From c419918e6057714962fe89edfb5b9d035a9bb832 Mon Sep 17 00:00:00 2001 From: Eric Mc Sween Date: Thu, 21 Nov 2019 07:43:07 -0500 Subject: [PATCH] Merge pull request #2390 from overleaf/ta-metrics-tests-move Move Metrics Acceptance Tests GitOrigin-RevId: ac789ef9157615b89b1d63f28a2be090df5b62a8 --- .../src/UserMembershipAuthorizationTests.js | 290 +----------------- 1 file changed, 1 insertion(+), 289 deletions(-) diff --git a/services/web/test/acceptance/src/UserMembershipAuthorizationTests.js b/services/web/test/acceptance/src/UserMembershipAuthorizationTests.js index 70dee5cf5d..4dc77ea996 100644 --- a/services/web/test/acceptance/src/UserMembershipAuthorizationTests.js +++ b/services/web/test/acceptance/src/UserMembershipAuthorizationTests.js @@ -1,11 +1,9 @@ const { expect } = require('chai') const async = require('async') -const { ObjectId } = require('../../../app/src/infrastructure/mongojs') const User = require('./helpers/User') const Institution = require('./helpers/Institution') const Subscription = require('./helpers/Subscription') const Publisher = require('./helpers/Publisher') -const MockV1Api = require('./helpers/MockV1Api') describe('UserMembershipAuthorization', function() { beforeEach(function(done) { @@ -13,36 +11,6 @@ describe('UserMembershipAuthorization', function() { async.series([this.user.ensureUserExists.bind(this.user)], done) }) - describe('team', function() { - beforeEach(function(done) { - this.subscription = new Subscription({ - groupPlan: true, - overleaf: { id: 123 } - }) - async.series( - [ - this.subscription.ensureExists.bind(this.subscription), - cb => this.user.login(cb) - ], - done - ) - }) - - describe('metrics', function() { - it('should allow managers only', function(done) { - const url = `/metrics/teams/123` - async.series( - [ - expectAccess(this.user, url, 403), - cb => this.subscription.setManagerIds([this.user._id], cb), - expectAccess(this.user, url, 200) - ], - done - ) - }) - }) - }) - describe('group', function() { beforeEach(function(done) { this.subscription = new Subscription({ @@ -71,25 +39,6 @@ describe('UserMembershipAuthorization', function() { }) }) - describe('metrics', function() { - it('should allow managers only', function(done) { - const url = `/metrics/groups/${this.subscription._id}` - async.series( - [ - expectAccess(this.user, url, 403), - cb => this.subscription.setManagerIds([this.user._id], cb), - expectAccess(this.user, url, 200) - ], - done - ) - }) - - it('should handle groups not found', function(done) { - const url = `/metrics/groups/${ObjectId()}` - async.series([expectAccess(this.user, url, 404)], done) - }) - }) - describe('managers management', function() { it('should allow managers only', function(done) { const url = `/manage/groups/${this.subscription._id}/managers` @@ -111,52 +60,6 @@ describe('UserMembershipAuthorization', function() { async.series([this.institution.ensureExists.bind(this.institution)], done) }) - describe('metrics', function() { - it('should allow users with staff access', function(done) { - const url = `/metrics/institutions/${this.institution.v1Id}` - async.series( - [ - cb => this.user.ensureStaffAccess('institutionMetrics', cb), - this.user.login.bind(this.user), - expectAccess(this.user, url, 200) - ], - done - ) - }) - - it('should allow admins', function(done) { - const url = `/metrics/institutions/${this.institution.v1Id}` - async.series( - [ - this.user.ensureAdmin.bind(this.user), - this.user.login.bind(this.user), - expectAccess(this.user, url, 200) - ], - done - ) - }) - - it('should allow managers', function(done) { - const url = `/metrics/institutions/${this.institution.v1Id}` - async.series( - [ - this.user.login.bind(this.user), - cb => this.institution.setManagerIds([this.user._id], cb), - expectAccess(this.user, url, 200) - ], - done - ) - }) - - it('should not allow users without access', function(done) { - const url = `/metrics/institutions/${this.institution.v1Id}` - async.series( - [this.user.login.bind(this.user), expectAccess(this.user, url, 403)], - done - ) - }) - }) - describe('users management', function() { it('should allow managers only', function(done) { const url = `/manage/institutions/${this.institution.v1Id}/managers` @@ -172,21 +75,6 @@ describe('UserMembershipAuthorization', function() { }) }) - describe('hub', function() { - it('should allow managers only', function(done) { - const url = `/institutions/${this.institution.v1Id}/hub` - async.series( - [ - this.user.login.bind(this.user), - expectAccess(this.user, url, 403), - cb => this.institution.setManagerIds([this.user._id], cb), - expectAccess(this.user, url, 200) - ], - done - ) - }) - }) - describe('creation', function() { it('should allow staff only', function(done) { const url = `/entities/institution/create/foo` @@ -216,20 +104,6 @@ describe('UserMembershipAuthorization', function() { ) }) - describe('conversion metrics', function() { - it('should allow managers only', function(done) { - const url = `/metrics/conversions/${this.publisher.slug}` - async.series( - [ - expectAccess(this.user, url, 403), - cb => this.publisher.setManagerIds([this.user._id], cb), - expectAccess(this.user, url, 200) - ], - done - ) - }) - }) - describe('managers management', function() { it('should allow managers only', function(done) { const url = `/manage/publishers/${this.publisher.slug}/managers` @@ -246,7 +120,7 @@ describe('UserMembershipAuthorization', function() { describe('creation', function() { it('should redirect staff only', function(done) { - const url = `/publishers/foo/hub` + const url = `/manage/publishers/foo/managers` async.series( [ this.user.login.bind(this.user), @@ -273,168 +147,6 @@ describe('UserMembershipAuthorization', function() { }) }) }) - - describe('template', function() { - beforeEach(function(done) { - this.publisher = new Publisher({}) - async.series( - [ - this.publisher.ensureExists.bind(this.publisher), - cb => this.user.login(cb) - ], - done - ) - }) - - it('allow publisher managers only', function(done) { - MockV1Api.setTemplates({ - 123: { - id: 123, - title: '123 title', - brand: { slug: this.publisher.slug } - } - }) - const url = '/metrics/templates/123' - async.series( - [ - expectAccess(this.user, url, 403), - cb => this.publisher.setManagerIds([this.user._id], cb), - expectAccess(this.user, url, 200) - ], - done - ) - }) - - it('handle templates without publisher', function(done) { - MockV1Api.setTemplates({ - 456: { - id: 456, - title: '456 title', - brand: { slug: null } - } - }) - const url = '/metrics/templates/456' - async.series( - [ - expectAccess(this.user, url, 403), - this.user.ensureAdmin.bind(this.user), - this.user.login.bind(this.user), - expectAccess(this.user, url, 200) - ], - done - ) - }) - - it('handle templates not found', function(done) { - const url = '/metrics/templates/789' - async.series( - [ - this.user.ensureAdmin.bind(this.user), - this.user.login.bind(this.user), - expectAccess(this.user, url, 404) - ], - done - ) - }) - }) - - describe('graph', function() { - describe('admin', function() { - it('allow admins only', function(done) { - const url = '/graphs/foo?resource_type=admin' - async.series( - [ - this.user.login.bind(this.user), - expectAccess(this.user, url, 403), - this.user.ensureAdmin.bind(this.user), - this.user.login.bind(this.user), - expectAccess(this.user, url, 200) - ], - done - ) - }) - - it('handle missing resource type', function(done) { - const url = '/graphs/foo' - expectAccess(this.user, url, 404)(done) - }) - - it('handle incorrect resource type', function(done) { - const url = '/graphs/foo?resource_type=evil' - expectAccess(this.user, url, 404)(done) - }) - }) - - describe('template', function() { - beforeEach(function(done) { - this.publisher = new Publisher({}) - async.series( - [ - this.publisher.ensureExists.bind(this.publisher), - cb => this.user.login(cb) - ], - done - ) - }) - - it('get template graphs', function(done) { - MockV1Api.setTemplates({ - 123: { - id: 123, - title: '123 title', - brand: { slug: this.publisher.slug } - } - }) - const url = '/graphs/foo?resource_type=template&resource_id=123' - async.series( - [ - this.user.ensureAdmin.bind(this.user), - this.user.login.bind(this.user), - expectAccess(this.user, url, 200) - ], - done - ) - }) - }) - }) - - describe('admin metrics', function() { - it('should not allow anonymous users', function(done) { - expectAccess(this.user, '/metrics/admin', 302, /\/login/)(done) - }) - - it('should not allow all users', function(done) { - async.series( - [ - this.user.login.bind(this.user), - expectAccess(this.user, '/metrics/admin', 403) - ], - done - ) - }) - - it('should allow admin users', function(done) { - async.series( - [ - this.user.ensureAdmin.bind(this.user), - this.user.login.bind(this.user), - expectAccess(this.user, '/metrics/admin', 200) - ], - done - ) - }) - - it('should allow users with staff access', function(done) { - async.series( - [ - cb => this.user.ensureStaffAccess('adminMetrics', cb), - this.user.login.bind(this.user), - expectAccess(this.user, '/metrics/admin', 200) - ], - done - ) - }) - }) }) function expectAccess(user, url, status, pattern) {