github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-11-23 10:16:32 -05:00
Code Issues Projects Releases Packages Wiki Activity

NotesService: Add e2e tests for forbidden note alias

Browse source 
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
Philip Molares 2021-02-20 22:24:17 +01:00
parent 4034fa6495
commit 1df0bda61d
1 changed files with 47 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
test/public-api/notes.e2e-spec.ts
View file

@ -10,7 +10,7 @@
*/
import { INestApplication } from '@nestjs/common';
import { ConfigModule } from '@nestjs/config';
import { ConfigModule, ConfigService } from '@nestjs/config';
import { Test } from '@nestjs/testing';
import { TypeOrmModule } from '@nestjs/typeorm';
import * as request from 'supertest';
@ -35,6 +35,7 @@ describe('Notes', () => {
let notesService: NotesService;
let user: User;
let content: string;
let forbiddenNoteId: string;
beforeAll(async () => {
const moduleRef = await Test.createTestingModule({
@ -63,6 +64,8 @@ describe('Notes', () => {
.useClass(MockAuthGuard)
.compile();
const config = moduleRef.get<ConfigService>(ConfigService);
forbiddenNoteId = config.get('appConfig').forbiddenNoteIds[0];
app = moduleRef.createNestApplication();
await app.init();
notesService = moduleRef.get(NotesService);
@ -121,6 +124,15 @@ describe('Notes', () => {
).toEqual(content);
});
it('fails with a forbidden alias', async () => {
await request(app.getHttpServer())
.post(`/notes/${forbiddenNoteId}`)
.set('Content-Type', 'text/markdown')
.send(content)
.expect('Content-Type', /json/)
.expect(400);
});
it('fails with a existing alias', async () => {
await request(app.getHttpServer())
.post('/notes/test2')
@ -139,6 +151,11 @@ describe('Notes', () => {
new NotInDBError("Note with id/alias 'test3' not found."),
);
});
it('fails with a forbidden alias', async () => {
await request(app.getHttpServer())
.delete(`/notes/${forbiddenNoteId}`)
.expect(400);
});
it('fails with a non-existing alias', async () => {
await request(app.getHttpServer())
.delete('/notes/i_dont_exist')
@ -162,6 +179,13 @@ describe('Notes', () => {
).toEqual(changedContent);
expect(response.body.content).toEqual(changedContent);
});
it('fails with a forbidden alias', async () => {
await request(app.getHttpServer())
.put(`/notes/${forbiddenNoteId}`)
.set('Content-Type', 'text/markdown')
.send(changedContent)
.expect(400);
});
it('fails with a non-existing alias', async () => {
await request(app.getHttpServer())
.put('/notes/i_dont_exist')
@ -196,6 +220,12 @@ describe('Notes', () => {
expect(metadata.body.editedBy).toEqual([]);
});
it('fails with a forbidden alias', async () => {
await request(app.getHttpServer())
.get(`/notes/${forbiddenNoteId}/metadata`)
.expect(400);
});
it('fails with non-existing alias', async () => {
// check if a missing note correctly returns 404
await request(app.getHttpServer())
@ -231,6 +261,12 @@ describe('Notes', () => {
expect(response.body).toHaveLength(1);
});
it('fails with a forbidden alias', async () => {
await request(app.getHttpServer())
.get(`/notes/${forbiddenNoteId}/revisions`)
.expect(400);
});
it('fails with non-existing alias', async () => {
// check if a missing note correctly returns 404
await request(app.getHttpServer())
@ -250,6 +286,11 @@ describe('Notes', () => {
.expect(200);
expect(response.body.content).toEqual(content);
});
it('fails with a forbidden alias', async () => {
await request(app.getHttpServer())
.get(`/notes/${forbiddenNoteId}/revisions/1`)
.expect(400);
});
it('fails with non-existing alias', async () => {
// check if a missing note correctly returns 404
await request(app.getHttpServer())
@ -267,7 +308,11 @@ describe('Notes', () => {
.expect(200);
expect(response.text).toEqual(content);
});
it('fails with a forbidden alias', async () => {
await request(app.getHttpServer())
.get(`/notes/${forbiddenNoteId}/content`)
.expect(400);
});
it('fails with non-existing alias', async () => {
// check if a missing note correctly returns 404
await request(app.getHttpServer())