Ghost/core/test/regression/api/admin_spec.js
Naz Gargol abda6e6338
Migrated to use url-utils from Ghost-SDK (#10787)
closes #10773

- The refactoring is a substitute for `urlService.utils` used previously throughout the codebase and now extracted into the separate module in Ghost-SDK
- Added url-utils stubbing utility for test suites
- Some tests had to be refactored to avoid double mocks (when url's are being reset inside of rested 'describe' groups)
2019-06-18 15:13:55 +02:00

153 lines
5.0 KiB
JavaScript

// # Frontend Route tests
// As it stands, these tests depend on the database, and as such are integration tests.
// Mocking out the models to not touch the DB would turn these into unit tests, and should probably be done in future,
// But then again testing real code, rather than mock code, might be more useful...
var should = require('should'),
supertest = require('supertest'),
testUtils = require('../../utils/index'),
configUtils = require('../../utils/configUtils'),
urlUtils = require('../../utils/urlUtils'),
ghost = testUtils.startGhost,
common = require('../../../server/lib/common/index'),
config = require('../../../server/config/index'),
request;
common.i18n.init();
describe('Admin Routing', function () {
function doEnd(done) {
return function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
should.exist(res.headers.date);
done();
};
}
function doEndNoAuth(done) {
return function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
should.exist(res.headers.date);
done();
};
}
before(function () {
return ghost()
.then(function () {
request = supertest.agent(config.get('url'));
});
});
describe('Assets', function () {
it('should return 404 for unknown assets', function (done) {
request.get('/ghost/assets/not-found.js')
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404)
.end(doEnd(done));
});
it('should retrieve built assets', function (done) {
request.get('/ghost/assets/vendor.js')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(200)
.end(doEnd(done));
});
});
describe('Legacy Redirects', function () {
it('should redirect /logout/ to /ghost/#/signout/', function (done) {
request.get('/logout/')
.expect('Location', '/ghost/#/signout/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEndNoAuth(done));
});
it('should redirect /signout/ to /ghost/#/signout/', function (done) {
request.get('/signout/')
.expect('Location', '/ghost/#/signout/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEndNoAuth(done));
});
it('should redirect /signup/ to /ghost/#/signup/', function (done) {
request.get('/signup/')
.expect('Location', '/ghost/#/signup/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEndNoAuth(done));
});
// Admin aliases
it('should redirect /signin/ to /ghost/', function (done) {
request.get('/signin/')
.expect('Location', '/ghost/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEndNoAuth(done));
});
it('should redirect /admin/ to /ghost/', function (done) {
request.get('/admin/')
.expect('Location', '/ghost/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEndNoAuth(done));
});
it('should redirect /GHOST/ to /ghost/', function (done) {
request.get('/GHOST/')
.expect('Location', '/ghost/')
.expect(301)
.end(doEndNoAuth(done));
});
});
// we'll use X-Forwarded-Proto: https to simulate an 'https://' request behind a proxy
describe('Require HTTPS - redirect', function () {
var ghostServer;
before(function () {
configUtils.set('url', 'https://localhost:2390');
urlUtils.stubUrlUtilsFromConfig();
return ghost({forceStart: true})
.then(function (_ghostServer) {
ghostServer = _ghostServer;
request = supertest.agent(config.get('server:host') + ':' + config.get('server:port'));
});
});
after(function () {
urlUtils.restore();
configUtils.restore();
});
it('should redirect admin access over non-HTTPS', function (done) {
request.get('/ghost/')
.expect('Location', /^https:\/\/localhost:2390\/ghost\//)
.expect(301)
.end(doEnd(done));
});
it('should allow admin access over HTTPS', function (done) {
request.get('/ghost/')
.set('X-Forwarded-Proto', 'https')
.expect(200)
.end(doEnd(done));
});
});
});