fix(repository): Move backend code into subdirectory

Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2025-05-12 22:26:08 -04:00 · 2022-10-02 20:10:32 +02:00 · 2022-10-02 20:10:32 +02:00 · bf30cbcf48
commit bf30cbcf48
parent 86584e705f
272 changed files with 87 additions and 67 deletions
--- a/backend/test/public-api/alias.e2e-spec.ts
+++ b/backend/test/public-api/alias.e2e-spec.ts
@ -0,0 +1,253 @@
+/*
+ * SPDX-FileCopyrightText: 2022 The HedgeDoc developers (see AUTHORS file)
+ *
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+import request from 'supertest';
+
+import { AliasUpdateDto } from '../../src/notes/alias-update.dto';
+import { TestSetup, TestSetupBuilder } from '../test-setup';
+
+describe('Alias', () => {
+  let testSetup: TestSetup;
+
+  let forbiddenNoteId: string;
+  let testAlias: string;
+  let publicId: string;
+
+  beforeEach(async () => {
+    testSetup = await TestSetupBuilder.create().withUsers().withNotes().build();
+    forbiddenNoteId =
+      testSetup.configService.get('noteConfig').forbiddenNoteIds[0];
+
+    await testSetup.app.init();
+
+    testAlias = (await testSetup.ownedNotes[0].aliases)[0].name;
+    publicId = testSetup.ownedNotes[0].publicId;
+  });
+
+  afterEach(async () => {
+    await testSetup.app.close();
+    await testSetup.cleanup();
+  });
+
+  describe('POST /alias', () => {
+    it('create with normal alias', async () => {
+      const metadata = await request(testSetup.app.getHttpServer())
+        .post(`/api/v2/alias`)
+        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+        .set('Content-Type', 'application/json')
+        .send({
+          noteIdOrAlias: testAlias,
+          newAlias: 'normalAlias',
+        })
+        .expect(201);
+
+      expect(metadata.body.name).toEqual('normalAlias');
+      expect(metadata.body.primaryAlias).toBeFalsy();
+      expect(metadata.body.noteId).toEqual(publicId);
+
+      const note = await request(testSetup.app.getHttpServer())
+        .get(`/api/v2/notes/normalAlias`)
+        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+        .expect(200);
+
+      expect(note.body.metadata.aliases).toContainEqual({
+        name: 'normalAlias',
+        primaryAlias: false,
+        noteId: publicId,
+      });
+      expect(note.body.metadata.primaryAddress).toEqual(testAlias);
+      expect(note.body.metadata.id).toEqual(publicId);
+    });
+
+    describe('does not create an alias', () => {
+      it('because because it is already used', async () => {
+        await request(testSetup.app.getHttpServer())
+          .post(`/api/v2/alias`)
+          .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+          .set('Content-Type', 'application/json')
+          .send({
+            noteIdOrAlias: testAlias,
+            newAlias: 'testAlias1',
+          })
+          .expect(409);
+      });
+      it('because of a forbidden alias', async () => {
+        await request(testSetup.app.getHttpServer())
+          .post(`/api/v2/alias`)
+          .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+          .set('Content-Type', 'application/json')
+          .send({
+            noteIdOrAlias: testAlias,
+            newAlias: forbiddenNoteId,
+          })
+          .expect(400);
+      });
+      it('because of a alias that is a public id', async () => {
+        await request(testSetup.app.getHttpServer())
+          .post(`/api/v2/alias`)
+          .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+          .set('Content-Type', 'application/json')
+          .send({
+            noteIdOrAlias: testAlias,
+            newAlias: publicId,
+          })
+          .expect(409);
+      });
+      it('because the user is not an owner', async () => {
+        await request(testSetup.app.getHttpServer())
+          .post(`/api/v2/alias`)
+          .set('Authorization', `Bearer ${testSetup.authTokens[1].secret}`)
+          .set('Content-Type', 'application/json')
+          .send({
+            noteIdOrAlias: testAlias,
+            newAlias: '',
+          })
+          .expect(401);
+      });
+    });
+  });
+
+  describe('PUT /alias/{alias}', () => {
+    const changeAliasDto: AliasUpdateDto = {
+      primaryAlias: true,
+    };
+
+    it('updates a note with a normal alias', async () => {
+      const metadata = await request(testSetup.app.getHttpServer())
+        .put(`/api/v2/alias/${testAlias}`)
+        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+        .set('Content-Type', 'application/json')
+        .send(changeAliasDto)
+        .expect(200);
+
+      expect(metadata.body.name).toEqual(testAlias);
+      expect(metadata.body.primaryAlias).toBeTruthy();
+      expect(metadata.body.noteId).toEqual(publicId);
+
+      const note = await request(testSetup.app.getHttpServer())
+        .get(`/api/v2/notes/${testAlias}`)
+        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+        .expect(200);
+
+      expect(note.body.metadata.aliases).toContainEqual({
+        name: testAlias,
+        primaryAlias: true,
+        noteId: publicId,
+      });
+      expect(note.body.metadata.primaryAddress).toEqual(testAlias);
+      expect(note.body.metadata.id).toEqual(publicId);
+    });
+
+    describe('does not update', () => {
+      it('a note with unknown alias', async () => {
+        await request(testSetup.app.getHttpServer())
+          .put(`/api/v2/alias/i_dont_exist`)
+          .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+          .set('Content-Type', 'application/json')
+          .send(changeAliasDto)
+          .expect(404);
+      });
+      it('a note with a forbidden id', async () => {
+        await request(testSetup.app.getHttpServer())
+          .put(`/api/v2/alias/${forbiddenNoteId}`)
+          .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+          .set('Content-Type', 'application/json')
+          .send(changeAliasDto)
+          .expect(400);
+      });
+      it('if the user is not an owner', async () => {
+        await request(testSetup.app.getHttpServer())
+          .put(`/api/v2/alias/${testAlias}`)
+          .set('Authorization', `Bearer ${testSetup.authTokens[1].secret}`)
+          .set('Content-Type', 'application/json')
+          .send(changeAliasDto)
+          .expect(401);
+      });
+      it('if the property primaryAlias is false', async () => {
+        changeAliasDto.primaryAlias = false;
+
+        await request(testSetup.app.getHttpServer())
+          .put(`/api/v2/alias/${testAlias}`)
+          .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+          .set('Content-Type', 'application/json')
+          .send(changeAliasDto)
+          .expect(400);
+      });
+    });
+  });
+
+  describe('DELETE /alias/{alias}', () => {
+    const secondAlias = 'secondAlias';
+
+    it('deletes a normal alias', async () => {
+      await request(testSetup.app.getHttpServer())
+        .delete(`/api/v2/alias/${testAlias}`)
+        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+        .expect(204);
+
+      await request(testSetup.app.getHttpServer())
+        .get(`/api/v2/notes/${testAlias}`)
+        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+        .expect(404);
+    });
+
+    it('does not delete an unknown alias', async () => {
+      await request(testSetup.app.getHttpServer())
+        .delete(`/api/v2/alias/i_dont_exist`)
+        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+        .expect(404);
+    });
+
+    it('errors on forbidden notes', async () => {
+      await request(testSetup.app.getHttpServer())
+        .delete(`/api/v2/alias/${forbiddenNoteId}`)
+        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+        .expect(400);
+    });
+
+    it('errors if the user is not the owner', async () => {
+      await request(testSetup.app.getHttpServer())
+        .delete(`/api/v2/alias/${testAlias}`)
+        .set('Authorization', `Bearer ${testSetup.authTokens[1].secret}`)
+        .expect(401);
+    });
+
+    it('does not delete a primary alias (if it is not the only one)', async () => {
+      // add another alias
+      await testSetup.aliasService.addAlias(
+        testSetup.ownedNotes[0],
+        secondAlias,
+      );
+
+      // try to delete the primary alias
+      await request(testSetup.app.getHttpServer())
+        .delete(`/api/v2/alias/${testAlias}`)
+        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+        .expect(400);
+      await request(testSetup.app.getHttpServer())
+        .get(`/api/v2/notes/${secondAlias}`)
+        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+        .expect(200);
+    });
+
+    it('deletes a primary alias (if it is the only one)', async () => {
+      // add another alias
+      await testSetup.aliasService.addAlias(
+        testSetup.ownedNotes[0],
+        secondAlias,
+      );
+
+      await request(testSetup.app.getHttpServer())
+        .delete(`/api/v2/alias/${secondAlias}`)
+        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+        .expect(204);
+
+      await request(testSetup.app.getHttpServer())
+        .delete(`/api/v2/alias/${testAlias}`)
+        .set('Authorization', `Bearer ${testSetup.authTokens[0].secret}`)
+        .expect(204);
+    });
+  });
+});