This ports the extra tests in the POST /media test from the private apis to the public apis E2E tests.
Also the whole test suit was renamed to 'Media'.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This way the tests can run in any order as some of the media tests rely on an empty (or non-existing) uploads directory.
Also the me e2e test was renamed to the correct name.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
add test for GET /me/history/{note}
add error cases to PUT /me/history/{note} and DELETE /me/history/{note}
activate missing test GET /me/notes/
Signed-off-by: Philip Molares <philip.molares@udo.edu>
As the NotesController has the note already, because it checked with it if the user has the permission to perform the action, it's not necessary to get the note from the DB again, instead we should just provide the note to the functions directly.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
split success and fail cases in separate tests for better readability
add the correct user to all notes created by service (instead of api) to make the permissions checks viable.
extracted test content of notes to a global variable.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Remove uploaded files after media e2e tests ran
Remove /uploads/ folder after all media e2e tests ran
This way the uploads folder doesn't grow while working on other e2e tests
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Add history service to allow for CRUD operations.
Use history service in controllers to:
1. Allow manipulating of history entries
2. Guaranty the correct existence of history entries
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit adds proper error handling and returns 404 when a note does not exist.
Previously, we leaked the `NotInDBError` and sent a 500 status code.
Signed-off-by: David Mehren <git@herrmehren.de>
Previously, this lead to locking errors, when multiple test runners accessed the same database and tried to clear it or tried to insert new test data.
Signed-off-by: David Mehren <git@herrmehren.de>
It was helpful to inspect database contents while the code was stopped by the debugger. Therefore the E2E test database is now persisted on disk and cleared before every test-run.
Signed-off-by: David Mehren <git@herrmehren.de>
Nest automatically tries to parse incoming requests with application/json as content-type and responds with HTTP 400 if the parsing fails. As our test-note-content is not valid JSON, we need to set another content-type.
Signed-off-by: David Mehren <git@herrmehren.de>
This update of revealJS helps us to get rid of the headjs depedency
integration using webpack. It updates reveal.js to 3.9.2 and updates the
csp hash accordingly for using the slide mode.
Background for this update is the critical security vulnerability
described by snyk in their disclosure:
https://snyk.io/vuln/SNYK-JS-REVEALJS-543841
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Since libravatar got a default fallback to Gravatar and in generell
allows federated image hosting for avatars this shouldn't break any
existing implementations.
The federation functionality is not added yet. This would require to use
the libravatar library.
Details:
https://wiki.libravatar.org/api/
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Seems like there is a possible problem when a name containing a space is
passed to this function. using urlencode on the name should fix possible
problems here.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
The tests are currently not linted. This causes a different coding style
than the rest of the sources.
This patch adds the `./test` directory to the eslint testing and fixes
linting for existing tests.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Since we lack of tests but got some great point to start, let's write
more tests.
This patch provides some basic tests for our CSP library. It's more an
integration than a unit test, but gets the job done.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>