Ghost/test/regression/api/v3/admin/utils.js

const url = require('url');
const _ = require('lodash');
const testUtils = require('../../../../utils');
const schema = require('../../../../../core/server/data/schema').tables;
const API_URL = '/ghost/api/v3/admin/';

const expectedProperties = {
    // API top level
    posts: ['posts', 'meta'],
    tags: ['tags', 'meta'],
    users: ['users', 'meta'],
    settings: ['settings', 'meta'],
    subscribers: ['subscribers', 'meta'],
    roles: ['roles'],
    pagination: ['page', 'limit', 'pages', 'total', 'next', 'prev'],
    slugs: ['slugs'],
    slug: ['slug'],
    invites: ['invites', 'meta'],
    themes: ['themes'],
    members: ['members', 'meta'],

    site: ['title', 'description', 'logo', 'accent_color', 'url', 'version'],

    post: [
        'id',
        'uuid',
        'title',
        'slug',
        'mobiledoc',
        'comment_id',
        'feature_image',
        'featured',
        'status',
        'visibility',
        'email_recipient_filter',
        'created_at',
        'updated_at',
        'published_at',
        'custom_excerpt',
        'codeinjection_head',
        'codeinjection_foot',
        'custom_template',
        'canonical_url',
        'url',
        'primary_tag',
        'primary_author',
        'excerpt',
        'authors',
        'tags',
        'email',
        'og_image',
        'og_title',
        'og_description',
        'twitter_image',
        'twitter_title',
        'twitter_description',
        'meta_title',
        'meta_description',
        'email_subject',
        'frontmatter',
        'send_email_when_published'
    ],
    user: _(schema.users)
        .keys()
        .without('visibility')
        .without('password')
        .without('locale')
        .concat('url')
    ,
    tag: _(schema.tags)
        .keys()
        // unused field
        .without('parent_id')
    ,
    setting: _(schema.settings)
        .keys()
    ,
    subscriber: _(schema.subscribers)
        .keys()
    ,
    member: _(schema.members)
        .keys()
        .concat('avatar_image')
        .concat('comped')
        .concat('labels')
        .without('status')
    ,
    member_signin_url: ['member_id', 'url'],
    role: _(schema.roles)
        .keys()
    ,
    permission: _(schema.permissions)
        .keys()
    ,
    notification: ['type', 'message', 'status', 'id', 'dismissible', 'location', 'custom'],
    theme: ['name', 'package', 'active'],
    invite: _(schema.invites)
        .keys()
        .without('token')
    ,
    webhook: _(schema.webhooks)
        .keys()
    ,
    email_preview: ['html', 'subject', 'plaintext']
};

_.each(expectedProperties, (value, key) => {
    if (!value.__wrapped__) {
        return;
    }

    /**
     * @deprecated: x_by
     */
    expectedProperties[key] = value
        .without(
            'created_by',
            'updated_by',
            'published_by'
        )
        .value();
});

module.exports = {
    API: {
        getApiQuery(route) {
            return url.resolve(API_URL, route);
        },

        checkResponse(...args) {
            this.expectedProperties = expectedProperties;
            return testUtils.API.checkResponse.call(this, ...args);
        }
    },

    doAuth(...args) {
        return testUtils.API.doAuth(`${API_URL}session/`, ...args);
    },

    getValidAdminToken(endpoint, key) {
        const jwt = require('jsonwebtoken');
        key = key || testUtils.DataGenerator.Content.api_keys[0];

        const JWT_OPTIONS = {
            keyid: key.id,
            algorithm: 'HS256',
            expiresIn: '5m',
            audience: endpoint
        };

        return jwt.sign(
            {},
            Buffer.from(key.secret, 'hex'),
            JWT_OPTIONS
        );
    }
};
Added regression tests for the v3 endpoints refs https://github.com/TryGhost/Team/issues/221 2021-01-21 12:51:40 +03:00			`const url = require('url');`
			`const _ = require('lodash');`
			`const testUtils = require('../../../../utils');`
			`const schema = require('../../../../../core/server/data/schema').tables;`
			`const API_URL = '/ghost/api/v3/admin/';`

			`const expectedProperties = {`
			`// API top level`
			`posts: ['posts', 'meta'],`
			`tags: ['tags', 'meta'],`
			`users: ['users', 'meta'],`
			`settings: ['settings', 'meta'],`
			`subscribers: ['subscribers', 'meta'],`
			`roles: ['roles'],`
			`pagination: ['page', 'limit', 'pages', 'total', 'next', 'prev'],`
			`slugs: ['slugs'],`
			`slug: ['slug'],`
			`invites: ['invites', 'meta'],`
			`themes: ['themes'],`
			`members: ['members', 'meta'],`

Updated utils for site endpoint response checks refs https://github.com/TryGhost/Ghost/commit/55dd16568b76261a0c126b2c6dce702add8b7f5c - Fatfingered to add these files with a referenced commit 2021-03-09 12:12:05 +03:00			`site: ['title', 'description', 'logo', 'accent_color', 'url', 'version'],`

Refactored test utils "post" properties refs https://github.com/TryGhost/Ghost/commit/06dd9bac5957d4cd3415a3086c275b2a7501fe3e refs https://github.com/TryGhost/Team/issues/687 - This is a continuation of the work started in the refed commit. In short: allowlisting response checks wherever possible 2021-05-13 14:40:17 +03:00			`post: [`
			`'id',`
			`'uuid',`
			`'title',`
			`'slug',`
			`'mobiledoc',`
			`'comment_id',`
			`'feature_image',`
			`'featured',`
			`'status',`
			`'visibility',`
			`'email_recipient_filter',`
			`'created_at',`
			`'updated_at',`
			`'published_at',`
			`'custom_excerpt',`
			`'codeinjection_head',`
			`'codeinjection_foot',`
			`'custom_template',`
			`'canonical_url',`
			`'url',`
			`'primary_tag',`
			`'primary_author',`
			`'excerpt',`
			`'authors',`
			`'tags',`
			`'email',`
			`'og_image',`
			`'og_title',`
			`'og_description',`
			`'twitter_image',`
			`'twitter_title',`
			`'twitter_description',`
			`'meta_title',`
			`'meta_description',`
			`'email_subject',`
			`'frontmatter',`
			`'send_email_when_published'`
			`],`
Added regression tests for the v3 endpoints refs https://github.com/TryGhost/Team/issues/221 2021-01-21 12:51:40 +03:00			`user: _(schema.users)`
			`.keys()`
			`.without('visibility')`
			`.without('password')`
			`.without('locale')`
			`.concat('url')`
			`,`
			`tag: _(schema.tags)`
			`.keys()`
			`// unused field`
			`.without('parent_id')`
			`,`
			`setting: _(schema.settings)`
			`.keys()`
			`,`
			`subscriber: _(schema.subscribers)`
			`.keys()`
			`,`
			`member: _(schema.members)`
			`.keys()`
			`.concat('avatar_image')`
			`.concat('comped')`
			`.concat('labels')`
Added status property to members (#12570) refs #12160 This flag will allow us easier filtering of members via the API * Added status column to members table This flag will be used to determine if a member is free or paid, rather than relying on joins with the customers and subscriptions tables. * Added migration to populate members.status As we add the column with a default value of "free" we only need to care about the paid members here. We also preemptively handle migrations for SQLite where there are > 998 paid members. 2021-01-27 17:06:21 +03:00			`.without('status')`
Added regression tests for the v3 endpoints refs https://github.com/TryGhost/Team/issues/221 2021-01-21 12:51:40 +03:00			`,`
			`member_signin_url: ['member_id', 'url'],`
			`role: _(schema.roles)`
			`.keys()`
			`,`
			`permission: _(schema.permissions)`
			`.keys()`
			`,`
			`notification: ['type', 'message', 'status', 'id', 'dismissible', 'location', 'custom'],`
			`theme: ['name', 'package', 'active'],`
			`invite: _(schema.invites)`
			`.keys()`
			`.without('token')`
			`,`
			`webhook: _(schema.webhooks)`
			`.keys()`
			`,`
			`email_preview: ['html', 'subject', 'plaintext']`
			`};`

			`_.each(expectedProperties, (value, key) => {`
			`if (!value.__wrapped__) {`
			`return;`
			`}`

			`/**`
			`* @deprecated: x_by`
			`*/`
			`expectedProperties[key] = value`
			`.without(`
			`'created_by',`
			`'updated_by',`
			`'published_by'`
			`)`
			`.value();`
			`});`

			`module.exports = {`
			`API: {`
			`getApiQuery(route) {`
			`return url.resolve(API_URL, route);`
			`},`

			`checkResponse(...args) {`
			`this.expectedProperties = expectedProperties;`
			`return testUtils.API.checkResponse.call(this, ...args);`
			`}`
			`},`

			`doAuth(...args) {`
			return testUtils.API.doAuth(`${API_URL}session/`, ...args);
			`},`

			`getValidAdminToken(endpoint, key) {`
			`const jwt = require('jsonwebtoken');`
			`key = key \|\| testUtils.DataGenerator.Content.api_keys[0];`

			`const JWT_OPTIONS = {`
			`keyid: key.id,`
			`algorithm: 'HS256',`
			`expiresIn: '5m',`
			`audience: endpoint`
			`};`

			`return jwt.sign(`
			`{},`
			`Buffer.from(key.secret, 'hex'),`
			`JWT_OPTIONS`
			`);`
			`}`
			`};`