diff --git a/core/server/data/schema/fixtures/fixtures.json b/core/server/data/schema/fixtures/fixtures.json index 5c40b92af7..1f9cc14799 100644 --- a/core/server/data/schema/fixtures/fixtures.json +++ b/core/server/data/schema/fixtures/fixtures.json @@ -80,11 +80,6 @@ { "name": "Permission", "entries": [ - { - "name": "Backup database", - "action_type": "backupContent", - "object_type": "db" - }, { "name": "Export database", "action_type": "exportContent", @@ -439,6 +434,11 @@ "name": "Publish posts", "action_type": "publish", "object_type": "post" + }, + { + "name": "Backup database", + "action_type": "backupContent", + "object_type": "db" } ] }, diff --git a/core/test/regression/api/v2/admin/db_spec.js b/core/test/regression/api/v2/admin/db_spec.js index 0b68fc1ed6..87428e632e 100644 --- a/core/test/regression/api/v2/admin/db_spec.js +++ b/core/test/regression/api/v2/admin/db_spec.js @@ -17,8 +17,8 @@ let request; let eventsTriggered; describe('DB API', () => { - let backupClient; - let schedulerClient; + let backupKey; + let schedulerKey; before(() => { return ghost() @@ -29,12 +29,8 @@ describe('DB API', () => { return localUtils.doAuth(request); }) .then(() => { - return models.Client.findAll(); - }) - .then((result) => { - const clients = result.toJSON(); - backupClient = _.find(clients, {slug: 'ghost-backup'}); - schedulerClient = _.find(clients, {slug: 'ghost-scheduler'}); + backupKey = _.find(testUtils.existingData.apiKeys, {integration: {slug: 'ghost-backup'}}); + schedulerKey = _.find(testUtils.existingData.apiKeys, {integration: {slug: 'ghost-scheduler'}}); }); }); @@ -126,11 +122,13 @@ describe('DB API', () => { .expect(415); }); - it('export can be triggered by backup client', () => { - const backupQuery = `?client_id=${backupClient.slug}&client_secret=${backupClient.secret}&filename=test`; + it('export can be triggered by backup integration', () => { + const backupQuery = `?filename=test`; const fsStub = sinon.stub(fs, 'writeFile').resolves(); return request.post(localUtils.API.getApiQuery(`db/backup${backupQuery}`)) + .set('Authorization', `Ghost ${localUtils.getValidAdminToken('/v2/admin/', backupKey)}`) + .set('Origin', config.get('url')) .expect('Content-Type', /json/) .expect(200) .then((res) => { @@ -140,11 +138,12 @@ describe('DB API', () => { }); }); - it('export can not be triggered by client other than backup', () => { - const schedulerQuery = `?client_id=${schedulerClient.slug}&client_secret=${schedulerClient.secret}`; + it('export can not be triggered by integration other than backup', () => { const fsStub = sinon.stub(fs, 'writeFile').resolves(); - return request.post(localUtils.API.getApiQuery(`db/backup${schedulerQuery}`)) + return request.post(localUtils.API.getApiQuery(`db/backup`)) + .set('Authorization', `Ghost ${localUtils.getValidAdminToken('/v2/admin/', schedulerKey)}`) + .set('Origin', config.get('url')) .expect('Content-Type', /json/) .expect(403) .then((res) => { @@ -154,17 +153,12 @@ describe('DB API', () => { }); }); - it('export can not be triggered by regular authentication', () => { + it('export can be triggered by Admin authentication', () => { const fsStub = sinon.stub(fs, 'writeFile').resolves(); return request.post(localUtils.API.getApiQuery(`db/backup`)) .set('Origin', config.get('url')) .expect('Content-Type', /json/) - .expect(401) - .then((res) => { - should.exist(res.body.errors); - res.body.errors[0].type.should.eql('UnauthorizedError'); - fsStub.called.should.eql(false); - }); + .expect(200); }); }); diff --git a/core/test/regression/migrations/migration_spec.js b/core/test/regression/migrations/migration_spec.js index 8c2e8aab0e..bac6f54af3 100644 --- a/core/test/regression/migrations/migration_spec.js +++ b/core/test/regression/migrations/migration_spec.js @@ -209,6 +209,10 @@ describe('Database Migration (special functions)', function () { // Posts permissions[70].name.should.eql('Publish posts'); permissions[70].should.be.AssignedToRoles(['Administrator', 'Editor', 'Admin Integration', 'Scheduler Integration']); + + // DB + permissions[71].name.should.eql('Backup database'); + permissions[71].should.be.AssignedToRoles(['Administrator', 'DB Backup Integration']); }); describe('Populate', function () { diff --git a/core/test/unit/data/schema/fixtures/utils_spec.js b/core/test/unit/data/schema/fixtures/utils_spec.js index f751881a6d..8a058b2418 100644 --- a/core/test/unit/data/schema/fixtures/utils_spec.js +++ b/core/test/unit/data/schema/fixtures/utils_spec.js @@ -260,6 +260,11 @@ describe('Migration Fixture Utils', function () { foundFixture.should.be.an.Object(); foundFixture.entries.should.be.an.Array().with.lengthOf(4); foundFixture.entries[0].should.eql({ + name: 'Export database', + action_type: 'exportContent', + object_type: 'db' + }); + foundFixture.entries[3].should.eql({ name: 'Backup database', action_type: 'backupContent', object_type: 'db' diff --git a/core/test/unit/data/schema/integrity_spec.js b/core/test/unit/data/schema/integrity_spec.js index 7db868a050..ad73112448 100644 --- a/core/test/unit/data/schema/integrity_spec.js +++ b/core/test/unit/data/schema/integrity_spec.js @@ -20,7 +20,7 @@ var should = require('should'), describe('DB version integrity', function () { // Only these variables should need updating const currentSchemaHash = 'fda0398e93a74b2dc435cb4c026679ba'; - const currentFixturesHash = 'd0ee1deaea406f78e1f2145384196b48'; + const currentFixturesHash = 'c7b485fe2f16517295bd35c761129729'; // If this test is failing, then it is likely a change has been made that requires a DB version bump, // and the values above will need updating as confirmation diff --git a/core/test/utils/index.js b/core/test/utils/index.js index b0d397b261..1f54e03aa4 100644 --- a/core/test/utils/index.js +++ b/core/test/utils/index.js @@ -1027,7 +1027,7 @@ startGhost = function startGhost(options) { .then((tags) => { module.exports.existingData.tags = tags.toJSON(); - return models.ApiKey.findAll({columns: ['id', 'secret']}); + return models.ApiKey.findAll({withRelated: 'integration'}); }) .then((keys) => { module.exports.existingData.apiKeys = keys.toJSON();