mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-11-28 18:10:59 -05:00
Merge pull request #1673 from hedgedoc/remove-hardcoded
This commit is contained in:
commit
e5750b0084
14 changed files with 354 additions and 155 deletions
|
@ -22,7 +22,7 @@ module.exports = {
|
||||||
'jest/expect-expect': [
|
'jest/expect-expect': [
|
||||||
'error',
|
'error',
|
||||||
{
|
{
|
||||||
assertFunctionNames: ['expect', 'request.**.expect'],
|
assertFunctionNames: ['expect', 'request.**.expect', 'agent.**.expect'],
|
||||||
},
|
},
|
||||||
],
|
],
|
||||||
'jest/no-standalone-expect': [
|
'jest/no-standalone-expect': [
|
||||||
|
|
|
@ -13,10 +13,9 @@ import {
|
||||||
Param,
|
Param,
|
||||||
Post,
|
Post,
|
||||||
Put,
|
Put,
|
||||||
Req,
|
|
||||||
UnauthorizedException,
|
UnauthorizedException,
|
||||||
|
UseGuards,
|
||||||
} from '@nestjs/common';
|
} from '@nestjs/common';
|
||||||
import { Request } from 'express';
|
|
||||||
|
|
||||||
import {
|
import {
|
||||||
AlreadyInDBError,
|
AlreadyInDBError,
|
||||||
|
@ -24,6 +23,7 @@ import {
|
||||||
NotInDBError,
|
NotInDBError,
|
||||||
PrimaryAliasDeletionForbiddenError,
|
PrimaryAliasDeletionForbiddenError,
|
||||||
} from '../../../errors/errors';
|
} from '../../../errors/errors';
|
||||||
|
import { SessionGuard } from '../../../identity/session.guard';
|
||||||
import { ConsoleLoggerService } from '../../../logger/console-logger.service';
|
import { ConsoleLoggerService } from '../../../logger/console-logger.service';
|
||||||
import { AliasCreateDto } from '../../../notes/alias-create.dto';
|
import { AliasCreateDto } from '../../../notes/alias-create.dto';
|
||||||
import { AliasUpdateDto } from '../../../notes/alias-update.dto';
|
import { AliasUpdateDto } from '../../../notes/alias-update.dto';
|
||||||
|
@ -31,8 +31,11 @@ import { AliasDto } from '../../../notes/alias.dto';
|
||||||
import { AliasService } from '../../../notes/alias.service';
|
import { AliasService } from '../../../notes/alias.service';
|
||||||
import { NotesService } from '../../../notes/notes.service';
|
import { NotesService } from '../../../notes/notes.service';
|
||||||
import { PermissionsService } from '../../../permissions/permissions.service';
|
import { PermissionsService } from '../../../permissions/permissions.service';
|
||||||
|
import { User } from '../../../users/user.entity';
|
||||||
import { UsersService } from '../../../users/users.service';
|
import { UsersService } from '../../../users/users.service';
|
||||||
|
import { RequestUser } from '../../utils/request-user.decorator';
|
||||||
|
|
||||||
|
@UseGuards(SessionGuard)
|
||||||
@Controller('alias')
|
@Controller('alias')
|
||||||
export class AliasController {
|
export class AliasController {
|
||||||
constructor(
|
constructor(
|
||||||
|
@ -44,15 +47,12 @@ export class AliasController {
|
||||||
) {
|
) {
|
||||||
this.logger.setContext(AliasController.name);
|
this.logger.setContext(AliasController.name);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Post()
|
@Post()
|
||||||
async addAlias(
|
async addAlias(
|
||||||
@Req() req: Request,
|
@RequestUser() user: User,
|
||||||
@Body() newAliasDto: AliasCreateDto,
|
@Body() newAliasDto: AliasCreateDto,
|
||||||
): Promise<AliasDto> {
|
): Promise<AliasDto> {
|
||||||
try {
|
try {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
const note = await this.noteService.getNoteByIdOrAlias(
|
const note = await this.noteService.getNoteByIdOrAlias(
|
||||||
newAliasDto.noteIdOrAlias,
|
newAliasDto.noteIdOrAlias,
|
||||||
);
|
);
|
||||||
|
@ -77,7 +77,7 @@ export class AliasController {
|
||||||
|
|
||||||
@Put(':alias')
|
@Put(':alias')
|
||||||
async makeAliasPrimary(
|
async makeAliasPrimary(
|
||||||
@Req() req: Request,
|
@RequestUser() user: User,
|
||||||
@Param('alias') alias: string,
|
@Param('alias') alias: string,
|
||||||
@Body() changeAliasDto: AliasUpdateDto,
|
@Body() changeAliasDto: AliasUpdateDto,
|
||||||
): Promise<AliasDto> {
|
): Promise<AliasDto> {
|
||||||
|
@ -87,8 +87,6 @@ export class AliasController {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
const note = await this.noteService.getNoteByIdOrAlias(alias);
|
const note = await this.noteService.getNoteByIdOrAlias(alias);
|
||||||
if (!this.permissionsService.isOwner(user, note)) {
|
if (!this.permissionsService.isOwner(user, note)) {
|
||||||
throw new UnauthorizedException('Reading note denied!');
|
throw new UnauthorizedException('Reading note denied!');
|
||||||
|
@ -112,12 +110,10 @@ export class AliasController {
|
||||||
@Delete(':alias')
|
@Delete(':alias')
|
||||||
@HttpCode(204)
|
@HttpCode(204)
|
||||||
async removeAlias(
|
async removeAlias(
|
||||||
@Req() req: Request,
|
@RequestUser() user: User,
|
||||||
@Param('alias') alias: string,
|
@Param('alias') alias: string,
|
||||||
): Promise<void> {
|
): Promise<void> {
|
||||||
try {
|
try {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
const note = await this.noteService.getNoteByIdOrAlias(alias);
|
const note = await this.noteService.getNoteByIdOrAlias(alias);
|
||||||
if (!this.permissionsService.isOwner(user, note)) {
|
if (!this.permissionsService.isOwner(user, note)) {
|
||||||
throw new UnauthorizedException('Reading note denied!');
|
throw new UnauthorizedException('Reading note denied!');
|
||||||
|
|
|
@ -13,6 +13,7 @@ import {
|
||||||
Param,
|
Param,
|
||||||
Post,
|
Post,
|
||||||
Put,
|
Put,
|
||||||
|
UseGuards,
|
||||||
} from '@nestjs/common';
|
} from '@nestjs/common';
|
||||||
import { ApiTags } from '@nestjs/swagger';
|
import { ApiTags } from '@nestjs/swagger';
|
||||||
|
|
||||||
|
@ -21,27 +22,27 @@ import { HistoryEntryImportDto } from '../../../../history/history-entry-import.
|
||||||
import { HistoryEntryUpdateDto } from '../../../../history/history-entry-update.dto';
|
import { HistoryEntryUpdateDto } from '../../../../history/history-entry-update.dto';
|
||||||
import { HistoryEntryDto } from '../../../../history/history-entry.dto';
|
import { HistoryEntryDto } from '../../../../history/history-entry.dto';
|
||||||
import { HistoryService } from '../../../../history/history.service';
|
import { HistoryService } from '../../../../history/history.service';
|
||||||
|
import { SessionGuard } from '../../../../identity/session.guard';
|
||||||
import { ConsoleLoggerService } from '../../../../logger/console-logger.service';
|
import { ConsoleLoggerService } from '../../../../logger/console-logger.service';
|
||||||
import { GetNotePipe } from '../../../../notes/get-note.pipe';
|
import { GetNotePipe } from '../../../../notes/get-note.pipe';
|
||||||
import { Note } from '../../../../notes/note.entity';
|
import { Note } from '../../../../notes/note.entity';
|
||||||
import { UsersService } from '../../../../users/users.service';
|
import { User } from '../../../../users/user.entity';
|
||||||
|
import { RequestUser } from '../../../utils/request-user.decorator';
|
||||||
|
|
||||||
|
@UseGuards(SessionGuard)
|
||||||
@ApiTags('history')
|
@ApiTags('history')
|
||||||
@Controller('/me/history')
|
@Controller('/me/history')
|
||||||
export class HistoryController {
|
export class HistoryController {
|
||||||
constructor(
|
constructor(
|
||||||
private readonly logger: ConsoleLoggerService,
|
private readonly logger: ConsoleLoggerService,
|
||||||
private historyService: HistoryService,
|
private historyService: HistoryService,
|
||||||
private userService: UsersService,
|
|
||||||
) {
|
) {
|
||||||
this.logger.setContext(HistoryController.name);
|
this.logger.setContext(HistoryController.name);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Get()
|
@Get()
|
||||||
async getHistory(): Promise<HistoryEntryDto[]> {
|
async getHistory(@RequestUser() user: User): Promise<HistoryEntryDto[]> {
|
||||||
// ToDo: use actual user here
|
|
||||||
try {
|
try {
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
const foundEntries = await this.historyService.getEntriesByUser(user);
|
const foundEntries = await this.historyService.getEntriesByUser(user);
|
||||||
return foundEntries.map((entry) =>
|
return foundEntries.map((entry) =>
|
||||||
this.historyService.toHistoryEntryDto(entry),
|
this.historyService.toHistoryEntryDto(entry),
|
||||||
|
@ -56,11 +57,10 @@ export class HistoryController {
|
||||||
|
|
||||||
@Post()
|
@Post()
|
||||||
async setHistory(
|
async setHistory(
|
||||||
|
@RequestUser() user: User,
|
||||||
@Body('history') history: HistoryEntryImportDto[],
|
@Body('history') history: HistoryEntryImportDto[],
|
||||||
): Promise<void> {
|
): Promise<void> {
|
||||||
try {
|
try {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
await this.historyService.setHistory(user, history);
|
await this.historyService.setHistory(user, history);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
if (e instanceof NotInDBError || e instanceof ForbiddenIdError) {
|
if (e instanceof NotInDBError || e instanceof ForbiddenIdError) {
|
||||||
|
@ -71,10 +71,8 @@ export class HistoryController {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Delete()
|
@Delete()
|
||||||
async deleteHistory(): Promise<void> {
|
async deleteHistory(@RequestUser() user: User): Promise<void> {
|
||||||
try {
|
try {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
await this.historyService.deleteHistory(user);
|
await this.historyService.deleteHistory(user);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
if (e instanceof NotInDBError) {
|
if (e instanceof NotInDBError) {
|
||||||
|
@ -87,11 +85,10 @@ export class HistoryController {
|
||||||
@Put(':note')
|
@Put(':note')
|
||||||
async updateHistoryEntry(
|
async updateHistoryEntry(
|
||||||
@Param('note', GetNotePipe) note: Note,
|
@Param('note', GetNotePipe) note: Note,
|
||||||
|
@RequestUser() user: User,
|
||||||
@Body() entryUpdateDto: HistoryEntryUpdateDto,
|
@Body() entryUpdateDto: HistoryEntryUpdateDto,
|
||||||
): Promise<HistoryEntryDto> {
|
): Promise<HistoryEntryDto> {
|
||||||
try {
|
try {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
const newEntry = await this.historyService.updateHistoryEntry(
|
const newEntry = await this.historyService.updateHistoryEntry(
|
||||||
note,
|
note,
|
||||||
user,
|
user,
|
||||||
|
@ -109,10 +106,9 @@ export class HistoryController {
|
||||||
@Delete(':note')
|
@Delete(':note')
|
||||||
async deleteHistoryEntry(
|
async deleteHistoryEntry(
|
||||||
@Param('note', GetNotePipe) note: Note,
|
@Param('note', GetNotePipe) note: Note,
|
||||||
|
@RequestUser() user: User,
|
||||||
): Promise<void> {
|
): Promise<void> {
|
||||||
try {
|
try {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
await this.historyService.deleteHistoryEntry(note, user);
|
await this.historyService.deleteHistoryEntry(note, user);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
if (e instanceof NotInDBError) {
|
if (e instanceof NotInDBError) {
|
||||||
|
|
|
@ -3,14 +3,26 @@
|
||||||
*
|
*
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
*/
|
*/
|
||||||
import { Body, Controller, Delete, Get, HttpCode, Post } from '@nestjs/common';
|
import {
|
||||||
|
Body,
|
||||||
|
Controller,
|
||||||
|
Delete,
|
||||||
|
Get,
|
||||||
|
HttpCode,
|
||||||
|
Post,
|
||||||
|
UseGuards,
|
||||||
|
} from '@nestjs/common';
|
||||||
|
|
||||||
|
import { SessionGuard } from '../../../identity/session.guard';
|
||||||
import { ConsoleLoggerService } from '../../../logger/console-logger.service';
|
import { ConsoleLoggerService } from '../../../logger/console-logger.service';
|
||||||
import { MediaUploadDto } from '../../../media/media-upload.dto';
|
import { MediaUploadDto } from '../../../media/media-upload.dto';
|
||||||
import { MediaService } from '../../../media/media.service';
|
import { MediaService } from '../../../media/media.service';
|
||||||
import { UserInfoDto } from '../../../users/user-info.dto';
|
import { UserInfoDto } from '../../../users/user-info.dto';
|
||||||
|
import { User } from '../../../users/user.entity';
|
||||||
import { UsersService } from '../../../users/users.service';
|
import { UsersService } from '../../../users/users.service';
|
||||||
|
import { RequestUser } from '../../utils/request-user.decorator';
|
||||||
|
|
||||||
|
@UseGuards(SessionGuard)
|
||||||
@Controller('me')
|
@Controller('me')
|
||||||
export class MeController {
|
export class MeController {
|
||||||
constructor(
|
constructor(
|
||||||
|
@ -20,27 +32,20 @@ export class MeController {
|
||||||
) {
|
) {
|
||||||
this.logger.setContext(MeController.name);
|
this.logger.setContext(MeController.name);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Get()
|
@Get()
|
||||||
async getMe(): Promise<UserInfoDto> {
|
getMe(@RequestUser() user: User): UserInfoDto {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
return this.userService.toUserDto(user);
|
return this.userService.toUserDto(user);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Get('media')
|
@Get('media')
|
||||||
async getMyMedia(): Promise<MediaUploadDto[]> {
|
async getMyMedia(@RequestUser() user: User): Promise<MediaUploadDto[]> {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
const media = await this.mediaService.listUploadsByUser(user);
|
const media = await this.mediaService.listUploadsByUser(user);
|
||||||
return media.map((media) => this.mediaService.toMediaUploadDto(media));
|
return media.map((media) => this.mediaService.toMediaUploadDto(media));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Delete()
|
@Delete()
|
||||||
@HttpCode(204)
|
@HttpCode(204)
|
||||||
async deleteUser(): Promise<void> {
|
async deleteUser(@RequestUser() user: User): Promise<void> {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
const mediaUploads = await this.mediaService.listUploadsByUser(user);
|
const mediaUploads = await this.mediaService.listUploadsByUser(user);
|
||||||
for (const mediaUpload of mediaUploads) {
|
for (const mediaUpload of mediaUploads) {
|
||||||
await this.mediaService.deleteFile(mediaUpload);
|
await this.mediaService.deleteFile(mediaUpload);
|
||||||
|
@ -52,9 +57,10 @@ export class MeController {
|
||||||
|
|
||||||
@Post('profile')
|
@Post('profile')
|
||||||
@HttpCode(200)
|
@HttpCode(200)
|
||||||
async updateDisplayName(@Body('name') newDisplayName: string): Promise<void> {
|
async updateDisplayName(
|
||||||
// ToDo: use actual user here
|
@RequestUser() user: User,
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
@Body('name') newDisplayName: string,
|
||||||
|
): Promise<void> {
|
||||||
await this.userService.changeDisplayName(user, newDisplayName);
|
await this.userService.changeDisplayName(user, newDisplayName);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,6 +11,7 @@ import {
|
||||||
InternalServerErrorException,
|
InternalServerErrorException,
|
||||||
Post,
|
Post,
|
||||||
UploadedFile,
|
UploadedFile,
|
||||||
|
UseGuards,
|
||||||
UseInterceptors,
|
UseInterceptors,
|
||||||
} from '@nestjs/common';
|
} from '@nestjs/common';
|
||||||
import { FileInterceptor } from '@nestjs/platform-express';
|
import { FileInterceptor } from '@nestjs/platform-express';
|
||||||
|
@ -20,6 +21,7 @@ import {
|
||||||
MediaBackendError,
|
MediaBackendError,
|
||||||
NotInDBError,
|
NotInDBError,
|
||||||
} from '../../../errors/errors';
|
} from '../../../errors/errors';
|
||||||
|
import { SessionGuard } from '../../../identity/session.guard';
|
||||||
import { ConsoleLoggerService } from '../../../logger/console-logger.service';
|
import { ConsoleLoggerService } from '../../../logger/console-logger.service';
|
||||||
import { MediaUploadUrlDto } from '../../../media/media-upload-url.dto';
|
import { MediaUploadUrlDto } from '../../../media/media-upload-url.dto';
|
||||||
import { MediaService } from '../../../media/media.service';
|
import { MediaService } from '../../../media/media.service';
|
||||||
|
@ -28,7 +30,9 @@ import { Note } from '../../../notes/note.entity';
|
||||||
import { NotesService } from '../../../notes/notes.service';
|
import { NotesService } from '../../../notes/notes.service';
|
||||||
import { User } from '../../../users/user.entity';
|
import { User } from '../../../users/user.entity';
|
||||||
import { UsersService } from '../../../users/users.service';
|
import { UsersService } from '../../../users/users.service';
|
||||||
|
import { RequestUser } from '../../utils/request-user.decorator';
|
||||||
|
|
||||||
|
@UseGuards(SessionGuard)
|
||||||
@Controller('media')
|
@Controller('media')
|
||||||
export class MediaController {
|
export class MediaController {
|
||||||
constructor(
|
constructor(
|
||||||
|
@ -46,9 +50,8 @@ export class MediaController {
|
||||||
async uploadMedia(
|
async uploadMedia(
|
||||||
@UploadedFile() file: MulterFile,
|
@UploadedFile() file: MulterFile,
|
||||||
@Headers('HedgeDoc-Note') noteId: string,
|
@Headers('HedgeDoc-Note') noteId: string,
|
||||||
|
@RequestUser() user: User,
|
||||||
): Promise<MediaUploadUrlDto> {
|
): Promise<MediaUploadUrlDto> {
|
||||||
// ToDo: Get real userName
|
|
||||||
const user: User = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
try {
|
try {
|
||||||
// TODO: Move getting the Note object into a decorator
|
// TODO: Move getting the Note object into a decorator
|
||||||
const note: Note = await this.noteService.getNoteByIdOrAlias(noteId);
|
const note: Note = await this.noteService.getNoteByIdOrAlias(noteId);
|
||||||
|
|
|
@ -14,6 +14,7 @@ import {
|
||||||
Param,
|
Param,
|
||||||
Post,
|
Post,
|
||||||
UnauthorizedException,
|
UnauthorizedException,
|
||||||
|
UseGuards,
|
||||||
} from '@nestjs/common';
|
} from '@nestjs/common';
|
||||||
|
|
||||||
import {
|
import {
|
||||||
|
@ -22,6 +23,7 @@ import {
|
||||||
NotInDBError,
|
NotInDBError,
|
||||||
} from '../../../errors/errors';
|
} from '../../../errors/errors';
|
||||||
import { HistoryService } from '../../../history/history.service';
|
import { HistoryService } from '../../../history/history.service';
|
||||||
|
import { SessionGuard } from '../../../identity/session.guard';
|
||||||
import { ConsoleLoggerService } from '../../../logger/console-logger.service';
|
import { ConsoleLoggerService } from '../../../logger/console-logger.service';
|
||||||
import { MediaUploadDto } from '../../../media/media-upload.dto';
|
import { MediaUploadDto } from '../../../media/media-upload.dto';
|
||||||
import { MediaService } from '../../../media/media.service';
|
import { MediaService } from '../../../media/media.service';
|
||||||
|
@ -34,9 +36,12 @@ import { PermissionsService } from '../../../permissions/permissions.service';
|
||||||
import { RevisionMetadataDto } from '../../../revisions/revision-metadata.dto';
|
import { RevisionMetadataDto } from '../../../revisions/revision-metadata.dto';
|
||||||
import { RevisionDto } from '../../../revisions/revision.dto';
|
import { RevisionDto } from '../../../revisions/revision.dto';
|
||||||
import { RevisionsService } from '../../../revisions/revisions.service';
|
import { RevisionsService } from '../../../revisions/revisions.service';
|
||||||
|
import { User } from '../../../users/user.entity';
|
||||||
import { UsersService } from '../../../users/users.service';
|
import { UsersService } from '../../../users/users.service';
|
||||||
import { MarkdownBody } from '../../utils/markdownbody-decorator';
|
import { MarkdownBody } from '../../utils/markdownbody-decorator';
|
||||||
|
import { RequestUser } from '../../utils/request-user.decorator';
|
||||||
|
|
||||||
|
@UseGuards(SessionGuard)
|
||||||
@Controller('notes')
|
@Controller('notes')
|
||||||
export class NotesController {
|
export class NotesController {
|
||||||
constructor(
|
constructor(
|
||||||
|
@ -53,10 +58,9 @@ export class NotesController {
|
||||||
|
|
||||||
@Get(':noteIdOrAlias')
|
@Get(':noteIdOrAlias')
|
||||||
async getNote(
|
async getNote(
|
||||||
|
@RequestUser() user: User,
|
||||||
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
||||||
): Promise<NoteDto> {
|
): Promise<NoteDto> {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
if (!this.permissionsService.mayRead(user, note)) {
|
if (!this.permissionsService.mayRead(user, note)) {
|
||||||
throw new UnauthorizedException('Reading note denied!');
|
throw new UnauthorizedException('Reading note denied!');
|
||||||
}
|
}
|
||||||
|
@ -67,10 +71,9 @@ export class NotesController {
|
||||||
@Get(':noteIdOrAlias/media')
|
@Get(':noteIdOrAlias/media')
|
||||||
async getNotesMedia(
|
async getNotesMedia(
|
||||||
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
||||||
|
@RequestUser() user: User,
|
||||||
): Promise<MediaUploadDto[]> {
|
): Promise<MediaUploadDto[]> {
|
||||||
try {
|
try {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
if (!this.permissionsService.mayRead(user, note)) {
|
if (!this.permissionsService.mayRead(user, note)) {
|
||||||
throw new UnauthorizedException('Reading note denied!');
|
throw new UnauthorizedException('Reading note denied!');
|
||||||
}
|
}
|
||||||
|
@ -86,10 +89,10 @@ export class NotesController {
|
||||||
|
|
||||||
@Post()
|
@Post()
|
||||||
@HttpCode(201)
|
@HttpCode(201)
|
||||||
async createNote(@MarkdownBody() text: string): Promise<NoteDto> {
|
async createNote(
|
||||||
// ToDo: use actual user here
|
@RequestUser() user: User,
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
@MarkdownBody() text: string,
|
||||||
// ToDo: provide user for createNoteDto
|
): Promise<NoteDto> {
|
||||||
if (!this.permissionsService.mayCreate(user)) {
|
if (!this.permissionsService.mayCreate(user)) {
|
||||||
throw new UnauthorizedException('Creating note denied!');
|
throw new UnauthorizedException('Creating note denied!');
|
||||||
}
|
}
|
||||||
|
@ -102,11 +105,10 @@ export class NotesController {
|
||||||
@Post(':noteAlias')
|
@Post(':noteAlias')
|
||||||
@HttpCode(201)
|
@HttpCode(201)
|
||||||
async createNamedNote(
|
async createNamedNote(
|
||||||
|
@RequestUser() user: User,
|
||||||
@Param('noteAlias') noteAlias: string,
|
@Param('noteAlias') noteAlias: string,
|
||||||
@MarkdownBody() text: string,
|
@MarkdownBody() text: string,
|
||||||
): Promise<NoteDto> {
|
): Promise<NoteDto> {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
if (!this.permissionsService.mayCreate(user)) {
|
if (!this.permissionsService.mayCreate(user)) {
|
||||||
throw new UnauthorizedException('Creating note denied!');
|
throw new UnauthorizedException('Creating note denied!');
|
||||||
}
|
}
|
||||||
|
@ -129,12 +131,11 @@ export class NotesController {
|
||||||
@Delete(':noteIdOrAlias')
|
@Delete(':noteIdOrAlias')
|
||||||
@HttpCode(204)
|
@HttpCode(204)
|
||||||
async deleteNote(
|
async deleteNote(
|
||||||
|
@RequestUser() user: User,
|
||||||
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
||||||
@Body() noteMediaDeletionDto: NoteMediaDeletionDto,
|
@Body() noteMediaDeletionDto: NoteMediaDeletionDto,
|
||||||
): Promise<void> {
|
): Promise<void> {
|
||||||
try {
|
try {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
if (!this.permissionsService.isOwner(user, note)) {
|
if (!this.permissionsService.isOwner(user, note)) {
|
||||||
throw new UnauthorizedException('Deleting note denied!');
|
throw new UnauthorizedException('Deleting note denied!');
|
||||||
}
|
}
|
||||||
|
@ -160,11 +161,10 @@ export class NotesController {
|
||||||
|
|
||||||
@Get(':noteIdOrAlias/revisions')
|
@Get(':noteIdOrAlias/revisions')
|
||||||
async getNoteRevisions(
|
async getNoteRevisions(
|
||||||
|
@RequestUser() user: User,
|
||||||
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
||||||
): Promise<RevisionMetadataDto[]> {
|
): Promise<RevisionMetadataDto[]> {
|
||||||
try {
|
try {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
if (!this.permissionsService.mayRead(user, note)) {
|
if (!this.permissionsService.mayRead(user, note)) {
|
||||||
throw new UnauthorizedException('Reading note denied!');
|
throw new UnauthorizedException('Reading note denied!');
|
||||||
}
|
}
|
||||||
|
@ -185,11 +185,10 @@ export class NotesController {
|
||||||
@Delete(':noteIdOrAlias/revisions')
|
@Delete(':noteIdOrAlias/revisions')
|
||||||
@HttpCode(204)
|
@HttpCode(204)
|
||||||
async purgeNoteRevisions(
|
async purgeNoteRevisions(
|
||||||
|
@RequestUser() user: User,
|
||||||
@Param('noteIdOrAlias') noteIdOrAlias: string,
|
@Param('noteIdOrAlias') noteIdOrAlias: string,
|
||||||
): Promise<void> {
|
): Promise<void> {
|
||||||
try {
|
try {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias);
|
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias);
|
||||||
if (!this.permissionsService.mayRead(user, note)) {
|
if (!this.permissionsService.mayRead(user, note)) {
|
||||||
throw new UnauthorizedException('Reading note denied!');
|
throw new UnauthorizedException('Reading note denied!');
|
||||||
|
@ -217,12 +216,11 @@ export class NotesController {
|
||||||
|
|
||||||
@Get(':noteIdOrAlias/revisions/:revisionId')
|
@Get(':noteIdOrAlias/revisions/:revisionId')
|
||||||
async getNoteRevision(
|
async getNoteRevision(
|
||||||
|
@RequestUser() user: User,
|
||||||
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
@Param('noteIdOrAlias', GetNotePipe) note: Note,
|
||||||
@Param('revisionId') revisionId: number,
|
@Param('revisionId') revisionId: number,
|
||||||
): Promise<RevisionDto> {
|
): Promise<RevisionDto> {
|
||||||
try {
|
try {
|
||||||
// ToDo: use actual user here
|
|
||||||
const user = await this.userService.getUserByUsername('hardcoded');
|
|
||||||
if (!this.permissionsService.mayRead(user, note)) {
|
if (!this.permissionsService.mayRead(user, note)) {
|
||||||
throw new UnauthorizedException('Reading note denied!');
|
throw new UnauthorizedException('Reading note denied!');
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,6 +14,7 @@ import { Identity } from '../../../identity/identity.entity';
|
||||||
import { LoggerModule } from '../../../logger/logger.module';
|
import { LoggerModule } from '../../../logger/logger.module';
|
||||||
import { Session } from '../../../users/session.entity';
|
import { Session } from '../../../users/session.entity';
|
||||||
import { User } from '../../../users/user.entity';
|
import { User } from '../../../users/user.entity';
|
||||||
|
import { UsersModule } from '../../../users/users.module';
|
||||||
import { TokensController } from './tokens.controller';
|
import { TokensController } from './tokens.controller';
|
||||||
|
|
||||||
describe('TokensController', () => {
|
describe('TokensController', () => {
|
||||||
|
@ -29,6 +30,7 @@ describe('TokensController', () => {
|
||||||
}),
|
}),
|
||||||
LoggerModule,
|
LoggerModule,
|
||||||
AuthModule,
|
AuthModule,
|
||||||
|
UsersModule,
|
||||||
],
|
],
|
||||||
})
|
})
|
||||||
.overrideProvider(getRepositoryToken(User))
|
.overrideProvider(getRepositoryToken(User))
|
||||||
|
|
|
@ -9,17 +9,25 @@ import {
|
||||||
Delete,
|
Delete,
|
||||||
Get,
|
Get,
|
||||||
HttpCode,
|
HttpCode,
|
||||||
|
NotFoundException,
|
||||||
Param,
|
Param,
|
||||||
Post,
|
Post,
|
||||||
|
UnauthorizedException,
|
||||||
|
UseGuards,
|
||||||
} from '@nestjs/common';
|
} from '@nestjs/common';
|
||||||
import { ApiTags } from '@nestjs/swagger';
|
import { ApiTags } from '@nestjs/swagger';
|
||||||
|
|
||||||
import { AuthTokenWithSecretDto } from '../../../auth/auth-token-with-secret.dto';
|
import { AuthTokenWithSecretDto } from '../../../auth/auth-token-with-secret.dto';
|
||||||
import { AuthTokenDto } from '../../../auth/auth-token.dto';
|
import { AuthTokenDto } from '../../../auth/auth-token.dto';
|
||||||
import { AuthService } from '../../../auth/auth.service';
|
import { AuthService } from '../../../auth/auth.service';
|
||||||
|
import { NotInDBError } from '../../../errors/errors';
|
||||||
|
import { SessionGuard } from '../../../identity/session.guard';
|
||||||
import { ConsoleLoggerService } from '../../../logger/console-logger.service';
|
import { ConsoleLoggerService } from '../../../logger/console-logger.service';
|
||||||
|
import { User } from '../../../users/user.entity';
|
||||||
import { TimestampMillis } from '../../../utils/timestamp';
|
import { TimestampMillis } from '../../../utils/timestamp';
|
||||||
|
import { RequestUser } from '../../utils/request-user.decorator';
|
||||||
|
|
||||||
|
@UseGuards(SessionGuard)
|
||||||
@ApiTags('tokens')
|
@ApiTags('tokens')
|
||||||
@Controller('tokens')
|
@Controller('tokens')
|
||||||
export class TokensController {
|
export class TokensController {
|
||||||
|
@ -31,9 +39,8 @@ export class TokensController {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Get()
|
@Get()
|
||||||
async getUserTokens(): Promise<AuthTokenDto[]> {
|
async getUserTokens(@RequestUser() user: User): Promise<AuthTokenDto[]> {
|
||||||
// ToDo: Get real userName
|
return (await this.authService.getTokensByUsername(user.userName)).map(
|
||||||
return (await this.authService.getTokensByUsername('hardcoded')).map(
|
|
||||||
(token) => this.authService.toAuthTokenDto(token),
|
(token) => this.authService.toAuthTokenDto(token),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
@ -42,10 +49,10 @@ export class TokensController {
|
||||||
async postTokenRequest(
|
async postTokenRequest(
|
||||||
@Body('label') label: string,
|
@Body('label') label: string,
|
||||||
@Body('validUntil') validUntil: TimestampMillis,
|
@Body('validUntil') validUntil: TimestampMillis,
|
||||||
|
@RequestUser() user: User,
|
||||||
): Promise<AuthTokenWithSecretDto> {
|
): Promise<AuthTokenWithSecretDto> {
|
||||||
// ToDo: Get real userName
|
|
||||||
return await this.authService.createTokenForUser(
|
return await this.authService.createTokenForUser(
|
||||||
'hardcoded',
|
user.userName,
|
||||||
label,
|
label,
|
||||||
validUntil,
|
validUntil,
|
||||||
);
|
);
|
||||||
|
@ -53,7 +60,24 @@ export class TokensController {
|
||||||
|
|
||||||
@Delete('/:keyId')
|
@Delete('/:keyId')
|
||||||
@HttpCode(204)
|
@HttpCode(204)
|
||||||
async deleteToken(@Param('keyId') keyId: string): Promise<void> {
|
async deleteToken(
|
||||||
return await this.authService.removeToken(keyId);
|
@RequestUser() user: User,
|
||||||
|
@Param('keyId') keyId: string,
|
||||||
|
): Promise<void> {
|
||||||
|
const tokens = await this.authService.getTokensByUsername(user.userName);
|
||||||
|
try {
|
||||||
|
for (const token of tokens) {
|
||||||
|
if (token.keyId == keyId) {
|
||||||
|
return await this.authService.removeToken(keyId);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} catch (e) {
|
||||||
|
if (e instanceof NotInDBError) {
|
||||||
|
throw new NotFoundException(e.message);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
throw new UnauthorizedException(
|
||||||
|
'User is not authorized to delete this token',
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,12 +11,14 @@ import request from 'supertest';
|
||||||
|
|
||||||
import { PrivateApiModule } from '../../src/api/private/private-api.module';
|
import { PrivateApiModule } from '../../src/api/private/private-api.module';
|
||||||
import { AuthModule } from '../../src/auth/auth.module';
|
import { AuthModule } from '../../src/auth/auth.module';
|
||||||
|
import { AuthConfig } from '../../src/config/auth.config';
|
||||||
import appConfigMock from '../../src/config/mock/app.config.mock';
|
import appConfigMock from '../../src/config/mock/app.config.mock';
|
||||||
import authConfigMock from '../../src/config/mock/auth.config.mock';
|
import authConfigMock from '../../src/config/mock/auth.config.mock';
|
||||||
import customizationConfigMock from '../../src/config/mock/customization.config.mock';
|
import customizationConfigMock from '../../src/config/mock/customization.config.mock';
|
||||||
import externalConfigMock from '../../src/config/mock/external-services.config.mock';
|
import externalConfigMock from '../../src/config/mock/external-services.config.mock';
|
||||||
import mediaConfigMock from '../../src/config/mock/media.config.mock';
|
import mediaConfigMock from '../../src/config/mock/media.config.mock';
|
||||||
import { GroupsModule } from '../../src/groups/groups.module';
|
import { GroupsModule } from '../../src/groups/groups.module';
|
||||||
|
import { IdentityService } from '../../src/identity/identity.service';
|
||||||
import { LoggerModule } from '../../src/logger/logger.module';
|
import { LoggerModule } from '../../src/logger/logger.module';
|
||||||
import { AliasCreateDto } from '../../src/notes/alias-create.dto';
|
import { AliasCreateDto } from '../../src/notes/alias-create.dto';
|
||||||
import { AliasUpdateDto } from '../../src/notes/alias-update.dto';
|
import { AliasUpdateDto } from '../../src/notes/alias-update.dto';
|
||||||
|
@ -27,14 +29,17 @@ import { PermissionsModule } from '../../src/permissions/permissions.module';
|
||||||
import { User } from '../../src/users/user.entity';
|
import { User } from '../../src/users/user.entity';
|
||||||
import { UsersModule } from '../../src/users/users.module';
|
import { UsersModule } from '../../src/users/users.module';
|
||||||
import { UsersService } from '../../src/users/users.service';
|
import { UsersService } from '../../src/users/users.service';
|
||||||
|
import { setupSessionMiddleware } from '../../src/utils/session';
|
||||||
|
|
||||||
describe('Alias', () => {
|
describe('Alias', () => {
|
||||||
let app: INestApplication;
|
let app: INestApplication;
|
||||||
let aliasService: AliasService;
|
let aliasService: AliasService;
|
||||||
let notesService: NotesService;
|
let notesService: NotesService;
|
||||||
|
let identityService: IdentityService;
|
||||||
let user: User;
|
let user: User;
|
||||||
let content: string;
|
let content: string;
|
||||||
let forbiddenNoteId: string;
|
let forbiddenNoteId: string;
|
||||||
|
let agent: request.SuperAgentTest;
|
||||||
|
|
||||||
beforeAll(async () => {
|
beforeAll(async () => {
|
||||||
const moduleRef = await Test.createTestingModule({
|
const moduleRef = await Test.createTestingModule({
|
||||||
|
@ -69,12 +74,21 @@ describe('Alias', () => {
|
||||||
const config = moduleRef.get<ConfigService>(ConfigService);
|
const config = moduleRef.get<ConfigService>(ConfigService);
|
||||||
forbiddenNoteId = config.get('appConfig').forbiddenNoteIds[0];
|
forbiddenNoteId = config.get('appConfig').forbiddenNoteIds[0];
|
||||||
app = moduleRef.createNestApplication();
|
app = moduleRef.createNestApplication();
|
||||||
|
const authConfig = config.get('authConfig') as AuthConfig;
|
||||||
|
setupSessionMiddleware(app, authConfig);
|
||||||
await app.init();
|
await app.init();
|
||||||
aliasService = moduleRef.get(AliasService);
|
aliasService = moduleRef.get(AliasService);
|
||||||
notesService = moduleRef.get(NotesService);
|
notesService = moduleRef.get(NotesService);
|
||||||
|
identityService = moduleRef.get(IdentityService);
|
||||||
const userService = moduleRef.get(UsersService);
|
const userService = moduleRef.get(UsersService);
|
||||||
user = await userService.createUser('hardcoded', 'Testy');
|
user = await userService.createUser('hardcoded', 'Testy');
|
||||||
|
await identityService.createLocalIdentity(user, 'test');
|
||||||
content = 'This is a test note.';
|
content = 'This is a test note.';
|
||||||
|
agent = request.agent(app.getHttpServer());
|
||||||
|
await agent
|
||||||
|
.post('/auth/local/login')
|
||||||
|
.send({ username: 'hardcoded', password: 'test' })
|
||||||
|
.expect(201);
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('POST /alias', () => {
|
describe('POST /alias', () => {
|
||||||
|
@ -92,7 +106,7 @@ describe('Alias', () => {
|
||||||
it('create with normal alias', async () => {
|
it('create with normal alias', async () => {
|
||||||
const newAlias = 'normalAlias';
|
const newAlias = 'normalAlias';
|
||||||
newAliasDto.newAlias = newAlias;
|
newAliasDto.newAlias = newAlias;
|
||||||
const metadata = await request(app.getHttpServer())
|
const metadata = await agent
|
||||||
.post(`/alias`)
|
.post(`/alias`)
|
||||||
.set('Content-Type', 'application/json')
|
.set('Content-Type', 'application/json')
|
||||||
.send(newAliasDto)
|
.send(newAliasDto)
|
||||||
|
@ -100,9 +114,7 @@ describe('Alias', () => {
|
||||||
expect(metadata.body.name).toEqual(newAlias);
|
expect(metadata.body.name).toEqual(newAlias);
|
||||||
expect(metadata.body.primaryAlias).toBeFalsy();
|
expect(metadata.body.primaryAlias).toBeFalsy();
|
||||||
expect(metadata.body.noteId).toEqual(publicId);
|
expect(metadata.body.noteId).toEqual(publicId);
|
||||||
const note = await request(app.getHttpServer())
|
const note = await agent.get(`/notes/${newAlias}`).expect(200);
|
||||||
.get(`/notes/${newAlias}`)
|
|
||||||
.expect(200);
|
|
||||||
expect(note.body.metadata.aliases).toContain(newAlias);
|
expect(note.body.metadata.aliases).toContain(newAlias);
|
||||||
expect(note.body.metadata.primaryAlias).toBeTruthy();
|
expect(note.body.metadata.primaryAlias).toBeTruthy();
|
||||||
expect(note.body.metadata.id).toEqual(publicId);
|
expect(note.body.metadata.id).toEqual(publicId);
|
||||||
|
@ -111,7 +123,7 @@ describe('Alias', () => {
|
||||||
describe('does not create an alias', () => {
|
describe('does not create an alias', () => {
|
||||||
it('because of a forbidden alias', async () => {
|
it('because of a forbidden alias', async () => {
|
||||||
newAliasDto.newAlias = forbiddenNoteId;
|
newAliasDto.newAlias = forbiddenNoteId;
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.post(`/alias`)
|
.post(`/alias`)
|
||||||
.set('Content-Type', 'application/json')
|
.set('Content-Type', 'application/json')
|
||||||
.send(newAliasDto)
|
.send(newAliasDto)
|
||||||
|
@ -119,7 +131,7 @@ describe('Alias', () => {
|
||||||
});
|
});
|
||||||
it('because of a alias that is a public id', async () => {
|
it('because of a alias that is a public id', async () => {
|
||||||
newAliasDto.newAlias = publicId;
|
newAliasDto.newAlias = publicId;
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.post(`/alias`)
|
.post(`/alias`)
|
||||||
.set('Content-Type', 'application/json')
|
.set('Content-Type', 'application/json')
|
||||||
.send(newAliasDto)
|
.send(newAliasDto)
|
||||||
|
@ -142,7 +154,7 @@ describe('Alias', () => {
|
||||||
});
|
});
|
||||||
|
|
||||||
it('updates a note with a normal alias', async () => {
|
it('updates a note with a normal alias', async () => {
|
||||||
const metadata = await request(app.getHttpServer())
|
const metadata = await agent
|
||||||
.put(`/alias/${newAlias}`)
|
.put(`/alias/${newAlias}`)
|
||||||
.set('Content-Type', 'application/json')
|
.set('Content-Type', 'application/json')
|
||||||
.send(changeAliasDto)
|
.send(changeAliasDto)
|
||||||
|
@ -150,9 +162,7 @@ describe('Alias', () => {
|
||||||
expect(metadata.body.name).toEqual(newAlias);
|
expect(metadata.body.name).toEqual(newAlias);
|
||||||
expect(metadata.body.primaryAlias).toBeTruthy();
|
expect(metadata.body.primaryAlias).toBeTruthy();
|
||||||
expect(metadata.body.noteId).toEqual(publicId);
|
expect(metadata.body.noteId).toEqual(publicId);
|
||||||
const note = await request(app.getHttpServer())
|
const note = await agent.get(`/notes/${newAlias}`).expect(200);
|
||||||
.get(`/notes/${newAlias}`)
|
|
||||||
.expect(200);
|
|
||||||
expect(note.body.metadata.aliases).toContain(newAlias);
|
expect(note.body.metadata.aliases).toContain(newAlias);
|
||||||
expect(note.body.metadata.primaryAlias).toBeTruthy();
|
expect(note.body.metadata.primaryAlias).toBeTruthy();
|
||||||
expect(note.body.metadata.id).toEqual(publicId);
|
expect(note.body.metadata.id).toEqual(publicId);
|
||||||
|
@ -160,7 +170,7 @@ describe('Alias', () => {
|
||||||
|
|
||||||
describe('does not update', () => {
|
describe('does not update', () => {
|
||||||
it('a note with unknown alias', async () => {
|
it('a note with unknown alias', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.put(`/alias/i_dont_exist`)
|
.put(`/alias/i_dont_exist`)
|
||||||
.set('Content-Type', 'application/json')
|
.set('Content-Type', 'application/json')
|
||||||
.send(changeAliasDto)
|
.send(changeAliasDto)
|
||||||
|
@ -168,7 +178,7 @@ describe('Alias', () => {
|
||||||
});
|
});
|
||||||
it('if the property primaryAlias is false', async () => {
|
it('if the property primaryAlias is false', async () => {
|
||||||
changeAliasDto.primaryAlias = false;
|
changeAliasDto.primaryAlias = false;
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.put(`/alias/${newAlias}`)
|
.put(`/alias/${newAlias}`)
|
||||||
.set('Content-Type', 'application/json')
|
.set('Content-Type', 'application/json')
|
||||||
.send(changeAliasDto)
|
.send(changeAliasDto)
|
||||||
|
@ -186,34 +196,24 @@ describe('Alias', () => {
|
||||||
});
|
});
|
||||||
|
|
||||||
it('deletes a normal alias', async () => {
|
it('deletes a normal alias', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent.delete(`/alias/${newAlias}`).expect(204);
|
||||||
.delete(`/alias/${newAlias}`)
|
await agent.get(`/notes/${newAlias}`).expect(404);
|
||||||
.expect(204);
|
|
||||||
await request(app.getHttpServer()).get(`/notes/${newAlias}`).expect(404);
|
|
||||||
});
|
});
|
||||||
|
|
||||||
it('does not delete an unknown alias', async () => {
|
it('does not delete an unknown alias', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent.delete(`/alias/i_dont_exist`).expect(404);
|
||||||
.delete(`/alias/i_dont_exist`)
|
|
||||||
.expect(404);
|
|
||||||
});
|
});
|
||||||
|
|
||||||
it('does not delete an primary alias (if it is not the only one)', async () => {
|
it('does not delete an primary alias (if it is not the only one)', async () => {
|
||||||
const note = await notesService.getNoteByIdOrAlias(testAlias);
|
const note = await notesService.getNoteByIdOrAlias(testAlias);
|
||||||
await aliasService.addAlias(note, newAlias);
|
await aliasService.addAlias(note, newAlias);
|
||||||
await request(app.getHttpServer())
|
await agent.delete(`/alias/${testAlias}`).expect(400);
|
||||||
.delete(`/alias/${testAlias}`)
|
await agent.get(`/notes/${newAlias}`).expect(200);
|
||||||
.expect(400);
|
|
||||||
await request(app.getHttpServer()).get(`/notes/${newAlias}`).expect(200);
|
|
||||||
});
|
});
|
||||||
|
|
||||||
it('deletes a primary alias (if it is the only one)', async () => {
|
it('deletes a primary alias (if it is the only one)', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent.delete(`/alias/${newAlias}`).expect(204);
|
||||||
.delete(`/alias/${newAlias}`)
|
await agent.delete(`/alias/${testAlias}`).expect(204);
|
||||||
.expect(204);
|
|
||||||
await request(app.getHttpServer())
|
|
||||||
.delete(`/alias/${testAlias}`)
|
|
||||||
.expect(204);
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
|
@ -11,6 +11,7 @@ import request from 'supertest';
|
||||||
|
|
||||||
import { PrivateApiModule } from '../../src/api/private/private-api.module';
|
import { PrivateApiModule } from '../../src/api/private/private-api.module';
|
||||||
import { AuthModule } from '../../src/auth/auth.module';
|
import { AuthModule } from '../../src/auth/auth.module';
|
||||||
|
import { AuthConfig } from '../../src/config/auth.config';
|
||||||
import appConfigMock from '../../src/config/mock/app.config.mock';
|
import appConfigMock from '../../src/config/mock/app.config.mock';
|
||||||
import authConfigMock from '../../src/config/mock/auth.config.mock';
|
import authConfigMock from '../../src/config/mock/auth.config.mock';
|
||||||
import customizationConfigMock from '../../src/config/mock/customization.config.mock';
|
import customizationConfigMock from '../../src/config/mock/customization.config.mock';
|
||||||
|
@ -20,6 +21,7 @@ import { GroupsModule } from '../../src/groups/groups.module';
|
||||||
import { HistoryEntryImportDto } from '../../src/history/history-entry-import.dto';
|
import { HistoryEntryImportDto } from '../../src/history/history-entry-import.dto';
|
||||||
import { HistoryEntry } from '../../src/history/history-entry.entity';
|
import { HistoryEntry } from '../../src/history/history-entry.entity';
|
||||||
import { HistoryService } from '../../src/history/history.service';
|
import { HistoryService } from '../../src/history/history.service';
|
||||||
|
import { IdentityService } from '../../src/identity/identity.service';
|
||||||
import { LoggerModule } from '../../src/logger/logger.module';
|
import { LoggerModule } from '../../src/logger/logger.module';
|
||||||
import { Note } from '../../src/notes/note.entity';
|
import { Note } from '../../src/notes/note.entity';
|
||||||
import { NotesModule } from '../../src/notes/notes.module';
|
import { NotesModule } from '../../src/notes/notes.module';
|
||||||
|
@ -28,15 +30,18 @@ import { PermissionsModule } from '../../src/permissions/permissions.module';
|
||||||
import { User } from '../../src/users/user.entity';
|
import { User } from '../../src/users/user.entity';
|
||||||
import { UsersModule } from '../../src/users/users.module';
|
import { UsersModule } from '../../src/users/users.module';
|
||||||
import { UsersService } from '../../src/users/users.service';
|
import { UsersService } from '../../src/users/users.service';
|
||||||
|
import { setupSessionMiddleware } from '../../src/utils/session';
|
||||||
|
|
||||||
describe('History', () => {
|
describe('History', () => {
|
||||||
let app: INestApplication;
|
let app: INestApplication;
|
||||||
let historyService: HistoryService;
|
let historyService: HistoryService;
|
||||||
|
let identityService: IdentityService;
|
||||||
let user: User;
|
let user: User;
|
||||||
let note: Note;
|
let note: Note;
|
||||||
let note2: Note;
|
let note2: Note;
|
||||||
let forbiddenNoteId: string;
|
let forbiddenNoteId: string;
|
||||||
let content: string;
|
let content: string;
|
||||||
|
let agent: request.SuperAgentTest;
|
||||||
|
|
||||||
beforeAll(async () => {
|
beforeAll(async () => {
|
||||||
const moduleRef = await Test.createTestingModule({
|
const moduleRef = await Test.createTestingModule({
|
||||||
|
@ -71,25 +76,34 @@ describe('History', () => {
|
||||||
const config = moduleRef.get<ConfigService>(ConfigService);
|
const config = moduleRef.get<ConfigService>(ConfigService);
|
||||||
forbiddenNoteId = config.get('appConfig').forbiddenNoteIds[0];
|
forbiddenNoteId = config.get('appConfig').forbiddenNoteIds[0];
|
||||||
app = moduleRef.createNestApplication();
|
app = moduleRef.createNestApplication();
|
||||||
|
const authConfig = config.get('authConfig') as AuthConfig;
|
||||||
|
setupSessionMiddleware(app, authConfig);
|
||||||
await app.init();
|
await app.init();
|
||||||
content = 'This is a test note.';
|
content = 'This is a test note.';
|
||||||
historyService = moduleRef.get(HistoryService);
|
historyService = moduleRef.get(HistoryService);
|
||||||
const userService = moduleRef.get(UsersService);
|
const userService = moduleRef.get(UsersService);
|
||||||
|
identityService = moduleRef.get(IdentityService);
|
||||||
user = await userService.createUser('hardcoded', 'Testy');
|
user = await userService.createUser('hardcoded', 'Testy');
|
||||||
|
await identityService.createLocalIdentity(user, 'test');
|
||||||
const notesService = moduleRef.get(NotesService);
|
const notesService = moduleRef.get(NotesService);
|
||||||
note = await notesService.createNote(content, 'note', user);
|
note = await notesService.createNote(content, 'note', user);
|
||||||
note2 = await notesService.createNote(content, 'note2', user);
|
note2 = await notesService.createNote(content, 'note2', user);
|
||||||
|
agent = request.agent(app.getHttpServer());
|
||||||
|
await agent
|
||||||
|
.post('/auth/local/login')
|
||||||
|
.send({ username: 'hardcoded', password: 'test' })
|
||||||
|
.expect(201);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('GET /me/history', async () => {
|
it('GET /me/history', async () => {
|
||||||
const emptyResponse = await request(app.getHttpServer())
|
const emptyResponse = await agent
|
||||||
.get('/me/history')
|
.get('/me/history')
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200);
|
.expect(200);
|
||||||
expect(emptyResponse.body.length).toEqual(0);
|
expect(emptyResponse.body.length).toEqual(0);
|
||||||
const entry = await historyService.updateHistoryEntryTimestamp(note, user);
|
const entry = await historyService.updateHistoryEntryTimestamp(note, user);
|
||||||
const entryDto = historyService.toHistoryEntryDto(entry);
|
const entryDto = historyService.toHistoryEntryDto(entry);
|
||||||
const response = await request(app.getHttpServer())
|
const response = await agent
|
||||||
.get('/me/history')
|
.get('/me/history')
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200);
|
.expect(200);
|
||||||
|
@ -114,7 +128,7 @@ describe('History', () => {
|
||||||
)[0].name;
|
)[0].name;
|
||||||
postEntryDto.pinStatus = pinStatus;
|
postEntryDto.pinStatus = pinStatus;
|
||||||
postEntryDto.lastVisited = lastVisited;
|
postEntryDto.lastVisited = lastVisited;
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.post('/me/history')
|
.post('/me/history')
|
||||||
.set('Content-Type', 'application/json')
|
.set('Content-Type', 'application/json')
|
||||||
.send(JSON.stringify({ history: [postEntryDto] }))
|
.send(JSON.stringify({ history: [postEntryDto] }))
|
||||||
|
@ -149,7 +163,7 @@ describe('History', () => {
|
||||||
brokenEntryDto.note = forbiddenNoteId;
|
brokenEntryDto.note = forbiddenNoteId;
|
||||||
brokenEntryDto.pinStatus = pinStatus;
|
brokenEntryDto.pinStatus = pinStatus;
|
||||||
brokenEntryDto.lastVisited = lastVisited;
|
brokenEntryDto.lastVisited = lastVisited;
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.post('/me/history')
|
.post('/me/history')
|
||||||
.set('Content-Type', 'application/json')
|
.set('Content-Type', 'application/json')
|
||||||
.send(JSON.stringify({ history: [brokenEntryDto] }))
|
.send(JSON.stringify({ history: [brokenEntryDto] }))
|
||||||
|
@ -160,7 +174,7 @@ describe('History', () => {
|
||||||
brokenEntryDto.note = 'i_dont_exist';
|
brokenEntryDto.note = 'i_dont_exist';
|
||||||
brokenEntryDto.pinStatus = pinStatus;
|
brokenEntryDto.pinStatus = pinStatus;
|
||||||
brokenEntryDto.lastVisited = lastVisited;
|
brokenEntryDto.lastVisited = lastVisited;
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.post('/me/history')
|
.post('/me/history')
|
||||||
.set('Content-Type', 'application/json')
|
.set('Content-Type', 'application/json')
|
||||||
.send(JSON.stringify({ history: [brokenEntryDto] }))
|
.send(JSON.stringify({ history: [brokenEntryDto] }))
|
||||||
|
@ -181,7 +195,7 @@ describe('History', () => {
|
||||||
|
|
||||||
it('DELETE /me/history', async () => {
|
it('DELETE /me/history', async () => {
|
||||||
expect((await historyService.getEntriesByUser(user)).length).toEqual(1);
|
expect((await historyService.getEntriesByUser(user)).length).toEqual(1);
|
||||||
await request(app.getHttpServer()).delete('/me/history').expect(200);
|
await agent.delete('/me/history').expect(200);
|
||||||
expect((await historyService.getEntriesByUser(user)).length).toEqual(0);
|
expect((await historyService.getEntriesByUser(user)).length).toEqual(0);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -189,7 +203,7 @@ describe('History', () => {
|
||||||
const entry = await historyService.updateHistoryEntryTimestamp(note2, user);
|
const entry = await historyService.updateHistoryEntryTimestamp(note2, user);
|
||||||
expect(entry.pinStatus).toBeFalsy();
|
expect(entry.pinStatus).toBeFalsy();
|
||||||
const alias = entry.note.aliases.filter((alias) => alias.primary)[0].name;
|
const alias = entry.note.aliases.filter((alias) => alias.primary)[0].name;
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.put(`/me/history/${alias || 'undefined'}`)
|
.put(`/me/history/${alias || 'undefined'}`)
|
||||||
.send({ pinStatus: true })
|
.send({ pinStatus: true })
|
||||||
.expect(200);
|
.expect(200);
|
||||||
|
@ -204,9 +218,7 @@ describe('History', () => {
|
||||||
const alias = entry.note.aliases.filter((alias) => alias.primary)[0].name;
|
const alias = entry.note.aliases.filter((alias) => alias.primary)[0].name;
|
||||||
const entry2 = await historyService.updateHistoryEntryTimestamp(note, user);
|
const entry2 = await historyService.updateHistoryEntryTimestamp(note, user);
|
||||||
const entryDto = historyService.toHistoryEntryDto(entry2);
|
const entryDto = historyService.toHistoryEntryDto(entry2);
|
||||||
await request(app.getHttpServer())
|
await agent.delete(`/me/history/${alias || 'undefined'}`).expect(200);
|
||||||
.delete(`/me/history/${alias || 'undefined'}`)
|
|
||||||
.expect(200);
|
|
||||||
const userEntries = await historyService.getEntriesByUser(user);
|
const userEntries = await historyService.getEntriesByUser(user);
|
||||||
expect(userEntries.length).toEqual(1);
|
expect(userEntries.length).toEqual(1);
|
||||||
const userEntryDto = historyService.toHistoryEntryDto(userEntries[0]);
|
const userEntryDto = historyService.toHistoryEntryDto(userEntries[0]);
|
||||||
|
|
|
@ -17,6 +17,7 @@ import request from 'supertest';
|
||||||
|
|
||||||
import { PrivateApiModule } from '../../src/api/private/private-api.module';
|
import { PrivateApiModule } from '../../src/api/private/private-api.module';
|
||||||
import { AuthModule } from '../../src/auth/auth.module';
|
import { AuthModule } from '../../src/auth/auth.module';
|
||||||
|
import { AuthConfig } from '../../src/config/auth.config';
|
||||||
import appConfigMock from '../../src/config/mock/app.config.mock';
|
import appConfigMock from '../../src/config/mock/app.config.mock';
|
||||||
import authConfigMock from '../../src/config/mock/auth.config.mock';
|
import authConfigMock from '../../src/config/mock/auth.config.mock';
|
||||||
import customizationConfigMock from '../../src/config/mock/customization.config.mock';
|
import customizationConfigMock from '../../src/config/mock/customization.config.mock';
|
||||||
|
@ -25,6 +26,7 @@ import mediaConfigMock from '../../src/config/mock/media.config.mock';
|
||||||
import { NotInDBError } from '../../src/errors/errors';
|
import { NotInDBError } from '../../src/errors/errors';
|
||||||
import { GroupsModule } from '../../src/groups/groups.module';
|
import { GroupsModule } from '../../src/groups/groups.module';
|
||||||
import { HistoryModule } from '../../src/history/history.module';
|
import { HistoryModule } from '../../src/history/history.module';
|
||||||
|
import { IdentityService } from '../../src/identity/identity.service';
|
||||||
import { LoggerModule } from '../../src/logger/logger.module';
|
import { LoggerModule } from '../../src/logger/logger.module';
|
||||||
import { MediaModule } from '../../src/media/media.module';
|
import { MediaModule } from '../../src/media/media.module';
|
||||||
import { MediaService } from '../../src/media/media.service';
|
import { MediaService } from '../../src/media/media.service';
|
||||||
|
@ -36,17 +38,20 @@ import { UserInfoDto } from '../../src/users/user-info.dto';
|
||||||
import { User } from '../../src/users/user.entity';
|
import { User } from '../../src/users/user.entity';
|
||||||
import { UsersModule } from '../../src/users/users.module';
|
import { UsersModule } from '../../src/users/users.module';
|
||||||
import { UsersService } from '../../src/users/users.service';
|
import { UsersService } from '../../src/users/users.service';
|
||||||
|
import { setupSessionMiddleware } from '../../src/utils/session';
|
||||||
|
|
||||||
describe('Me', () => {
|
describe('Me', () => {
|
||||||
let app: INestApplication;
|
let app: INestApplication;
|
||||||
let userService: UsersService;
|
let userService: UsersService;
|
||||||
let mediaService: MediaService;
|
let mediaService: MediaService;
|
||||||
|
let identityService: IdentityService;
|
||||||
let uploadPath: string;
|
let uploadPath: string;
|
||||||
let user: User;
|
let user: User;
|
||||||
let content: string;
|
let content: string;
|
||||||
let note1: Note;
|
let note1: Note;
|
||||||
let alias2: string;
|
let alias2: string;
|
||||||
let note2: Note;
|
let note2: Note;
|
||||||
|
let agent: request.SuperAgentTest;
|
||||||
|
|
||||||
beforeAll(async () => {
|
beforeAll(async () => {
|
||||||
const moduleRef = await Test.createTestingModule({
|
const moduleRef = await Test.createTestingModule({
|
||||||
|
@ -82,21 +87,31 @@ describe('Me', () => {
|
||||||
const config = moduleRef.get<ConfigService>(ConfigService);
|
const config = moduleRef.get<ConfigService>(ConfigService);
|
||||||
uploadPath = config.get('mediaConfig').backend.filesystem.uploadPath;
|
uploadPath = config.get('mediaConfig').backend.filesystem.uploadPath;
|
||||||
app = moduleRef.createNestApplication();
|
app = moduleRef.createNestApplication();
|
||||||
|
const authConfig = config.get('authConfig') as AuthConfig;
|
||||||
|
setupSessionMiddleware(app, authConfig);
|
||||||
await app.init();
|
await app.init();
|
||||||
//historyService = moduleRef.get();
|
//historyService = moduleRef.get();
|
||||||
userService = moduleRef.get(UsersService);
|
userService = moduleRef.get(UsersService);
|
||||||
mediaService = moduleRef.get(MediaService);
|
mediaService = moduleRef.get(MediaService);
|
||||||
|
identityService = moduleRef.get(IdentityService);
|
||||||
user = await userService.createUser('hardcoded', 'Testy');
|
user = await userService.createUser('hardcoded', 'Testy');
|
||||||
|
await identityService.createLocalIdentity(user, 'test');
|
||||||
|
|
||||||
const notesService = moduleRef.get(NotesService);
|
const notesService = moduleRef.get(NotesService);
|
||||||
content = 'This is a test note.';
|
content = 'This is a test note.';
|
||||||
alias2 = 'note2';
|
alias2 = 'note2';
|
||||||
note1 = await notesService.createNote(content, undefined, user);
|
note1 = await notesService.createNote(content, undefined, user);
|
||||||
note2 = await notesService.createNote(content, alias2, user);
|
note2 = await notesService.createNote(content, alias2, user);
|
||||||
|
agent = request.agent(app.getHttpServer());
|
||||||
|
await agent
|
||||||
|
.post('/auth/local/login')
|
||||||
|
.send({ username: 'hardcoded', password: 'test' })
|
||||||
|
.expect(201);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('GET /me', async () => {
|
it('GET /me', async () => {
|
||||||
const userInfo = userService.toUserDto(user);
|
const userInfo = userService.toUserDto(user);
|
||||||
const response = await request(app.getHttpServer())
|
const response = await agent
|
||||||
.get('/me')
|
.get('/me')
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200);
|
.expect(200);
|
||||||
|
@ -105,8 +120,7 @@ describe('Me', () => {
|
||||||
});
|
});
|
||||||
|
|
||||||
it('GET /me/media', async () => {
|
it('GET /me/media', async () => {
|
||||||
const httpServer = app.getHttpServer();
|
const responseBefore = await agent
|
||||||
const responseBefore = await request(httpServer)
|
|
||||||
.get('/me/media/')
|
.get('/me/media/')
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200);
|
.expect(200);
|
||||||
|
@ -118,7 +132,7 @@ describe('Me', () => {
|
||||||
const url2 = await mediaService.saveFile(testImage, user, note2);
|
const url2 = await mediaService.saveFile(testImage, user, note2);
|
||||||
const url3 = await mediaService.saveFile(testImage, user, note2);
|
const url3 = await mediaService.saveFile(testImage, user, note2);
|
||||||
|
|
||||||
const response = await request(httpServer)
|
const response = await agent
|
||||||
.get('/me/media/')
|
.get('/me/media/')
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200);
|
.expect(200);
|
||||||
|
@ -137,7 +151,7 @@ describe('Me', () => {
|
||||||
it('POST /me/profile', async () => {
|
it('POST /me/profile', async () => {
|
||||||
const newDisplayName = 'Another name';
|
const newDisplayName = 'Another name';
|
||||||
expect(user.displayName).not.toEqual(newDisplayName);
|
expect(user.displayName).not.toEqual(newDisplayName);
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.post('/me/profile')
|
.post('/me/profile')
|
||||||
.send({
|
.send({
|
||||||
name: newDisplayName,
|
name: newDisplayName,
|
||||||
|
@ -155,7 +169,7 @@ describe('Me', () => {
|
||||||
const mediaUploads = await mediaService.listUploadsByUser(dbUser);
|
const mediaUploads = await mediaService.listUploadsByUser(dbUser);
|
||||||
expect(mediaUploads).toHaveLength(1);
|
expect(mediaUploads).toHaveLength(1);
|
||||||
expect(mediaUploads[0].fileUrl).toEqual(url0);
|
expect(mediaUploads[0].fileUrl).toEqual(url0);
|
||||||
await request(app.getHttpServer()).delete('/me').expect(204);
|
await agent.delete('/me').expect(204);
|
||||||
await expect(userService.getUserByUsername('hardcoded')).rejects.toThrow(
|
await expect(userService.getUserByUsername('hardcoded')).rejects.toThrow(
|
||||||
NotInDBError,
|
NotInDBError,
|
||||||
);
|
);
|
||||||
|
|
|
@ -13,12 +13,14 @@ import request from 'supertest';
|
||||||
|
|
||||||
import { PrivateApiModule } from '../../src/api/private/private-api.module';
|
import { PrivateApiModule } from '../../src/api/private/private-api.module';
|
||||||
import { AuthModule } from '../../src/auth/auth.module';
|
import { AuthModule } from '../../src/auth/auth.module';
|
||||||
|
import { AuthConfig } from '../../src/config/auth.config';
|
||||||
import appConfigMock from '../../src/config/mock/app.config.mock';
|
import appConfigMock from '../../src/config/mock/app.config.mock';
|
||||||
import authConfigMock from '../../src/config/mock/auth.config.mock';
|
import authConfigMock from '../../src/config/mock/auth.config.mock';
|
||||||
import customizationConfigMock from '../../src/config/mock/customization.config.mock';
|
import customizationConfigMock from '../../src/config/mock/customization.config.mock';
|
||||||
import externalConfigMock from '../../src/config/mock/external-services.config.mock';
|
import externalConfigMock from '../../src/config/mock/external-services.config.mock';
|
||||||
import mediaConfigMock from '../../src/config/mock/media.config.mock';
|
import mediaConfigMock from '../../src/config/mock/media.config.mock';
|
||||||
import { GroupsModule } from '../../src/groups/groups.module';
|
import { GroupsModule } from '../../src/groups/groups.module';
|
||||||
|
import { IdentityService } from '../../src/identity/identity.service';
|
||||||
import { ConsoleLoggerService } from '../../src/logger/console-logger.service';
|
import { ConsoleLoggerService } from '../../src/logger/console-logger.service';
|
||||||
import { LoggerModule } from '../../src/logger/logger.module';
|
import { LoggerModule } from '../../src/logger/logger.module';
|
||||||
import { MediaModule } from '../../src/media/media.module';
|
import { MediaModule } from '../../src/media/media.module';
|
||||||
|
@ -26,11 +28,14 @@ import { NotesModule } from '../../src/notes/notes.module';
|
||||||
import { NotesService } from '../../src/notes/notes.service';
|
import { NotesService } from '../../src/notes/notes.service';
|
||||||
import { PermissionsModule } from '../../src/permissions/permissions.module';
|
import { PermissionsModule } from '../../src/permissions/permissions.module';
|
||||||
import { UsersService } from '../../src/users/users.service';
|
import { UsersService } from '../../src/users/users.service';
|
||||||
|
import { setupSessionMiddleware } from '../../src/utils/session';
|
||||||
import { ensureDeleted } from '../utils';
|
import { ensureDeleted } from '../utils';
|
||||||
|
|
||||||
describe('Media', () => {
|
describe('Media', () => {
|
||||||
|
let identityService: IdentityService;
|
||||||
let app: NestExpressApplication;
|
let app: NestExpressApplication;
|
||||||
let uploadPath: string;
|
let uploadPath: string;
|
||||||
|
let agent: request.SuperAgentTest;
|
||||||
|
|
||||||
beforeAll(async () => {
|
beforeAll(async () => {
|
||||||
const moduleRef = await Test.createTestingModule({
|
const moduleRef = await Test.createTestingModule({
|
||||||
|
@ -67,19 +72,28 @@ describe('Media', () => {
|
||||||
app.useStaticAssets(uploadPath, {
|
app.useStaticAssets(uploadPath, {
|
||||||
prefix: '/uploads',
|
prefix: '/uploads',
|
||||||
});
|
});
|
||||||
|
const authConfig = config.get('authConfig') as AuthConfig;
|
||||||
|
setupSessionMiddleware(app, authConfig);
|
||||||
await app.init();
|
await app.init();
|
||||||
const logger = await app.resolve(ConsoleLoggerService);
|
const logger = await app.resolve(ConsoleLoggerService);
|
||||||
logger.log('Switching logger', 'AppBootstrap');
|
logger.log('Switching logger', 'AppBootstrap');
|
||||||
app.useLogger(logger);
|
app.useLogger(logger);
|
||||||
|
identityService = moduleRef.get(IdentityService);
|
||||||
const notesService: NotesService = moduleRef.get(NotesService);
|
const notesService: NotesService = moduleRef.get(NotesService);
|
||||||
await notesService.createNote('test content', 'test_upload_media');
|
await notesService.createNote('test content', 'test_upload_media');
|
||||||
const userService: UsersService = moduleRef.get(UsersService);
|
const userService: UsersService = moduleRef.get(UsersService);
|
||||||
await userService.createUser('hardcoded', 'Testy');
|
const user = await userService.createUser('hardcoded', 'Testy');
|
||||||
|
await identityService.createLocalIdentity(user, 'test');
|
||||||
|
agent = request.agent(app.getHttpServer());
|
||||||
|
await agent
|
||||||
|
.post('/auth/local/login')
|
||||||
|
.send({ username: 'hardcoded', password: 'test' })
|
||||||
|
.expect(201);
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('POST /media', () => {
|
describe('POST /media', () => {
|
||||||
it('works', async () => {
|
it('works', async () => {
|
||||||
const uploadResponse = await request(app.getHttpServer())
|
const uploadResponse = await agent
|
||||||
.post('/media')
|
.post('/media')
|
||||||
.attach('file', 'test/private-api/fixtures/test.png')
|
.attach('file', 'test/private-api/fixtures/test.png')
|
||||||
.set('HedgeDoc-Note', 'test_upload_media')
|
.set('HedgeDoc-Note', 'test_upload_media')
|
||||||
|
@ -87,7 +101,7 @@ describe('Media', () => {
|
||||||
.expect(201);
|
.expect(201);
|
||||||
const path: string = uploadResponse.body.link;
|
const path: string = uploadResponse.body.link;
|
||||||
const testImage = await fs.readFile('test/private-api/fixtures/test.png');
|
const testImage = await fs.readFile('test/private-api/fixtures/test.png');
|
||||||
const downloadResponse = await request(app.getHttpServer()).get(path);
|
const downloadResponse = await agent.get(path);
|
||||||
expect(downloadResponse.body).toEqual(testImage);
|
expect(downloadResponse.body).toEqual(testImage);
|
||||||
// Remove /uploads/ from path as we just need the filename.
|
// Remove /uploads/ from path as we just need the filename.
|
||||||
const fileName = path.replace('/uploads/', '');
|
const fileName = path.replace('/uploads/', '');
|
||||||
|
@ -99,7 +113,7 @@ describe('Media', () => {
|
||||||
await ensureDeleted(uploadPath);
|
await ensureDeleted(uploadPath);
|
||||||
});
|
});
|
||||||
it('MIME type not supported', async () => {
|
it('MIME type not supported', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.post('/media')
|
.post('/media')
|
||||||
.attach('file', 'test/private-api/fixtures/test.zip')
|
.attach('file', 'test/private-api/fixtures/test.zip')
|
||||||
.set('HedgeDoc-Note', 'test_upload_media')
|
.set('HedgeDoc-Note', 'test_upload_media')
|
||||||
|
@ -107,7 +121,7 @@ describe('Media', () => {
|
||||||
await expect(fs.access(uploadPath)).rejects.toBeDefined();
|
await expect(fs.access(uploadPath)).rejects.toBeDefined();
|
||||||
});
|
});
|
||||||
it('note does not exist', async () => {
|
it('note does not exist', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.post('/media')
|
.post('/media')
|
||||||
.attach('file', 'test/private-api/fixtures/test.zip')
|
.attach('file', 'test/private-api/fixtures/test.zip')
|
||||||
.set('HedgeDoc-Note', 'i_dont_exist')
|
.set('HedgeDoc-Note', 'i_dont_exist')
|
||||||
|
@ -118,7 +132,7 @@ describe('Media', () => {
|
||||||
await fs.mkdir(uploadPath, {
|
await fs.mkdir(uploadPath, {
|
||||||
mode: '444',
|
mode: '444',
|
||||||
});
|
});
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.post('/media')
|
.post('/media')
|
||||||
.attach('file', 'test/private-api/fixtures/test.png')
|
.attach('file', 'test/private-api/fixtures/test.png')
|
||||||
.set('HedgeDoc-Note', 'test_upload_media')
|
.set('HedgeDoc-Note', 'test_upload_media')
|
||||||
|
|
|
@ -13,6 +13,7 @@ import request from 'supertest';
|
||||||
|
|
||||||
import { PrivateApiModule } from '../../src/api/private/private-api.module';
|
import { PrivateApiModule } from '../../src/api/private/private-api.module';
|
||||||
import { AuthModule } from '../../src/auth/auth.module';
|
import { AuthModule } from '../../src/auth/auth.module';
|
||||||
|
import { AuthConfig } from '../../src/config/auth.config';
|
||||||
import appConfigMock from '../../src/config/mock/app.config.mock';
|
import appConfigMock from '../../src/config/mock/app.config.mock';
|
||||||
import authConfigMock from '../../src/config/mock/auth.config.mock';
|
import authConfigMock from '../../src/config/mock/auth.config.mock';
|
||||||
import customizationConfigMock from '../../src/config/mock/customization.config.mock';
|
import customizationConfigMock from '../../src/config/mock/customization.config.mock';
|
||||||
|
@ -20,6 +21,7 @@ import externalConfigMock from '../../src/config/mock/external-services.config.m
|
||||||
import mediaConfigMock from '../../src/config/mock/media.config.mock';
|
import mediaConfigMock from '../../src/config/mock/media.config.mock';
|
||||||
import { NotInDBError } from '../../src/errors/errors';
|
import { NotInDBError } from '../../src/errors/errors';
|
||||||
import { GroupsModule } from '../../src/groups/groups.module';
|
import { GroupsModule } from '../../src/groups/groups.module';
|
||||||
|
import { IdentityService } from '../../src/identity/identity.service';
|
||||||
import { LoggerModule } from '../../src/logger/logger.module';
|
import { LoggerModule } from '../../src/logger/logger.module';
|
||||||
import { MediaService } from '../../src/media/media.service';
|
import { MediaService } from '../../src/media/media.service';
|
||||||
import { NotesModule } from '../../src/notes/notes.module';
|
import { NotesModule } from '../../src/notes/notes.module';
|
||||||
|
@ -28,17 +30,20 @@ import { PermissionsModule } from '../../src/permissions/permissions.module';
|
||||||
import { User } from '../../src/users/user.entity';
|
import { User } from '../../src/users/user.entity';
|
||||||
import { UsersModule } from '../../src/users/users.module';
|
import { UsersModule } from '../../src/users/users.module';
|
||||||
import { UsersService } from '../../src/users/users.service';
|
import { UsersService } from '../../src/users/users.service';
|
||||||
|
import { setupSessionMiddleware } from '../../src/utils/session';
|
||||||
|
|
||||||
describe('Notes', () => {
|
describe('Notes', () => {
|
||||||
let app: INestApplication;
|
let app: INestApplication;
|
||||||
let notesService: NotesService;
|
let notesService: NotesService;
|
||||||
let mediaService: MediaService;
|
let mediaService: MediaService;
|
||||||
|
let identityService: IdentityService;
|
||||||
let user: User;
|
let user: User;
|
||||||
let user2: User;
|
let user2: User;
|
||||||
let content: string;
|
let content: string;
|
||||||
let forbiddenNoteId: string;
|
let forbiddenNoteId: string;
|
||||||
let uploadPath: string;
|
let uploadPath: string;
|
||||||
let testImage: Buffer;
|
let testImage: Buffer;
|
||||||
|
let agent: request.SuperAgentTest;
|
||||||
|
|
||||||
beforeAll(async () => {
|
beforeAll(async () => {
|
||||||
const moduleRef = await Test.createTestingModule({
|
const moduleRef = await Test.createTestingModule({
|
||||||
|
@ -74,18 +79,28 @@ describe('Notes', () => {
|
||||||
forbiddenNoteId = config.get('appConfig').forbiddenNoteIds[0];
|
forbiddenNoteId = config.get('appConfig').forbiddenNoteIds[0];
|
||||||
uploadPath = config.get('mediaConfig').backend.filesystem.uploadPath;
|
uploadPath = config.get('mediaConfig').backend.filesystem.uploadPath;
|
||||||
app = moduleRef.createNestApplication();
|
app = moduleRef.createNestApplication();
|
||||||
|
const authConfig = config.get('authConfig') as AuthConfig;
|
||||||
|
setupSessionMiddleware(app, authConfig);
|
||||||
await app.init();
|
await app.init();
|
||||||
notesService = moduleRef.get(NotesService);
|
notesService = moduleRef.get(NotesService);
|
||||||
mediaService = moduleRef.get(MediaService);
|
mediaService = moduleRef.get(MediaService);
|
||||||
|
identityService = moduleRef.get(IdentityService);
|
||||||
const userService = moduleRef.get(UsersService);
|
const userService = moduleRef.get(UsersService);
|
||||||
user = await userService.createUser('hardcoded', 'Testy');
|
user = await userService.createUser('hardcoded', 'Testy');
|
||||||
|
await identityService.createLocalIdentity(user, 'test');
|
||||||
user2 = await userService.createUser('hardcoded2', 'Max Mustermann');
|
user2 = await userService.createUser('hardcoded2', 'Max Mustermann');
|
||||||
|
await identityService.createLocalIdentity(user2, 'test');
|
||||||
content = 'This is a test note.';
|
content = 'This is a test note.';
|
||||||
testImage = await fs.readFile('test/public-api/fixtures/test.png');
|
testImage = await fs.readFile('test/public-api/fixtures/test.png');
|
||||||
|
agent = request.agent(app.getHttpServer());
|
||||||
|
await agent
|
||||||
|
.post('/auth/local/login')
|
||||||
|
.send({ username: 'hardcoded', password: 'test' })
|
||||||
|
.expect(201);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('POST /notes', async () => {
|
it('POST /notes', async () => {
|
||||||
const response = await request(app.getHttpServer())
|
const response = await agent
|
||||||
.post('/notes')
|
.post('/notes')
|
||||||
.set('Content-Type', 'text/markdown')
|
.set('Content-Type', 'text/markdown')
|
||||||
.send(content)
|
.send(content)
|
||||||
|
@ -103,7 +118,7 @@ describe('Notes', () => {
|
||||||
it('works with an existing note', async () => {
|
it('works with an existing note', async () => {
|
||||||
// check if we can succefully get a note that exists
|
// check if we can succefully get a note that exists
|
||||||
await notesService.createNote(content, 'test1', user);
|
await notesService.createNote(content, 'test1', user);
|
||||||
const response = await request(app.getHttpServer())
|
const response = await agent
|
||||||
.get('/notes/test1')
|
.get('/notes/test1')
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200);
|
.expect(200);
|
||||||
|
@ -111,7 +126,7 @@ describe('Notes', () => {
|
||||||
});
|
});
|
||||||
it('fails with an non-existing note', async () => {
|
it('fails with an non-existing note', async () => {
|
||||||
// check if a missing note correctly returns 404
|
// check if a missing note correctly returns 404
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.get('/notes/i_dont_exist')
|
.get('/notes/i_dont_exist')
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(404);
|
.expect(404);
|
||||||
|
@ -120,7 +135,7 @@ describe('Notes', () => {
|
||||||
|
|
||||||
describe('POST /notes/{note}', () => {
|
describe('POST /notes/{note}', () => {
|
||||||
it('works with a non-existing alias', async () => {
|
it('works with a non-existing alias', async () => {
|
||||||
const response = await request(app.getHttpServer())
|
const response = await agent
|
||||||
.post('/notes/test2')
|
.post('/notes/test2')
|
||||||
.set('Content-Type', 'text/markdown')
|
.set('Content-Type', 'text/markdown')
|
||||||
.send(content)
|
.send(content)
|
||||||
|
@ -135,7 +150,7 @@ describe('Notes', () => {
|
||||||
});
|
});
|
||||||
|
|
||||||
it('fails with a forbidden alias', async () => {
|
it('fails with a forbidden alias', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.post(`/notes/${forbiddenNoteId}`)
|
.post(`/notes/${forbiddenNoteId}`)
|
||||||
.set('Content-Type', 'text/markdown')
|
.set('Content-Type', 'text/markdown')
|
||||||
.send(content)
|
.send(content)
|
||||||
|
@ -144,7 +159,7 @@ describe('Notes', () => {
|
||||||
});
|
});
|
||||||
|
|
||||||
it('fails with a existing alias', async () => {
|
it('fails with a existing alias', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.post('/notes/test2')
|
.post('/notes/test2')
|
||||||
.set('Content-Type', 'text/markdown')
|
.set('Content-Type', 'text/markdown')
|
||||||
.send(content)
|
.send(content)
|
||||||
|
@ -159,7 +174,7 @@ describe('Notes', () => {
|
||||||
const noteId = 'test3';
|
const noteId = 'test3';
|
||||||
const note = await notesService.createNote(content, noteId, user);
|
const note = await notesService.createNote(content, noteId, user);
|
||||||
await mediaService.saveFile(testImage, user, note);
|
await mediaService.saveFile(testImage, user, note);
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.delete(`/notes/${noteId}`)
|
.delete(`/notes/${noteId}`)
|
||||||
.set('Content-Type', 'application/json')
|
.set('Content-Type', 'application/json')
|
||||||
.send({
|
.send({
|
||||||
|
@ -176,7 +191,7 @@ describe('Notes', () => {
|
||||||
const noteId = 'test3a';
|
const noteId = 'test3a';
|
||||||
const note = await notesService.createNote(content, noteId, user);
|
const note = await notesService.createNote(content, noteId, user);
|
||||||
const url = await mediaService.saveFile(testImage, user, note);
|
const url = await mediaService.saveFile(testImage, user, note);
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.delete(`/notes/${noteId}`)
|
.delete(`/notes/${noteId}`)
|
||||||
.set('Content-Type', 'application/json')
|
.set('Content-Type', 'application/json')
|
||||||
.send({
|
.send({
|
||||||
|
@ -195,21 +210,17 @@ describe('Notes', () => {
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
it('fails with a forbidden alias', async () => {
|
it('fails with a forbidden alias', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent.delete(`/notes/${forbiddenNoteId}`).expect(400);
|
||||||
.delete(`/notes/${forbiddenNoteId}`)
|
|
||||||
.expect(400);
|
|
||||||
});
|
});
|
||||||
it('fails with a non-existing alias', async () => {
|
it('fails with a non-existing alias', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent.delete('/notes/i_dont_exist').expect(404);
|
||||||
.delete('/notes/i_dont_exist')
|
|
||||||
.expect(404);
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('GET /notes/{note}/revisions', () => {
|
describe('GET /notes/{note}/revisions', () => {
|
||||||
it('works with existing alias', async () => {
|
it('works with existing alias', async () => {
|
||||||
await notesService.createNote(content, 'test4', user);
|
await notesService.createNote(content, 'test4', user);
|
||||||
const response = await request(app.getHttpServer())
|
const response = await agent
|
||||||
.get('/notes/test4/revisions')
|
.get('/notes/test4/revisions')
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200);
|
.expect(200);
|
||||||
|
@ -217,14 +228,12 @@ describe('Notes', () => {
|
||||||
});
|
});
|
||||||
|
|
||||||
it('fails with a forbidden alias', async () => {
|
it('fails with a forbidden alias', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent.get(`/notes/${forbiddenNoteId}/revisions`).expect(400);
|
||||||
.get(`/notes/${forbiddenNoteId}/revisions`)
|
|
||||||
.expect(400);
|
|
||||||
});
|
});
|
||||||
|
|
||||||
it('fails with non-existing alias', async () => {
|
it('fails with non-existing alias', async () => {
|
||||||
// check if a missing note correctly returns 404
|
// check if a missing note correctly returns 404
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.get('/notes/i_dont_exist/revisions')
|
.get('/notes/i_dont_exist/revisions')
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(404);
|
.expect(404);
|
||||||
|
@ -236,29 +245,27 @@ describe('Notes', () => {
|
||||||
const noteId = 'test8';
|
const noteId = 'test8';
|
||||||
const note = await notesService.createNote(content, noteId, user);
|
const note = await notesService.createNote(content, noteId, user);
|
||||||
await notesService.updateNote(note, 'update');
|
await notesService.updateNote(note, 'update');
|
||||||
const responseBeforeDeleting = await request(app.getHttpServer())
|
const responseBeforeDeleting = await agent
|
||||||
.get('/notes/test8/revisions')
|
.get('/notes/test8/revisions')
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200);
|
.expect(200);
|
||||||
expect(responseBeforeDeleting.body).toHaveLength(2);
|
expect(responseBeforeDeleting.body).toHaveLength(2);
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.delete(`/notes/${noteId}/revisions`)
|
.delete(`/notes/${noteId}/revisions`)
|
||||||
.set('Content-Type', 'application/json')
|
.set('Content-Type', 'application/json')
|
||||||
.expect(204);
|
.expect(204);
|
||||||
const responseAfterDeleting = await request(app.getHttpServer())
|
const responseAfterDeleting = await agent
|
||||||
.get('/notes/test8/revisions')
|
.get('/notes/test8/revisions')
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200);
|
.expect(200);
|
||||||
expect(responseAfterDeleting.body).toHaveLength(1);
|
expect(responseAfterDeleting.body).toHaveLength(1);
|
||||||
});
|
});
|
||||||
it('fails with a forbidden alias', async () => {
|
it('fails with a forbidden alias', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent.delete(`/notes/${forbiddenNoteId}/revisions`).expect(400);
|
||||||
.delete(`/notes/${forbiddenNoteId}/revisions`)
|
|
||||||
.expect(400);
|
|
||||||
});
|
});
|
||||||
it('fails with non-existing alias', async () => {
|
it('fails with non-existing alias', async () => {
|
||||||
// check if a missing note correctly returns 404
|
// check if a missing note correctly returns 404
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.delete('/notes/i_dont_exist/revisions')
|
.delete('/notes/i_dont_exist/revisions')
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(404);
|
.expect(404);
|
||||||
|
@ -269,20 +276,18 @@ describe('Notes', () => {
|
||||||
it('works with an existing alias', async () => {
|
it('works with an existing alias', async () => {
|
||||||
const note = await notesService.createNote(content, 'test5', user);
|
const note = await notesService.createNote(content, 'test5', user);
|
||||||
const revision = await notesService.getLatestRevision(note);
|
const revision = await notesService.getLatestRevision(note);
|
||||||
const response = await request(app.getHttpServer())
|
const response = await agent
|
||||||
.get(`/notes/test5/revisions/${revision.id}`)
|
.get(`/notes/test5/revisions/${revision.id}`)
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200);
|
.expect(200);
|
||||||
expect(response.body.content).toEqual(content);
|
expect(response.body.content).toEqual(content);
|
||||||
});
|
});
|
||||||
it('fails with a forbidden alias', async () => {
|
it('fails with a forbidden alias', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent.get(`/notes/${forbiddenNoteId}/revisions/1`).expect(400);
|
||||||
.get(`/notes/${forbiddenNoteId}/revisions/1`)
|
|
||||||
.expect(400);
|
|
||||||
});
|
});
|
||||||
it('fails with non-existing alias', async () => {
|
it('fails with non-existing alias', async () => {
|
||||||
// check if a missing note correctly returns 404
|
// check if a missing note correctly returns 404
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.get('/notes/i_dont_exist/revisions/1')
|
.get('/notes/i_dont_exist/revisions/1')
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(404);
|
.expect(404);
|
||||||
|
@ -295,8 +300,7 @@ describe('Notes', () => {
|
||||||
const extraAlias = 'test7';
|
const extraAlias = 'test7';
|
||||||
const note1 = await notesService.createNote(content, alias, user);
|
const note1 = await notesService.createNote(content, alias, user);
|
||||||
const note2 = await notesService.createNote(content, extraAlias, user);
|
const note2 = await notesService.createNote(content, extraAlias, user);
|
||||||
const httpServer = app.getHttpServer();
|
const response = await agent
|
||||||
const response = await request(httpServer)
|
|
||||||
.get(`/notes/${alias}/media/`)
|
.get(`/notes/${alias}/media/`)
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200);
|
.expect(200);
|
||||||
|
@ -306,7 +310,7 @@ describe('Notes', () => {
|
||||||
const url0 = await mediaService.saveFile(testImage, user, note1);
|
const url0 = await mediaService.saveFile(testImage, user, note1);
|
||||||
const url1 = await mediaService.saveFile(testImage, user, note2);
|
const url1 = await mediaService.saveFile(testImage, user, note2);
|
||||||
|
|
||||||
const responseAfter = await request(httpServer)
|
const responseAfter = await agent
|
||||||
.get(`/notes/${alias}/media/`)
|
.get(`/notes/${alias}/media/`)
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(200);
|
.expect(200);
|
||||||
|
@ -321,7 +325,7 @@ describe('Notes', () => {
|
||||||
await fs.rmdir(uploadPath, { recursive: true });
|
await fs.rmdir(uploadPath, { recursive: true });
|
||||||
});
|
});
|
||||||
it('fails, when note does not exist', async () => {
|
it('fails, when note does not exist', async () => {
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.get(`/notes/i_dont_exist/media/`)
|
.get(`/notes/i_dont_exist/media/`)
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(404);
|
.expect(404);
|
||||||
|
@ -329,7 +333,7 @@ describe('Notes', () => {
|
||||||
it("fails, when user can't read note", async () => {
|
it("fails, when user can't read note", async () => {
|
||||||
const alias = 'test11';
|
const alias = 'test11';
|
||||||
await notesService.createNote('This is a test note.', alias, user2);
|
await notesService.createNote('This is a test note.', alias, user2);
|
||||||
await request(app.getHttpServer())
|
await agent
|
||||||
.get(`/notes/${alias}/media/`)
|
.get(`/notes/${alias}/media/`)
|
||||||
.expect('Content-Type', /json/)
|
.expect('Content-Type', /json/)
|
||||||
.expect(401);
|
.expect(401);
|
||||||
|
|
130
test/public-api/tokens.e2e-spec.ts
Normal file
130
test/public-api/tokens.e2e-spec.ts
Normal file
|
@ -0,0 +1,130 @@
|
||||||
|
/*
|
||||||
|
* SPDX-FileCopyrightText: 2021 The HedgeDoc developers (see AUTHORS file)
|
||||||
|
*
|
||||||
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
*/
|
||||||
|
import { INestApplication } from '@nestjs/common';
|
||||||
|
import { ConfigModule, ConfigService } from '@nestjs/config';
|
||||||
|
import { Test } from '@nestjs/testing';
|
||||||
|
import { TypeOrmModule } from '@nestjs/typeorm';
|
||||||
|
import request from 'supertest';
|
||||||
|
|
||||||
|
import { PrivateApiModule } from '../../src/api/private/private-api.module';
|
||||||
|
import { AuthModule } from '../../src/auth/auth.module';
|
||||||
|
import { MockAuthGuard } from '../../src/auth/mock-auth.guard';
|
||||||
|
import { TokenAuthGuard } from '../../src/auth/token.strategy';
|
||||||
|
import { AuthConfig } from '../../src/config/auth.config';
|
||||||
|
import appConfigMock from '../../src/config/mock/app.config.mock';
|
||||||
|
import authConfigMock from '../../src/config/mock/auth.config.mock';
|
||||||
|
import customizationConfigMock from '../../src/config/mock/customization.config.mock';
|
||||||
|
import externalServicesConfigMock from '../../src/config/mock/external-services.config.mock';
|
||||||
|
import mediaConfigMock from '../../src/config/mock/media.config.mock';
|
||||||
|
import { GroupsModule } from '../../src/groups/groups.module';
|
||||||
|
import { HistoryModule } from '../../src/history/history.module';
|
||||||
|
import { IdentityService } from '../../src/identity/identity.service';
|
||||||
|
import { LoggerModule } from '../../src/logger/logger.module';
|
||||||
|
import { MediaModule } from '../../src/media/media.module';
|
||||||
|
import { NotesModule } from '../../src/notes/notes.module';
|
||||||
|
import { PermissionsModule } from '../../src/permissions/permissions.module';
|
||||||
|
import { User } from '../../src/users/user.entity';
|
||||||
|
import { UsersModule } from '../../src/users/users.module';
|
||||||
|
import { UsersService } from '../../src/users/users.service';
|
||||||
|
import { setupSessionMiddleware } from '../../src/utils/session';
|
||||||
|
|
||||||
|
describe('Tokens', () => {
|
||||||
|
let app: INestApplication;
|
||||||
|
let userService: UsersService;
|
||||||
|
let identityService: IdentityService;
|
||||||
|
let user: User;
|
||||||
|
let agent: request.SuperAgentTest;
|
||||||
|
let keyId: string;
|
||||||
|
|
||||||
|
beforeAll(async () => {
|
||||||
|
const moduleRef = await Test.createTestingModule({
|
||||||
|
imports: [
|
||||||
|
ConfigModule.forRoot({
|
||||||
|
isGlobal: true,
|
||||||
|
load: [
|
||||||
|
appConfigMock,
|
||||||
|
authConfigMock,
|
||||||
|
mediaConfigMock,
|
||||||
|
customizationConfigMock,
|
||||||
|
externalServicesConfigMock,
|
||||||
|
],
|
||||||
|
}),
|
||||||
|
PrivateApiModule,
|
||||||
|
NotesModule,
|
||||||
|
PermissionsModule,
|
||||||
|
GroupsModule,
|
||||||
|
TypeOrmModule.forRoot({
|
||||||
|
type: 'sqlite',
|
||||||
|
database: './hedgedoc-e2e-private-me.sqlite',
|
||||||
|
autoLoadEntities: true,
|
||||||
|
synchronize: true,
|
||||||
|
dropSchema: true,
|
||||||
|
}),
|
||||||
|
LoggerModule,
|
||||||
|
AuthModule,
|
||||||
|
UsersModule,
|
||||||
|
MediaModule,
|
||||||
|
HistoryModule,
|
||||||
|
],
|
||||||
|
})
|
||||||
|
.overrideGuard(TokenAuthGuard)
|
||||||
|
.useClass(MockAuthGuard)
|
||||||
|
.compile();
|
||||||
|
const config = moduleRef.get<ConfigService>(ConfigService);
|
||||||
|
identityService = moduleRef.get(IdentityService);
|
||||||
|
app = moduleRef.createNestApplication();
|
||||||
|
userService = moduleRef.get(UsersService);
|
||||||
|
user = await userService.createUser('hardcoded', 'Testy');
|
||||||
|
await identityService.createLocalIdentity(user, 'test');
|
||||||
|
const authConfig = config.get('authConfig') as AuthConfig;
|
||||||
|
setupSessionMiddleware(app, authConfig);
|
||||||
|
await app.init();
|
||||||
|
agent = request.agent(app.getHttpServer());
|
||||||
|
await agent
|
||||||
|
.post('/auth/local/login')
|
||||||
|
.send({ username: 'hardcoded', password: 'test' })
|
||||||
|
.expect(201);
|
||||||
|
});
|
||||||
|
|
||||||
|
it(`POST /tokens`, async () => {
|
||||||
|
const tokenName = 'testToken';
|
||||||
|
const response = await agent
|
||||||
|
.post('/tokens')
|
||||||
|
.send({
|
||||||
|
label: tokenName,
|
||||||
|
})
|
||||||
|
.expect('Content-Type', /json/)
|
||||||
|
.expect(201);
|
||||||
|
keyId = response.body.keyId;
|
||||||
|
expect(response.body.label).toBe(tokenName);
|
||||||
|
expect(response.body.validUntil).toBe(null);
|
||||||
|
expect(response.body.lastUsed).toBe(null);
|
||||||
|
expect(response.body.secret.length).toBe(84);
|
||||||
|
});
|
||||||
|
|
||||||
|
it(`GET /tokens`, async () => {
|
||||||
|
const tokenName = 'testToken';
|
||||||
|
const response = await agent
|
||||||
|
.get('/tokens/')
|
||||||
|
.expect('Content-Type', /json/)
|
||||||
|
.expect(200);
|
||||||
|
expect(response.body[0].label).toBe(tokenName);
|
||||||
|
expect(response.body[0].validUntil).toBe(null);
|
||||||
|
expect(response.body[0].lastUsed).toBe(null);
|
||||||
|
expect(response.body[0].secret).not.toBeDefined();
|
||||||
|
});
|
||||||
|
it(`DELETE /tokens/:keyid`, async () => {
|
||||||
|
const response = await agent.delete('/tokens/' + keyId).expect(204);
|
||||||
|
expect(response.body).toStrictEqual({});
|
||||||
|
});
|
||||||
|
it(`GET /tokens 2`, async () => {
|
||||||
|
const response = await agent
|
||||||
|
.get('/tokens/')
|
||||||
|
.expect('Content-Type', /json/)
|
||||||
|
.expect(200);
|
||||||
|
expect(response.body).toStrictEqual([]);
|
||||||
|
});
|
||||||
|
});
|
Loading…
Reference in a new issue