
Added e2e tests for `post.published.edited` webhook (#15642) refs: https://github.com/TryGhost/Ghost/issues/15537 - snapshot test created to add confidence to webhook stability and increase overall test coverage. Co-authored-by: Kritika Sharma <kritikasharma@Kritikas-MacBook-Pro-2.local>
2022-10-24 16:55:25 +03:00
anyLocalURL: stringMatching(/http:\/\/127.0.0.1:2369\/[A-Za-z0-9_-]+\//),
Improved property matchers concept in e2e-framework refs: https://github.com/TryGhost/Toolbox/issues/158 - rather than just exposing any, anything and string matching, expose more specific matchers. - this was triggered by `any(Date)` not working for dates in our API - it seems poor to match `any(String)` for something we want to be a well formatted date - establishes the pattern of using our defined matchers instead of requiring any/anything from jest
2022-02-08 19:36:08 +03:00
stringMatching
Cleaned newsletter e2e tests, improved framework - attempting to make our framework a one-stop-shop for all requires (except assert) - using utils for tests instead of lots of requires makes it easier to reason about how our tests interface with our code - helps with refactoring later, and making sure that tests really do what we expect
2022-05-06 14:15:12 +03:00
},
// utilities
configUtils: require('./configUtils'),
dbUtils: require('./db-utils'),
🔒 Prevented member creation when logging in (#15526) fixes https://github.com/TryGhost/Ghost/issues/14508 This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour. **Problem:** When a member tries to login and that member doesn't exist, we created a new member in the past. - This caused the creation of duplicate accounts when members were guessing the email address they used. - This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion. **Fixed:** - Trying to login with an email address that doesn't exist will throw an error now. - Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset. - Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware. - The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token. **Notes:** - Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 13:42:42 +03:00
urlUtils: require('./urlUtils'),
resetRateLimits
Improved e2e-framework API - encapsulated concerns within individual objects - this will allow us to refactor these into classes or move them around later - also makes it clearer how methods like restore relate to other methods - e.g mocks.restore() restores mocks, whilst fixtureManager.restore() restores the database
2022-02-07 19:02:04 +03:00
};
Reference in New Issue Copy Permalink