Because the rejection now happens automatically in the permissions guard it does not get to the controller method and does not report the Content-Type to text/markdown
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Because the rejection now happens automatically in the permissions guard it now returns a 403 instead of 401
Signed-off-by: Philip Molares <philip.molares@udo.edu>
To make the create method easier to use in conjunction
with the authentication framework, this commit changes the type of
the `owner` parameter from `User | undefined` to `User | null`.
Signed-off-by: David Mehren <git@herrmehren.de>
Including both PublicApiModule and PrivateApiModule in the test setup
lead to the API routes overwriting each other.
This adds a router to separate the APIs as they are in the normal app.
Signed-off-by: David Mehren <git@herrmehren.de>
This should help to make clear why code is executed when the TokenAuthGuard is encountered by a request. Currently, one has to connect both files via the string 'token', which is a bit cryptic
Signed-off-by: Philip Molares <philip.molares@udo.edu>
The function now expects a `Note` object instead of a noteId
and a `User` instead of a username to
make it more consistent with other functions.
Signed-off-by: David Mehren <git@herrmehren.de>
The function now expects a `Note` object instead of a noteId to
make it more consistent with other functions.
Signed-off-by: David Mehren <git@herrmehren.de>
This renames `createOrUpdateHistoryEntry` to `updateHistoryEntryTimestamp`,
which reduces confusion with the similarly named
`updateHistoryEntry` function.
Signed-off-by: David Mehren <git@herrmehren.de>
The DI tokens for services seem to have changed with NestJS 8.
As we can also use the class object instead of a hardcoded token,
this commit replaces the tokens accordingly.
Signed-off-by: David Mehren <git@herrmehren.de>
This adds a body to the route DELETE /notes/{note} of the public api to specify if the associated media uploads of the note should be kept or deleted.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Previously, `fs.rmdir` was called multiple times on the same path,
even when the path was already deleted.
This causes test failures in Node 16.
This commit extracts the cleanup code into a utility function
and ensures that no error is thrown when the given path is already deleted.
Signed-off-by: David Mehren <git@herrmehren.de>
This ensures the folder is always deleted, even if there are still files (from previous broken tests) in it.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
The deletion of upload was moved to beforeEach and afterEach block in the 'POST /media' > 'fails' tests.
The test if the folder was not created, because there was no file uploaded, now correctly expects the behaviour.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This ports the extra tests in the POST /media test from the private apis to the public apis E2E tests.
Also the whole test suit was renamed to 'Media'.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This way the tests can run in any order as some of the media tests rely on an empty (or non-existing) uploads directory.
Also the me e2e test was renamed to the correct name.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
add test for GET /me/history/{note}
add error cases to PUT /me/history/{note} and DELETE /me/history/{note}
activate missing test GET /me/notes/
Signed-off-by: Philip Molares <philip.molares@udo.edu>
As the NotesController has the note already, because it checked with it if the user has the permission to perform the action, it's not necessary to get the note from the DB again, instead we should just provide the note to the functions directly.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
