mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-11-27 03:58:02 -05:00
NotesService: Add e2e tests for forbidden note alias
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
parent
4034fa6495
commit
1df0bda61d
1 changed files with 47 additions and 2 deletions
|
@ -10,7 +10,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import { INestApplication } from '@nestjs/common';
|
import { INestApplication } from '@nestjs/common';
|
||||||
import { ConfigModule } from '@nestjs/config';
|
import { ConfigModule, ConfigService } from '@nestjs/config';
|
||||||
import { Test } from '@nestjs/testing';
|
import { Test } from '@nestjs/testing';
|
||||||
import { TypeOrmModule } from '@nestjs/typeorm';
|
import { TypeOrmModule } from '@nestjs/typeorm';
|
||||||
import * as request from 'supertest';
|
import * as request from 'supertest';
|
||||||
|
@ -35,6 +35,7 @@ describe('Notes', () => {
|
||||||
let notesService: NotesService;
|
let notesService: NotesService;
|
||||||
let user: User;
|
let user: User;
|
||||||
let content: string;
|
let content: string;
|
||||||
|
let forbiddenNoteId: string;
|
||||||
|
|
||||||
beforeAll(async () => {
|
beforeAll(async () => {
|
||||||
const moduleRef = await Test.createTestingModule({
|
const moduleRef = await Test.createTestingModule({
|
||||||
|
@ -63,6 +64,8 @@ describe('Notes', () => {
|
||||||
.useClass(MockAuthGuard)
|
.useClass(MockAuthGuard)
|
||||||
.compile();
|
.compile();
|
||||||
|
|
||||||
|
const config = moduleRef.get<ConfigService>(ConfigService);
|
||||||
|
forbiddenNoteId = config.get('appConfig').forbiddenNoteIds[0];
|
||||||
app = moduleRef.createNestApplication();
|
app = moduleRef.createNestApplication();
|
||||||
await app.init();
|
await app.init();
|
||||||
notesService = moduleRef.get(NotesService);
|
notesService = moduleRef.get(NotesService);
|
||||||
|
@ -121,6 +124,15 @@ describe('Notes', () => {
|
||||||
).toEqual(content);
|
).toEqual(content);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('fails with a forbidden alias', async () => {
|
||||||
|
await request(app.getHttpServer())
|
||||||
|
.post(`/notes/${forbiddenNoteId}`)
|
||||||
|
.set('Content-Type', 'text/markdown')
|
||||||
|
.send(content)
|
||||||
|
.expect('Content-Type', /json/)
|
||||||
|
.expect(400);
|
||||||
|
});
|
||||||
|
|
||||||
it('fails with a existing alias', async () => {
|
it('fails with a existing alias', async () => {
|
||||||
await request(app.getHttpServer())
|
await request(app.getHttpServer())
|
||||||
.post('/notes/test2')
|
.post('/notes/test2')
|
||||||
|
@ -139,6 +151,11 @@ describe('Notes', () => {
|
||||||
new NotInDBError("Note with id/alias 'test3' not found."),
|
new NotInDBError("Note with id/alias 'test3' not found."),
|
||||||
);
|
);
|
||||||
});
|
});
|
||||||
|
it('fails with a forbidden alias', async () => {
|
||||||
|
await request(app.getHttpServer())
|
||||||
|
.delete(`/notes/${forbiddenNoteId}`)
|
||||||
|
.expect(400);
|
||||||
|
});
|
||||||
it('fails with a non-existing alias', async () => {
|
it('fails with a non-existing alias', async () => {
|
||||||
await request(app.getHttpServer())
|
await request(app.getHttpServer())
|
||||||
.delete('/notes/i_dont_exist')
|
.delete('/notes/i_dont_exist')
|
||||||
|
@ -162,6 +179,13 @@ describe('Notes', () => {
|
||||||
).toEqual(changedContent);
|
).toEqual(changedContent);
|
||||||
expect(response.body.content).toEqual(changedContent);
|
expect(response.body.content).toEqual(changedContent);
|
||||||
});
|
});
|
||||||
|
it('fails with a forbidden alias', async () => {
|
||||||
|
await request(app.getHttpServer())
|
||||||
|
.put(`/notes/${forbiddenNoteId}`)
|
||||||
|
.set('Content-Type', 'text/markdown')
|
||||||
|
.send(changedContent)
|
||||||
|
.expect(400);
|
||||||
|
});
|
||||||
it('fails with a non-existing alias', async () => {
|
it('fails with a non-existing alias', async () => {
|
||||||
await request(app.getHttpServer())
|
await request(app.getHttpServer())
|
||||||
.put('/notes/i_dont_exist')
|
.put('/notes/i_dont_exist')
|
||||||
|
@ -196,6 +220,12 @@ describe('Notes', () => {
|
||||||
expect(metadata.body.editedBy).toEqual([]);
|
expect(metadata.body.editedBy).toEqual([]);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('fails with a forbidden alias', async () => {
|
||||||
|
await request(app.getHttpServer())
|
||||||
|
.get(`/notes/${forbiddenNoteId}/metadata`)
|
||||||
|
.expect(400);
|
||||||
|
});
|
||||||
|
|
||||||
it('fails with non-existing alias', async () => {
|
it('fails with non-existing alias', async () => {
|
||||||
// check if a missing note correctly returns 404
|
// check if a missing note correctly returns 404
|
||||||
await request(app.getHttpServer())
|
await request(app.getHttpServer())
|
||||||
|
@ -231,6 +261,12 @@ describe('Notes', () => {
|
||||||
expect(response.body).toHaveLength(1);
|
expect(response.body).toHaveLength(1);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('fails with a forbidden alias', async () => {
|
||||||
|
await request(app.getHttpServer())
|
||||||
|
.get(`/notes/${forbiddenNoteId}/revisions`)
|
||||||
|
.expect(400);
|
||||||
|
});
|
||||||
|
|
||||||
it('fails with non-existing alias', async () => {
|
it('fails with non-existing alias', async () => {
|
||||||
// check if a missing note correctly returns 404
|
// check if a missing note correctly returns 404
|
||||||
await request(app.getHttpServer())
|
await request(app.getHttpServer())
|
||||||
|
@ -250,6 +286,11 @@ describe('Notes', () => {
|
||||||
.expect(200);
|
.expect(200);
|
||||||
expect(response.body.content).toEqual(content);
|
expect(response.body.content).toEqual(content);
|
||||||
});
|
});
|
||||||
|
it('fails with a forbidden alias', async () => {
|
||||||
|
await request(app.getHttpServer())
|
||||||
|
.get(`/notes/${forbiddenNoteId}/revisions/1`)
|
||||||
|
.expect(400);
|
||||||
|
});
|
||||||
it('fails with non-existing alias', async () => {
|
it('fails with non-existing alias', async () => {
|
||||||
// check if a missing note correctly returns 404
|
// check if a missing note correctly returns 404
|
||||||
await request(app.getHttpServer())
|
await request(app.getHttpServer())
|
||||||
|
@ -267,7 +308,11 @@ describe('Notes', () => {
|
||||||
.expect(200);
|
.expect(200);
|
||||||
expect(response.text).toEqual(content);
|
expect(response.text).toEqual(content);
|
||||||
});
|
});
|
||||||
|
it('fails with a forbidden alias', async () => {
|
||||||
|
await request(app.getHttpServer())
|
||||||
|
.get(`/notes/${forbiddenNoteId}/content`)
|
||||||
|
.expect(400);
|
||||||
|
});
|
||||||
it('fails with non-existing alias', async () => {
|
it('fails with non-existing alias', async () => {
|
||||||
// check if a missing note correctly returns 404
|
// check if a missing note correctly returns 404
|
||||||
await request(app.getHttpServer())
|
await request(app.getHttpServer())
|
||||||
|
|
Loading…
Reference in a new issue