Commit graph

73 commits

Author SHA1 Message Date
David Mehren
d1c3058655 fix(permissions): remove composite primary keys
TypeORM promises to support composite primary keys,
but that does not work in reality.
This replaces the composite key used in the permission entities with
a single generated primary key and
a unique index on the relation columns.

See https://github.com/typeorm/typeorm/issues/8513

Signed-off-by: David Mehren <git@herrmehren.de>
2022-09-18 20:57:52 +02:00
Philip Molares
b81761fcd0 test(public-api): fix test for get note metadata call
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2022-08-28 13:02:33 +02:00
Tilman Vatteroth
8596bed729 refactor: remove cycling dependency between notes and revisions
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2022-07-10 19:46:03 +02:00
Yannick Bungers
2650a986a9 Fix e2e test for moved permission functions
Signed-off-by: Yannick Bungers <git@innay.de>
2022-03-13 21:33:02 +01:00
David Mehren
09ec447069 feat(note): save createdAt in a separate column
To keep the createdAt date stable, even when the revisions are dropped,
this adds a separate column
 to store this data separately from revisions.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-07 13:54:43 +01:00
David Mehren
342efcd7b7 feat(note-metadata): replace primaryAlias with primaryAddress
The primary address is never null.
If no alias is set, the id is returned.

To still easily get the primary alias, the complete Alias DTOs
are now included in the metadata.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-07 13:54:43 +01:00
David Mehren
8e31f3a393 refactor(api/private/media): return MediaUpload object instead of url
This ensures the private POST /media API behaves in the same way as /me/media

Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-07 13:54:43 +01:00
David Mehren
a6734cc58f test: ensure testSetup.cleanup is called
Signed-off-by: David Mehren <git@herrmehren.de>
2022-03-06 22:24:21 +01:00
Philip Molares
6269c7f7bc test: fix expected error codes in multiple test
In the e2e tests the global filter must be added via the special provider 'APP_FILTER' and not with useGlobalFilters, because if not the filter breaks, because of the way supertest handles the http-connection.

See: https://github.com/nestjs/nest/issues/1160#issuecomment-468698640

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2022-02-07 00:08:41 +01:00
Yannick Bungers
42ad99e20b Replace fs.rmdir recursive by fs.rm recursive
fs.rmdir(path, { recursive: true}) is deprecated and
is replaced by fs.rm(path, { recursive: true}).

Signed-off-by: Yannick Bungers <git@innay.de>
2022-01-31 08:55:42 +01:00
Philip Molares
f4a580cf2a refactor(config): extract note config from app config
This commit separates the app config object from a new note config object. This was done to separate different concerns in different config files. Especially if the number of settings that are about notes increase, it is a good idea to keep them separate from the app config.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2022-01-30 22:19:50 +01:00
David Mehren
d1dbd1bb22 feat(test-setup): restructure to synchronous builder
The previous pattern used async methods for the builder pattern,
which were hideous to use when chained multiple times.

This extracts the builder into a separate class
and uses normal functions in the builder.
These queue async functions in arrays, which are executed
at the correct time, when the new async `build` function is called.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-01-27 21:05:17 +01:00
David Mehren
08f97209ec
refactor(note-metadata): do not embed User objects
This is part of an effort to consistently not embed User objects
in API responses. Usernames are returned instead.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-01-16 22:54:53 +01:00
David Mehren
b955faa983
refactor(note-permissions-dto): do not embed User objects
This is part of an effort to consistently not embed User objects
in API responses. Usernames are returned instead.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-01-16 22:19:53 +01:00
David Mehren
f1feb3bf94
refactor(note-metadata): rename date attributes
This is part of an effort to name all date attributes
consistently.

Signed-off-by: David Mehren <git@herrmehren.de>
2022-01-16 21:59:54 +01:00
David Mehren
235e4f647c
refactor(note): lazy-load relations
Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-30 16:46:07 +01:00
Philip Molares
0cb3b65998
test: fix note e2e test 'fails with non-existing alias'
Because the rejection now happens automatically in the permissions guard it does not get to the controller method and does not report the Content-Type to text/markdown

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-11-21 18:04:47 +01:00
Philip Molares
988909eb0b
test: fix note e2e test 'fails, when user can't read note'
Because the rejection now happens automatically in the permissions guard it now returns a 403 instead of 401

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-11-21 18:03:29 +01:00
David Mehren
b9d3c95d2d
fix(note): fix type for owner param
To make the create method easier to use in conjunction
with the authentication framework, this commit changes the type of
the `owner` parameter from `User | undefined` to `User | null`.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-11-14 21:44:59 +01:00
David Mehren
4805c9c5c5
Update API routes in public API E2E tests
Signed-off-by: David Mehren <git@herrmehren.de>
2021-10-15 16:53:10 +02:00
David Mehren
86a910a9e8
Migrate private notes API E2E test to global TestSetup
Signed-off-by: David Mehren <git@herrmehren.de>
2021-10-14 21:45:13 +02:00
David Mehren
21f4ffe2df
Migrate public notes API E2E test to global TestSetup
Signed-off-by: David Mehren <git@herrmehren.de>
2021-10-14 20:52:57 +02:00
Yannick Bungers
40103cb397
fix username spelling from userName
Signed-off-by: Yannick Bungers <git@innay.de>
2021-10-13 22:28:10 +02:00
Philip Molares
56eaddff8c
test: fix e2e tests to handle the new aliases
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-06-06 17:55:41 +02:00
Philip Molares
216baa42a1
refactor: move TokenAuthGuard in the same file as TokenStrategy
This should help to make clear why code is executed when the TokenAuthGuard is encountered by a request. Currently, one has to connect both files via the string 'token', which is a bit cryptic

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-09-04 18:03:41 +02:00
David Mehren
fe26f1689c
MediaService: Refactor saveFile
The function now expects a `Note` object instead of a noteId
and a `User` instead of a username to
make it more consistent with other functions.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-29 22:28:21 +02:00
David Mehren
e65c19ddd8
Public API: Test that forbidden notes can't be accessed
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-29 17:36:03 +02:00
David Mehren
5ed2fae44e
Enforce import order with prettier
Signed-off-by: David Mehren <git@herrmehren.de>
2021-08-29 18:45:46 +02:00
Philip Molares
0f58757858
chore(test): Change test to work with publicId
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-05-16 22:46:02 +02:00
David Mehren
6ee2ddead5
Use node12 TypeScript base config
TypeScript recommends using a base config from https://github.com/tsconfig/bases.

Using this config reduces compile times by ~30%
and the size of the dist folder by ~45%.
It also enables the recommended `esModuleInterop` option,
which necessitated some changes to imports.
See also https://www.typescriptlang.org/docs/handbook/release-notes/typescript-2-7.html#support-for-import-d-from-cjs-from-commonjs-modules-with---esmoduleinterop

Signed-off-by: David Mehren <git@herrmehren.de>
2021-04-29 22:47:18 +02:00
Philip Molares
64e016f181
NotesE2ETest: Changed test for title and description
They should not return null and that's correctly tested now.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-24 21:33:47 +02:00
Philip Molares
4640735d18
PublicApi: Add option to keep media to DELETE /notes/{note}
This adds a body to the route DELETE /notes/{note} of the public api to specify if the associated media uploads of the note should be kept or deleted.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-01 01:23:12 +02:00
Philip Molares
5c138e4115
PublicNotesE2E: Add extra test for note deletion
This test checks if permission are correctly set and no error is thrown if the note is deleted.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-17 10:30:37 +01:00
Philip Molares
ff44a6567e
Tests: Removed all eslint-disable lines
As we now disable what we don't need in the eslint config, we don't need this anymore.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-04-12 17:06:59 +02:00
Philip Molares
be78b9a03d
E2ETests: Use recursive for 'uploads/' deletion.
This ensures the folder is always deleted, even if there are still files (from previous broken tests) in it.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-31 22:42:56 +02:00
Philip Molares
9874426c9a
PublicE2E: Remove uploaded files after test
This way the tests can run in any order as some of the media tests rely on an empty (or non-existing) uploads directory.
Also the me e2e test was renamed to the correct name.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-24 11:18:26 +01:00
Philip Molares
c1a9eee6a4
Config: Move config mocks in own folder
To clean up the config folder, all mocks are now in it's own folder.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-01 21:12:01 +01:00
Philip Molares
4aca8ada4c
NotesE2ETest: Add GET /api/v2/notes/{note}/media test
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-19 16:54:24 +01:00
Philip Molares
53f5093630
Docs: Add more documentation to the public api
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-03-19 12:10:46 +01:00
Philip Molares
66e2340009
NotesService: Add e2e tests for forbidden note alias
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 22:24:17 +01:00
Philip Molares
966f5ee2fe
Config: Add forbiddenNoteIds to AppConfig
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 22:15:04 +01:00
David Mehren
f20c2f06e0
Fix various ESLint errors in E2E tests
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-24 21:14:16 +01:00
Yannick Bungers
8b75867664
Rename getNoteContentByNote to getNoteContent
Signed-off-by: Yannick Bungers <git@innay.de>
2021-02-22 22:34:18 +01:00
Philip Molares
4d89ffd474
NotesService: Replace noteByIdOrAlias with note as parameter
As the NotesController has the note already, because it checked with it if the user has the permission to perform the action, it's not necessary to get the note from the DB again, instead we should just provide the note to the functions directly.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 16:50:11 +01:00
Philip Molares
13955aebe5
NotesE2ETests: Ensure posting the same note alias twice fails
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-20 16:10:30 +01:00
Philip Molares
aa97a87316
NotesService: Rename getCurrentContent to getNoteContentByNote
The new name should better explain what this functions does.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-19 13:36:01 +01:00
Philip Molares
bb04da46be
NotesE2E: Fix e2e test
split success and fail cases in separate tests for better readability
add the correct user to all notes created by service (instead of api) to make the permissions checks viable.
extracted test content of notes to a global variable.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-17 13:20:54 +01:00
Philip Molares
5920a1c72f
tests: Fix tests as part of the DTO Refactor
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-30 12:47:31 +01:00
Philip Molares
cce1626c48
auth: fixes unit and e2e tests
adds MockAuthGuard which always return user 'hardcoded'

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-16 19:33:09 +01:00
Philip Molares
4372106ef0
tests: Removed unnecessary import of appConfigMock
As suggested by an review of David Mehren

Co-authored by: David Mehren <git@herrmehren.de>

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-19 12:45:36 +01:00