Ghost/ghost/core/test/e2e-frontend/preview_routes.test.js
Steve Larson 0fe573b1d0
🐛 Redirected email previews to /email/ route (#18976)
closes TryGhost/Product#4136
- the `/p/` route is only intended for drafts, not published content
(e.g. sent newsletters)
- email-only posts (newsletters) do not get assigned a slug, and could
still be viewed at `/p/:uuid`, which didn't hide paid/member content
2023-11-14 13:31:41 -06:00

116 lines
4.5 KiB
JavaScript

// # Frontend Route tests
// As it stands, these tests depend on the database, and as such are integration tests.
// Mocking out the models to not touch the DB would turn these into unit tests, and should probably be done in future,
// But then again testing real code, rather than mock code, might be more useful...
const should = require('should');
const sinon = require('sinon');
const supertest = require('supertest');
const cheerio = require('cheerio');
const testUtils = require('../utils');
const config = require('../../core/shared/config');
let request;
function assertCorrectFrontendHeaders(res) {
should.not.exist(res.headers['x-cache-invalidate']);
should.not.exist(res.headers['X-CSRF-Token']);
should.not.exist(res.headers['set-cookie']);
should.exist(res.headers.date);
}
describe('Frontend Routing: Preview Routes', function () {
async function addPosts() {
await testUtils.clearData();
await testUtils.initData();
await testUtils.fixtures.insertPostsAndTags();
}
afterEach(function () {
sinon.restore();
});
before(async function () {
await testUtils.startGhost();
request = supertest.agent(config.get('url'));
});
after(async function () {
await testUtils.stopGhost();
});
before(addPosts);
it('should display draft posts accessed via uuid', async function () {
await request.get('/p/d52c42ae-2755-455c-80ec-70b2ec55c903/')
.expect('Content-Type', /html/)
.expect(200)
.expect(assertCorrectFrontendHeaders)
.expect((res) => {
const $ = cheerio.load(res.text);
should.not.exist(res.headers['x-cache-invalidate']);
should.not.exist(res.headers['X-CSRF-Token']);
should.not.exist(res.headers['set-cookie']);
should.exist(res.headers.date);
$('title').text().should.equal('Not finished yet');
$('meta[name="description"]').attr('content').should.equal('meta description for draft post');
// @TODO: use theme from fixtures and don't rely on content/themes/casper
// $('.content .post').length.should.equal(1);
// $('.poweredby').text().should.equal('Proudly published with Ghost');
// $('body.post-template').length.should.equal(1);
// $('article.post').length.should.equal(1);
});
});
it('should redirect draft posts accessed via uuid and edit to admin post edit screen', async function () {
await request.get('/p/d52c42ae-2755-455c-80ec-70b2ec55c903/edit/')
.expect('Content-Type', /text\/plain/)
.expect(302)
.expect('Location', /ghost\/#\/editor\/post\/\w+/)
.expect('Cache-Control', testUtils.cacheRules.public)
.expect(assertCorrectFrontendHeaders);
});
it('should redirect draft page accessed via uuid and edit to admin page edit screen', async function () {
await request.get('/p/d52c42ae-2755-455c-80ec-70b2ec55c904/edit/')
.expect('Content-Type', /text\/plain/)
.expect(302)
.expect('Location', /ghost\/#\/editor\/page\/\w+/)
.expect('Cache-Control', testUtils.cacheRules.public)
.expect(assertCorrectFrontendHeaders);
});
it('should redirect published posts to their live url', async function () {
await request.get('/p/2ac6b4f6-e1f3-406c-9247-c94a0496d39d/')
.expect(301)
.expect('Location', '/short-and-sweet/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(assertCorrectFrontendHeaders);
});
it('should redirect sent email-only posts to /email/:uuid from /p/:uuid', async function () {
// difficult to build a sent newsletter using the data generator
const emailedPost = await testUtils.fixtures.insertPosts([{
title: 'test newsletter',
status: 'sent',
posts_meta: {
email_only: true
}
}]);
await request.get(`/p/${emailedPost[0].get('uuid')}/`)
.expect(301)
.expect('Location', `/email/${emailedPost[0].get('uuid')}/`)
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(assertCorrectFrontendHeaders);
});
it('404s unknown uuids', async function () {
request.get('/p/aac6b4f6-e1f3-406c-9247-c94a0496d39f/')
.expect(404)
.expect(assertCorrectFrontendHeaders);
});
});