2016-02-09 17:14:24 +03:00
|
|
|
// # Channel Route Tests
|
|
|
|
// As it stands, these tests depend on the database, and as such are integration tests.
|
|
|
|
// These tests are here to cover the headers sent with requests and high-level redirects that can't be
|
|
|
|
// tested with the unit tests
|
2017-03-21 11:24:11 +03:00
|
|
|
var should = require('should'),
|
|
|
|
supertest = require('supertest'),
|
2017-09-21 17:05:35 +03:00
|
|
|
sinon = require('sinon'),
|
2017-03-21 11:24:11 +03:00
|
|
|
testUtils = require('../../utils'),
|
|
|
|
cheerio = require('cheerio'),
|
|
|
|
config = require('../../../../core/server/config'),
|
2017-09-21 17:05:35 +03:00
|
|
|
settingsCache = require('../../../../core/server/settings/cache'),
|
2017-03-21 11:24:11 +03:00
|
|
|
ghost = testUtils.startGhost,
|
2017-09-21 17:05:35 +03:00
|
|
|
sandbox = sinon.sandbox.create(),
|
2017-03-21 11:24:11 +03:00
|
|
|
request;
|
2016-02-09 17:14:24 +03:00
|
|
|
|
|
|
|
describe('Channel Routes', function () {
|
🔥✨ remove forceAdminSSL and urlSSL, add admin url (#7937)
* 🔥 kill apiUrl helper, use urlFor helper instead
More consistency of creating urls.
Creates an easier ability to add config changes.
Attention: urlFor function is getting a little nesty, BUT that is for now wanted to make easier and centralised changes to the configs.
The url util need's refactoring anyway.
* 🔥 urlSSL
Remove all urlSSL usages.
Add TODO's for the next commit to re-add logic for deleted logic.
e.g.
- cors helper generated an array of url's to allow requests from the defined config url's -> will be replaced by the admin url if available
- theme handler prefered the urlSSL in case it was defined -> will be replaced by using the urlFor helper to get the blog url (based on the request secure flag)
The changes in this commit doesn't have to be right, but it helped going step by step.
The next commit is the more interesting one.
* 🔥 ✨ remove forceAdminSSL, add new admin url and adapt logic
I wanted to remove the forceAdminSSL as separate commit, but was hard to realise.
That's why both changes are in one commit:
1. remove forceAdminSSL
2. add admin.url option
- fix TODO's from last commits
- rewrite the ssl middleware!
- create some private helper functions in the url helper to realise the changes
- rename some wordings and functions e.g. base === blog (we have so much different wordings)
- i would like to do more, but this would end in a non readable PR
- this commit contains the most important changes to offer admin.url option
* 🤖 adapt tests
IMPORTANT
- all changes in the routing tests were needed, because each routing test did not start the ghost server
- they just required the ghost application, which resulted in a random server port
- having a random server port results in a redirect, caused by the ssl/redirect middleware
* 😎 rename check-ssl middleware
* 🎨 fix theme-handler because of master rebase
2017-02-03 21:13:22 +03:00
|
|
|
var ghostServer;
|
|
|
|
|
2016-02-09 17:14:24 +03:00
|
|
|
function doEnd(done) {
|
|
|
|
return function (err, res) {
|
|
|
|
if (err) {
|
|
|
|
return done(err);
|
|
|
|
}
|
|
|
|
|
|
|
|
should.not.exist(res.headers['x-cache-invalidate']);
|
|
|
|
should.not.exist(res.headers['X-CSRF-Token']);
|
|
|
|
should.not.exist(res.headers['set-cookie']);
|
|
|
|
should.exist(res.headers.date);
|
|
|
|
|
|
|
|
done();
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
before(function (done) {
|
2017-09-21 17:05:35 +03:00
|
|
|
// Default is always casper. We use the old compatible 1.4 casper theme for these tests. Available in the test content folder.
|
|
|
|
var originalSettingsCacheGetFn = settingsCache.get;
|
2017-11-28 20:19:23 +03:00
|
|
|
sandbox.stub(settingsCache, 'get').callsFake(function (key, options) {
|
2017-09-21 17:05:35 +03:00
|
|
|
if (key === 'active_theme') {
|
|
|
|
return 'casper-1.4';
|
|
|
|
}
|
|
|
|
|
|
|
|
return originalSettingsCacheGetFn(key, options);
|
|
|
|
});
|
|
|
|
|
🔥✨ remove forceAdminSSL and urlSSL, add admin url (#7937)
* 🔥 kill apiUrl helper, use urlFor helper instead
More consistency of creating urls.
Creates an easier ability to add config changes.
Attention: urlFor function is getting a little nesty, BUT that is for now wanted to make easier and centralised changes to the configs.
The url util need's refactoring anyway.
* 🔥 urlSSL
Remove all urlSSL usages.
Add TODO's for the next commit to re-add logic for deleted logic.
e.g.
- cors helper generated an array of url's to allow requests from the defined config url's -> will be replaced by the admin url if available
- theme handler prefered the urlSSL in case it was defined -> will be replaced by using the urlFor helper to get the blog url (based on the request secure flag)
The changes in this commit doesn't have to be right, but it helped going step by step.
The next commit is the more interesting one.
* 🔥 ✨ remove forceAdminSSL, add new admin url and adapt logic
I wanted to remove the forceAdminSSL as separate commit, but was hard to realise.
That's why both changes are in one commit:
1. remove forceAdminSSL
2. add admin.url option
- fix TODO's from last commits
- rewrite the ssl middleware!
- create some private helper functions in the url helper to realise the changes
- rename some wordings and functions e.g. base === blog (we have so much different wordings)
- i would like to do more, but this would end in a non readable PR
- this commit contains the most important changes to offer admin.url option
* 🤖 adapt tests
IMPORTANT
- all changes in the routing tests were needed, because each routing test did not start the ghost server
- they just required the ghost application, which resulted in a random server port
- having a random server port results in a redirect, caused by the ssl/redirect middleware
* 😎 rename check-ssl middleware
* 🎨 fix theme-handler because of master rebase
2017-02-03 21:13:22 +03:00
|
|
|
ghost().then(function (_ghostServer) {
|
|
|
|
ghostServer = _ghostServer;
|
|
|
|
return ghostServer.start();
|
|
|
|
}).then(function () {
|
2017-03-21 11:24:11 +03:00
|
|
|
request = supertest.agent(config.get('url'));
|
2016-02-09 17:14:24 +03:00
|
|
|
done();
|
|
|
|
}).catch(function (e) {
|
|
|
|
console.log('Ghost Error: ', e);
|
|
|
|
console.log(e.stack);
|
2016-03-14 18:02:31 +03:00
|
|
|
done(e);
|
2016-02-09 17:14:24 +03:00
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
after(testUtils.teardown);
|
|
|
|
|
🔥✨ remove forceAdminSSL and urlSSL, add admin url (#7937)
* 🔥 kill apiUrl helper, use urlFor helper instead
More consistency of creating urls.
Creates an easier ability to add config changes.
Attention: urlFor function is getting a little nesty, BUT that is for now wanted to make easier and centralised changes to the configs.
The url util need's refactoring anyway.
* 🔥 urlSSL
Remove all urlSSL usages.
Add TODO's for the next commit to re-add logic for deleted logic.
e.g.
- cors helper generated an array of url's to allow requests from the defined config url's -> will be replaced by the admin url if available
- theme handler prefered the urlSSL in case it was defined -> will be replaced by using the urlFor helper to get the blog url (based on the request secure flag)
The changes in this commit doesn't have to be right, but it helped going step by step.
The next commit is the more interesting one.
* 🔥 ✨ remove forceAdminSSL, add new admin url and adapt logic
I wanted to remove the forceAdminSSL as separate commit, but was hard to realise.
That's why both changes are in one commit:
1. remove forceAdminSSL
2. add admin.url option
- fix TODO's from last commits
- rewrite the ssl middleware!
- create some private helper functions in the url helper to realise the changes
- rename some wordings and functions e.g. base === blog (we have so much different wordings)
- i would like to do more, but this would end in a non readable PR
- this commit contains the most important changes to offer admin.url option
* 🤖 adapt tests
IMPORTANT
- all changes in the routing tests were needed, because each routing test did not start the ghost server
- they just required the ghost application, which resulted in a random server port
- having a random server port results in a redirect, caused by the ssl/redirect middleware
* 😎 rename check-ssl middleware
* 🎨 fix theme-handler because of master rebase
2017-02-03 21:13:22 +03:00
|
|
|
after(function () {
|
2017-09-21 17:05:35 +03:00
|
|
|
sandbox.restore();
|
🔥✨ remove forceAdminSSL and urlSSL, add admin url (#7937)
* 🔥 kill apiUrl helper, use urlFor helper instead
More consistency of creating urls.
Creates an easier ability to add config changes.
Attention: urlFor function is getting a little nesty, BUT that is for now wanted to make easier and centralised changes to the configs.
The url util need's refactoring anyway.
* 🔥 urlSSL
Remove all urlSSL usages.
Add TODO's for the next commit to re-add logic for deleted logic.
e.g.
- cors helper generated an array of url's to allow requests from the defined config url's -> will be replaced by the admin url if available
- theme handler prefered the urlSSL in case it was defined -> will be replaced by using the urlFor helper to get the blog url (based on the request secure flag)
The changes in this commit doesn't have to be right, but it helped going step by step.
The next commit is the more interesting one.
* 🔥 ✨ remove forceAdminSSL, add new admin url and adapt logic
I wanted to remove the forceAdminSSL as separate commit, but was hard to realise.
That's why both changes are in one commit:
1. remove forceAdminSSL
2. add admin.url option
- fix TODO's from last commits
- rewrite the ssl middleware!
- create some private helper functions in the url helper to realise the changes
- rename some wordings and functions e.g. base === blog (we have so much different wordings)
- i would like to do more, but this would end in a non readable PR
- this commit contains the most important changes to offer admin.url option
* 🤖 adapt tests
IMPORTANT
- all changes in the routing tests were needed, because each routing test did not start the ghost server
- they just required the ghost application, which resulted in a random server port
- having a random server port results in a redirect, caused by the ssl/redirect middleware
* 😎 rename check-ssl middleware
* 🎨 fix theme-handler because of master rebase
2017-02-03 21:13:22 +03:00
|
|
|
return ghostServer.stop();
|
|
|
|
});
|
|
|
|
|
2016-02-09 17:14:24 +03:00
|
|
|
describe('Index', function () {
|
|
|
|
it('should respond with html', function (done) {
|
|
|
|
request.get('/')
|
|
|
|
.expect('Content-Type', /html/)
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(200)
|
|
|
|
.end(function (err, res) {
|
|
|
|
if (err) {
|
|
|
|
return done(err);
|
|
|
|
}
|
|
|
|
|
|
|
|
var $ = cheerio.load(res.text);
|
|
|
|
|
|
|
|
should.not.exist(res.headers['x-cache-invalidate']);
|
|
|
|
should.not.exist(res.headers['X-CSRF-Token']);
|
|
|
|
should.not.exist(res.headers['set-cookie']);
|
|
|
|
should.exist(res.headers.date);
|
|
|
|
|
|
|
|
$('title').text().should.equal('Ghost');
|
2017-09-21 17:05:35 +03:00
|
|
|
$('.content .post').length.should.equal(5);
|
|
|
|
$('.poweredby').text().should.equal('Proudly published with Ghost');
|
|
|
|
$('body.home-template').length.should.equal(1);
|
|
|
|
$('article.post').length.should.equal(5);
|
|
|
|
$('article.tag-getting-started').length.should.equal(5);
|
2016-02-09 17:14:24 +03:00
|
|
|
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
2017-06-08 18:36:14 +03:00
|
|
|
it('should not have a third page', function (done) {
|
|
|
|
request.get('/page/3/')
|
2016-02-09 17:14:24 +03:00
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('RSS', function () {
|
2016-07-15 19:22:41 +03:00
|
|
|
before(testUtils.teardown);
|
|
|
|
|
2016-02-09 17:14:24 +03:00
|
|
|
before(function (done) {
|
|
|
|
testUtils.initData().then(function () {
|
|
|
|
return testUtils.fixtures.overrideOwnerUser();
|
|
|
|
}).then(function () {
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
after(testUtils.teardown);
|
|
|
|
|
|
|
|
it('should 301 redirect with CC=1year without slash', function (done) {
|
|
|
|
request.get('/rss')
|
|
|
|
.expect('Location', '/rss/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should respond with 200 & CC=public', function (done) {
|
|
|
|
request.get('/rss/')
|
|
|
|
.expect('Content-Type', 'text/xml; charset=utf-8')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(200)
|
|
|
|
.end(function (err, res) {
|
|
|
|
if (err) {
|
|
|
|
return done(err);
|
|
|
|
}
|
|
|
|
|
|
|
|
should.not.exist(res.headers['x-cache-invalidate']);
|
|
|
|
should.not.exist(res.headers['X-CSRF-Token']);
|
|
|
|
should.not.exist(res.headers['set-cookie']);
|
|
|
|
should.exist(res.headers.date);
|
|
|
|
// The remainder of the XML is tested in the unit/xml_spec.js
|
|
|
|
res.text.should.match(/^<\?xml version="1.0" encoding="UTF-8"\?><rss/);
|
|
|
|
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should get 301 redirect with CC=1year to /rss/ from /feed/', function (done) {
|
|
|
|
request.get('/feed/')
|
|
|
|
.expect('Location', '/rss/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('Paged', function () {
|
2017-08-02 11:25:41 +03:00
|
|
|
// Add enough posts to trigger pages for both the index (25 pp) and rss (15 pp)
|
2016-02-09 17:14:24 +03:00
|
|
|
before(function (done) {
|
|
|
|
testUtils.initData().then(function () {
|
2016-06-10 08:12:46 +03:00
|
|
|
return testUtils.fixtures.insertPostsAndTags();
|
2016-02-09 17:14:24 +03:00
|
|
|
}).then(function () {
|
2017-08-02 11:25:41 +03:00
|
|
|
return testUtils.fixtures.insertMorePosts(25);
|
2016-02-09 17:14:24 +03:00
|
|
|
}).then(function () {
|
|
|
|
done();
|
|
|
|
}).catch(done);
|
|
|
|
});
|
|
|
|
|
|
|
|
after(testUtils.teardown);
|
|
|
|
|
|
|
|
it('should redirect without slash', function (done) {
|
|
|
|
request.get('/page/2')
|
|
|
|
.expect('Location', '/page/2/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
2017-08-02 11:25:41 +03:00
|
|
|
it('should respond with html', function (done) {
|
2016-02-09 17:14:24 +03:00
|
|
|
request.get('/page/2/')
|
|
|
|
.expect('Content-Type', /html/)
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(200)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
2017-08-02 11:25:41 +03:00
|
|
|
it('should not allow chars after the page number', function (done) {
|
|
|
|
request.get('/page/2abc/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
2016-02-09 17:14:24 +03:00
|
|
|
it('should redirect page 1', function (done) {
|
|
|
|
request.get('/page/1/')
|
|
|
|
.expect('Location', '/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 if page too high', function (done) {
|
2017-09-21 17:05:35 +03:00
|
|
|
// We have 7 default welcome posts + 8 fixture posts + 25 more posts = 40 (5 pages per post is default). So the 9th page 404's.
|
|
|
|
request.get('/page/9/')
|
2016-02-09 17:14:24 +03:00
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 if page is zero', function (done) {
|
|
|
|
request.get('/page/0/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 if page is less than zero', function (done) {
|
|
|
|
request.get('/page/-5/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 if page is NaN', function (done) {
|
|
|
|
request.get('/page/one/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('RSS', function () {
|
|
|
|
it('should redirect without slash', function (done) {
|
|
|
|
request.get('/rss/2')
|
|
|
|
.expect('Location', '/rss/2/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should respond with xml', function (done) {
|
|
|
|
request.get('/rss/2/')
|
|
|
|
.expect('Content-Type', /xml/)
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(200)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('Tag', function () {
|
|
|
|
before(function (done) {
|
|
|
|
testUtils.clearData().then(function () {
|
|
|
|
// we initialise data, but not a user. No user should be required for navigating the frontend
|
|
|
|
return testUtils.initData();
|
|
|
|
}).then(function () {
|
|
|
|
return testUtils.fixtures.overrideOwnerUser('ghost-owner');
|
|
|
|
}).then(function () {
|
|
|
|
done();
|
|
|
|
}).catch(done);
|
|
|
|
});
|
|
|
|
|
2016-04-13 19:10:40 +03:00
|
|
|
after(testUtils.teardown);
|
|
|
|
|
2017-08-16 13:06:30 +03:00
|
|
|
it('should return HTML for valid route', function (done) {
|
|
|
|
request.get('/tag/getting-started/')
|
|
|
|
.expect(200)
|
|
|
|
.expect('Content-Type', /html/)
|
|
|
|
.expect('Content-Type', /html/)
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(200)
|
|
|
|
.end(function (err, res) {
|
|
|
|
if (err) {
|
|
|
|
return done(err);
|
|
|
|
}
|
|
|
|
|
|
|
|
var $ = cheerio.load(res.text);
|
|
|
|
|
|
|
|
should.not.exist(res.headers['x-cache-invalidate']);
|
|
|
|
should.not.exist(res.headers['X-CSRF-Token']);
|
|
|
|
should.not.exist(res.headers['set-cookie']);
|
|
|
|
should.exist(res.headers.date);
|
|
|
|
|
2017-09-21 17:05:35 +03:00
|
|
|
$('body').attr('class').should.eql('tag-template tag-getting-started nav-closed');
|
|
|
|
$('.content .post').length.should.equal(5);
|
|
|
|
$('.poweredby').text().should.equal('Proudly published with Ghost');
|
|
|
|
$('article.post').length.should.equal(5);
|
|
|
|
$('article.tag-getting-started').length.should.equal(5);
|
2017-08-16 13:06:30 +03:00
|
|
|
|
|
|
|
done();
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
2016-02-09 17:14:24 +03:00
|
|
|
it('should 404 for /tag/ route', function (done) {
|
|
|
|
request.get('/tag/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 for unknown tag', function (done) {
|
|
|
|
request.get('/tag/spectacular/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 for unknown tag with invalid characters', function (done) {
|
|
|
|
request.get('/tag/~$pectacular~/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('RSS', function () {
|
|
|
|
it('should redirect without slash', function (done) {
|
|
|
|
request.get('/tag/getting-started/rss')
|
|
|
|
.expect('Location', '/tag/getting-started/rss/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should respond with xml', function (done) {
|
|
|
|
request.get('/tag/getting-started/rss/')
|
|
|
|
.expect('Content-Type', /xml/)
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(200)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('Paged', function () {
|
2016-07-15 19:22:41 +03:00
|
|
|
before(testUtils.teardown);
|
|
|
|
|
2016-02-09 17:14:24 +03:00
|
|
|
// Add enough posts to trigger pages
|
|
|
|
before(function (done) {
|
|
|
|
testUtils.initData().then(function () {
|
2016-06-10 08:12:46 +03:00
|
|
|
return testUtils.fixtures.insertPostsAndTags();
|
2016-02-09 17:14:24 +03:00
|
|
|
}).then(function () {
|
|
|
|
return testUtils.fixtures.insertMorePosts(22);
|
|
|
|
}).then(function () {
|
|
|
|
return testUtils.fixtures.insertMorePostsTags(22);
|
|
|
|
}).then(function () {
|
|
|
|
done();
|
|
|
|
}).catch(done);
|
|
|
|
});
|
|
|
|
|
|
|
|
after(testUtils.teardown);
|
|
|
|
|
|
|
|
it('should redirect without slash', function (done) {
|
|
|
|
request.get('/tag/injection/page/2')
|
|
|
|
.expect('Location', '/tag/injection/page/2/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
2017-09-21 17:05:35 +03:00
|
|
|
it('should respond with html', function (done) {
|
2016-02-09 17:14:24 +03:00
|
|
|
request.get('/tag/injection/page/2/')
|
|
|
|
.expect('Content-Type', /html/)
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(200)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should redirect page 1', function (done) {
|
|
|
|
request.get('/tag/injection/page/1/')
|
|
|
|
.expect('Location', '/tag/injection/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 if page too high', function (done) {
|
|
|
|
request.get('/tag/injection/page/4/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 if page too low', function (done) {
|
|
|
|
request.get('/tag/injection/page/0/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('RSS', function () {
|
|
|
|
it('should redirect page 1', function (done) {
|
|
|
|
request.get('/tag/getting-started/rss/1/')
|
|
|
|
.expect('Location', '/tag/getting-started/rss/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 if page too high', function (done) {
|
|
|
|
request.get('/tag/getting-started/rss/2/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 if page too low', function (done) {
|
|
|
|
request.get('/tag/getting-started/rss/0/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('Edit', function () {
|
|
|
|
it('should redirect without slash', function (done) {
|
|
|
|
request.get('/tag/getting-started/edit')
|
|
|
|
.expect('Location', '/tag/getting-started/edit/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should redirect to tag settings', function (done) {
|
|
|
|
request.get('/tag/getting-started/edit/')
|
2017-03-14 19:03:30 +03:00
|
|
|
.expect('Location', '/ghost/#/settings/tags/getting-started/')
|
2016-02-09 17:14:24 +03:00
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(302)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 for non-edit parameter', function (done) {
|
|
|
|
request.get('/tag/getting-started/notedit/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('Author', function () {
|
🐛 be able to serve locked users (#8711)
closes #8645, closes #8710
- locked users were once part of the category "active users", but were moved to the inactive category
-> we have added a protection of not being able to edit yourself when you are either suspended or locked
- but they are not really active users, they are restricted, because they have no access to the admin panel
- support three categories: active, inactive, restricted
* - revert restricted states
- instead, update permission layer: fallback to `all` by default, because you are able to serve any user status
- add more tests
- ATTENTION: there is a behaviour change, that a blog owner's author page can be served before setting up the blog, see conversation on slack
-> LTS serves 404
-> 1.0 would serve 200
2017-07-20 14:45:13 +03:00
|
|
|
var lockedUser = {
|
|
|
|
slug: 'locked-so-what',
|
|
|
|
email: 'locked@example.com',
|
|
|
|
status: 'locked'
|
|
|
|
},
|
|
|
|
suspendedUser = {
|
|
|
|
slug: 'suspended-meeh',
|
|
|
|
email: 'suspended@example.com',
|
|
|
|
status: 'inactive'
|
|
|
|
},
|
|
|
|
ownerSlug = 'ghost-owner';
|
|
|
|
|
2016-02-09 17:14:24 +03:00
|
|
|
before(function (done) {
|
|
|
|
testUtils.clearData().then(function () {
|
|
|
|
// we initialise data, but not a user. No user should be required for navigating the frontend
|
|
|
|
return testUtils.initData();
|
|
|
|
}).then(function () {
|
🐛 be able to serve locked users (#8711)
closes #8645, closes #8710
- locked users were once part of the category "active users", but were moved to the inactive category
-> we have added a protection of not being able to edit yourself when you are either suspended or locked
- but they are not really active users, they are restricted, because they have no access to the admin panel
- support three categories: active, inactive, restricted
* - revert restricted states
- instead, update permission layer: fallback to `all` by default, because you are able to serve any user status
- add more tests
- ATTENTION: there is a behaviour change, that a blog owner's author page can be served before setting up the blog, see conversation on slack
-> LTS serves 404
-> 1.0 would serve 200
2017-07-20 14:45:13 +03:00
|
|
|
return testUtils.fixtures.overrideOwnerUser(ownerSlug);
|
|
|
|
}).then(function () {
|
|
|
|
return testUtils.fixtures.insertOneUser(lockedUser);
|
|
|
|
}).then(function () {
|
|
|
|
return testUtils.fixtures.insertOneUser(suspendedUser);
|
2016-02-09 17:14:24 +03:00
|
|
|
}).then(function () {
|
|
|
|
done();
|
|
|
|
}).catch(done);
|
|
|
|
});
|
|
|
|
|
|
|
|
after(testUtils.teardown);
|
|
|
|
|
|
|
|
it('should 404 for /author/ route', function (done) {
|
|
|
|
request.get('/author/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 for unknown author', function (done) {
|
|
|
|
request.get('/author/spectacular/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 for unknown author with invalid characters', function (done) {
|
|
|
|
request.get('/author/ghost!user^/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
🐛 be able to serve locked users (#8711)
closes #8645, closes #8710
- locked users were once part of the category "active users", but were moved to the inactive category
-> we have added a protection of not being able to edit yourself when you are either suspended or locked
- but they are not really active users, they are restricted, because they have no access to the admin panel
- support three categories: active, inactive, restricted
* - revert restricted states
- instead, update permission layer: fallback to `all` by default, because you are able to serve any user status
- add more tests
- ATTENTION: there is a behaviour change, that a blog owner's author page can be served before setting up the blog, see conversation on slack
-> LTS serves 404
-> 1.0 would serve 200
2017-07-20 14:45:13 +03:00
|
|
|
it('[success] author is locked', function (done) {
|
|
|
|
request.get('/author/' + lockedUser.slug + '/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(200)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('[success] author is suspended', function (done) {
|
|
|
|
request.get('/author/' + suspendedUser.slug + '/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(200)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('[failure] ghost owner before blog setup', function (done) {
|
|
|
|
testUtils.fixtures.changeOwnerUserStatus({
|
|
|
|
slug: ownerSlug,
|
|
|
|
status: 'inactive'
|
|
|
|
}).then(function () {
|
|
|
|
request.get('/author/ghost-owner/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(200)
|
|
|
|
.end(doEnd(done));
|
|
|
|
}).catch(done);
|
|
|
|
});
|
|
|
|
|
|
|
|
it('[success] ghost owner after blog setup', function (done) {
|
|
|
|
testUtils.fixtures.changeOwnerUserStatus({
|
|
|
|
slug: ownerSlug,
|
|
|
|
status: 'active'
|
|
|
|
}).then(function () {
|
|
|
|
request.get('/author/ghost-owner/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(200)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
2016-02-09 17:14:24 +03:00
|
|
|
describe('RSS', function () {
|
|
|
|
it('should redirect without slash', function (done) {
|
|
|
|
request.get('/author/ghost-owner/rss')
|
|
|
|
.expect('Location', '/author/ghost-owner/rss/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should respond with xml', function (done) {
|
|
|
|
request.get('/author/ghost-owner/rss/')
|
|
|
|
.expect('Content-Type', /xml/)
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(200)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('Paged', function () {
|
|
|
|
// Add enough posts to trigger pages
|
|
|
|
before(function (done) {
|
|
|
|
testUtils.clearData().then(function () {
|
|
|
|
// we initialise data, but not a user. No user should be required for navigating the frontend
|
|
|
|
return testUtils.initData();
|
|
|
|
}).then(function () {
|
|
|
|
return testUtils.fixtures.overrideOwnerUser('ghost-owner');
|
|
|
|
}).then(function () {
|
2016-06-10 08:12:46 +03:00
|
|
|
return testUtils.fixtures.insertPostsAndTags();
|
2016-02-09 17:14:24 +03:00
|
|
|
}).then(function () {
|
|
|
|
return testUtils.fixtures.insertMorePosts(9);
|
|
|
|
}).then(function () {
|
|
|
|
done();
|
|
|
|
}).catch(done);
|
|
|
|
});
|
|
|
|
|
|
|
|
after(testUtils.teardown);
|
|
|
|
|
|
|
|
it('should redirect without slash', function (done) {
|
|
|
|
request.get('/author/ghost-owner/page/2')
|
|
|
|
.expect('Location', '/author/ghost-owner/page/2/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
2017-09-21 17:05:35 +03:00
|
|
|
it('should respond with html', function (done) {
|
2016-02-09 17:14:24 +03:00
|
|
|
request.get('/author/ghost-owner/page/2/')
|
|
|
|
.expect('Content-Type', /html/)
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(200)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should redirect page 1', function (done) {
|
|
|
|
request.get('/author/ghost-owner/page/1/')
|
|
|
|
.expect('Location', '/author/ghost-owner/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 if page too high', function (done) {
|
2017-06-08 18:36:14 +03:00
|
|
|
request.get('/author/ghost-owner/page/6/')
|
2016-02-09 17:14:24 +03:00
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 if page too low', function (done) {
|
|
|
|
request.get('/author/ghost-owner/page/0/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('RSS', function () {
|
|
|
|
it('should redirect page 1', function (done) {
|
|
|
|
request.get('/author/ghost-owner/rss/1/')
|
|
|
|
.expect('Location', '/author/ghost-owner/rss/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 if page too high', function (done) {
|
2017-06-08 18:36:14 +03:00
|
|
|
request.get('/author/ghost-owner/rss/3/')
|
2016-02-09 17:14:24 +03:00
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 if page too low', function (done) {
|
|
|
|
request.get('/author/ghost-owner/rss/0/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
|
|
|
|
describe('Edit', function () {
|
|
|
|
it('should redirect without slash', function (done) {
|
|
|
|
request.get('/author/ghost-owner/edit')
|
|
|
|
.expect('Location', '/author/ghost-owner/edit/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
|
|
.expect(301)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should redirect to editor', function (done) {
|
|
|
|
request.get('/author/ghost-owner/edit/')
|
2017-03-14 19:03:30 +03:00
|
|
|
.expect('Location', '/ghost/#/team/ghost-owner/')
|
2016-02-09 17:14:24 +03:00
|
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
|
|
.expect(302)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should 404 for something that isn\'t edit', function (done) {
|
|
|
|
request.get('/author/ghost-owner/notedit/')
|
|
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
|
|
.expect(404)
|
|
|
|
.expect(/Page not found/)
|
|
|
|
.end(doEnd(done));
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
});
|