mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-14 18:52:05 +03:00
73ea9f52f0
refs #6039, closes #6047, closes #6048 - delete old/unused fixtures file - add failing tests for #6047 & #6048 - redirect to sign-in if we get a 401 when making an API request - fix incorrect `this.notifications` call in tag controller - raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display) - close "saving failed" alert when successfully re-authenticated - adds a "window-proxy" util so that we can override `window.*` operations in tests - fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
133 lines
4.4 KiB
JavaScript
133 lines
4.4 KiB
JavaScript
/* jshint expr:true */
|
|
import {
|
|
describe,
|
|
it,
|
|
beforeEach,
|
|
afterEach
|
|
} from 'mocha';
|
|
import { expect } from 'chai';
|
|
import Ember from 'ember';
|
|
import startApp from '../helpers/start-app';
|
|
import { authenticateSession, currentSession, invalidateSession } from 'ghost/tests/helpers/ember-simple-auth';
|
|
import Mirage from 'ember-cli-mirage';
|
|
import windowProxy from 'ghost/utils/window-proxy';
|
|
|
|
const {run} = Ember;
|
|
|
|
describe('Acceptance: Authentication', function () {
|
|
let application,
|
|
originalReplaceLocation;
|
|
|
|
beforeEach(function () {
|
|
application = startApp();
|
|
});
|
|
|
|
afterEach(function () {
|
|
run(application, 'destroy');
|
|
});
|
|
|
|
describe('general page', function () {
|
|
beforeEach(function () {
|
|
originalReplaceLocation = windowProxy.replaceLocation;
|
|
windowProxy.replaceLocation = function (url) {
|
|
visit(url);
|
|
};
|
|
|
|
server.loadFixtures();
|
|
const role = server.create('role', {name: 'Administrator'}),
|
|
user = server.create('user', {roles: [role], slug: 'test-user'});
|
|
});
|
|
|
|
afterEach(function () {
|
|
windowProxy.replaceLocation = originalReplaceLocation;
|
|
});
|
|
|
|
it('invalidates session on 401 API response', function () {
|
|
const role = server.create('role', {name: 'Administrator'}),
|
|
user = server.create('user', {roles: [role]});
|
|
|
|
// return a 401 when attempting to retrieve tags
|
|
server.get('/users/', (db, request) => {
|
|
return new Mirage.Response(401, {}, {
|
|
errors: [
|
|
{message: 'Access denied.', errorType: 'UnauthorizedError'}
|
|
]
|
|
});
|
|
});
|
|
|
|
authenticateSession(application);
|
|
visit('/team');
|
|
|
|
andThen(() => {
|
|
expect(currentURL(), 'url after 401').to.equal('/signin');
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('editor', function () {
|
|
let origDebounce = Ember.run.debounce;
|
|
let origThrottle = Ember.run.throttle;
|
|
|
|
// we don't want the autosave interfering in this test
|
|
beforeEach(function () {
|
|
Ember.run.debounce = function () { };
|
|
Ember.run.throttle = function () { };
|
|
});
|
|
|
|
it('displays re-auth modal attempting to save with invalid session', function () {
|
|
const role = server.create('role', {name: 'Administrator'}),
|
|
user = server.create('user', {roles: [role]});
|
|
|
|
// simulate an invalid session when saving the edited post
|
|
server.put('/posts/:id/', (db, request) => {
|
|
let post = db.posts.find(request.params.id),
|
|
[attrs] = JSON.parse(request.requestBody).posts;
|
|
|
|
if (attrs.markdown === 'Edited post body') {
|
|
return new Mirage.Response(401, {}, {
|
|
errors: [
|
|
{message: 'Access denied.', errorType: 'UnauthorizedError'}
|
|
]
|
|
});
|
|
} else {
|
|
return {
|
|
posts: [post]
|
|
};
|
|
}
|
|
});
|
|
|
|
server.loadFixtures();
|
|
authenticateSession(application);
|
|
|
|
visit('/editor');
|
|
|
|
// create the post
|
|
fillIn('#entry-title', 'Test Post');
|
|
fillIn('textarea.markdown-editor', 'Test post body');
|
|
click('.js-publish-button');
|
|
|
|
andThen(() => {
|
|
// we shouldn't have a modal at this point
|
|
expect(find('.modal-container #login').length, 'modal exists').to.equal(0);
|
|
// we also shouldn't have any alerts
|
|
expect(find('.gh-alert').length, 'no of alerts').to.equal(0);
|
|
});
|
|
|
|
// update the post
|
|
fillIn('textarea.markdown-editor', 'Edited post body');
|
|
click('.js-publish-button');
|
|
|
|
andThen(() => {
|
|
// we should see a re-auth modal
|
|
expect(find('.modal-container #login').length, 'modal exists').to.equal(1);
|
|
});
|
|
});
|
|
|
|
// don't clobber debounce/throttle for future tests
|
|
afterEach(function () {
|
|
Ember.run.debounce = origDebounce;
|
|
Ember.run.throttle = origThrottle;
|
|
});
|
|
});
|
|
});
|