Nemcio/meanTorrent
1
0
Fork 0
mirror of https://github.com/taobataoma/meanTorrent.git synced 2026-01-21 23:02:22 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
37899b2ef2fe77df5f0fef2df875975089bb83d6
meanTorrent/modules/articles/tests/server/article.server.routes.tests.js

421 lines
12 KiB
JavaScript
Raw Normal View History

Feature: Article CRUD ops. Added supertests. closes meanjs/mean#92
2014-09-26 18:03:53 +01:00
'use strict';
var should = require('should'),
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
request = require('supertest'),
path = require('path'),
mongoose = require('mongoose'),
User = mongoose.model('User'),
Article = mongoose.model('Article'),
express = require(path.resolve('./config/lib/express'));
Feature: Article CRUD ops. Added supertests. closes meanjs/mean#92
2014-09-26 18:03:53 +01:00
/**
* Globals
*/
feat(config): Deprecate JSHint in favor of ESLint Add basic ESLint setup extending well-known Airbnb code style. Fixes #1072, #1097
2015-12-10 20:31:51 +01:00
var app,
agent,
credentials,
user,
article;
Fix tests & refactor SSL support
2014-11-04 19:22:46 +02:00
/**
* Article routes tests
*/
fix failing tests
2015-07-07 10:22:21 -04:00
describe('Article CRUD tests', function () {
Mocha test timeouts [fixes #955] Added a timeout of 10000 ms to each server test file. This is an attempt to solve the timeout issues that we're experiencing with the Mocha tests. Especially, this is hoping to address the build fails that are caused by such timeouts. Issue is described in https://github.com/meanjs/mean/issues/955
2015-09-30 19:50:07 -07:00
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
before(function (done) {
// Get application
app = express.init(mongoose);
agent = request.agent(app);
done();
});
beforeEach(function (done) {
// Create user credentials
credentials = {
feat(users): change username to usernameOrEmail in signin (#1545) * feat(users): change username to usernameOrEmail in signin * fix(users): toLowerCase at email in local strategy
2016-10-06 11:34:15 -04:00
usernameOrEmail: 'username',
adding stronger password requirements for improving security based on OWASP
2015-09-02 23:21:24 -04:00
password: 'M3@n.jsI$Aw3$0m3'
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
};
// Create a new user
user = new User({
firstName: 'Full',
lastName: 'Name',
displayName: 'Full Name',
email: 'test@test.com',
feat(users): change username to usernameOrEmail in signin (#1545) * feat(users): change username to usernameOrEmail in signin * fix(users): toLowerCase at email in local strategy
2016-10-06 11:34:15 -04:00
username: credentials.usernameOrEmail,
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
password: credentials.password,
provider: 'local'
});
// Save a user to the test db and create new article
feat(articles): Promisifies article server test set up and clean up (#1774) Promisifies object creation in beforeEach and afterEach hooks in article server tests. Fixes #1773
2017-06-12 11:19:11 +03:00
user.save()
.then(function () {
article = {
title: 'Article Title',
content: 'Article Content'
};
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
feat(articles): Promisifies article server test set up and clean up (#1774) Promisifies object creation in beforeEach and afterEach hooks in article server tests. Fixes #1773
2017-06-12 11:19:11 +03:00
done();
})
.catch(done);
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
});
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
it('should not be able to save an article if logged in without the "admin" role', function (done) {
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
agent.post('/api/auth/signin')
.send(credentials)
.expect(200)
.end(function (signinErr, signinRes) {
// Handle signin error
if (signinErr) {
return done(signinErr);
}
agent.post('/api/articles')
.send(article)
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
.expect(403)
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
.end(function (articleSaveErr, articleSaveRes) {
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
// Call the assertion callback
done(articleSaveErr);
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
});
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
});
});
it('should not be able to save an article if not logged in', function (done) {
agent.post('/api/articles')
.send(article)
.expect(403)
.end(function (articleSaveErr, articleSaveRes) {
// Call the assertion callback
done(articleSaveErr);
});
});
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
it('should not be able to update an article if signed in without the "admin" role', function (done) {
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
agent.post('/api/auth/signin')
.send(credentials)
.expect(200)
.end(function (signinErr, signinRes) {
// Handle signin error
if (signinErr) {
return done(signinErr);
}
agent.post('/api/articles')
.send(article)
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
.expect(403)
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
.end(function (articleSaveErr, articleSaveRes) {
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
// Call the assertion callback
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
done(articleSaveErr);
});
});
});
it('should be able to get a list of articles if not signed in', function (done) {
// Create new article model instance
var articleObj = new Article(article);
// Save the article
articleObj.save(function () {
// Request articles
request(app).get('/api/articles')
.end(function (req, res) {
// Set assertion
res.body.should.be.instanceof(Array).and.have.lengthOf(1);
// Call the assertion callback
done();
});
});
});
it('should be able to get a single article if not signed in', function (done) {
// Create new article model instance
var articleObj = new Article(article);
// Save the article
articleObj.save(function () {
request(app).get('/api/articles/' + articleObj._id)
.end(function (req, res) {
// Set assertion
res.body.should.be.instanceof(Object).and.have.property('title', article.title);
// Call the assertion callback
done();
});
});
});
it('should return proper error for single article with an invalid Id, if not signed in', function (done) {
// test is not a valid mongoose Id
request(app).get('/api/articles/test')
.end(function (req, res) {
// Set assertion
res.body.should.be.instanceof(Object).and.have.property('message', 'Article is invalid');
// Call the assertion callback
done();
});
});
it('should return proper error for single article which doesnt exist, if not signed in', function (done) {
// This is a valid mongoose Id but a non-existent article
request(app).get('/api/articles/559e9cd815f80b4c256a8f41')
.end(function (req, res) {
// Set assertion
res.body.should.be.instanceof(Object).and.have.property('message', 'No article with that identifier has been found');
// Call the assertion callback
done();
});
});
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
it('should not be able to delete an article if signed in without the "admin" role', function (done) {
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
agent.post('/api/auth/signin')
.send(credentials)
.expect(200)
.end(function (signinErr, signinRes) {
// Handle signin error
if (signinErr) {
return done(signinErr);
}
agent.post('/api/articles')
.send(article)
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
.expect(403)
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
.end(function (articleSaveErr, articleSaveRes) {
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
// Call the assertion callback
done(articleSaveErr);
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
});
});
});
it('should not be able to delete an article if not signed in', function (done) {
// Set article user
article.user = user;
// Create new article model instance
var articleObj = new Article(article);
// Save the article
articleObj.save(function () {
// Try deleting article
request(app).delete('/api/articles/' + articleObj._id)
.expect(403)
.end(function (articleDeleteErr, articleDeleteRes) {
// Set message assertion
(articleDeleteRes.body.message).should.match('User is not authorized');
// Handle article error error
done(articleDeleteErr);
});
});
});
fix(articles): Orphaned User reference throws server error Adds an additional check for the existence of a populated user reference, when determining if the current user has immediate access to the requested article. Without this fix, the server will throw an error if the requested article doesn't have a populated user field. Modified the article & articles list view's to check if the article has a populated user. If not, then it will display "Deleted User" in place of the missing user reference. Added a server-side test that ensures we can get a single article if the article.user field is referencing a deleted user. Fixes #1082
2015-12-16 15:20:22 -08:00
it('should be able to get a single article that has an orphaned user reference', function (done) {
// Create orphan user creds
var _creds = {
feat(users): change username to usernameOrEmail in signin (#1545) * feat(users): change username to usernameOrEmail in signin * fix(users): toLowerCase at email in local strategy
2016-10-06 11:34:15 -04:00
usernameOrEmail: 'orphan',
fix(articles): Orphaned User reference throws server error Adds an additional check for the existence of a populated user reference, when determining if the current user has immediate access to the requested article. Without this fix, the server will throw an error if the requested article doesn't have a populated user field. Modified the article & articles list view's to check if the article has a populated user. If not, then it will display "Deleted User" in place of the missing user reference. Added a server-side test that ensures we can get a single article if the article.user field is referencing a deleted user. Fixes #1082
2015-12-16 15:20:22 -08:00
password: 'M3@n.jsI$Aw3$0m3'
};
// Create orphan user
var _orphan = new User({
firstName: 'Full',
lastName: 'Name',
displayName: 'Full Name',
email: 'orphan@test.com',
feat(users): change username to usernameOrEmail in signin (#1545) * feat(users): change username to usernameOrEmail in signin * fix(users): toLowerCase at email in local strategy
2016-10-06 11:34:15 -04:00
username: _creds.usernameOrEmail,
fix(articles): Orphaned User reference throws server error Adds an additional check for the existence of a populated user reference, when determining if the current user has immediate access to the requested article. Without this fix, the server will throw an error if the requested article doesn't have a populated user field. Modified the article & articles list view's to check if the article has a populated user. If not, then it will display "Deleted User" in place of the missing user reference. Added a server-side test that ensures we can get a single article if the article.user field is referencing a deleted user. Fixes #1082
2015-12-16 15:20:22 -08:00
password: _creds.password,
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
provider: 'local',
roles: ['admin']
fix(articles): Orphaned User reference throws server error Adds an additional check for the existence of a populated user reference, when determining if the current user has immediate access to the requested article. Without this fix, the server will throw an error if the requested article doesn't have a populated user field. Modified the article & articles list view's to check if the article has a populated user. If not, then it will display "Deleted User" in place of the missing user reference. Added a server-side test that ensures we can get a single article if the article.user field is referencing a deleted user. Fixes #1082
2015-12-16 15:20:22 -08:00
});
_orphan.save(function (err, orphan) {
// Handle save error
if (err) {
return done(err);
}
agent.post('/api/auth/signin')
.send(_creds)
.expect(200)
.end(function (signinErr, signinRes) {
// Handle signin error
if (signinErr) {
return done(signinErr);
}
// Get the userId
var orphanId = orphan._id;
// Save a new article
agent.post('/api/articles')
.send(article)
.expect(200)
.end(function (articleSaveErr, articleSaveRes) {
// Handle article save error
if (articleSaveErr) {
return done(articleSaveErr);
}
// Set assertions on new article
(articleSaveRes.body.title).should.equal(article.title);
should.exist(articleSaveRes.body.user);
should.equal(articleSaveRes.body.user._id, orphanId);
// force the article to have an orphaned user reference
orphan.remove(function () {
// now signin with valid user
agent.post('/api/auth/signin')
.send(credentials)
.expect(200)
.end(function (err, res) {
// Handle signin error
if (err) {
return done(err);
}
// Get the article
agent.get('/api/articles/' + articleSaveRes.body._id)
.expect(200)
.end(function (articleInfoErr, articleInfoRes) {
// Handle article error
if (articleInfoErr) {
return done(articleInfoErr);
}
// Set assertions
(articleInfoRes.body._id).should.equal(articleSaveRes.body._id);
(articleInfoRes.body.title).should.equal(article.title);
should.equal(articleInfoRes.body.user, undefined);
// Call the assertion callback
done();
});
});
});
});
});
});
});
fix(articles): Article edit/delete validation Adds a custom field named `isCurrentUserOwner` to the Article document before it's returned to the client. This field is used to determine if the current User should is the "owner", and should see the edit/delete controls on the client-side when viewing a single article. This custom (ad-hoc) field is NOT persisted to the database; it's merely attached to the document. Added server-side route tests for verifying the ad-hoc "isCurrentUserOwner" field is properly set on the a single Article document. Fixes #1146
2016-01-18 03:01:04 -08:00
it('should be able to get a single article if not signed in and verify the custom "isCurrentUserOwner" field is set to "false"', function (done) {
// Create new article model instance
var articleObj = new Article(article);
// Save the article
feat(articles): Simple test enhancement (#1659) * feat(articles): Simple test enhancement Simple test enhancement proposed by @jrodenbostel. Eases troubleshooting when Article save fails during test execution. Further reference here: https://github.com/meanjs/generator-meanjs/pull/257 Fixes #1658 * updated per @simison's request
2017-06-13 17:57:02 -05:00
articleObj.save(function (err) {
if (err) {
return done(err);
}
fix(articles): Article edit/delete validation Adds a custom field named `isCurrentUserOwner` to the Article document before it's returned to the client. This field is used to determine if the current User should is the "owner", and should see the edit/delete controls on the client-side when viewing a single article. This custom (ad-hoc) field is NOT persisted to the database; it's merely attached to the document. Added server-side route tests for verifying the ad-hoc "isCurrentUserOwner" field is properly set on the a single Article document. Fixes #1146
2016-01-18 03:01:04 -08:00
request(app).get('/api/articles/' + articleObj._id)
.end(function (req, res) {
// Set assertion
res.body.should.be.instanceof(Object).and.have.property('title', article.title);
// Assert the custom field "isCurrentUserOwner" is set to false for the un-authenticated User
res.body.should.be.instanceof(Object).and.have.property('isCurrentUserOwner', false);
// Call the assertion callback
done();
});
});
});
it('should be able to get single article, that a different user created, if logged in & verify the "isCurrentUserOwner" field is set to "false"', function (done) {
// Create temporary user creds
var _creds = {
feat(users): change username to usernameOrEmail in signin (#1545) * feat(users): change username to usernameOrEmail in signin * fix(users): toLowerCase at email in local strategy
2016-10-06 11:34:15 -04:00
usernameOrEmail: 'articleowner',
fix(articles): Article edit/delete validation Adds a custom field named `isCurrentUserOwner` to the Article document before it's returned to the client. This field is used to determine if the current User should is the "owner", and should see the edit/delete controls on the client-side when viewing a single article. This custom (ad-hoc) field is NOT persisted to the database; it's merely attached to the document. Added server-side route tests for verifying the ad-hoc "isCurrentUserOwner" field is properly set on the a single Article document. Fixes #1146
2016-01-18 03:01:04 -08:00
password: 'M3@n.jsI$Aw3$0m3'
};
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
// Create user that will create the Article
var _articleOwner = new User({
fix(articles): Article edit/delete validation Adds a custom field named `isCurrentUserOwner` to the Article document before it's returned to the client. This field is used to determine if the current User should is the "owner", and should see the edit/delete controls on the client-side when viewing a single article. This custom (ad-hoc) field is NOT persisted to the database; it's merely attached to the document. Added server-side route tests for verifying the ad-hoc "isCurrentUserOwner" field is properly set on the a single Article document. Fixes #1146
2016-01-18 03:01:04 -08:00
firstName: 'Full',
lastName: 'Name',
displayName: 'Full Name',
email: 'temp@test.com',
feat(users): change username to usernameOrEmail in signin (#1545) * feat(users): change username to usernameOrEmail in signin * fix(users): toLowerCase at email in local strategy
2016-10-06 11:34:15 -04:00
username: _creds.usernameOrEmail,
fix(articles): Article edit/delete validation Adds a custom field named `isCurrentUserOwner` to the Article document before it's returned to the client. This field is used to determine if the current User should is the "owner", and should see the edit/delete controls on the client-side when viewing a single article. This custom (ad-hoc) field is NOT persisted to the database; it's merely attached to the document. Added server-side route tests for verifying the ad-hoc "isCurrentUserOwner" field is properly set on the a single Article document. Fixes #1146
2016-01-18 03:01:04 -08:00
password: _creds.password,
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
provider: 'local',
roles: ['admin', 'user']
fix(articles): Article edit/delete validation Adds a custom field named `isCurrentUserOwner` to the Article document before it's returned to the client. This field is used to determine if the current User should is the "owner", and should see the edit/delete controls on the client-side when viewing a single article. This custom (ad-hoc) field is NOT persisted to the database; it's merely attached to the document. Added server-side route tests for verifying the ad-hoc "isCurrentUserOwner" field is properly set on the a single Article document. Fixes #1146
2016-01-18 03:01:04 -08:00
});
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
_articleOwner.save(function (err, _user) {
fix(articles): Article edit/delete validation Adds a custom field named `isCurrentUserOwner` to the Article document before it's returned to the client. This field is used to determine if the current User should is the "owner", and should see the edit/delete controls on the client-side when viewing a single article. This custom (ad-hoc) field is NOT persisted to the database; it's merely attached to the document. Added server-side route tests for verifying the ad-hoc "isCurrentUserOwner" field is properly set on the a single Article document. Fixes #1146
2016-01-18 03:01:04 -08:00
// Handle save error
if (err) {
return done(err);
}
// Sign in with the user that will create the Article
agent.post('/api/auth/signin')
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
.send(_creds)
fix(articles): Article edit/delete validation Adds a custom field named `isCurrentUserOwner` to the Article document before it's returned to the client. This field is used to determine if the current User should is the "owner", and should see the edit/delete controls on the client-side when viewing a single article. This custom (ad-hoc) field is NOT persisted to the database; it's merely attached to the document. Added server-side route tests for verifying the ad-hoc "isCurrentUserOwner" field is properly set on the a single Article document. Fixes #1146
2016-01-18 03:01:04 -08:00
.expect(200)
.end(function (signinErr, signinRes) {
// Handle signin error
if (signinErr) {
return done(signinErr);
}
// Get the userId
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
var userId = _user._id;
fix(articles): Article edit/delete validation Adds a custom field named `isCurrentUserOwner` to the Article document before it's returned to the client. This field is used to determine if the current User should is the "owner", and should see the edit/delete controls on the client-side when viewing a single article. This custom (ad-hoc) field is NOT persisted to the database; it's merely attached to the document. Added server-side route tests for verifying the ad-hoc "isCurrentUserOwner" field is properly set on the a single Article document. Fixes #1146
2016-01-18 03:01:04 -08:00
// Save a new article
agent.post('/api/articles')
.send(article)
.expect(200)
.end(function (articleSaveErr, articleSaveRes) {
// Handle article save error
if (articleSaveErr) {
return done(articleSaveErr);
}
// Set assertions on new article
(articleSaveRes.body.title).should.equal(article.title);
should.exist(articleSaveRes.body.user);
should.equal(articleSaveRes.body.user._id, userId);
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
// now signin with the test suite user
fix(articles): Article edit/delete validation Adds a custom field named `isCurrentUserOwner` to the Article document before it's returned to the client. This field is used to determine if the current User should is the "owner", and should see the edit/delete controls on the client-side when viewing a single article. This custom (ad-hoc) field is NOT persisted to the database; it's merely attached to the document. Added server-side route tests for verifying the ad-hoc "isCurrentUserOwner" field is properly set on the a single Article document. Fixes #1146
2016-01-18 03:01:04 -08:00
agent.post('/api/auth/signin')
feat(articles): Article Admin feature (#807) This feature introduces a breaking change, that restricts the User's that can create/edit/delete Articles to only those that have the `admin` Role. Fixed ESLint issues. Resolved merge conflicts, and moved new client Article Service `createOrUpdate` functionality to new Admin feature controller. Removed edit functionality from client-side Article controller.
2016-07-25 17:34:06 -07:00
.send(credentials)
fix(articles): Article edit/delete validation Adds a custom field named `isCurrentUserOwner` to the Article document before it's returned to the client. This field is used to determine if the current User should is the "owner", and should see the edit/delete controls on the client-side when viewing a single article. This custom (ad-hoc) field is NOT persisted to the database; it's merely attached to the document. Added server-side route tests for verifying the ad-hoc "isCurrentUserOwner" field is properly set on the a single Article document. Fixes #1146
2016-01-18 03:01:04 -08:00
.expect(200)
.end(function (err, res) {
// Handle signin error
if (err) {
return done(err);
}
// Get the article
agent.get('/api/articles/' + articleSaveRes.body._id)
.expect(200)
.end(function (articleInfoErr, articleInfoRes) {
// Handle article error
if (articleInfoErr) {
return done(articleInfoErr);
}
// Set assertions
(articleInfoRes.body._id).should.equal(articleSaveRes.body._id);
(articleInfoRes.body.title).should.equal(article.title);
// Assert that the custom field "isCurrentUserOwner" is set to false since the current User didn't create it
(articleInfoRes.body.isCurrentUserOwner).should.equal(false);
// Call the assertion callback
done();
});
});
});
});
});
});
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
afterEach(function (done) {
feat(articles): Promisifies article server test set up and clean up (#1774) Promisifies object creation in beforeEach and afterEach hooks in article server tests. Fixes #1773
2017-06-12 11:19:11 +03:00
Article.remove().exec()
.then(User.remove().exec())
.then(done())
.catch(done);
formatting reboot (space-2 and consistency) JSCS fixes update editorconfig
2015-07-25 16:53:11 -04:00
});
Wait for async saving and removing
2015-02-18 22:19:37 +02:00
});
Reference in New Issue Copy Permalink