From e51c8de9cb4f0e9922943417e036aa15b838b42e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?= Date: Sun, 17 Dec 2023 12:42:07 -0500 Subject: [PATCH] messaging/middleware --- test/messaging.js | 172 ++++++++++++++++++++------------------------- test/middleware.js | 78 ++++++++++---------- 2 files changed, 113 insertions(+), 137 deletions(-) diff --git a/test/messaging.js b/test/messaging.js index 4709aff351..d3364412ef 100644 --- a/test/messaging.js +++ b/test/messaging.js @@ -1,7 +1,7 @@ 'use strict'; const assert = require('assert'); -const request = require('request-promise-native'); + const nconf = require('nconf'); const util = require('util'); @@ -14,7 +14,7 @@ const Groups = require('../src/groups'); const Messaging = require('../src/messaging'); const api = require('../src/api'); const helpers = require('./helpers'); -const socketModules = require('../src/socket.io/modules'); +const request = require('../src/request'); const utils = require('../src/utils'); const translator = require('../src/translator'); @@ -33,12 +33,9 @@ describe('Messaging Library', () => { const callv3API = async (method, path, body, user) => { const options = { - method, - body, - json: true, + data: body, jar: mocks.users[user].jar, - resolveWithFullResponse: true, - simple: false, + validateStatus: null, }; if (method !== 'get') { @@ -47,7 +44,7 @@ describe('Messaging Library', () => { }; } - return request(`${nconf.get('url')}/api/v3${path}`, options); + return request[method](`${nconf.get('url')}/api/v3${path}`, options); }; before(async () => { @@ -162,11 +159,11 @@ describe('Messaging Library', () => { uids: [mocks.users.baz.uid], }, 'foo'); - const { statusCode, body } = await callv3API('post', `/chats`, { + const { response, body } = await callv3API('post', `/chats`, { uids: [mocks.users.baz.uid], }, 'foo'); - assert.equal(statusCode, 400); + assert.equal(response.statusCode, 400); assert.equal(body.status.code, 'bad-request'); assert.equal(body.status.message, await translator.translate('[[error:too-many-messages]]')); meta.config.chatMessageDelay = oldValue; @@ -190,20 +187,20 @@ describe('Messaging Library', () => { assert.strictEqual(messages[0].system, 1); assert.strictEqual(messages[0].content, 'user-join'); - const { statusCode, body: body2 } = await callv3API('put', `/chats/${roomId}/messages/${messages[0].messageId}`, { + const { response, body: body2 } = await callv3API('put', `/chats/${roomId}/messages/${messages[0].messageId}`, { message: 'test', }, 'foo'); - assert.strictEqual(statusCode, 400); + assert.strictEqual(response.statusCode, 400); assert.equal(body2.status.message, await translator.translate('[[error:cant-edit-chat-message]]')); }); it('should fail to add user to room with invalid data', async () => { - let { statusCode, body } = await callv3API('post', `/chats/${roomId}/users`, {}, 'foo'); - assert.strictEqual(statusCode, 400); + let { response, body } = await callv3API('post', `/chats/${roomId}/users`, {}, 'foo'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:required-parameters-missing, uids]]')); - ({ statusCode, body } = await callv3API('post', `/chats/${roomId}/users`, { uids: [null] }, 'foo')); - assert.strictEqual(statusCode, 400); + ({ response, body } = await callv3API('post', `/chats/${roomId}/users`, { uids: [null] }, 'foo')); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:no-user]]')); }); @@ -220,38 +217,38 @@ describe('Messaging Library', () => { }); it('should throw error if user is not in room', async () => { - const { statusCode, body } = await callv3API('get', `/chats/${roomId}/users`, {}, 'bar'); - assert.strictEqual(statusCode, 403); + const { response, body } = await callv3API('get', `/chats/${roomId}/users`, {}, 'bar'); + assert.strictEqual(response.statusCode, 403); assert.equal(body.status.message, await translator.translate('[[error:no-privileges]]')); }); it('should fail to add users to room if max is reached', async () => { meta.config.maximumUsersInChatRoom = 2; - const { statusCode, body } = await callv3API('post', `/chats/${roomId}/users`, { uids: [mocks.users.bar.uid] }, 'foo'); - assert.strictEqual(statusCode, 400); + const { response, body } = await callv3API('post', `/chats/${roomId}/users`, { uids: [mocks.users.bar.uid] }, 'foo'); + assert.strictEqual(response.statusCode, 400); assert.equal(body.status.message, await translator.translate('[[error:cant-add-more-users-to-chat-room]]')); meta.config.maximumUsersInChatRoom = 0; }); it('should fail to add users to room if user does not exist', async () => { - const { statusCode, body } = await callv3API('post', `/chats/${roomId}/users`, { uids: [98237498234] }, 'foo'); - assert.strictEqual(statusCode, 400); + const { response, body } = await callv3API('post', `/chats/${roomId}/users`, { uids: [98237498234] }, 'foo'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:no-user]]')); }); it('should fail to add self to room', async () => { - const { statusCode, body } = await callv3API('post', `/chats/${roomId}/users`, { uids: [mocks.users.foo.uid] }, 'foo'); - assert.strictEqual(statusCode, 400); + const { response, body } = await callv3API('post', `/chats/${roomId}/users`, { uids: [mocks.users.foo.uid] }, 'foo'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:cant-chat-with-yourself]]')); }); it('should fail to leave room with invalid data', async () => { - let { statusCode, body } = await callv3API('delete', `/chats/${roomId}/users`, {}, 'foo'); - assert.strictEqual(statusCode, 400); + let { response, body } = await callv3API('delete', `/chats/${roomId}/users`, {}, 'foo'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:required-parameters-missing, uids]]')); - ({ statusCode, body } = await callv3API('delete', `/chats/${roomId}/users`, { uids: [98237423] }, 'foo')); - assert.strictEqual(statusCode, 400); + ({ response, body } = await callv3API('delete', `/chats/${roomId}/users`, { uids: [98237423] }, 'foo')); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:no-user]]')); }); @@ -303,11 +300,9 @@ describe('Messaging Library', () => { const { jar: senderJar, csrf_token: senderCsrf } = await helpers.loginUser('deleted_chat_user', 'barbar'); const receiver = await User.create({ username: 'receiver' }); - const { response } = await request(`${nconf.get('url')}/api/v3/chats`, { - method: 'post', - json: true, + const { body } = await request.post(`${nconf.get('url')}/api/v3/chats`, { jar: senderJar, - body: { + data: { uids: [receiver], }, headers: { @@ -315,31 +310,31 @@ describe('Messaging Library', () => { }, }); await User.deleteAccount(sender); - assert(await Messaging.isRoomOwner(receiver, response.roomId)); + assert(await Messaging.isRoomOwner(receiver, body.response.roomId)); }); it('should fail to remove user from room', async () => { - let { statusCode, body } = await callv3API('delete', `/chats/${roomId}/users`, {}, 'foo'); - assert.strictEqual(statusCode, 400); + let { response, body } = await callv3API('delete', `/chats/${roomId}/users`, {}, 'foo'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:required-parameters-missing, uids]]')); - ({ statusCode, body } = await callv3API('delete', `/chats/${roomId}/users`, { uids: [null] }, 'foo')); - assert.strictEqual(statusCode, 400); + ({ response, body } = await callv3API('delete', `/chats/${roomId}/users`, { uids: [null] }, 'foo')); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:no-user]]')); }); it('should fail to remove user from room if user does not exist', async () => { - const { statusCode, body } = await callv3API('delete', `/chats/${roomId}/users`, { uids: [99] }, 'foo'); - assert.strictEqual(statusCode, 400); + const { response, body } = await callv3API('delete', `/chats/${roomId}/users`, { uids: [99] }, 'foo'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:no-user]]')); }); it('should remove user from room', async () => { - const { statusCode, body } = await callv3API('post', `/chats`, { + const { response, body } = await callv3API('post', `/chats`, { uids: [mocks.users.herp.uid], }, 'foo'); const { roomId } = body.response; - assert.strictEqual(statusCode, 200); + assert.strictEqual(response.statusCode, 200); let isInRoom = await Messaging.isUserInRoom(mocks.users.herp.uid, roomId); assert(isInRoom); @@ -488,8 +483,8 @@ describe('Messaging Library', () => { }); it('should rename room', async () => { - const { statusCode } = await callv3API('put', `/chats/${roomId}`, { name: 'new room name' }, 'foo'); - assert.strictEqual(statusCode, 200); + const { response } = await callv3API('put', `/chats/${roomId}`, { name: 'new room name' }, 'foo'); + assert.strictEqual(response.statusCode, 200); }); it('should send a room-rename system message when a room is renamed', async () => { @@ -638,46 +633,46 @@ describe('Messaging Library', () => { }); it('should fail to edit message with invalid data', async () => { - let { statusCode, body } = await callv3API('put', `/chats/1/messages/10000`, { message: 'foo' }, 'foo'); - assert.strictEqual(statusCode, 400); + let { response, body } = await callv3API('put', `/chats/1/messages/10000`, { message: 'foo' }, 'foo'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:invalid-mid]]')); - ({ statusCode, body } = await callv3API('put', `/chats/${roomId}/messages/${mid}`, {}, 'foo')); - assert.strictEqual(statusCode, 400); + ({ response, body } = await callv3API('put', `/chats/${roomId}/messages/${mid}`, {}, 'foo')); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:invalid-chat-message]]')); }); it('should fail to edit message if new content is empty string', async () => { - const { statusCode, body } = await callv3API('put', `/chats/${roomId}/messages/${mid}`, { message: ' ' }, 'foo'); - assert.strictEqual(statusCode, 400); + const { response, body } = await callv3API('put', `/chats/${roomId}/messages/${mid}`, { message: ' ' }, 'foo'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:invalid-chat-message]]')); }); it('should fail to edit message if not own message', async () => { - const { statusCode, body } = await callv3API('put', `/chats/${roomId}/messages/${mid}`, { message: 'message edited' }, 'herp'); - assert.strictEqual(statusCode, 400); + const { response, body } = await callv3API('put', `/chats/${roomId}/messages/${mid}`, { message: 'message edited' }, 'herp'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:cant-edit-chat-message]]')); }); it('should fail to edit message if message not in room', async () => { - const { statusCode, body } = await callv3API('put', `/chats/${roomId}/messages/1014`, { message: 'message edited' }, 'herp'); - assert.strictEqual(statusCode, 400); + const { response, body } = await callv3API('put', `/chats/${roomId}/messages/1014`, { message: 'message edited' }, 'herp'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, await translator.translate('[[error:invalid-mid]]')); }); it('should edit message', async () => { - let { statusCode, body } = await callv3API('put', `/chats/${roomId}/messages/${mid}`, { message: 'message edited' }, 'foo'); - assert.strictEqual(statusCode, 200); + let { response, body } = await callv3API('put', `/chats/${roomId}/messages/${mid}`, { message: 'message edited' }, 'foo'); + assert.strictEqual(response.statusCode, 200); assert.strictEqual(body.response.content, 'message edited'); - ({ statusCode, body } = await callv3API('get', `/chats/${roomId}/messages/${mid}`, {}, 'foo')); - assert.strictEqual(statusCode, 200); + ({ response, body } = await callv3API('get', `/chats/${roomId}/messages/${mid}`, {}, 'foo')); + assert.strictEqual(response.statusCode, 200); assert.strictEqual(body.response.content, 'message edited'); }); it('should fail to delete message if not owner', async () => { - const { statusCode, body } = await callv3API('delete', `/chats/${roomId}/messages/${mid}`, {}, 'herp'); - assert.strictEqual(statusCode, 400); + const { response, body } = await callv3API('delete', `/chats/${roomId}/messages/${mid}`, {}, 'herp'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, 'You are not allowed to delete this message'); }); @@ -716,8 +711,8 @@ describe('Messaging Library', () => { }); it('should error out if a message is deleted again', async () => { - const { statusCode, body } = await callv3API('delete', `/chats/${roomId}/messages/${mid}`, {}, 'foo'); - assert.strictEqual(statusCode, 400); + const { response, body } = await callv3API('delete', `/chats/${roomId}/messages/${mid}`, {}, 'foo'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, 'This chat message has already been deleted.'); }); @@ -728,8 +723,8 @@ describe('Messaging Library', () => { }); it('should error out if a message is restored again', async () => { - const { statusCode, body } = await callv3API('post', `/chats/${roomId}/messages/${mid}`, {}, 'foo'); - assert.strictEqual(statusCode, 400); + const { response, body } = await callv3API('post', `/chats/${roomId}/messages/${mid}`, {}, 'foo'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, 'This chat message has already been restored.'); }); @@ -743,8 +738,8 @@ describe('Messaging Library', () => { }); it('should error out for regular users', async () => { - const { statusCode, body } = await callv3API('delete', `/chats/${roomId}/messages/${mid2}`, {}, 'baz'); - assert.strictEqual(statusCode, 400); + const { response, body } = await callv3API('delete', `/chats/${roomId}/messages/${mid2}`, {}, 'baz'); + assert.strictEqual(response.statusCode, 400); assert.strictEqual(body.status.message, 'chat-message-editing-disabled'); }); @@ -767,9 +762,8 @@ describe('Messaging Library', () => { describe('controller', () => { it('should 404 if chat is disabled', async () => { meta.config.disableChat = 1; - const response = await request(`${nconf.get('url')}/user/baz/chats`, { - resolveWithFullResponse: true, - simple: false, + const { response } = await request.get(`${nconf.get('url')}/user/baz/chats`, { + validateStatus: null, }); assert.equal(response.statusCode, 404); @@ -777,21 +771,18 @@ describe('Messaging Library', () => { it('should 401 for guest with not-authorised status code', async () => { meta.config.disableChat = 0; - const response = await request(`${nconf.get('url')}/api/user/baz/chats`, { + const { response, body } = await request.get(`${nconf.get('url')}/api/user/baz/chats`, { resolveWithFullResponse: true, - simple: false, - json: true, + validateStatus: null, }); - const { body } = response; assert.equal(response.statusCode, 401); assert.equal(body.status.code, 'not-authorised'); }); it('should 404 for non-existent user', async () => { - const response = await request(`${nconf.get('url')}/user/doesntexist/chats`, { - resolveWithFullResponse: true, - simple: false, + const { response } = await request.get(`${nconf.get('url')}/user/doesntexist/chats`, { + validateStatus: null, }); assert.equal(response.statusCode, 404); @@ -805,13 +796,10 @@ describe('Messaging Library', () => { }); it('should return chats page data', async () => { - const response = await request(`${nconf.get('url')}/api/user/herp/chats`, { - resolveWithFullResponse: true, - simple: false, - json: true, + const { response, body } = await request.get(`${nconf.get('url')}/api/user/herp/chats`, { + validateStatus: null, jar, }); - const { body } = response; assert.equal(response.statusCode, 200); assert(Array.isArray(body.rooms)); @@ -820,13 +808,10 @@ describe('Messaging Library', () => { }); it('should return room data', async () => { - const response = await request(`${nconf.get('url')}/api/user/herp/chats/${roomId}`, { - resolveWithFullResponse: true, - simple: false, - json: true, + const { response, body } = await request.get(`${nconf.get('url')}/api/user/herp/chats/${roomId}`, { + validateStatus: null, jar, }); - const { body } = response; assert.equal(response.statusCode, 200); assert.equal(body.roomId, roomId); @@ -834,25 +819,20 @@ describe('Messaging Library', () => { }); it('should redirect to chats page', async () => { - const res = await request(`${nconf.get('url')}/api/chats`, { - resolveWithFullResponse: true, - simple: false, + const { response, body } = await request.get(`${nconf.get('url')}/api/chats`, { + validateStatus: null, jar, - json: true, }); - const { body } = res; - assert.equal(res.statusCode, 200); - assert.equal(res.headers['x-redirect'], '/user/herp/chats'); + assert.equal(response.statusCode, 200); + assert.equal(response.headers['x-redirect'], '/user/herp/chats'); assert.equal(body, '/user/herp/chats'); }); it('should return 404 if user is not in room', async () => { const data = await helpers.loginUser('baz', 'quuxquux'); - const response = await request(`${nconf.get('url')}/api/user/baz/chats/${roomId}`, { - resolveWithFullResponse: true, - simple: false, - json: true, + const { response } = await request.get(`${nconf.get('url')}/api/user/baz/chats/${roomId}`, { + validateStatus: null, jar: data.jar, }); diff --git a/test/middleware.js b/test/middleware.js index 818ef371cd..783b283f4d 100644 --- a/test/middleware.js +++ b/test/middleware.js @@ -2,13 +2,13 @@ const assert = require('assert'); const nconf = require('nconf'); -const request = require('request-promise-native'); + const db = require('./mocks/databasemock'); const user = require('../src/user'); const groups = require('../src/groups'); const utils = require('../src/utils'); - +const request = require('../src/request'); const helpers = require('./helpers'); describe('Middlewares', () => { @@ -116,81 +116,77 @@ describe('Middlewares', () => { }); it('should be absent on non-existent routes, for guests', async () => { - const res = await request(`${nconf.get('url')}/${utils.generateUUID()}`, { - simple: false, - resolveWithFullResponse: true, + const { response } = await request.get(`${nconf.get('url')}/${utils.generateUUID()}`, { + validateStatus: null, }); - assert.strictEqual(res.statusCode, 404); - assert(!Object.keys(res.headers).includes('cache-control')); + assert.strictEqual(response.statusCode, 404); + assert(!Object.keys(response.headers).includes('cache-control')); }); it('should be set to "private" on non-existent routes, for logged in users', async () => { - const res = await request(`${nconf.get('url')}/${utils.generateUUID()}`, { - simple: false, - resolveWithFullResponse: true, + const { response } = await request.get(`${nconf.get('url')}/${utils.generateUUID()}`, { + validateStatus: null, jar, + headers: { + accept: 'text/html', + }, }); - assert.strictEqual(res.statusCode, 404); - assert(Object.keys(res.headers).includes('cache-control')); - assert.strictEqual(res.headers['cache-control'], 'private'); + assert.strictEqual(response.statusCode, 404); + assert(Object.keys(response.headers).includes('cache-control')); + assert.strictEqual(response.headers['cache-control'], 'private'); }); it('should be absent on regular routes, for guests', async () => { - const res = await request(nconf.get('url'), { - simple: false, - resolveWithFullResponse: true, + const { response } = await request.get(nconf.get('url'), { + validateStatus: null, }); - assert.strictEqual(res.statusCode, 200); - assert(!Object.keys(res.headers).includes('cache-control')); + assert.strictEqual(response.statusCode, 200); + assert(!Object.keys(response.headers).includes('cache-control')); }); it('should be absent on api routes, for guests', async () => { - const res = await request(`${nconf.get('url')}/api`, { - simple: false, - resolveWithFullResponse: true, + const { response } = await request.get(`${nconf.get('url')}/api`, { + validateStatus: null, }); - assert.strictEqual(res.statusCode, 200); - assert(!Object.keys(res.headers).includes('cache-control')); + assert.strictEqual(response.statusCode, 200); + assert(!Object.keys(response.headers).includes('cache-control')); }); it('should be set to "private" on regular routes, for logged-in users', async () => { - const res = await request(nconf.get('url'), { - simple: false, - resolveWithFullResponse: true, + const { response } = await request.get(nconf.get('url'), { + validateStatus: null, jar, }); - assert.strictEqual(res.statusCode, 200); - assert(Object.keys(res.headers).includes('cache-control')); - assert.strictEqual(res.headers['cache-control'], 'private'); + assert.strictEqual(response.statusCode, 200); + assert(Object.keys(response.headers).includes('cache-control')); + assert.strictEqual(response.headers['cache-control'], 'private'); }); it('should be set to "private" on api routes, for logged-in users', async () => { - const res = await request(`${nconf.get('url')}/api`, { - simple: false, - resolveWithFullResponse: true, + const { response } = await request.get(`${nconf.get('url')}/api`, { + validateStatus: null, jar, }); - assert.strictEqual(res.statusCode, 200); - assert(Object.keys(res.headers).includes('cache-control')); - assert.strictEqual(res.headers['cache-control'], 'private'); + assert.strictEqual(response.statusCode, 200); + assert(Object.keys(response.headers).includes('cache-control')); + assert.strictEqual(response.headers['cache-control'], 'private'); }); it('should be set to "private" on apiv3 routes, for logged-in users', async () => { - const res = await request(`${nconf.get('url')}/api/v3/users/${uid}`, { - simple: false, - resolveWithFullResponse: true, + const { response } = await request.get(`${nconf.get('url')}/api/v3/users/${uid}`, { + validateStatus: null, jar, }); - assert.strictEqual(res.statusCode, 200); - assert(Object.keys(res.headers).includes('cache-control')); - assert.strictEqual(res.headers['cache-control'], 'private'); + assert.strictEqual(response.statusCode, 200); + assert(Object.keys(response.headers).includes('cache-control')); + assert.strictEqual(response.headers['cache-control'], 'private'); }); }); });