mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-01 13:54:35 +03:00
Reduced some functional tests
refs #9866 - just some 🤪 - some were really slow in general, because they had to start/stop Ghost within the test file twice or so - removed some obvious test cases - if we copy over the controllers and add functional tests for v2, we can maybe remove some more test cases for v2
This commit is contained in:
kirrg001
parent
d2baf80d58
commit
f55a9ad412
@ -11,6 +11,7 @@ var should = require('should'),
|
||||
request;
|
||||
|
||||
describe('Post API', function () {
|
||||
let authorAccessToken, contributorAccessToken, author, contributor;
|
||||
var ghostServer;
|
||||
|
||||
describe('As Owner', function () {
|
||||
@ -27,6 +28,32 @@ describe('Post API', function () {
|
||||
})
|
||||
.then(function (token) {
|
||||
ownerAccessToken = token;
|
||||
|
||||
// create author
|
||||
return testUtils.createUser({
|
||||
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+2@ghost.org'}),
|
||||
role: testUtils.DataGenerator.Content.roles[2].name
|
||||
});
|
||||
})
|
||||
.then((_author) => {
|
||||
request.user = author = _author;
|
||||
return localUtils.doAuth(request);
|
||||
})
|
||||
.then(function (token) {
|
||||
authorAccessToken = token;
|
||||
|
||||
// create contributor
|
||||
return testUtils.createUser({
|
||||
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+3@ghost.org'}),
|
||||
role: testUtils.DataGenerator.Content.roles[4].name
|
||||
});
|
||||
})
|
||||
.then(function (_contributor) {
|
||||
request.user = contributor = _contributor;
|
||||
return localUtils.doAuth(request);
|
||||
})
|
||||
.then(function (token) {
|
||||
contributorAccessToken = token;
|
||||
});
|
||||
});
|
||||
|
||||
@ -228,30 +255,7 @@ describe('Post API', function () {
|
||||
});
|
||||
|
||||
it('can retrieve all published posts and pages', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('posts/?filter=page:[false,true]'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(200)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
should.not.exist(res.headers['x-cache-invalidate']);
|
||||
var jsonResponse = res.body;
|
||||
should.exist(jsonResponse.posts);
|
||||
testUtils.API.checkResponse(jsonResponse, 'posts');
|
||||
jsonResponse.posts.should.have.length(12);
|
||||
testUtils.API.checkResponse(jsonResponse.posts[0], 'post');
|
||||
testUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination');
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
// Test bits of the API we don't use in the app yet to ensure the API behaves properly
|
||||
it('can retrieve all status posts and pages', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('posts/?staticPages=all&status=all'))
|
||||
request.get(localUtils.API.getApiQuery('posts/?filter=page:[false,true]&status=all'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
@ -273,7 +277,7 @@ describe('Post API', function () {
|
||||
});
|
||||
|
||||
it('can retrieve just published pages', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('posts/?staticPages=true'))
|
||||
request.get(localUtils.API.getApiQuery('posts/?filter=page:true'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
@ -320,32 +324,6 @@ describe('Post API', function () {
|
||||
});
|
||||
});
|
||||
|
||||
it('can retrieve just non featured posts', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('posts/?filter=featured:false'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(200)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
should.not.exist(res.headers['x-cache-invalidate']);
|
||||
var jsonResponse = res.body;
|
||||
should.exist(jsonResponse.posts);
|
||||
testUtils.API.checkResponse(jsonResponse, 'posts');
|
||||
jsonResponse.posts.should.be.an.Array().with.lengthOf(9);
|
||||
testUtils.API.checkResponse(jsonResponse.posts[0], 'post');
|
||||
testUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination');
|
||||
|
||||
const featured = _.map(jsonResponse.posts, 'featured');
|
||||
featured.should.matchEach(false);
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('can retrieve just draft posts', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('posts/?status=draft'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
@ -577,48 +555,6 @@ describe('Post API', function () {
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('can\'t retrieve a draft post', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('posts/5/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.set('Accept', 'application/json')
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(404)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
should.not.exist(res.headers['x-cache-invalidate']);
|
||||
var jsonResponse = res.body;
|
||||
should.exist(jsonResponse);
|
||||
should.exist(jsonResponse.errors);
|
||||
testUtils.API.checkResponseValue(jsonResponse.errors[0], ['message', 'errorType']);
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('can\'t retrieve a draft page', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('posts/8/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.set('Accept', 'application/json')
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(404)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
should.not.exist(res.headers['x-cache-invalidate']);
|
||||
var jsonResponse = res.body;
|
||||
should.exist(jsonResponse);
|
||||
should.exist(jsonResponse.errors);
|
||||
testUtils.API.checkResponseValue(jsonResponse.errors[0], ['message', 'errorType']);
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
// ## Add
|
||||
@ -1179,42 +1115,6 @@ describe('Post API', function () {
|
||||
});
|
||||
});
|
||||
|
||||
it('can\'t edit non existent post', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[0].id + '/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
var jsonResponse = res.body,
|
||||
changedValue = 'My new Title';
|
||||
should.exist(jsonResponse.posts[0].title);
|
||||
jsonResponse.posts[0].testvalue = changedValue;
|
||||
jsonResponse.posts[0].id = ObjectId.generate();
|
||||
|
||||
request.put(localUtils.API.getApiQuery('posts/' + jsonResponse.posts[0].id + '/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.send(jsonResponse)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(404)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
should.not.exist(res.headers['x-cache-invalidate']);
|
||||
jsonResponse = res.body;
|
||||
should.exist(jsonResponse.errors);
|
||||
testUtils.API.checkResponseValue(jsonResponse.errors[0], ['message', 'errorType']);
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('check which fields can be modified', function (done) {
|
||||
var existingPostData, modifiedPostData;
|
||||
|
||||
@ -1306,197 +1206,10 @@ describe('Post API', function () {
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('can delete a new draft', function (done) {
|
||||
var newTitle = 'My Post',
|
||||
publishedState = 'draft',
|
||||
newPost = {
|
||||
posts: [{
|
||||
status: publishedState,
|
||||
title: newTitle,
|
||||
mobiledoc: markdownToMobiledoc('my post')
|
||||
}]
|
||||
};
|
||||
|
||||
request.post(localUtils.API.getApiQuery('posts/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.send(newPost)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(201)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
var draftPost = res.body;
|
||||
|
||||
should.exist(draftPost);
|
||||
draftPost.posts[0].title.should.eql(newTitle);
|
||||
draftPost.posts[0].status = publishedState;
|
||||
testUtils.API.checkResponse(draftPost.posts[0], 'post');
|
||||
|
||||
request.del(localUtils.API.getApiQuery('posts/' + draftPost.posts[0].id + '/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(204)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
res.body.should.be.empty();
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('Dated Permalinks', function () {
|
||||
before(function (done) {
|
||||
request.get(localUtils.API.getApiQuery('settings/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
var jsonResponse = res.body;
|
||||
jsonResponse.permalinks = '/:year/:month/:day/:slug/';
|
||||
|
||||
request.put(localUtils.API.getApiQuery('settings/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.send(jsonResponse)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.end(function (err) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
after(function (done) {
|
||||
request.get(localUtils.API.getApiQuery('settings/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
var jsonResponse = res.body;
|
||||
jsonResponse.permalinks = '/:slug/';
|
||||
|
||||
request.put(localUtils.API.getApiQuery('settings/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.send(jsonResponse)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('Can read a post', function (done) {
|
||||
// nothing should have changed here
|
||||
request.get(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[1].id + '/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(200)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
should.not.exist(res.headers['x-cache-invalidate']);
|
||||
|
||||
var jsonResponse = res.body;
|
||||
should.exist(jsonResponse);
|
||||
should.exist(jsonResponse.posts);
|
||||
testUtils.API.checkResponse(jsonResponse.posts[0], 'post');
|
||||
jsonResponse.posts[0].slug.should.not.match(/^\/[0-9]{4}\/[0-9]{2}\/[0-9]{2}/);
|
||||
jsonResponse.posts[0].page.should.not.be.ok();
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('Can edit a post', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[1].id + '/?include=tags'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
var jsonResponse = res.body,
|
||||
changedValue = 'My new Title';
|
||||
should.exist(jsonResponse);
|
||||
should.exist(jsonResponse.posts);
|
||||
jsonResponse.posts[0].title = changedValue;
|
||||
|
||||
request.put(localUtils.API.getApiQuery('posts/' + testUtils.DataGenerator.Content.posts[1].id + '/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.send(jsonResponse)
|
||||
.expect(200)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
var putBody = res.body;
|
||||
|
||||
res.headers['x-cache-invalidate'].should.eql('/*');
|
||||
should.exist(putBody);
|
||||
putBody.posts[0].title.should.eql(changedValue);
|
||||
|
||||
testUtils.API.checkResponse(putBody.posts[0], 'post');
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('As Author', function () {
|
||||
var authorAccessToken, author;
|
||||
|
||||
before(function () {
|
||||
return ghost()
|
||||
.then(function (_ghostServer) {
|
||||
ghostServer = _ghostServer;
|
||||
request = supertest.agent(config.get('url'));
|
||||
|
||||
// create author
|
||||
return testUtils.createUser({
|
||||
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+2@ghost.org'}),
|
||||
role: testUtils.DataGenerator.Content.roles[2].name
|
||||
});
|
||||
})
|
||||
.then(function (_author) {
|
||||
request.user = author = _author;
|
||||
return localUtils.doAuth(request, 'posts');
|
||||
})
|
||||
.then(function (token) {
|
||||
authorAccessToken = token;
|
||||
});
|
||||
});
|
||||
|
||||
describe('Add', function () {
|
||||
it('can add own post', function (done) {
|
||||
var post = {
|
||||
@ -1614,29 +1327,6 @@ describe('Post API', function () {
|
||||
});
|
||||
|
||||
describe('As Contributor', function () {
|
||||
var contributorAccessToken, contributor;
|
||||
|
||||
before(function () {
|
||||
return ghost()
|
||||
.then(function (_ghostServer) {
|
||||
ghostServer = _ghostServer;
|
||||
request = supertest.agent(config.get('url'));
|
||||
|
||||
// create contributor
|
||||
return testUtils.createUser({
|
||||
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+3@ghost.org'}),
|
||||
role: testUtils.DataGenerator.Content.roles[4].name
|
||||
});
|
||||
})
|
||||
.then(function (_contributor) {
|
||||
request.user = contributor = _contributor;
|
||||
return localUtils.doAuth(request, 'posts');
|
||||
})
|
||||
.then(function (token) {
|
||||
contributorAccessToken = token;
|
||||
});
|
||||
});
|
||||
|
||||
describe('Add', function () {
|
||||
it('can add own post', function (done) {
|
||||
var post = {
|
||||
@ -1697,7 +1387,7 @@ describe('Post API', function () {
|
||||
|
||||
var jsonResponse = res.body,
|
||||
changedTitle = 'My new Title',
|
||||
changedSlug = 'my-new-slug';
|
||||
changedSlug = 'my-new-slug-contributor';
|
||||
|
||||
should.exist(jsonResponse.posts[0]);
|
||||
jsonResponse.posts[0].title = changedTitle;
|
||||
|
||||
@ -15,13 +15,11 @@ should.equal(true, true);
|
||||
describe('Redirects API', function () {
|
||||
var ghostServer;
|
||||
|
||||
afterEach(function () {
|
||||
configUtils.restore();
|
||||
});
|
||||
|
||||
describe('Download', function () {
|
||||
beforeEach(function () {
|
||||
return ghost()
|
||||
let originalContentPath;
|
||||
|
||||
before(function () {
|
||||
return ghost({redirectsFile: true})
|
||||
.then(function (_ghostServer) {
|
||||
ghostServer = _ghostServer;
|
||||
request = supertest.agent(config.get('url'));
|
||||
@ -31,9 +29,15 @@ describe('Redirects API', function () {
|
||||
})
|
||||
.then(function (token) {
|
||||
accesstoken = token;
|
||||
|
||||
originalContentPath = configUtils.config.get('paths:contentPath');
|
||||
});
|
||||
});
|
||||
|
||||
afterEach(function () {
|
||||
configUtils.config.set('paths:contentPath', originalContentPath);
|
||||
});
|
||||
|
||||
it('file does not exist', function (done) {
|
||||
// Just set any content folder, which does not contain a redirects file.
|
||||
configUtils.set('paths:contentPath', path.join(__dirname, '../../../utils/fixtures/data'));
|
||||
@ -82,6 +86,68 @@ describe('Redirects API', function () {
|
||||
});
|
||||
|
||||
describe('Upload', function () {
|
||||
describe('Error cases', function () {
|
||||
it('syntax error', function (done) {
|
||||
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), 'something');
|
||||
|
||||
request
|
||||
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
|
||||
.set('Authorization', 'Bearer ' + accesstoken)
|
||||
.set('Origin', testUtils.API.getURL())
|
||||
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
|
||||
.expect('Content-Type', /application\/json/)
|
||||
.expect(400)
|
||||
.end(function (err) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('wrong format: no array', function (done) {
|
||||
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), JSON.stringify({
|
||||
from: 'c',
|
||||
to: 'd'
|
||||
}));
|
||||
|
||||
request
|
||||
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
|
||||
.set('Authorization', 'Bearer ' + accesstoken)
|
||||
.set('Origin', testUtils.API.getURL())
|
||||
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
|
||||
.expect('Content-Type', /application\/json/)
|
||||
.expect(422)
|
||||
.end(function (err) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('wrong format: no from/to', function (done) {
|
||||
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), JSON.stringify([{to: 'd'}]));
|
||||
|
||||
request
|
||||
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
|
||||
.set('Authorization', 'Bearer ' + accesstoken)
|
||||
.set('Origin', testUtils.API.getURL())
|
||||
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
|
||||
.expect('Content-Type', /application\/json/)
|
||||
.expect(422)
|
||||
.end(function (err) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('Ensure re-registering redirects works', function () {
|
||||
var startGhost = function (options) {
|
||||
return ghost(options)
|
||||
@ -209,81 +275,5 @@ describe('Redirects API', function () {
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('Error cases', function () {
|
||||
beforeEach(function () {
|
||||
return ghost()
|
||||
.then(function (_ghostServer) {
|
||||
ghostServer = _ghostServer;
|
||||
request = supertest.agent(config.get('url'));
|
||||
})
|
||||
.then(function () {
|
||||
return localUtils.doAuth(request, 'client:trusted-domain');
|
||||
})
|
||||
.then(function (token) {
|
||||
accesstoken = token;
|
||||
});
|
||||
});
|
||||
|
||||
it('syntax error', function (done) {
|
||||
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), 'something');
|
||||
|
||||
request
|
||||
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
|
||||
.set('Authorization', 'Bearer ' + accesstoken)
|
||||
.set('Origin', testUtils.API.getURL())
|
||||
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
|
||||
.expect('Content-Type', /application\/json/)
|
||||
.expect(400)
|
||||
.end(function (err) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('wrong format: no array', function (done) {
|
||||
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), JSON.stringify({
|
||||
from: 'c',
|
||||
to: 'd'
|
||||
}));
|
||||
|
||||
request
|
||||
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
|
||||
.set('Authorization', 'Bearer ' + accesstoken)
|
||||
.set('Origin', testUtils.API.getURL())
|
||||
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
|
||||
.expect('Content-Type', /application\/json/)
|
||||
.expect(422)
|
||||
.end(function (err) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('wrong format: no from/to', function (done) {
|
||||
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), JSON.stringify([{to: 'd'}]));
|
||||
|
||||
request
|
||||
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
|
||||
.set('Authorization', 'Bearer ' + accesstoken)
|
||||
.set('Origin', testUtils.API.getURL())
|
||||
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
|
||||
.expect('Content-Type', /application\/json/)
|
||||
.expect(422)
|
||||
.end(function (err) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
@ -122,7 +122,7 @@ describe('User API', function () {
|
||||
});
|
||||
});
|
||||
|
||||
it('can retrieve all users with roles', function (done) {
|
||||
it('can retrieve all users with includes', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('users/?include=roles'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
@ -234,8 +234,8 @@ describe('User API', function () {
|
||||
});
|
||||
});
|
||||
|
||||
it('can retrieve a user with role', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('users/me/?include=roles'))
|
||||
it('can retrieve a user with includes', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('users/me/?include=roles,roles.permissions,count.posts'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
@ -251,104 +251,8 @@ describe('User API', function () {
|
||||
should.not.exist(jsonResponse.meta);
|
||||
|
||||
jsonResponse.users.should.have.length(1);
|
||||
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['roles']);
|
||||
testUtils.API.checkResponse(jsonResponse.users[0].roles[0], 'role');
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('can retrieve a user with role and permissions', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('users/me/?include=roles,roles.permissions'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(200)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
should.not.exist(res.headers['x-cache-invalidate']);
|
||||
var jsonResponse = res.body;
|
||||
should.exist(jsonResponse.users);
|
||||
should.not.exist(jsonResponse.meta);
|
||||
|
||||
jsonResponse.users.should.have.length(1);
|
||||
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['roles']);
|
||||
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['roles', 'count']);
|
||||
testUtils.API.checkResponse(jsonResponse.users[0].roles[0], 'role', ['permissions']);
|
||||
// testUtils.API.checkResponse(jsonResponse.users[0].roles[0].permissions[0], 'permission');
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('can retrieve a user by slug with role and permissions', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('users/slug/joe-bloggs/?include=roles,roles.permissions'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(200)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
should.not.exist(res.headers['x-cache-invalidate']);
|
||||
var jsonResponse = res.body;
|
||||
should.exist(jsonResponse.users);
|
||||
should.not.exist(jsonResponse.meta);
|
||||
|
||||
jsonResponse.users.should.have.length(1);
|
||||
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['roles']);
|
||||
testUtils.API.checkResponse(jsonResponse.users[0].roles[0], 'role', ['permissions']);
|
||||
// testUtils.API.checkResponse(jsonResponse.users[0].roles[0].permissions[0], 'permission');
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('can retrieve a user by slug with count.posts', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('users/slug/joe-bloggs/?include=count.posts'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(200)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
should.not.exist(res.headers['x-cache-invalidate']);
|
||||
var jsonResponse = res.body;
|
||||
should.exist(jsonResponse.users);
|
||||
should.not.exist(jsonResponse.meta);
|
||||
|
||||
jsonResponse.users.should.have.length(1);
|
||||
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['count']);
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('can retrieve a user by id with count.posts', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('users/1/?include=count.posts'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(200)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
should.not.exist(res.headers['x-cache-invalidate']);
|
||||
var jsonResponse = res.body;
|
||||
should.exist(jsonResponse.users);
|
||||
should.not.exist(jsonResponse.meta);
|
||||
|
||||
jsonResponse.users.should.have.length(1);
|
||||
testUtils.API.checkResponse(jsonResponse.users[0], 'user', ['count']);
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
@ -398,8 +302,14 @@ describe('User API', function () {
|
||||
|
||||
describe('Edit', function () {
|
||||
it('can edit a user', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('users/me/'))
|
||||
request.put(localUtils.API.getApiQuery('users/me/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.send({
|
||||
users: [{
|
||||
website: 'http://joe-bloggs.ghost.org',
|
||||
password: 'mynewfancypasswordwhichisnotallowed'
|
||||
}]
|
||||
})
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(200)
|
||||
@ -408,86 +318,37 @@ describe('User API', function () {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
var jsonResponse = res.body,
|
||||
changedValue = 'http://joe-bloggs.ghost.org',
|
||||
dataToSend;
|
||||
var putBody = res.body;
|
||||
res.headers['x-cache-invalidate'].should.eql('/*');
|
||||
should.exist(putBody.users[0]);
|
||||
putBody.users[0].website.should.eql('http://joe-bloggs.ghost.org');
|
||||
putBody.users[0].email.should.eql('jbloggs@example.com');
|
||||
testUtils.API.checkResponse(putBody.users[0], 'user');
|
||||
|
||||
should.exist(jsonResponse.users[0]);
|
||||
testUtils.API.checkResponse(jsonResponse.users[0], 'user');
|
||||
should.not.exist(putBody.users[0].password);
|
||||
|
||||
dataToSend = {
|
||||
users: [
|
||||
{
|
||||
website: changedValue,
|
||||
password: 'mynewfancypasswordwhichisnotallowed'
|
||||
}
|
||||
]
|
||||
};
|
||||
|
||||
request.put(localUtils.API.getApiQuery('users/me/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.send(dataToSend)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(200)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
var putBody = res.body;
|
||||
res.headers['x-cache-invalidate'].should.eql('/*');
|
||||
should.exist(putBody.users[0]);
|
||||
putBody.users[0].website.should.eql(changedValue);
|
||||
putBody.users[0].email.should.eql(jsonResponse.users[0].email);
|
||||
testUtils.API.checkResponse(putBody.users[0], 'user');
|
||||
|
||||
should.not.exist(putBody.users[0].password);
|
||||
|
||||
models.User.findOne({id: putBody.users[0].id})
|
||||
.then((user) => {
|
||||
return models.User.isPasswordCorrect({
|
||||
plainPassword: 'mynewfancypasswordwhichisnotallowed',
|
||||
hashedPassword: user.get('password')
|
||||
});
|
||||
})
|
||||
.then(Promise.reject)
|
||||
.catch((err) => {
|
||||
err.code.should.eql('PASSWORD_INCORRECT');
|
||||
done();
|
||||
});
|
||||
models.User.findOne({id: putBody.users[0].id})
|
||||
.then((user) => {
|
||||
return models.User.isPasswordCorrect({
|
||||
plainPassword: 'mynewfancypasswordwhichisnotallowed',
|
||||
hashedPassword: user.get('password')
|
||||
});
|
||||
})
|
||||
.then(Promise.reject)
|
||||
.catch((err) => {
|
||||
err.code.should.eql('PASSWORD_INCORRECT');
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('can\'t edit a user with invalid accesstoken', function (done) {
|
||||
request.get(localUtils.API.getApiQuery('users/me/'))
|
||||
.set('Authorization', 'Bearer ' + ownerAccessToken)
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
var jsonResponse = res.body,
|
||||
changedValue = 'joe-bloggs.ghost.org';
|
||||
|
||||
should.exist(jsonResponse.users[0]);
|
||||
jsonResponse.users[0].website = changedValue;
|
||||
|
||||
request.put(localUtils.API.getApiQuery('users/me/'))
|
||||
.set('Authorization', 'Bearer ' + 'invalidtoken')
|
||||
.send(jsonResponse)
|
||||
.expect(401)
|
||||
.end(function (err) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
it('can\'t edit a user with invalid accesstoken', function () {
|
||||
return request.put(localUtils.API.getApiQuery('users/me/'))
|
||||
.set('Authorization', 'Bearer ' + 'invalidtoken')
|
||||
.send({
|
||||
posts: []
|
||||
})
|
||||
.expect(401);
|
||||
});
|
||||
|
||||
it('check which fields can be modified', function (done) {
|
||||
@ -607,60 +468,6 @@ describe('User API', function () {
|
||||
});
|
||||
|
||||
describe('As Editor', function () {
|
||||
before(function () {
|
||||
return ghost()
|
||||
.then(function (_ghostServer) {
|
||||
ghostServer = _ghostServer;
|
||||
request = supertest.agent(config.get('url'));
|
||||
})
|
||||
.then(function () {
|
||||
// create editor
|
||||
return testUtils.createUser({
|
||||
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+1@ghost.org'}),
|
||||
role: testUtils.DataGenerator.Content.roles[1].name
|
||||
});
|
||||
})
|
||||
.then(function (_user1) {
|
||||
editor = _user1;
|
||||
|
||||
// create author
|
||||
return testUtils.createUser({
|
||||
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+2@ghost.org'}),
|
||||
role: testUtils.DataGenerator.Content.roles[2].name
|
||||
});
|
||||
})
|
||||
.then(function (_user2) {
|
||||
author = _user2;
|
||||
|
||||
// create inactive user
|
||||
return testUtils.createUser({
|
||||
user: testUtils.DataGenerator.forKnex.createUser({email: 'test+3@ghost.org', status: 'inactive'}),
|
||||
role: testUtils.DataGenerator.Content.roles[2].name
|
||||
});
|
||||
})
|
||||
.then(function (_user3) {
|
||||
inactiveUser = _user3;
|
||||
|
||||
// by default we login with the owner
|
||||
return localUtils.doAuth(request);
|
||||
})
|
||||
.then(function (token) {
|
||||
ownerAccessToken = token;
|
||||
|
||||
request.user = editor;
|
||||
return localUtils.doAuth(request);
|
||||
})
|
||||
.then(function (token) {
|
||||
editorAccessToken = token;
|
||||
|
||||
request.user = author;
|
||||
return localUtils.doAuth(request);
|
||||
})
|
||||
.then(function (token) {
|
||||
authorAccessToken = token;
|
||||
});
|
||||
});
|
||||
|
||||
describe('success cases', function () {
|
||||
it('can edit himself', function (done) {
|
||||
request.put(localUtils.API.getApiQuery('users/' + editor.id + '/'))
|
||||
|
||||
Loading…
Reference in New Issue
Block a user