/*globals describe, beforeEach, afterEach, it*/ /*jshint expr:true*/ var assert = require('assert'), should = require('should'), sinon = require('sinon'), middleware = require('../../server/middleware').middleware; describe('Middleware', function () { // TODO: needs new test for ember admin // describe('redirectToDashboard', function () { // var req, res; // beforeEach(function () { // req = { // session: {} // }; // res = { // redirect: sinon.spy() // }; // }); // it('should redirect to dashboard', function () { // req.session.user = {}; // middleware.redirectToDashboard(req, res, null); // assert(res.redirect.calledWithMatch('/ghost/')); // }); // it('should call next if no user in session', function (done) { // middleware.redirectToDashboard(req, res, function (a) { // should.not.exist(a); // assert(res.redirect.calledOnce.should.be.false); // done(); // }); // }); // }); describe('cacheControl', function () { var res; beforeEach(function () { res = { set: sinon.spy() }; }); it('correctly sets the public profile headers', function (done) { middleware.cacheControl('public')(null, res, function (a) { should.not.exist(a); res.set.calledOnce.should.be.true; res.set.calledWith({'Cache-Control': 'public, max-age=0'}); done(); }); }); it('correctly sets the private profile headers', function (done) { middleware.cacheControl('private')(null, res, function (a) { should.not.exist(a); res.set.calledOnce.should.be.true; res.set.calledWith({ 'Cache-Control': 'no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0' }); done(); }); }); it('will not set headers without a profile', function (done) { middleware.cacheControl()(null, res, function (a) { should.not.exist(a); res.set.called.should.be.false; done(); }); }); }); describe('whenEnabled', function () { var cbFn, blogApp; beforeEach(function () { cbFn = sinon.spy(); blogApp = { enabled: function (setting) { if (setting === 'enabled') { return true; } else { return false; } } }; middleware.cacheBlogApp(blogApp); }); it('should call function if setting is enabled', function (done) { var req = 1, res = 2, next = 3; middleware.whenEnabled('enabled', function (a, b, c) { assert.equal(a, 1); assert.equal(b, 2); assert.equal(c, 3); done(); })(req, res, next); }); it('should call next() if setting is disabled', function (done) { middleware.whenEnabled('rando', cbFn)(null, null, function (a) { should.not.exist(a); cbFn.calledOnce.should.be.false; done(); }); }); }); describe('staticTheme', function () { beforeEach(function () { sinon.stub(middleware, 'forwardToExpressStatic').yields(); }); afterEach(function () { middleware.forwardToExpressStatic.restore(); }); it('should call next if hbs file type', function (done) { var req = { url: 'mytemplate.hbs' }; middleware.staticTheme(null)(req, null, function (a) { should.not.exist(a); middleware.forwardToExpressStatic.calledOnce.should.be.false; done(); }); }); it('should call next if md file type', function (done) { var req = { url: 'README.md' }; middleware.staticTheme(null)(req, null, function (a) { should.not.exist(a); middleware.forwardToExpressStatic.calledOnce.should.be.false; done(); }); }); it('should call next if json file type', function (done) { var req = { url: 'sample.json' }; middleware.staticTheme(null)(req, null, function (a) { should.not.exist(a); middleware.forwardToExpressStatic.calledOnce.should.be.false; done(); }); }); it('should call express.static if valid file type', function (done) { var req = { url: 'myvalidfile.css' }; middleware.staticTheme(null)(req, null, function (reqArg, res, next) { /*jshint unused:false */ middleware.forwardToExpressStatic.calledOnce.should.be.true; assert.deepEqual(middleware.forwardToExpressStatic.args[0][0], req); done(); }); }); }); describe('isSSLRequired', function () { var isSSLrequired = middleware.isSSLrequired; it('SSL is required if config.url starts with https', function () { isSSLrequired(undefined, 'https://example.com', undefined).should.be.true; }); it('SSL is required if isAdmin and config.forceAdminSSL is set', function () { isSSLrequired(true, 'http://example.com', true).should.be.true; }); it('SSL is not required if config.url starts with "http:/" and forceAdminSSL is not set', function () { isSSLrequired(false, 'http://example.com', false).should.be.false; }); }); describe('sslForbiddenOrRedirect', function () { var sslForbiddenOrRedirect = middleware.sslForbiddenOrRedirect; it('Return forbidden if config forces admin SSL for AdminSSL redirect is false.', function () { var response = sslForbiddenOrRedirect({ forceAdminSSL: {redirect: false}, configUrl: 'http://example.com' }); response.isForbidden.should.be.true; }); it('If not forbidden, should produce SSL to redirect to when config.url ends with no slash', function () { var response = sslForbiddenOrRedirect({ forceAdminSSL: {redirect: true}, configUrl: 'http://example.com/config/path', reqUrl: '/req/path' }); response.isForbidden.should.be.false; response.redirectUrl({}).should.equal('https://example.com/config/path/req/path'); }); it('If config ends is slash, potential double-slash in resulting URL is removed', function () { var response = sslForbiddenOrRedirect({ forceAdminSSL: {redirect: true}, configUrl: 'http://example.com/config/path/', reqUrl: '/req/path' }); response.redirectUrl({}).should.equal('https://example.com/config/path/req/path'); }); it('If config.urlSSL is provided it is preferred over config.url', function () { var response = sslForbiddenOrRedirect({ forceAdminSSL: {redirect: true}, configUrl: 'http://example.com/config/path/', configUrlSSL: 'https://example.com/ssl/config/path/', reqUrl: '/req/path' }); response.redirectUrl({}).should.equal('https://example.com/ssl/config/path/req/path'); }); it('query string in request is preserved in redirect URL', function () { var response = sslForbiddenOrRedirect({ forceAdminSSL: {redirect: true}, configUrl: 'http://example.com/config/path/', configUrlSSL: 'https://example.com/ssl/config/path/', reqUrl: '/req/path' }); response.redirectUrl({a: 'b'}).should.equal('https://example.com/ssl/config/path/req/path?a=b'); }); }); });