mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-15 07:34:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Update API routes in private API E2E tests

Browse source 
Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
David Mehren 2021-10-15 17:06:56 +02:00
parent 4805c9c5c5
commit 9e2b9caca9
No known key found for this signature in database
GPG key ID: 185982BA4C42B7C3
6 changed files with 149 additions and 226 deletions
Download patch file Download diff file Expand all files Collapse all files

140
test/private-api/alias.e2e-spec.ts
View file

@ -3,90 +3,38 @@
* *
* SPDX-License-Identifier: AGPL-3.0-only * SPDX-License-Identifier: AGPL-3.0-only
*/ */
import { INestApplication } from '@nestjs/common';
import { ConfigModule, ConfigService } from '@nestjs/config';
import { Test } from '@nestjs/testing';
import { TypeOrmModule } from '@nestjs/typeorm';
import request from 'supertest'; import request from 'supertest';
import { PrivateApiModule } from '../../src/api/private/private-api.module';
import { AuthModule } from '../../src/auth/auth.module';
import { AuthConfig } from '../../src/config/auth.config'; import { AuthConfig } from '../../src/config/auth.config';
import appConfigMock from '../../src/config/mock/app.config.mock';
import authConfigMock from '../../src/config/mock/auth.config.mock';
import customizationConfigMock from '../../src/config/mock/customization.config.mock';
import externalConfigMock from '../../src/config/mock/external-services.config.mock';
import mediaConfigMock from '../../src/config/mock/media.config.mock';
import { GroupsModule } from '../../src/groups/groups.module';
import { IdentityService } from '../../src/identity/identity.service';
import { LoggerModule } from '../../src/logger/logger.module';
import { AliasCreateDto } from '../../src/notes/alias-create.dto'; import { AliasCreateDto } from '../../src/notes/alias-create.dto';
import { AliasUpdateDto } from '../../src/notes/alias-update.dto'; import { AliasUpdateDto } from '../../src/notes/alias-update.dto';
import { AliasService } from '../../src/notes/alias.service';
import { NotesModule } from '../../src/notes/notes.module';
import { NotesService } from '../../src/notes/notes.service';
import { PermissionsModule } from '../../src/permissions/permissions.module';
import { User } from '../../src/users/user.entity'; import { User } from '../../src/users/user.entity';
import { UsersModule } from '../../src/users/users.module';
import { UsersService } from '../../src/users/users.service';
import { setupSessionMiddleware } from '../../src/utils/session'; import { setupSessionMiddleware } from '../../src/utils/session';
import { TestSetup } from '../test-setup';
describe('Alias', () => { describe('Alias', () => {
let app: INestApplication; let testSetup: TestSetup;
let aliasService: AliasService;
let notesService: NotesService;
let identityService: IdentityService;
let user: User; let user: User;
let content: string; let content: string;
let forbiddenNoteId: string; let forbiddenNoteId: string;
let agent: request.SuperAgentTest; let agent: request.SuperAgentTest;
beforeAll(async () => { beforeAll(async () => {
const moduleRef = await Test.createTestingModule({ testSetup = await TestSetup.create();
imports: [
ConfigModule.forRoot({
isGlobal: true,
load: [
mediaConfigMock,
appConfigMock,
authConfigMock,
customizationConfigMock,
externalConfigMock,
],
}),
PrivateApiModule,
NotesModule,
PermissionsModule,
GroupsModule,
TypeOrmModule.forRoot({
type: 'sqlite',
database: './hedgedoc-e2e-private-alias.sqlite',
autoLoadEntities: true,
synchronize: true,
dropSchema: true,
}),
LoggerModule,
AuthModule,
UsersModule,
],
}).compile();
const config = moduleRef.get<ConfigService>(ConfigService); forbiddenNoteId =
forbiddenNoteId = config.get('appConfig').forbiddenNoteIds[0]; testSetup.configService.get('appConfig').forbiddenNoteIds[0];
app = moduleRef.createNestApplication(); const authConfig = testSetup.configService.get('authConfig') as AuthConfig;
const authConfig = config.get('authConfig') as AuthConfig; setupSessionMiddleware(testSetup.app, authConfig);
setupSessionMiddleware(app, authConfig); await testSetup.app.init();
await app.init(); user = await testSetup.userService.createUser('hardcoded', 'Testy');
aliasService = moduleRef.get(AliasService); await testSetup.identityService.createLocalIdentity(user, 'test');
notesService = moduleRef.get(NotesService);
identityService = moduleRef.get(IdentityService);
const userService = moduleRef.get(UsersService);
user = await userService.createUser('hardcoded', 'Testy');
await identityService.createLocalIdentity(user, 'test');
content = 'This is a test note.'; content = 'This is a test note.';
agent = request.agent(app.getHttpServer()); agent = request.agent(testSetup.app.getHttpServer());
await agent await agent
.post('/auth/local/login') .post('/api/private/auth/local/login')
.send({ username: 'hardcoded', password: 'test' }) .send({ username: 'hardcoded', password: 'test' })
.expect(201); .expect(201);
}); });
@ -99,7 +47,11 @@ describe('Alias', () => {
}; };
let publicId = ''; let publicId = '';
beforeAll(async () => { beforeAll(async () => {
const note = await notesService.createNote(content, testAlias, user); const note = await testSetup.notesService.createNote(
content,
testAlias,
user,
);
publicId = note.publicId; publicId = note.publicId;
}); });
@ -107,14 +59,16 @@ describe('Alias', () => {
const newAlias = 'normalAlias'; const newAlias = 'normalAlias';
newAliasDto.newAlias = newAlias; newAliasDto.newAlias = newAlias;
const metadata = await agent const metadata = await agent
.post(`/alias`) .post(`/api/private/alias`)
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(newAliasDto) .send(newAliasDto)
.expect(201); .expect(201);
expect(metadata.body.name).toEqual(newAlias); expect(metadata.body.name).toEqual(newAlias);
expect(metadata.body.primaryAlias).toBeFalsy(); expect(metadata.body.primaryAlias).toBeFalsy();
expect(metadata.body.noteId).toEqual(publicId); expect(metadata.body.noteId).toEqual(publicId);
const note = await agent.get(`/notes/${newAlias}`).expect(200); const note = await agent
.get(`/api/private/notes/${newAlias}`)
.expect(200);
expect(note.body.metadata.aliases).toContain(newAlias); expect(note.body.metadata.aliases).toContain(newAlias);
expect(note.body.metadata.primaryAlias).toBeTruthy(); expect(note.body.metadata.primaryAlias).toBeTruthy();
expect(note.body.metadata.id).toEqual(publicId); expect(note.body.metadata.id).toEqual(publicId);
@ -124,7 +78,7 @@ describe('Alias', () => {
it('because of a forbidden alias', async () => { it('because of a forbidden alias', async () => {
newAliasDto.newAlias = forbiddenNoteId; newAliasDto.newAlias = forbiddenNoteId;
await agent await agent
.post(`/alias`) .post(`/api/private/alias`)
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(newAliasDto) .send(newAliasDto)
.expect(400); .expect(400);
@ -132,7 +86,7 @@ describe('Alias', () => {
it('because of a alias that is a public id', async () => { it('because of a alias that is a public id', async () => {
newAliasDto.newAlias = publicId; newAliasDto.newAlias = publicId;
await agent await agent
.post(`/alias`) .post(`/api/private/alias`)
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(newAliasDto) .send(newAliasDto)
.expect(400); .expect(400);
@ -148,21 +102,27 @@ describe('Alias', () => {
}; };
let publicId = ''; let publicId = '';
beforeAll(async () => { beforeAll(async () => {
const note = await notesService.createNote(content, testAlias, user); const note = await testSetup.notesService.createNote(
content,
testAlias,
user,
);
publicId = note.publicId; publicId = note.publicId;
await aliasService.addAlias(note, newAlias); await testSetup.aliasService.addAlias(note, newAlias);
}); });
it('updates a note with a normal alias', async () => { it('updates a note with a normal alias', async () => {
const metadata = await agent const metadata = await agent
.put(`/alias/${newAlias}`) .put(`/api/private/alias/${newAlias}`)
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(changeAliasDto) .send(changeAliasDto)
.expect(200); .expect(200);
expect(metadata.body.name).toEqual(newAlias); expect(metadata.body.name).toEqual(newAlias);
expect(metadata.body.primaryAlias).toBeTruthy(); expect(metadata.body.primaryAlias).toBeTruthy();
expect(metadata.body.noteId).toEqual(publicId); expect(metadata.body.noteId).toEqual(publicId);
const note = await agent.get(`/notes/${newAlias}`).expect(200); const note = await agent
.get(`/api/private/notes/${newAlias}`)
.expect(200);
expect(note.body.metadata.aliases).toContain(newAlias); expect(note.body.metadata.aliases).toContain(newAlias);
expect(note.body.metadata.primaryAlias).toBeTruthy(); expect(note.body.metadata.primaryAlias).toBeTruthy();
expect(note.body.metadata.id).toEqual(publicId); expect(note.body.metadata.id).toEqual(publicId);
@ -171,7 +131,7 @@ describe('Alias', () => {
describe('does not update', () => { describe('does not update', () => {
it('a note with unknown alias', async () => { it('a note with unknown alias', async () => {
await agent await agent
.put(`/alias/i_dont_exist`) .put(`/api/private/alias/i_dont_exist`)
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(changeAliasDto) .send(changeAliasDto)
.expect(404); .expect(404);
@ -179,7 +139,7 @@ describe('Alias', () => {
it('if the property primaryAlias is false', async () => { it('if the property primaryAlias is false', async () => {
changeAliasDto.primaryAlias = false; changeAliasDto.primaryAlias = false;
await agent await agent
.put(`/alias/${newAlias}`) .put(`/api/private/alias/${newAlias}`)
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(changeAliasDto) .send(changeAliasDto)
.expect(400); .expect(400);
@ -191,29 +151,33 @@ describe('Alias', () => {
const testAlias = 'aliasTest3'; const testAlias = 'aliasTest3';
const newAlias = 'normalAlias3'; const newAlias = 'normalAlias3';
beforeAll(async () => { beforeAll(async () => {
const note = await notesService.createNote(content, testAlias, user); const note = await testSetup.notesService.createNote(
await aliasService.addAlias(note, newAlias); content,
testAlias,
user,
);
await testSetup.aliasService.addAlias(note, newAlias);
}); });
it('deletes a normal alias', async () => { it('deletes a normal alias', async () => {
await agent.delete(`/alias/${newAlias}`).expect(204); await agent.delete(`/api/private/alias/${newAlias}`).expect(204);
await agent.get(`/notes/${newAlias}`).expect(404); await agent.get(`/api/private/notes/${newAlias}`).expect(404);
}); });
it('does not delete an unknown alias', async () => { it('does not delete an unknown alias', async () => {
await agent.delete(`/alias/i_dont_exist`).expect(404); await agent.delete(`/api/private/alias/i_dont_exist`).expect(404);
}); });
it('does not delete an primary alias (if it is not the only one)', async () => { it('does not delete an primary alias (if it is not the only one)', async () => {
const note = await notesService.getNoteByIdOrAlias(testAlias); const note = await testSetup.notesService.getNoteByIdOrAlias(testAlias);
await aliasService.addAlias(note, newAlias); await testSetup.aliasService.addAlias(note, newAlias);
await agent.delete(`/alias/${testAlias}`).expect(400); await agent.delete(`/api/private/alias/${testAlias}`).expect(400);
await agent.get(`/notes/${newAlias}`).expect(200); await agent.get(`/api/private/notes/${newAlias}`).expect(200);
}); });
it('deletes a primary alias (if it is the only one)', async () => { it('deletes a primary alias (if it is the only one)', async () => {
await agent.delete(`/alias/${newAlias}`).expect(204); await agent.delete(`/api/private/alias/${newAlias}`).expect(204);
await agent.delete(`/alias/${testAlias}`).expect(204); await agent.delete(`/api/private/alias/${testAlias}`).expect(204);
}); });
}); });
}); });

135
test/private-api/auth.e2e-spec.ts
View file

@ -8,80 +8,31 @@
@typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-assignment,
@typescript-eslint/no-unsafe-member-access @typescript-eslint/no-unsafe-member-access
*/ */
import { INestApplication } from '@nestjs/common';
import { ConfigModule, ConfigService } from '@nestjs/config';
import { Test } from '@nestjs/testing';
import { TypeOrmModule } from '@nestjs/typeorm';
import request from 'supertest'; import request from 'supertest';
import { PrivateApiModule } from '../../src/api/private/private-api.module';
import { AuthModule } from '../../src/auth/auth.module';
import { AuthConfig } from '../../src/config/auth.config'; import { AuthConfig } from '../../src/config/auth.config';
import appConfigMock from '../../src/config/mock/app.config.mock';
import authConfigMock from '../../src/config/mock/auth.config.mock';
import customizationConfigMock from '../../src/config/mock/customization.config.mock';
import externalServicesConfigMock from '../../src/config/mock/external-services.config.mock';
import mediaConfigMock from '../../src/config/mock/media.config.mock';
import { GroupsModule } from '../../src/groups/groups.module';
import { HistoryModule } from '../../src/history/history.module';
import { LoginDto } from '../../src/identity/local/login.dto'; import { LoginDto } from '../../src/identity/local/login.dto';
import { RegisterDto } from '../../src/identity/local/register.dto'; import { RegisterDto } from '../../src/identity/local/register.dto';
import { UpdatePasswordDto } from '../../src/identity/local/update-password.dto'; import { UpdatePasswordDto } from '../../src/identity/local/update-password.dto';
import { LoggerModule } from '../../src/logger/logger.module';
import { MediaModule } from '../../src/media/media.module';
import { NotesModule } from '../../src/notes/notes.module';
import { PermissionsModule } from '../../src/permissions/permissions.module';
import { UserRelationEnum } from '../../src/users/user-relation.enum'; import { UserRelationEnum } from '../../src/users/user-relation.enum';
import { UsersModule } from '../../src/users/users.module';
import { UsersService } from '../../src/users/users.service';
import { checkPassword } from '../../src/utils/password'; import { checkPassword } from '../../src/utils/password';
import { setupSessionMiddleware } from '../../src/utils/session'; import { setupSessionMiddleware } from '../../src/utils/session';
import { TestSetup } from '../test-setup';
describe('Auth', () => { describe('Auth', () => {
let app: INestApplication; let testSetup: TestSetup;
let userService: UsersService;
let username: string; let username: string;
let displayname: string; let displayname: string;
let password: string; let password: string;
let config: ConfigService;
beforeAll(async () => { beforeAll(async () => {
const moduleRef = await Test.createTestingModule({ testSetup = await TestSetup.create();
imports: [
ConfigModule.forRoot({ const authConfig = testSetup.configService.get('authConfig') as AuthConfig;
isGlobal: true, setupSessionMiddleware(testSetup.app, authConfig);
load: [ await testSetup.app.init();
appConfigMock,
authConfigMock,
mediaConfigMock,
customizationConfigMock,
externalServicesConfigMock,
],
}),
PrivateApiModule,
NotesModule,
PermissionsModule,
GroupsModule,
TypeOrmModule.forRoot({
type: 'sqlite',
database: './hedgedoc-e2e-private-auth.sqlite',
autoLoadEntities: true,
synchronize: true,
dropSchema: true,
}),
LoggerModule,
AuthModule,
UsersModule,
MediaModule,
HistoryModule,
],
}).compile();
config = moduleRef.get<ConfigService>(ConfigService);
app = moduleRef.createNestApplication();
const authConfig = config.get('authConfig') as AuthConfig;
setupSessionMiddleware(app, authConfig);
await app.init();
userService = moduleRef.get(UsersService);
username = 'hardcoded'; username = 'hardcoded';
displayname = 'Testy'; displayname = 'Testy';
password = 'test_password'; password = 'test_password';
@ -94,12 +45,12 @@ describe('Auth', () => {
password: password, password: password,
username: username, username: username,
}; };
await request(app.getHttpServer()) await request(testSetup.app.getHttpServer())
.post('/auth/local') .post('/api/private/auth/local')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(JSON.stringify(registrationDto)) .send(JSON.stringify(registrationDto))
.expect(201); .expect(201);
const newUser = await userService.getUserByUsername(username, [ const newUser = await testSetup.userService.getUserByUsername(username, [
UserRelationEnum.IDENTITIES, UserRelationEnum.IDENTITIES,
]); ]);
expect(newUser.displayName).toEqual(displayname); expect(newUser.displayName).toEqual(displayname);
@ -114,31 +65,31 @@ describe('Auth', () => {
describe('fails', () => { describe('fails', () => {
it('when the user already exits', async () => { it('when the user already exits', async () => {
const username2 = 'already_existing'; const username2 = 'already_existing';
await userService.createUser(username2, displayname); await testSetup.userService.createUser(username2, displayname);
const registrationDto: RegisterDto = { const registrationDto: RegisterDto = {
displayname: displayname, displayname: displayname,
password: password, password: password,
username: username2, username: username2,
}; };
await request(app.getHttpServer()) await request(testSetup.app.getHttpServer())
.post('/auth/local') .post('/api/private/auth/local')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(JSON.stringify(registrationDto)) .send(JSON.stringify(registrationDto))
.expect(400); .expect(400);
}); });
it('when registration is disabled', async () => { it('when registration is disabled', async () => {
config.get('authConfig').local.enableRegister = false; testSetup.configService.get('authConfig').local.enableRegister = false;
const registrationDto: RegisterDto = { const registrationDto: RegisterDto = {
displayname: displayname, displayname: displayname,
password: password, password: password,
username: username, username: username,
}; };
await request(app.getHttpServer()) await request(testSetup.app.getHttpServer())
.post('/auth/local') .post('/api/private/auth/local')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(JSON.stringify(registrationDto)) .send(JSON.stringify(registrationDto))
.expect(400); .expect(400);
config.get('authConfig').local.enableRegister = true; testSetup.configService.get('authConfig').local.enableRegister = true;
}); });
}); });
}); });
@ -151,8 +102,8 @@ describe('Auth', () => {
password: password, password: password,
username: username, username: username,
}; };
const response = await request(app.getHttpServer()) const response = await request(testSetup.app.getHttpServer())
.post('/auth/local/login') .post('/api/private/auth/local/login')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(JSON.stringify(loginDto)) .send(JSON.stringify(loginDto))
.expect(201); .expect(201);
@ -163,8 +114,8 @@ describe('Auth', () => {
const changePasswordDto: UpdatePasswordDto = { const changePasswordDto: UpdatePasswordDto = {
newPassword: newPassword, newPassword: newPassword,
}; };
await request(app.getHttpServer()) await request(testSetup.app.getHttpServer())
.put('/auth/local') .put('/api/private/auth/local')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.set('Cookie', cookie) .set('Cookie', cookie)
.send(JSON.stringify(changePasswordDto)) .send(JSON.stringify(changePasswordDto))
@ -174,8 +125,8 @@ describe('Auth', () => {
password: newPassword, password: newPassword,
username: username, username: username,
}; };
const response = await request(app.getHttpServer()) const response = await request(testSetup.app.getHttpServer())
.post('/auth/local/login') .post('/api/private/auth/local/login')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(JSON.stringify(loginDto)) .send(JSON.stringify(loginDto))
.expect(201); .expect(201);
@ -184,34 +135,34 @@ describe('Auth', () => {
const changePasswordBackDto: UpdatePasswordDto = { const changePasswordBackDto: UpdatePasswordDto = {
newPassword: password, newPassword: password,
}; };
await request(app.getHttpServer()) await request(testSetup.app.getHttpServer())
.put('/auth/local') .put('/api/private/auth/local')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.set('Cookie', cookie) .set('Cookie', cookie)
.send(JSON.stringify(changePasswordBackDto)) .send(JSON.stringify(changePasswordBackDto))
.expect(200); .expect(200);
}); });
it('fails, when registration is disabled', async () => { it('fails, when registration is disabled', async () => {
config.get('authConfig').local.enableLogin = false; testSetup.configService.get('authConfig').local.enableLogin = false;
// Try to change password // Try to change password
const changePasswordDto: UpdatePasswordDto = { const changePasswordDto: UpdatePasswordDto = {
newPassword: newPassword, newPassword: newPassword,
}; };
await request(app.getHttpServer()) await request(testSetup.app.getHttpServer())
.put('/auth/local') .put('/api/private/auth/local')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.set('Cookie', cookie) .set('Cookie', cookie)
.send(JSON.stringify(changePasswordDto)) .send(JSON.stringify(changePasswordDto))
.expect(400); .expect(400);
// enable login again // enable login again
config.get('authConfig').local.enableLogin = true; testSetup.configService.get('authConfig').local.enableLogin = true;
// new password doesn't work for login // new password doesn't work for login
const loginNewPasswordDto: LoginDto = { const loginNewPasswordDto: LoginDto = {
password: newPassword, password: newPassword,
username: username, username: username,
}; };
await request(app.getHttpServer()) await request(testSetup.app.getHttpServer())
.post('/auth/local/login') .post('/api/private/auth/local/login')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(JSON.stringify(loginNewPasswordDto)) .send(JSON.stringify(loginNewPasswordDto))
.expect(401); .expect(401);
@ -220,8 +171,8 @@ describe('Auth', () => {
password: password, password: password,
username: username, username: username,
}; };
await request(app.getHttpServer()) await request(testSetup.app.getHttpServer())
.post('/auth/local/login') .post('/api/private/auth/local/login')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(JSON.stringify(loginOldPasswordDto)) .send(JSON.stringify(loginOldPasswordDto))
.expect(201); .expect(201);
@ -230,13 +181,13 @@ describe('Auth', () => {
describe('POST /auth/local/login', () => { describe('POST /auth/local/login', () => {
it('works', async () => { it('works', async () => {
config.get('authConfig').local.enableLogin = true; testSetup.configService.get('authConfig').local.enableLogin = true;
const loginDto: LoginDto = { const loginDto: LoginDto = {
password: password, password: password,
username: username, username: username,
}; };
await request(app.getHttpServer()) await request(testSetup.app.getHttpServer())
.post('/auth/local/login') .post('/api/private/auth/local/login')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(JSON.stringify(loginDto)) .send(JSON.stringify(loginDto))
.expect(201); .expect(201);
@ -245,19 +196,19 @@ describe('Auth', () => {
describe('DELETE /auth/logout', () => { describe('DELETE /auth/logout', () => {
it('works', async () => { it('works', async () => {
config.get('authConfig').local.enableLogin = true; testSetup.configService.get('authConfig').local.enableLogin = true;
const loginDto: LoginDto = { const loginDto: LoginDto = {
password: password, password: password,
username: username, username: username,
}; };
const response = await request(app.getHttpServer()) const response = await request(testSetup.app.getHttpServer())
.post('/auth/local/login') .post('/api/private/auth/local/login')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(JSON.stringify(loginDto)) .send(JSON.stringify(loginDto))
.expect(201); .expect(201);
const cookie = response.get('Set-Cookie')[0]; const cookie = response.get('Set-Cookie')[0];
await request(app.getHttpServer()) await request(testSetup.app.getHttpServer())
.delete('/auth/logout') .delete('/api/private/auth/logout')
.set('Cookie', cookie) .set('Cookie', cookie)
.expect(200); .expect(200);
}); });

20
test/private-api/history.e2e-spec.ts
View file

@ -54,14 +54,14 @@ describe('History', () => {
note2 = await notesService.createNote(content, 'note2', user); note2 = await notesService.createNote(content, 'note2', user);
agent = request.agent(testSetup.app.getHttpServer()); agent = request.agent(testSetup.app.getHttpServer());
await agent await agent
.post('/auth/local/login') .post('/api/private/auth/local/login')
.send({ username: 'hardcoded', password: 'test' }) .send({ username: 'hardcoded', password: 'test' })
.expect(201); .expect(201);
}); });
it('GET /me/history', async () => { it('GET /me/history', async () => {
const emptyResponse = await agent const emptyResponse = await agent
.get('/me/history') .get('/api/private/me/history')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200); .expect(200);
expect(emptyResponse.body.length).toEqual(0); expect(emptyResponse.body.length).toEqual(0);
@ -71,7 +71,7 @@ describe('History', () => {
); );
const entryDto = testSetup.historyService.toHistoryEntryDto(entry); const entryDto = testSetup.historyService.toHistoryEntryDto(entry);
const response = await agent const response = await agent
.get('/me/history') .get('/api/private/me/history')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200); .expect(200);
expect(response.body.length).toEqual(1); expect(response.body.length).toEqual(1);
@ -98,7 +98,7 @@ describe('History', () => {
postEntryDto.pinStatus = pinStatus; postEntryDto.pinStatus = pinStatus;
postEntryDto.lastVisited = lastVisited; postEntryDto.lastVisited = lastVisited;
await agent await agent
.post('/me/history') .post('/api/private/me/history')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(JSON.stringify({ history: [postEntryDto] })) .send(JSON.stringify({ history: [postEntryDto] }))
.expect(201); .expect(201);
@ -135,7 +135,7 @@ describe('History', () => {
brokenEntryDto.pinStatus = pinStatus; brokenEntryDto.pinStatus = pinStatus;
brokenEntryDto.lastVisited = lastVisited; brokenEntryDto.lastVisited = lastVisited;
await agent await agent
.post('/me/history') .post('/api/private/me/history')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(JSON.stringify({ history: [brokenEntryDto] })) .send(JSON.stringify({ history: [brokenEntryDto] }))
.expect(400); .expect(400);
@ -146,7 +146,7 @@ describe('History', () => {
brokenEntryDto.pinStatus = pinStatus; brokenEntryDto.pinStatus = pinStatus;
brokenEntryDto.lastVisited = lastVisited; brokenEntryDto.lastVisited = lastVisited;
await agent await agent
.post('/me/history') .post('/api/private/me/history')
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send(JSON.stringify({ history: [brokenEntryDto] })) .send(JSON.stringify({ history: [brokenEntryDto] }))
.expect(400); .expect(400);
@ -170,7 +170,7 @@ describe('History', () => {
expect( expect(
(await testSetup.historyService.getEntriesByUser(user)).length, (await testSetup.historyService.getEntriesByUser(user)).length,
).toEqual(1); ).toEqual(1);
await agent.delete('/me/history').expect(200); await agent.delete('/api/private/me/history').expect(200);
expect( expect(
(await testSetup.historyService.getEntriesByUser(user)).length, (await testSetup.historyService.getEntriesByUser(user)).length,
).toEqual(0); ).toEqual(0);
@ -184,7 +184,7 @@ describe('History', () => {
expect(entry.pinStatus).toBeFalsy(); expect(entry.pinStatus).toBeFalsy();
const alias = entry.note.aliases.filter((alias) => alias.primary)[0].name; const alias = entry.note.aliases.filter((alias) => alias.primary)[0].name;
await agent await agent
.put(`/me/history/${alias || 'undefined'}`) .put(`/api/private/me/history/${alias || 'undefined'}`)
.send({ pinStatus: true }) .send({ pinStatus: true })
.expect(200); .expect(200);
const userEntries = await testSetup.historyService.getEntriesByUser(user); const userEntries = await testSetup.historyService.getEntriesByUser(user);
@ -198,7 +198,9 @@ describe('History', () => {
const alias = entry.note.aliases.filter((alias) => alias.primary)[0].name; const alias = entry.note.aliases.filter((alias) => alias.primary)[0].name;
const entry2 = await historyService.updateHistoryEntryTimestamp(note, user); const entry2 = await historyService.updateHistoryEntryTimestamp(note, user);
const entryDto = historyService.toHistoryEntryDto(entry2); const entryDto = historyService.toHistoryEntryDto(entry2);
await agent.delete(`/me/history/${alias || 'undefined'}`).expect(200); await agent
.delete(`/api/private/me/history/${alias || 'undefined'}`)
.expect(200);
const userEntries = await historyService.getEntriesByUser(user); const userEntries = await historyService.getEntriesByUser(user);
expect(userEntries.length).toEqual(1); expect(userEntries.length).toEqual(1);
const userEntryDto = historyService.toHistoryEntryDto(userEntries[0]); const userEntryDto = historyService.toHistoryEntryDto(userEntries[0]);

12
test/private-api/me.e2e-spec.ts
View file

@ -44,7 +44,7 @@ describe('Me', () => {
note2 = await testSetup.notesService.createNote(content, alias2, user); note2 = await testSetup.notesService.createNote(content, alias2, user);
agent = request.agent(testSetup.app.getHttpServer()); agent = request.agent(testSetup.app.getHttpServer());
await agent await agent
.post('/auth/local/login') .post('/api/private/auth/local/login')
.send({ username: 'hardcoded', password: 'test' }) .send({ username: 'hardcoded', password: 'test' })
.expect(201); .expect(201);
}); });
@ -52,7 +52,7 @@ describe('Me', () => {
it('GET /me', async () => { it('GET /me', async () => {
const userInfo = testSetup.userService.toUserDto(user); const userInfo = testSetup.userService.toUserDto(user);
const response = await agent const response = await agent
.get('/me') .get('/api/private/me')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200); .expect(200);
const gotUser = response.body as UserInfoDto; const gotUser = response.body as UserInfoDto;
@ -61,7 +61,7 @@ describe('Me', () => {
it('GET /me/media', async () => { it('GET /me/media', async () => {
const responseBefore = await agent const responseBefore = await agent
.get('/me/media/') .get('/api/private/me/media/')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200); .expect(200);
expect(responseBefore.body).toHaveLength(0); expect(responseBefore.body).toHaveLength(0);
@ -73,7 +73,7 @@ describe('Me', () => {
const url3 = await testSetup.mediaService.saveFile(testImage, user, note2); const url3 = await testSetup.mediaService.saveFile(testImage, user, note2);
const response = await agent const response = await agent
.get('/me/media/') .get('/api/private/me/media/')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200); .expect(200);
expect(response.body).toHaveLength(4); expect(response.body).toHaveLength(4);
@ -92,7 +92,7 @@ describe('Me', () => {
const newDisplayName = 'Another name'; const newDisplayName = 'Another name';
expect(user.displayName).not.toEqual(newDisplayName); expect(user.displayName).not.toEqual(newDisplayName);
await agent await agent
.post('/me/profile') .post('/api/private/me/profile')
.send({ .send({
name: newDisplayName, name: newDisplayName,
}) })
@ -109,7 +109,7 @@ describe('Me', () => {
const mediaUploads = await testSetup.mediaService.listUploadsByUser(dbUser); const mediaUploads = await testSetup.mediaService.listUploadsByUser(dbUser);
expect(mediaUploads).toHaveLength(1); expect(mediaUploads).toHaveLength(1);
expect(mediaUploads[0].fileUrl).toEqual(url0); expect(mediaUploads[0].fileUrl).toEqual(url0);
await agent.delete('/me').expect(204); await agent.delete('/api/private/me').expect(204);
await expect( await expect(
testSetup.userService.getUserByUsername('hardcoded'), testSetup.userService.getUserByUsername('hardcoded'),
).rejects.toThrow(NotInDBError); ).rejects.toThrow(NotInDBError);

10
test/private-api/media.e2e-spec.ts
View file

@ -47,7 +47,7 @@ describe('Media', () => {
agent = request.agent(testSetup.app.getHttpServer()); agent = request.agent(testSetup.app.getHttpServer());
await agent await agent
.post('/auth/local/login') .post('/api/private/auth/local/login')
.send({ username: 'hardcoded', password: 'test' }) .send({ username: 'hardcoded', password: 'test' })
.expect(201); .expect(201);
}); });
@ -55,7 +55,7 @@ describe('Media', () => {
describe('POST /media', () => { describe('POST /media', () => {
it('works', async () => { it('works', async () => {
const uploadResponse = await agent const uploadResponse = await agent
.post('/media') .post('/api/private/media')
.attach('file', 'test/private-api/fixtures/test.png') .attach('file', 'test/private-api/fixtures/test.png')
.set('HedgeDoc-Note', 'test_upload_media') .set('HedgeDoc-Note', 'test_upload_media')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
@ -75,7 +75,7 @@ describe('Media', () => {
}); });
it('MIME type not supported', async () => { it('MIME type not supported', async () => {
await agent await agent
.post('/media') .post('/api/private/media')
.attach('file', 'test/private-api/fixtures/test.zip') .attach('file', 'test/private-api/fixtures/test.zip')
.set('HedgeDoc-Note', 'test_upload_media') .set('HedgeDoc-Note', 'test_upload_media')
.expect(400); .expect(400);
@ -83,7 +83,7 @@ describe('Media', () => {
}); });
it('note does not exist', async () => { it('note does not exist', async () => {
await agent await agent
.post('/media') .post('/api/private/media')
.attach('file', 'test/private-api/fixtures/test.zip') .attach('file', 'test/private-api/fixtures/test.zip')
.set('HedgeDoc-Note', 'i_dont_exist') .set('HedgeDoc-Note', 'i_dont_exist')
.expect(400); .expect(400);
@ -94,7 +94,7 @@ describe('Media', () => {
mode: '444', mode: '444',
}); });
await agent await agent
.post('/media') .post('/api/private/media')
.attach('file', 'test/private-api/fixtures/test.png') .attach('file', 'test/private-api/fixtures/test.png')
.set('HedgeDoc-Note', 'test_upload_media') .set('HedgeDoc-Note', 'test_upload_media')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)

58
test/private-api/notes.e2e-spec.ts
View file

@ -49,14 +49,14 @@ describe('Notes', () => {
agent = request.agent(testSetup.app.getHttpServer()); agent = request.agent(testSetup.app.getHttpServer());
await agent await agent
.post('/auth/local/login') .post('/api/private/auth/local/login')
.send({ username: 'hardcoded', password: 'test' }) .send({ username: 'hardcoded', password: 'test' })
.expect(201); .expect(201);
}); });
it('POST /notes', async () => { it('POST /notes', async () => {
const response = await agent const response = await agent
.post('/notes') .post('/api/private/notes')
.set('Content-Type', 'text/markdown') .set('Content-Type', 'text/markdown')
.send(content) .send(content)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
@ -76,7 +76,7 @@ describe('Notes', () => {
// check if we can succefully get a note that exists // check if we can succefully get a note that exists
await testSetup.notesService.createNote(content, 'test1', user); await testSetup.notesService.createNote(content, 'test1', user);
const response = await agent const response = await agent
.get('/notes/test1') .get('/api/private/notes/test1')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200); .expect(200);
expect(response.body.content).toEqual(content); expect(response.body.content).toEqual(content);
@ -84,7 +84,7 @@ describe('Notes', () => {
it('fails with an non-existing note', async () => { it('fails with an non-existing note', async () => {
// check if a missing note correctly returns 404 // check if a missing note correctly returns 404
await agent await agent
.get('/notes/i_dont_exist') .get('/api/private/notes/i_dont_exist')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(404); .expect(404);
}); });
@ -93,7 +93,7 @@ describe('Notes', () => {
describe('POST /notes/{note}', () => { describe('POST /notes/{note}', () => {
it('works with a non-existing alias', async () => { it('works with a non-existing alias', async () => {
const response = await agent const response = await agent
.post('/notes/test2') .post('/api/private/notes/test2')
.set('Content-Type', 'text/markdown') .set('Content-Type', 'text/markdown')
.send(content) .send(content)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
@ -110,7 +110,7 @@ describe('Notes', () => {
it('fails with a forbidden alias', async () => { it('fails with a forbidden alias', async () => {
await agent await agent
.post(`/notes/${forbiddenNoteId}`) .post(`/api/private/notes/${forbiddenNoteId}`)
.set('Content-Type', 'text/markdown') .set('Content-Type', 'text/markdown')
.send(content) .send(content)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
@ -119,7 +119,7 @@ describe('Notes', () => {
it('fails with a existing alias', async () => { it('fails with a existing alias', async () => {
await agent await agent
.post('/notes/test2') .post('/api/private/notes/test2')
.set('Content-Type', 'text/markdown') .set('Content-Type', 'text/markdown')
.send(content) .send(content)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
@ -138,7 +138,7 @@ describe('Notes', () => {
); );
await testSetup.mediaService.saveFile(testImage, user, note); await testSetup.mediaService.saveFile(testImage, user, note);
await agent await agent
.delete(`/notes/${noteId}`) .delete(`/api/private/notes/${noteId}`)
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send({ .send({
keepMedia: false, keepMedia: false,
@ -167,7 +167,7 @@ describe('Notes', () => {
note, note,
); );
await agent await agent
.delete(`/notes/${noteId}`) .delete(`/api/private/notes/${noteId}`)
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.send({ .send({
keepMedia: true, keepMedia: true,
@ -189,10 +189,10 @@ describe('Notes', () => {
}); });
}); });
it('fails with a forbidden alias', async () => { it('fails with a forbidden alias', async () => {
await agent.delete(`/notes/${forbiddenNoteId}`).expect(400); await agent.delete(`/api/private/notes/${forbiddenNoteId}`).expect(400);
}); });
it('fails with a non-existing alias', async () => { it('fails with a non-existing alias', async () => {
await agent.delete('/notes/i_dont_exist').expect(404); await agent.delete('/api/private/notes/i_dont_exist').expect(404);
}); });
}); });
@ -200,20 +200,22 @@ describe('Notes', () => {
it('works with existing alias', async () => { it('works with existing alias', async () => {
await testSetup.notesService.createNote(content, 'test4', user); await testSetup.notesService.createNote(content, 'test4', user);
const response = await agent const response = await agent
.get('/notes/test4/revisions') .get('/api/private/notes/test4/revisions')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200); .expect(200);
expect(response.body).toHaveLength(1); expect(response.body).toHaveLength(1);
}); });
it('fails with a forbidden alias', async () => { it('fails with a forbidden alias', async () => {
await agent.get(`/notes/${forbiddenNoteId}/revisions`).expect(400); await agent
.get(`/api/private/notes/${forbiddenNoteId}/revisions`)
.expect(400);
}); });
it('fails with non-existing alias', async () => { it('fails with non-existing alias', async () => {
// check if a missing note correctly returns 404 // check if a missing note correctly returns 404
await agent await agent
.get('/notes/i_dont_exist/revisions') .get('/api/private/notes/i_dont_exist/revisions')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(404); .expect(404);
}); });
@ -229,27 +231,29 @@ describe('Notes', () => {
); );
await testSetup.notesService.updateNote(note, 'update'); await testSetup.notesService.updateNote(note, 'update');
const responseBeforeDeleting = await agent const responseBeforeDeleting = await agent
.get('/notes/test8/revisions') .get('/api/private/notes/test8/revisions')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200); .expect(200);
expect(responseBeforeDeleting.body).toHaveLength(2); expect(responseBeforeDeleting.body).toHaveLength(2);
await agent await agent
.delete(`/notes/${noteId}/revisions`) .delete(`/api/private/notes/${noteId}/revisions`)
.set('Content-Type', 'application/json') .set('Content-Type', 'application/json')
.expect(204); .expect(204);
const responseAfterDeleting = await agent const responseAfterDeleting = await agent
.get('/notes/test8/revisions') .get('/api/private/notes/test8/revisions')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200); .expect(200);
expect(responseAfterDeleting.body).toHaveLength(1); expect(responseAfterDeleting.body).toHaveLength(1);
}); });
it('fails with a forbidden alias', async () => { it('fails with a forbidden alias', async () => {
await agent.delete(`/notes/${forbiddenNoteId}/revisions`).expect(400); await agent
.delete(`/api/private/notes/${forbiddenNoteId}/revisions`)
.expect(400);
}); });
it('fails with non-existing alias', async () => { it('fails with non-existing alias', async () => {
// check if a missing note correctly returns 404 // check if a missing note correctly returns 404
await agent await agent
.delete('/notes/i_dont_exist/revisions') .delete('/api/private/notes/i_dont_exist/revisions')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(404); .expect(404);
}); });
@ -264,18 +268,20 @@ describe('Notes', () => {
); );
const revision = await testSetup.notesService.getLatestRevision(note); const revision = await testSetup.notesService.getLatestRevision(note);
const response = await agent const response = await agent
.get(`/notes/test5/revisions/${revision.id}`) .get(`/api/private/notes/test5/revisions/${revision.id}`)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200); .expect(200);
expect(response.body.content).toEqual(content); expect(response.body.content).toEqual(content);
}); });
it('fails with a forbidden alias', async () => { it('fails with a forbidden alias', async () => {
await agent.get(`/notes/${forbiddenNoteId}/revisions/1`).expect(400); await agent
.get(`/api/private/notes/${forbiddenNoteId}/revisions/1`)
.expect(400);
}); });
it('fails with non-existing alias', async () => { it('fails with non-existing alias', async () => {
// check if a missing note correctly returns 404 // check if a missing note correctly returns 404
await agent await agent
.get('/notes/i_dont_exist/revisions/1') .get('/api/private/notes/i_dont_exist/revisions/1')
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(404); .expect(404);
}); });
@ -296,7 +302,7 @@ describe('Notes', () => {
user, user,
); );
const response = await agent const response = await agent
.get(`/notes/${alias}/media/`) .get(`/api/private/notes/${alias}/media/`)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200); .expect(200);
expect(response.body).toHaveLength(0); expect(response.body).toHaveLength(0);
@ -314,7 +320,7 @@ describe('Notes', () => {
); );
const responseAfter = await agent const responseAfter = await agent
.get(`/notes/${alias}/media/`) .get(`/api/private/notes/${alias}/media/`)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(200); .expect(200);
expect(responseAfter.body).toHaveLength(1); expect(responseAfter.body).toHaveLength(1);
@ -329,7 +335,7 @@ describe('Notes', () => {
}); });
it('fails, when note does not exist', async () => { it('fails, when note does not exist', async () => {
await agent await agent
.get(`/notes/i_dont_exist/media/`) .get(`/api/private/notes/i_dont_exist/media/`)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(404); .expect(404);
}); });
@ -341,7 +347,7 @@ describe('Notes', () => {
user2, user2,
); );
await agent await agent
.get(`/notes/${alias}/media/`) .get(`/api/private/notes/${alias}/media/`)
.expect('Content-Type', /json/) .expect('Content-Type', /json/)
.expect(401); .expect(401);
}); });