diff --git a/test/private-api/alias.e2e-spec.ts b/test/private-api/alias.e2e-spec.ts index d05242734..00056543b 100644 --- a/test/private-api/alias.e2e-spec.ts +++ b/test/private-api/alias.e2e-spec.ts @@ -3,90 +3,38 @@ * * SPDX-License-Identifier: AGPL-3.0-only */ -import { INestApplication } from '@nestjs/common'; -import { ConfigModule, ConfigService } from '@nestjs/config'; -import { Test } from '@nestjs/testing'; -import { TypeOrmModule } from '@nestjs/typeorm'; import request from 'supertest'; -import { PrivateApiModule } from '../../src/api/private/private-api.module'; -import { AuthModule } from '../../src/auth/auth.module'; import { AuthConfig } from '../../src/config/auth.config'; -import appConfigMock from '../../src/config/mock/app.config.mock'; -import authConfigMock from '../../src/config/mock/auth.config.mock'; -import customizationConfigMock from '../../src/config/mock/customization.config.mock'; -import externalConfigMock from '../../src/config/mock/external-services.config.mock'; -import mediaConfigMock from '../../src/config/mock/media.config.mock'; -import { GroupsModule } from '../../src/groups/groups.module'; -import { IdentityService } from '../../src/identity/identity.service'; -import { LoggerModule } from '../../src/logger/logger.module'; import { AliasCreateDto } from '../../src/notes/alias-create.dto'; import { AliasUpdateDto } from '../../src/notes/alias-update.dto'; -import { AliasService } from '../../src/notes/alias.service'; -import { NotesModule } from '../../src/notes/notes.module'; -import { NotesService } from '../../src/notes/notes.service'; -import { PermissionsModule } from '../../src/permissions/permissions.module'; import { User } from '../../src/users/user.entity'; -import { UsersModule } from '../../src/users/users.module'; -import { UsersService } from '../../src/users/users.service'; import { setupSessionMiddleware } from '../../src/utils/session'; +import { TestSetup } from '../test-setup'; describe('Alias', () => { - let app: INestApplication; - let aliasService: AliasService; - let notesService: NotesService; - let identityService: IdentityService; + let testSetup: TestSetup; + let user: User; let content: string; let forbiddenNoteId: string; + let agent: request.SuperAgentTest; beforeAll(async () => { - const moduleRef = await Test.createTestingModule({ - imports: [ - ConfigModule.forRoot({ - isGlobal: true, - load: [ - mediaConfigMock, - appConfigMock, - authConfigMock, - customizationConfigMock, - externalConfigMock, - ], - }), - PrivateApiModule, - NotesModule, - PermissionsModule, - GroupsModule, - TypeOrmModule.forRoot({ - type: 'sqlite', - database: './hedgedoc-e2e-private-alias.sqlite', - autoLoadEntities: true, - synchronize: true, - dropSchema: true, - }), - LoggerModule, - AuthModule, - UsersModule, - ], - }).compile(); + testSetup = await TestSetup.create(); - const config = moduleRef.get(ConfigService); - forbiddenNoteId = config.get('appConfig').forbiddenNoteIds[0]; - app = moduleRef.createNestApplication(); - const authConfig = config.get('authConfig') as AuthConfig; - setupSessionMiddleware(app, authConfig); - await app.init(); - aliasService = moduleRef.get(AliasService); - notesService = moduleRef.get(NotesService); - identityService = moduleRef.get(IdentityService); - const userService = moduleRef.get(UsersService); - user = await userService.createUser('hardcoded', 'Testy'); - await identityService.createLocalIdentity(user, 'test'); + forbiddenNoteId = + testSetup.configService.get('appConfig').forbiddenNoteIds[0]; + const authConfig = testSetup.configService.get('authConfig') as AuthConfig; + setupSessionMiddleware(testSetup.app, authConfig); + await testSetup.app.init(); + user = await testSetup.userService.createUser('hardcoded', 'Testy'); + await testSetup.identityService.createLocalIdentity(user, 'test'); content = 'This is a test note.'; - agent = request.agent(app.getHttpServer()); + agent = request.agent(testSetup.app.getHttpServer()); await agent - .post('/auth/local/login') + .post('/api/private/auth/local/login') .send({ username: 'hardcoded', password: 'test' }) .expect(201); }); @@ -99,7 +47,11 @@ describe('Alias', () => { }; let publicId = ''; beforeAll(async () => { - const note = await notesService.createNote(content, testAlias, user); + const note = await testSetup.notesService.createNote( + content, + testAlias, + user, + ); publicId = note.publicId; }); @@ -107,14 +59,16 @@ describe('Alias', () => { const newAlias = 'normalAlias'; newAliasDto.newAlias = newAlias; const metadata = await agent - .post(`/alias`) + .post(`/api/private/alias`) .set('Content-Type', 'application/json') .send(newAliasDto) .expect(201); expect(metadata.body.name).toEqual(newAlias); expect(metadata.body.primaryAlias).toBeFalsy(); expect(metadata.body.noteId).toEqual(publicId); - const note = await agent.get(`/notes/${newAlias}`).expect(200); + const note = await agent + .get(`/api/private/notes/${newAlias}`) + .expect(200); expect(note.body.metadata.aliases).toContain(newAlias); expect(note.body.metadata.primaryAlias).toBeTruthy(); expect(note.body.metadata.id).toEqual(publicId); @@ -124,7 +78,7 @@ describe('Alias', () => { it('because of a forbidden alias', async () => { newAliasDto.newAlias = forbiddenNoteId; await agent - .post(`/alias`) + .post(`/api/private/alias`) .set('Content-Type', 'application/json') .send(newAliasDto) .expect(400); @@ -132,7 +86,7 @@ describe('Alias', () => { it('because of a alias that is a public id', async () => { newAliasDto.newAlias = publicId; await agent - .post(`/alias`) + .post(`/api/private/alias`) .set('Content-Type', 'application/json') .send(newAliasDto) .expect(400); @@ -148,21 +102,27 @@ describe('Alias', () => { }; let publicId = ''; beforeAll(async () => { - const note = await notesService.createNote(content, testAlias, user); + const note = await testSetup.notesService.createNote( + content, + testAlias, + user, + ); publicId = note.publicId; - await aliasService.addAlias(note, newAlias); + await testSetup.aliasService.addAlias(note, newAlias); }); it('updates a note with a normal alias', async () => { const metadata = await agent - .put(`/alias/${newAlias}`) + .put(`/api/private/alias/${newAlias}`) .set('Content-Type', 'application/json') .send(changeAliasDto) .expect(200); expect(metadata.body.name).toEqual(newAlias); expect(metadata.body.primaryAlias).toBeTruthy(); expect(metadata.body.noteId).toEqual(publicId); - const note = await agent.get(`/notes/${newAlias}`).expect(200); + const note = await agent + .get(`/api/private/notes/${newAlias}`) + .expect(200); expect(note.body.metadata.aliases).toContain(newAlias); expect(note.body.metadata.primaryAlias).toBeTruthy(); expect(note.body.metadata.id).toEqual(publicId); @@ -171,7 +131,7 @@ describe('Alias', () => { describe('does not update', () => { it('a note with unknown alias', async () => { await agent - .put(`/alias/i_dont_exist`) + .put(`/api/private/alias/i_dont_exist`) .set('Content-Type', 'application/json') .send(changeAliasDto) .expect(404); @@ -179,7 +139,7 @@ describe('Alias', () => { it('if the property primaryAlias is false', async () => { changeAliasDto.primaryAlias = false; await agent - .put(`/alias/${newAlias}`) + .put(`/api/private/alias/${newAlias}`) .set('Content-Type', 'application/json') .send(changeAliasDto) .expect(400); @@ -191,29 +151,33 @@ describe('Alias', () => { const testAlias = 'aliasTest3'; const newAlias = 'normalAlias3'; beforeAll(async () => { - const note = await notesService.createNote(content, testAlias, user); - await aliasService.addAlias(note, newAlias); + const note = await testSetup.notesService.createNote( + content, + testAlias, + user, + ); + await testSetup.aliasService.addAlias(note, newAlias); }); it('deletes a normal alias', async () => { - await agent.delete(`/alias/${newAlias}`).expect(204); - await agent.get(`/notes/${newAlias}`).expect(404); + await agent.delete(`/api/private/alias/${newAlias}`).expect(204); + await agent.get(`/api/private/notes/${newAlias}`).expect(404); }); it('does not delete an unknown alias', async () => { - await agent.delete(`/alias/i_dont_exist`).expect(404); + await agent.delete(`/api/private/alias/i_dont_exist`).expect(404); }); it('does not delete an primary alias (if it is not the only one)', async () => { - const note = await notesService.getNoteByIdOrAlias(testAlias); - await aliasService.addAlias(note, newAlias); - await agent.delete(`/alias/${testAlias}`).expect(400); - await agent.get(`/notes/${newAlias}`).expect(200); + const note = await testSetup.notesService.getNoteByIdOrAlias(testAlias); + await testSetup.aliasService.addAlias(note, newAlias); + await agent.delete(`/api/private/alias/${testAlias}`).expect(400); + await agent.get(`/api/private/notes/${newAlias}`).expect(200); }); it('deletes a primary alias (if it is the only one)', async () => { - await agent.delete(`/alias/${newAlias}`).expect(204); - await agent.delete(`/alias/${testAlias}`).expect(204); + await agent.delete(`/api/private/alias/${newAlias}`).expect(204); + await agent.delete(`/api/private/alias/${testAlias}`).expect(204); }); }); }); diff --git a/test/private-api/auth.e2e-spec.ts b/test/private-api/auth.e2e-spec.ts index 3dd887fa9..7df133331 100644 --- a/test/private-api/auth.e2e-spec.ts +++ b/test/private-api/auth.e2e-spec.ts @@ -8,80 +8,31 @@ @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access */ -import { INestApplication } from '@nestjs/common'; -import { ConfigModule, ConfigService } from '@nestjs/config'; -import { Test } from '@nestjs/testing'; -import { TypeOrmModule } from '@nestjs/typeorm'; import request from 'supertest'; -import { PrivateApiModule } from '../../src/api/private/private-api.module'; -import { AuthModule } from '../../src/auth/auth.module'; import { AuthConfig } from '../../src/config/auth.config'; -import appConfigMock from '../../src/config/mock/app.config.mock'; -import authConfigMock from '../../src/config/mock/auth.config.mock'; -import customizationConfigMock from '../../src/config/mock/customization.config.mock'; -import externalServicesConfigMock from '../../src/config/mock/external-services.config.mock'; -import mediaConfigMock from '../../src/config/mock/media.config.mock'; -import { GroupsModule } from '../../src/groups/groups.module'; -import { HistoryModule } from '../../src/history/history.module'; import { LoginDto } from '../../src/identity/local/login.dto'; import { RegisterDto } from '../../src/identity/local/register.dto'; import { UpdatePasswordDto } from '../../src/identity/local/update-password.dto'; -import { LoggerModule } from '../../src/logger/logger.module'; -import { MediaModule } from '../../src/media/media.module'; -import { NotesModule } from '../../src/notes/notes.module'; -import { PermissionsModule } from '../../src/permissions/permissions.module'; import { UserRelationEnum } from '../../src/users/user-relation.enum'; -import { UsersModule } from '../../src/users/users.module'; -import { UsersService } from '../../src/users/users.service'; import { checkPassword } from '../../src/utils/password'; import { setupSessionMiddleware } from '../../src/utils/session'; +import { TestSetup } from '../test-setup'; describe('Auth', () => { - let app: INestApplication; - let userService: UsersService; + let testSetup: TestSetup; + let username: string; let displayname: string; let password: string; - let config: ConfigService; beforeAll(async () => { - const moduleRef = await Test.createTestingModule({ - imports: [ - ConfigModule.forRoot({ - isGlobal: true, - load: [ - appConfigMock, - authConfigMock, - mediaConfigMock, - customizationConfigMock, - externalServicesConfigMock, - ], - }), - PrivateApiModule, - NotesModule, - PermissionsModule, - GroupsModule, - TypeOrmModule.forRoot({ - type: 'sqlite', - database: './hedgedoc-e2e-private-auth.sqlite', - autoLoadEntities: true, - synchronize: true, - dropSchema: true, - }), - LoggerModule, - AuthModule, - UsersModule, - MediaModule, - HistoryModule, - ], - }).compile(); - config = moduleRef.get(ConfigService); - app = moduleRef.createNestApplication(); - const authConfig = config.get('authConfig') as AuthConfig; - setupSessionMiddleware(app, authConfig); - await app.init(); - userService = moduleRef.get(UsersService); + testSetup = await TestSetup.create(); + + const authConfig = testSetup.configService.get('authConfig') as AuthConfig; + setupSessionMiddleware(testSetup.app, authConfig); + await testSetup.app.init(); + username = 'hardcoded'; displayname = 'Testy'; password = 'test_password'; @@ -94,12 +45,12 @@ describe('Auth', () => { password: password, username: username, }; - await request(app.getHttpServer()) - .post('/auth/local') + await request(testSetup.app.getHttpServer()) + .post('/api/private/auth/local') .set('Content-Type', 'application/json') .send(JSON.stringify(registrationDto)) .expect(201); - const newUser = await userService.getUserByUsername(username, [ + const newUser = await testSetup.userService.getUserByUsername(username, [ UserRelationEnum.IDENTITIES, ]); expect(newUser.displayName).toEqual(displayname); @@ -114,31 +65,31 @@ describe('Auth', () => { describe('fails', () => { it('when the user already exits', async () => { const username2 = 'already_existing'; - await userService.createUser(username2, displayname); + await testSetup.userService.createUser(username2, displayname); const registrationDto: RegisterDto = { displayname: displayname, password: password, username: username2, }; - await request(app.getHttpServer()) - .post('/auth/local') + await request(testSetup.app.getHttpServer()) + .post('/api/private/auth/local') .set('Content-Type', 'application/json') .send(JSON.stringify(registrationDto)) .expect(400); }); it('when registration is disabled', async () => { - config.get('authConfig').local.enableRegister = false; + testSetup.configService.get('authConfig').local.enableRegister = false; const registrationDto: RegisterDto = { displayname: displayname, password: password, username: username, }; - await request(app.getHttpServer()) - .post('/auth/local') + await request(testSetup.app.getHttpServer()) + .post('/api/private/auth/local') .set('Content-Type', 'application/json') .send(JSON.stringify(registrationDto)) .expect(400); - config.get('authConfig').local.enableRegister = true; + testSetup.configService.get('authConfig').local.enableRegister = true; }); }); }); @@ -151,8 +102,8 @@ describe('Auth', () => { password: password, username: username, }; - const response = await request(app.getHttpServer()) - .post('/auth/local/login') + const response = await request(testSetup.app.getHttpServer()) + .post('/api/private/auth/local/login') .set('Content-Type', 'application/json') .send(JSON.stringify(loginDto)) .expect(201); @@ -163,8 +114,8 @@ describe('Auth', () => { const changePasswordDto: UpdatePasswordDto = { newPassword: newPassword, }; - await request(app.getHttpServer()) - .put('/auth/local') + await request(testSetup.app.getHttpServer()) + .put('/api/private/auth/local') .set('Content-Type', 'application/json') .set('Cookie', cookie) .send(JSON.stringify(changePasswordDto)) @@ -174,8 +125,8 @@ describe('Auth', () => { password: newPassword, username: username, }; - const response = await request(app.getHttpServer()) - .post('/auth/local/login') + const response = await request(testSetup.app.getHttpServer()) + .post('/api/private/auth/local/login') .set('Content-Type', 'application/json') .send(JSON.stringify(loginDto)) .expect(201); @@ -184,34 +135,34 @@ describe('Auth', () => { const changePasswordBackDto: UpdatePasswordDto = { newPassword: password, }; - await request(app.getHttpServer()) - .put('/auth/local') + await request(testSetup.app.getHttpServer()) + .put('/api/private/auth/local') .set('Content-Type', 'application/json') .set('Cookie', cookie) .send(JSON.stringify(changePasswordBackDto)) .expect(200); }); it('fails, when registration is disabled', async () => { - config.get('authConfig').local.enableLogin = false; + testSetup.configService.get('authConfig').local.enableLogin = false; // Try to change password const changePasswordDto: UpdatePasswordDto = { newPassword: newPassword, }; - await request(app.getHttpServer()) - .put('/auth/local') + await request(testSetup.app.getHttpServer()) + .put('/api/private/auth/local') .set('Content-Type', 'application/json') .set('Cookie', cookie) .send(JSON.stringify(changePasswordDto)) .expect(400); // enable login again - config.get('authConfig').local.enableLogin = true; + testSetup.configService.get('authConfig').local.enableLogin = true; // new password doesn't work for login const loginNewPasswordDto: LoginDto = { password: newPassword, username: username, }; - await request(app.getHttpServer()) - .post('/auth/local/login') + await request(testSetup.app.getHttpServer()) + .post('/api/private/auth/local/login') .set('Content-Type', 'application/json') .send(JSON.stringify(loginNewPasswordDto)) .expect(401); @@ -220,8 +171,8 @@ describe('Auth', () => { password: password, username: username, }; - await request(app.getHttpServer()) - .post('/auth/local/login') + await request(testSetup.app.getHttpServer()) + .post('/api/private/auth/local/login') .set('Content-Type', 'application/json') .send(JSON.stringify(loginOldPasswordDto)) .expect(201); @@ -230,13 +181,13 @@ describe('Auth', () => { describe('POST /auth/local/login', () => { it('works', async () => { - config.get('authConfig').local.enableLogin = true; + testSetup.configService.get('authConfig').local.enableLogin = true; const loginDto: LoginDto = { password: password, username: username, }; - await request(app.getHttpServer()) - .post('/auth/local/login') + await request(testSetup.app.getHttpServer()) + .post('/api/private/auth/local/login') .set('Content-Type', 'application/json') .send(JSON.stringify(loginDto)) .expect(201); @@ -245,19 +196,19 @@ describe('Auth', () => { describe('DELETE /auth/logout', () => { it('works', async () => { - config.get('authConfig').local.enableLogin = true; + testSetup.configService.get('authConfig').local.enableLogin = true; const loginDto: LoginDto = { password: password, username: username, }; - const response = await request(app.getHttpServer()) - .post('/auth/local/login') + const response = await request(testSetup.app.getHttpServer()) + .post('/api/private/auth/local/login') .set('Content-Type', 'application/json') .send(JSON.stringify(loginDto)) .expect(201); const cookie = response.get('Set-Cookie')[0]; - await request(app.getHttpServer()) - .delete('/auth/logout') + await request(testSetup.app.getHttpServer()) + .delete('/api/private/auth/logout') .set('Cookie', cookie) .expect(200); }); diff --git a/test/private-api/history.e2e-spec.ts b/test/private-api/history.e2e-spec.ts index d1e5a3b83..ec10b132e 100644 --- a/test/private-api/history.e2e-spec.ts +++ b/test/private-api/history.e2e-spec.ts @@ -54,14 +54,14 @@ describe('History', () => { note2 = await notesService.createNote(content, 'note2', user); agent = request.agent(testSetup.app.getHttpServer()); await agent - .post('/auth/local/login') + .post('/api/private/auth/local/login') .send({ username: 'hardcoded', password: 'test' }) .expect(201); }); it('GET /me/history', async () => { const emptyResponse = await agent - .get('/me/history') + .get('/api/private/me/history') .expect('Content-Type', /json/) .expect(200); expect(emptyResponse.body.length).toEqual(0); @@ -71,7 +71,7 @@ describe('History', () => { ); const entryDto = testSetup.historyService.toHistoryEntryDto(entry); const response = await agent - .get('/me/history') + .get('/api/private/me/history') .expect('Content-Type', /json/) .expect(200); expect(response.body.length).toEqual(1); @@ -98,7 +98,7 @@ describe('History', () => { postEntryDto.pinStatus = pinStatus; postEntryDto.lastVisited = lastVisited; await agent - .post('/me/history') + .post('/api/private/me/history') .set('Content-Type', 'application/json') .send(JSON.stringify({ history: [postEntryDto] })) .expect(201); @@ -135,7 +135,7 @@ describe('History', () => { brokenEntryDto.pinStatus = pinStatus; brokenEntryDto.lastVisited = lastVisited; await agent - .post('/me/history') + .post('/api/private/me/history') .set('Content-Type', 'application/json') .send(JSON.stringify({ history: [brokenEntryDto] })) .expect(400); @@ -146,7 +146,7 @@ describe('History', () => { brokenEntryDto.pinStatus = pinStatus; brokenEntryDto.lastVisited = lastVisited; await agent - .post('/me/history') + .post('/api/private/me/history') .set('Content-Type', 'application/json') .send(JSON.stringify({ history: [brokenEntryDto] })) .expect(400); @@ -170,7 +170,7 @@ describe('History', () => { expect( (await testSetup.historyService.getEntriesByUser(user)).length, ).toEqual(1); - await agent.delete('/me/history').expect(200); + await agent.delete('/api/private/me/history').expect(200); expect( (await testSetup.historyService.getEntriesByUser(user)).length, ).toEqual(0); @@ -184,7 +184,7 @@ describe('History', () => { expect(entry.pinStatus).toBeFalsy(); const alias = entry.note.aliases.filter((alias) => alias.primary)[0].name; await agent - .put(`/me/history/${alias || 'undefined'}`) + .put(`/api/private/me/history/${alias || 'undefined'}`) .send({ pinStatus: true }) .expect(200); const userEntries = await testSetup.historyService.getEntriesByUser(user); @@ -198,7 +198,9 @@ describe('History', () => { const alias = entry.note.aliases.filter((alias) => alias.primary)[0].name; const entry2 = await historyService.updateHistoryEntryTimestamp(note, user); const entryDto = historyService.toHistoryEntryDto(entry2); - await agent.delete(`/me/history/${alias || 'undefined'}`).expect(200); + await agent + .delete(`/api/private/me/history/${alias || 'undefined'}`) + .expect(200); const userEntries = await historyService.getEntriesByUser(user); expect(userEntries.length).toEqual(1); const userEntryDto = historyService.toHistoryEntryDto(userEntries[0]); diff --git a/test/private-api/me.e2e-spec.ts b/test/private-api/me.e2e-spec.ts index 63631bfd8..54e80ab7b 100644 --- a/test/private-api/me.e2e-spec.ts +++ b/test/private-api/me.e2e-spec.ts @@ -44,7 +44,7 @@ describe('Me', () => { note2 = await testSetup.notesService.createNote(content, alias2, user); agent = request.agent(testSetup.app.getHttpServer()); await agent - .post('/auth/local/login') + .post('/api/private/auth/local/login') .send({ username: 'hardcoded', password: 'test' }) .expect(201); }); @@ -52,7 +52,7 @@ describe('Me', () => { it('GET /me', async () => { const userInfo = testSetup.userService.toUserDto(user); const response = await agent - .get('/me') + .get('/api/private/me') .expect('Content-Type', /json/) .expect(200); const gotUser = response.body as UserInfoDto; @@ -61,7 +61,7 @@ describe('Me', () => { it('GET /me/media', async () => { const responseBefore = await agent - .get('/me/media/') + .get('/api/private/me/media/') .expect('Content-Type', /json/) .expect(200); expect(responseBefore.body).toHaveLength(0); @@ -73,7 +73,7 @@ describe('Me', () => { const url3 = await testSetup.mediaService.saveFile(testImage, user, note2); const response = await agent - .get('/me/media/') + .get('/api/private/me/media/') .expect('Content-Type', /json/) .expect(200); expect(response.body).toHaveLength(4); @@ -92,7 +92,7 @@ describe('Me', () => { const newDisplayName = 'Another name'; expect(user.displayName).not.toEqual(newDisplayName); await agent - .post('/me/profile') + .post('/api/private/me/profile') .send({ name: newDisplayName, }) @@ -109,7 +109,7 @@ describe('Me', () => { const mediaUploads = await testSetup.mediaService.listUploadsByUser(dbUser); expect(mediaUploads).toHaveLength(1); expect(mediaUploads[0].fileUrl).toEqual(url0); - await agent.delete('/me').expect(204); + await agent.delete('/api/private/me').expect(204); await expect( testSetup.userService.getUserByUsername('hardcoded'), ).rejects.toThrow(NotInDBError); diff --git a/test/private-api/media.e2e-spec.ts b/test/private-api/media.e2e-spec.ts index 62411d0ff..2160ce71f 100644 --- a/test/private-api/media.e2e-spec.ts +++ b/test/private-api/media.e2e-spec.ts @@ -47,7 +47,7 @@ describe('Media', () => { agent = request.agent(testSetup.app.getHttpServer()); await agent - .post('/auth/local/login') + .post('/api/private/auth/local/login') .send({ username: 'hardcoded', password: 'test' }) .expect(201); }); @@ -55,7 +55,7 @@ describe('Media', () => { describe('POST /media', () => { it('works', async () => { const uploadResponse = await agent - .post('/media') + .post('/api/private/media') .attach('file', 'test/private-api/fixtures/test.png') .set('HedgeDoc-Note', 'test_upload_media') .expect('Content-Type', /json/) @@ -75,7 +75,7 @@ describe('Media', () => { }); it('MIME type not supported', async () => { await agent - .post('/media') + .post('/api/private/media') .attach('file', 'test/private-api/fixtures/test.zip') .set('HedgeDoc-Note', 'test_upload_media') .expect(400); @@ -83,7 +83,7 @@ describe('Media', () => { }); it('note does not exist', async () => { await agent - .post('/media') + .post('/api/private/media') .attach('file', 'test/private-api/fixtures/test.zip') .set('HedgeDoc-Note', 'i_dont_exist') .expect(400); @@ -94,7 +94,7 @@ describe('Media', () => { mode: '444', }); await agent - .post('/media') + .post('/api/private/media') .attach('file', 'test/private-api/fixtures/test.png') .set('HedgeDoc-Note', 'test_upload_media') .expect('Content-Type', /json/) diff --git a/test/private-api/notes.e2e-spec.ts b/test/private-api/notes.e2e-spec.ts index 5255d6515..1589c6d3d 100644 --- a/test/private-api/notes.e2e-spec.ts +++ b/test/private-api/notes.e2e-spec.ts @@ -49,14 +49,14 @@ describe('Notes', () => { agent = request.agent(testSetup.app.getHttpServer()); await agent - .post('/auth/local/login') + .post('/api/private/auth/local/login') .send({ username: 'hardcoded', password: 'test' }) .expect(201); }); it('POST /notes', async () => { const response = await agent - .post('/notes') + .post('/api/private/notes') .set('Content-Type', 'text/markdown') .send(content) .expect('Content-Type', /json/) @@ -76,7 +76,7 @@ describe('Notes', () => { // check if we can succefully get a note that exists await testSetup.notesService.createNote(content, 'test1', user); const response = await agent - .get('/notes/test1') + .get('/api/private/notes/test1') .expect('Content-Type', /json/) .expect(200); expect(response.body.content).toEqual(content); @@ -84,7 +84,7 @@ describe('Notes', () => { it('fails with an non-existing note', async () => { // check if a missing note correctly returns 404 await agent - .get('/notes/i_dont_exist') + .get('/api/private/notes/i_dont_exist') .expect('Content-Type', /json/) .expect(404); }); @@ -93,7 +93,7 @@ describe('Notes', () => { describe('POST /notes/{note}', () => { it('works with a non-existing alias', async () => { const response = await agent - .post('/notes/test2') + .post('/api/private/notes/test2') .set('Content-Type', 'text/markdown') .send(content) .expect('Content-Type', /json/) @@ -110,7 +110,7 @@ describe('Notes', () => { it('fails with a forbidden alias', async () => { await agent - .post(`/notes/${forbiddenNoteId}`) + .post(`/api/private/notes/${forbiddenNoteId}`) .set('Content-Type', 'text/markdown') .send(content) .expect('Content-Type', /json/) @@ -119,7 +119,7 @@ describe('Notes', () => { it('fails with a existing alias', async () => { await agent - .post('/notes/test2') + .post('/api/private/notes/test2') .set('Content-Type', 'text/markdown') .send(content) .expect('Content-Type', /json/) @@ -138,7 +138,7 @@ describe('Notes', () => { ); await testSetup.mediaService.saveFile(testImage, user, note); await agent - .delete(`/notes/${noteId}`) + .delete(`/api/private/notes/${noteId}`) .set('Content-Type', 'application/json') .send({ keepMedia: false, @@ -167,7 +167,7 @@ describe('Notes', () => { note, ); await agent - .delete(`/notes/${noteId}`) + .delete(`/api/private/notes/${noteId}`) .set('Content-Type', 'application/json') .send({ keepMedia: true, @@ -189,10 +189,10 @@ describe('Notes', () => { }); }); it('fails with a forbidden alias', async () => { - await agent.delete(`/notes/${forbiddenNoteId}`).expect(400); + await agent.delete(`/api/private/notes/${forbiddenNoteId}`).expect(400); }); it('fails with a non-existing alias', async () => { - await agent.delete('/notes/i_dont_exist').expect(404); + await agent.delete('/api/private/notes/i_dont_exist').expect(404); }); }); @@ -200,20 +200,22 @@ describe('Notes', () => { it('works with existing alias', async () => { await testSetup.notesService.createNote(content, 'test4', user); const response = await agent - .get('/notes/test4/revisions') + .get('/api/private/notes/test4/revisions') .expect('Content-Type', /json/) .expect(200); expect(response.body).toHaveLength(1); }); it('fails with a forbidden alias', async () => { - await agent.get(`/notes/${forbiddenNoteId}/revisions`).expect(400); + await agent + .get(`/api/private/notes/${forbiddenNoteId}/revisions`) + .expect(400); }); it('fails with non-existing alias', async () => { // check if a missing note correctly returns 404 await agent - .get('/notes/i_dont_exist/revisions') + .get('/api/private/notes/i_dont_exist/revisions') .expect('Content-Type', /json/) .expect(404); }); @@ -229,27 +231,29 @@ describe('Notes', () => { ); await testSetup.notesService.updateNote(note, 'update'); const responseBeforeDeleting = await agent - .get('/notes/test8/revisions') + .get('/api/private/notes/test8/revisions') .expect('Content-Type', /json/) .expect(200); expect(responseBeforeDeleting.body).toHaveLength(2); await agent - .delete(`/notes/${noteId}/revisions`) + .delete(`/api/private/notes/${noteId}/revisions`) .set('Content-Type', 'application/json') .expect(204); const responseAfterDeleting = await agent - .get('/notes/test8/revisions') + .get('/api/private/notes/test8/revisions') .expect('Content-Type', /json/) .expect(200); expect(responseAfterDeleting.body).toHaveLength(1); }); it('fails with a forbidden alias', async () => { - await agent.delete(`/notes/${forbiddenNoteId}/revisions`).expect(400); + await agent + .delete(`/api/private/notes/${forbiddenNoteId}/revisions`) + .expect(400); }); it('fails with non-existing alias', async () => { // check if a missing note correctly returns 404 await agent - .delete('/notes/i_dont_exist/revisions') + .delete('/api/private/notes/i_dont_exist/revisions') .expect('Content-Type', /json/) .expect(404); }); @@ -264,18 +268,20 @@ describe('Notes', () => { ); const revision = await testSetup.notesService.getLatestRevision(note); const response = await agent - .get(`/notes/test5/revisions/${revision.id}`) + .get(`/api/private/notes/test5/revisions/${revision.id}`) .expect('Content-Type', /json/) .expect(200); expect(response.body.content).toEqual(content); }); it('fails with a forbidden alias', async () => { - await agent.get(`/notes/${forbiddenNoteId}/revisions/1`).expect(400); + await agent + .get(`/api/private/notes/${forbiddenNoteId}/revisions/1`) + .expect(400); }); it('fails with non-existing alias', async () => { // check if a missing note correctly returns 404 await agent - .get('/notes/i_dont_exist/revisions/1') + .get('/api/private/notes/i_dont_exist/revisions/1') .expect('Content-Type', /json/) .expect(404); }); @@ -296,7 +302,7 @@ describe('Notes', () => { user, ); const response = await agent - .get(`/notes/${alias}/media/`) + .get(`/api/private/notes/${alias}/media/`) .expect('Content-Type', /json/) .expect(200); expect(response.body).toHaveLength(0); @@ -314,7 +320,7 @@ describe('Notes', () => { ); const responseAfter = await agent - .get(`/notes/${alias}/media/`) + .get(`/api/private/notes/${alias}/media/`) .expect('Content-Type', /json/) .expect(200); expect(responseAfter.body).toHaveLength(1); @@ -329,7 +335,7 @@ describe('Notes', () => { }); it('fails, when note does not exist', async () => { await agent - .get(`/notes/i_dont_exist/media/`) + .get(`/api/private/notes/i_dont_exist/media/`) .expect('Content-Type', /json/) .expect(404); }); @@ -341,7 +347,7 @@ describe('Notes', () => { user2, ); await agent - .get(`/notes/${alias}/media/`) + .get(`/api/private/notes/${alias}/media/`) .expect('Content-Type', /json/) .expect(401); });