added some tests for file express route, also added objectID to thumbnail files
This commit is contained in:
@@ -28,6 +28,7 @@ import Folder, { FolderInterface } from "../../models/folder";
|
||||
import addToStoageSize from "./utils/addToStorageSize";
|
||||
import subtractFromStorageSize from "./utils/subtractFromStorageSize";
|
||||
import ForbiddenError from "../../utils/ForbiddenError";
|
||||
import { ObjectID } from "mongodb";
|
||||
const StreamSkip = require("stream-skip");
|
||||
|
||||
const dbUtilsFile = new DbUtilFile();
|
||||
@@ -209,7 +210,7 @@ class FileSystemService implements ChunkInterface {
|
||||
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const thumbnail = await Thumbnail.findById(id) as ThumbnailInterface;
|
||||
const thumbnail = await Thumbnail.findById(new ObjectID(id)) as ThumbnailInterface;
|
||||
|
||||
if (thumbnail.owner !== user._id.toString()) {
|
||||
|
||||
|
||||
@@ -189,7 +189,7 @@ class MongoService implements ChunkInterface {
|
||||
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const thumbnail = await Thumbnail.findById(id) as ThumbnailInterface;
|
||||
const thumbnail = await Thumbnail.findById(new ObjectID(id)) as ThumbnailInterface;
|
||||
|
||||
if (thumbnail.owner !== user._id.toString()) {
|
||||
|
||||
|
||||
@@ -27,6 +27,7 @@ import s3Auth from "../../db/S3Personal";
|
||||
import addToStoageSize from "./utils/addToStorageSize";
|
||||
import subtractFromStorageSize from "./utils/subtractFromStorageSize";
|
||||
import ForbiddenError from "../../utils/ForbiddenError";
|
||||
import { ObjectID } from "mongodb";
|
||||
|
||||
const dbUtilsFile = new DbUtilFile();
|
||||
|
||||
@@ -369,7 +370,7 @@ class S3Service implements ChunkInterface {
|
||||
|
||||
if (!password) throw new ForbiddenError("Invalid Encryption Key")
|
||||
|
||||
const thumbnail = await Thumbnail.findById(id) as ThumbnailInterface;
|
||||
const thumbnail = await Thumbnail.findById(new ObjectID(id)) as ThumbnailInterface;
|
||||
|
||||
if (thumbnail.owner !== user._id.toString()) {
|
||||
|
||||
|
||||
@@ -50,7 +50,7 @@ const createThumbnail = (file: FileInterface, filename: string, user: UserInterf
|
||||
await thumbnailModel.save();
|
||||
|
||||
const getUpdatedFile = await conn.db.collection("fs.files")
|
||||
.findOneAndUpdate({"_id": file._id}, {"$set": {"metadata.hasThumbnail": true, "metadata.thumbnailID": thumbnailModel._id}})
|
||||
.findOneAndUpdate({"_id": new ObjectID(file._id)}, {"$set": {"metadata.hasThumbnail": true, "metadata.thumbnailID": thumbnailModel._id}})
|
||||
|
||||
let updatedFile: FileInterface = getUpdatedFile.value;
|
||||
|
||||
|
||||
@@ -0,0 +1,663 @@
|
||||
import User from "../../dist/models/user";
|
||||
import mongoose from "../../dist/db/mongoose";
|
||||
const conn = mongoose.connection;
|
||||
const createUser = require("../fixtures/createUser");
|
||||
const createUser2 = require("../fixtures/createUser2");
|
||||
const createFile = require("../fixtures/createFile");
|
||||
const crypto = require("crypto");
|
||||
const path = require("path");
|
||||
import env from "../../dist/enviroment/env";
|
||||
import createThumbnail from "../../dist/services/ChunkService/utils/createThumbailAny";
|
||||
const request = require("supertest");
|
||||
const jwt = require("jsonwebtoken");
|
||||
const ObjectID = require('mongodb').ObjectID
|
||||
import servers from "../../dist/server/server";
|
||||
import Folder from "../../dist/models/folder";
|
||||
const temp = require("temp").track();
|
||||
const binaryPhraser = require("superagent-binary-parser");
|
||||
const session = require("supertest-session");
|
||||
const loginUser = require("../fixtures/loginUser");
|
||||
const createUserNotEmailVerified = require("../fixtures/createUserNotEmailVerified");
|
||||
|
||||
const {server, serverHttps} = servers;
|
||||
|
||||
const app = server;
|
||||
|
||||
let user;
|
||||
let user2;
|
||||
let userData;
|
||||
let userData2;
|
||||
let file;
|
||||
|
||||
process.env.KEY = "1234";
|
||||
env.key = "1234";
|
||||
|
||||
|
||||
const waitForDatabase = () => {
|
||||
|
||||
return new Promise((resolve, reject) => {
|
||||
|
||||
if (conn.readyState !== 1) {
|
||||
|
||||
conn.once("open", () => {
|
||||
|
||||
resolve();
|
||||
|
||||
})
|
||||
|
||||
} else {
|
||||
|
||||
resolve();
|
||||
}
|
||||
|
||||
})
|
||||
}
|
||||
|
||||
beforeEach(async(done) => {
|
||||
|
||||
await waitForDatabase();
|
||||
|
||||
const initVect = crypto.randomBytes(16);
|
||||
|
||||
const {user: gotUser, userData: gotUserData} = await createUser();
|
||||
user = gotUser;
|
||||
userData = gotUserData;
|
||||
|
||||
const {user: gotUser2, userData: gotUserData2} = await createUser2();
|
||||
user2 = gotUser2;
|
||||
userData2 = gotUserData2;
|
||||
|
||||
const filename = "bunny.png";
|
||||
const filepath = path.join(__dirname, "../fixtures/media/folder.png")
|
||||
const metadata = {
|
||||
owner: user._id,
|
||||
parent: "/",
|
||||
parentList: "/",
|
||||
"IV": initVect,
|
||||
// filePath: filepath
|
||||
}
|
||||
|
||||
file = await createFile(filename, filepath, metadata, user);
|
||||
|
||||
done();
|
||||
|
||||
})
|
||||
|
||||
afterEach(async(done) => {
|
||||
|
||||
console.log("After each")
|
||||
|
||||
//const gfs = Grid(conn.db, mongoose.mongo);
|
||||
let bucket = new mongoose.mongo.GridFSBucket(conn.db);
|
||||
|
||||
await User.deleteMany({});
|
||||
|
||||
const allFiles = await conn.db.collection("fs.files").find({}).toArray();
|
||||
|
||||
for (let i = 0; i < allFiles.length; i++) {
|
||||
|
||||
const currentFileID = allFiles[i]._id;
|
||||
await bucket.delete(ObjectID(currentFileID));
|
||||
}
|
||||
|
||||
done();
|
||||
})
|
||||
|
||||
test("When giving ID, should send thumbnail data", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData);
|
||||
|
||||
const thumbnailFile = await createThumbnail(file, file.filename, user);
|
||||
const thumbnailID = thumbnailFile.metadata.thumbnailID;
|
||||
|
||||
const response = await appSession
|
||||
.get(`/file-service/thumbnail/${thumbnailID}`)
|
||||
.send()
|
||||
.expect(200);
|
||||
|
||||
expect(response.body.length).not.toBe(0);
|
||||
})
|
||||
|
||||
test("When giving no authorization for thumbnail data, should return error", async() => {
|
||||
|
||||
const thumbnailFile = await createThumbnail(file, file.filename, user);
|
||||
const thumbnailID = thumbnailFile.metadata.thumbnailID;
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/thumbnail/${thumbnailID}`)
|
||||
.send()
|
||||
.expect(401);
|
||||
|
||||
expect(response.body).toEqual({});
|
||||
})
|
||||
|
||||
test("When giving wrong auth data for thumbnail, should return 403 error", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData);
|
||||
|
||||
const thumbnailFile = await createThumbnail(file, file.filename, user);
|
||||
const thumbnailID = thumbnailFile.metadata.thumbnailID;
|
||||
|
||||
const appSession2 = session(app);
|
||||
await loginUser(appSession2, userData2);
|
||||
|
||||
const response = await appSession2
|
||||
.get(`/file-service/thumbnail/${thumbnailID}`)
|
||||
.send()
|
||||
.expect(403);
|
||||
|
||||
expect(response.body).toEqual({});
|
||||
})
|
||||
|
||||
test("When not email verified should not get thumbnail data, and return 401", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
const {userData: userData3, user: user3} = await createUserNotEmailVerified();
|
||||
await loginUser(appSession, userData3);
|
||||
|
||||
const thumbnailFile = await createThumbnail(file, file.filename, user3);
|
||||
const thumbnailID = thumbnailFile.metadata.thumbnailID;
|
||||
|
||||
const response = await appSession
|
||||
.get(`/file-service/thumbnail/${thumbnailID}`)
|
||||
.send()
|
||||
.expect(401);
|
||||
|
||||
expect(response.body).toEqual({});
|
||||
})
|
||||
|
||||
test("When not email verified but email verification disabled should get thumbnail data", async() => {
|
||||
|
||||
env.disableEmailVerification = true;
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
const {userData: userData3, user: user3} = await createUserNotEmailVerified();
|
||||
await loginUser(appSession, userData3);
|
||||
|
||||
const initVect = crypto.randomBytes(16);
|
||||
const filename = "bunny.png";
|
||||
const filepath = path.join(__dirname, "../fixtures/media/folder.png")
|
||||
const metadata = {
|
||||
owner: user3._id,
|
||||
parent: "/",
|
||||
parentList: "/",
|
||||
"IV": initVect,
|
||||
}
|
||||
|
||||
const file2 = await createFile(filename, filepath, metadata, user3);
|
||||
|
||||
const thumbnailFile = await createThumbnail(file2, file2.filename, user3);
|
||||
const thumbnailID = thumbnailFile.metadata.thumbnailID;
|
||||
|
||||
const response = await appSession
|
||||
.get(`/file-service/thumbnail/${thumbnailID}`)
|
||||
.send()
|
||||
.expect(200);
|
||||
|
||||
expect(response.body.length).not.toBe(0);
|
||||
|
||||
env.disableEmailVerification = undefined;
|
||||
})
|
||||
|
||||
test("When trying to create thumbnail from others users file should not return thumbnail", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData2);
|
||||
|
||||
const thumbnailFile = await createThumbnail(file, file.filename, user2);
|
||||
const thumbnailID = thumbnailFile.metadata.thumbnailID;
|
||||
|
||||
expect(thumbnailID).toEqual(undefined)
|
||||
})
|
||||
// // Needs Work, cannot phrase binary data?
|
||||
|
||||
// // test("When giving public ID, should return public file download", async() => {
|
||||
|
||||
// // const userID = user._id;
|
||||
// // const fileID = file._id.toString();
|
||||
// // const token = jwt.sign({_id: userID.toString()}, env.password);
|
||||
// // await conn.db.collection("fs.files")
|
||||
// // .findOneAndUpdate({"_id": ObjectID(fileID),
|
||||
// // "metadata.owner": userID},
|
||||
// // {"$set": {"metadata.linkType": "public", "metadata.link": token}})
|
||||
|
||||
// // const response = await request(app)
|
||||
// // .get(`/file-service/public/download/${fileID}`)
|
||||
// // .parse(binaryPhraser)
|
||||
// // .buffer()
|
||||
// // .end();
|
||||
|
||||
|
||||
// // //expect(response.body._id).toEqual(fileID);
|
||||
|
||||
// // // console.log("public", token.token);
|
||||
|
||||
// // // const url = "/file-service/public/download/" + fileID;
|
||||
// // // console.log("url", url);
|
||||
// // // const response = await request(app).get(url)
|
||||
// // // .set("Authorization", `Bearer ${userToken}`)
|
||||
// // // .set('content-type', 'application/octet-stream')
|
||||
// // // .send()
|
||||
// // // .expect(203)
|
||||
|
||||
// // // const writeStream = temp.createWriteStream();
|
||||
|
||||
// // //response.pipe(writeStream);
|
||||
// // })
|
||||
|
||||
test("When giving public id, should return public info", async() => {
|
||||
|
||||
const userID = user._id;
|
||||
const fileID = file._id.toString();
|
||||
const token = jwt.sign({_id: userID.toString()}, env.password).toString();
|
||||
await conn.db.collection("fs.files")
|
||||
.findOneAndUpdate({"_id": ObjectID(fileID),
|
||||
"metadata.owner": userID},
|
||||
{"$set": {"metadata.linkType": "public", "metadata.link": token}})
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/public/info/${fileID}/${token}`)
|
||||
.send()
|
||||
.expect(200);
|
||||
|
||||
expect(response.body._id).toEqual(fileID);
|
||||
})
|
||||
|
||||
test("When giving ID for non public file, should return 404 error", async() => {
|
||||
|
||||
const userID = user._id;
|
||||
const fileID = file._id.toString();
|
||||
const token = jwt.sign({_id: userID.toString()}, env.password).toString();
|
||||
const response = await request(app)
|
||||
.get(`/file-service/public/info/${fileID}/${token}`)
|
||||
.send()
|
||||
.expect(404);
|
||||
|
||||
expect(response.data).toBe(undefined);
|
||||
})
|
||||
|
||||
test("When giving fileID, should return file info", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData);
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
const response = await appSession
|
||||
.get(`/file-service/info/${fileID}`)
|
||||
.send()
|
||||
.expect(200);
|
||||
|
||||
expect(response.body._id).toEqual(fileID.toString());
|
||||
})
|
||||
|
||||
test("When not authorized for file info, should return 401 error", async() => {
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/info/${fileID}`)
|
||||
.send()
|
||||
.expect(401);
|
||||
|
||||
expect(response.body).toEqual({});
|
||||
})
|
||||
|
||||
test("When giving wrong auth token for file info, should return 404 error", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData2);
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
const response = await appSession
|
||||
.get(`/file-service/info/${fileID}`)
|
||||
.send()
|
||||
.expect(404);
|
||||
|
||||
expect(response.body).toEqual({});
|
||||
})
|
||||
|
||||
test("When giving the wrong tempToken for public file info, should return 404 error", async() => {
|
||||
|
||||
const userID = user._id;
|
||||
const fileID = file._id.toString();
|
||||
const token = jwt.sign({_id: userID.toString()}, env.password).toString();
|
||||
const wrongToken = "12345"
|
||||
await conn.db.collection("fs.files")
|
||||
.findOneAndUpdate({"_id": ObjectID(fileID),
|
||||
"metadata.owner": userID},
|
||||
{"$set": {"metadata.linkType": "public", "metadata.link": token}})
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/public/info/${fileID}/${wrongToken}`)
|
||||
.send()
|
||||
.expect(404);
|
||||
|
||||
expect(response.body).toEqual({});
|
||||
})
|
||||
|
||||
test("When giving authorization, should get user quicklist", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData);
|
||||
|
||||
const response = await appSession
|
||||
.get(`/file-service/quick-list`)
|
||||
.send()
|
||||
.expect(200);
|
||||
|
||||
expect(response.body.length).toBe(1);
|
||||
})
|
||||
|
||||
test("When giving no authoization for quicklist, should return 401 error", async() => {
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/quick-list`)
|
||||
.send()
|
||||
.expect(401);
|
||||
|
||||
expect(response.body).toEqual({});
|
||||
})
|
||||
|
||||
test("When giving default query, should return file list", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData);
|
||||
|
||||
const response = await appSession
|
||||
.get(`/file-service/list`)
|
||||
.send({})
|
||||
.expect(200);
|
||||
|
||||
expect(response.body.length).toBe(1);
|
||||
})
|
||||
|
||||
test("When giving no authoization for file list, should return 401 error", async() => {
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/list`)
|
||||
.send({})
|
||||
.expect(401);
|
||||
|
||||
expect(response.body).toEqual({});
|
||||
})
|
||||
|
||||
test("When giving wrong auth for list, should return empty list", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData2);
|
||||
|
||||
const response = await appSession
|
||||
.get(`/file-service/list`)
|
||||
.send({})
|
||||
.expect(200);
|
||||
|
||||
expect(response.body.length).toBe(0);
|
||||
})
|
||||
|
||||
test("When authorized should get video cookie", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData);
|
||||
|
||||
await appSession
|
||||
.get(`/file-service/list`)
|
||||
.send("/file-service/download/access-token-stream-video")
|
||||
.expect(200);
|
||||
})
|
||||
|
||||
test("When not authorized should not get video token and return 401 error", async() => {
|
||||
|
||||
await request(app)
|
||||
.get(`/file-service/list`)
|
||||
.send("/file-service/download/access-token-stream-video")
|
||||
.expect(401);
|
||||
})
|
||||
|
||||
test("When authorized should return suggested list", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData);
|
||||
|
||||
await appSession
|
||||
.get(`/file-service/suggested-list`)
|
||||
.send()
|
||||
.expect(200);
|
||||
})
|
||||
|
||||
test("When not authorized should not return suggested list", async() => {
|
||||
|
||||
const response =await request(app)
|
||||
.get(`/file-service/suggested-list`)
|
||||
.send()
|
||||
.expect(401);
|
||||
|
||||
expect(response.body).toEqual({});
|
||||
})
|
||||
|
||||
test("When giving fileID and title, should rename file", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData);
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
await appSession
|
||||
.patch(`/file-service/rename`)
|
||||
.send({
|
||||
id: fileID,
|
||||
title: "new name"
|
||||
})
|
||||
.expect(200);
|
||||
})
|
||||
|
||||
test("When not authoized for rename file, should return 401 error", async() => {
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
await request(app)
|
||||
.patch(`/file-service/rename`)
|
||||
.send({
|
||||
id: fileID,
|
||||
title: "new name"
|
||||
})
|
||||
.expect(401);
|
||||
})
|
||||
|
||||
test("When giving wrong authorization token for rename file, should return 404 error", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData2);
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
await appSession
|
||||
.patch(`/file-service/rename`)
|
||||
.send({
|
||||
id: fileID,
|
||||
title: "new name"
|
||||
})
|
||||
.expect(404);
|
||||
})
|
||||
|
||||
test("When giving fileID and parent, should move file", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData);
|
||||
|
||||
const fileID = file._id;
|
||||
const userID = user._id;
|
||||
|
||||
const folder = new Folder({
|
||||
owner: userID,
|
||||
name: "folder",
|
||||
parent: "/",
|
||||
parentList: ["/"]
|
||||
})
|
||||
|
||||
await folder.save();
|
||||
|
||||
const folderID = folder._id;
|
||||
|
||||
await appSession
|
||||
.patch(`/file-service/move`)
|
||||
.send({
|
||||
id: fileID,
|
||||
parent: folderID
|
||||
})
|
||||
.expect(200);
|
||||
})
|
||||
|
||||
test("When not authorized should not move file and return 401", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
const fileID = file._id;
|
||||
const userID = user._id;
|
||||
|
||||
const folder = new Folder({
|
||||
owner: userID,
|
||||
name: "folder",
|
||||
parent: "/",
|
||||
parentList: ["/"]
|
||||
})
|
||||
|
||||
await folder.save();
|
||||
|
||||
const folderID = folder._id;
|
||||
|
||||
await appSession
|
||||
.patch(`/file-service/move`)
|
||||
.send({
|
||||
id: fileID,
|
||||
parent: folderID
|
||||
})
|
||||
.expect(401);
|
||||
})
|
||||
|
||||
test("When giving wrong authorization should not move file and return 404", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData2);
|
||||
|
||||
const fileID = file._id;
|
||||
const userID = user._id;
|
||||
|
||||
const folder = new Folder({
|
||||
owner: userID,
|
||||
name: "folder",
|
||||
parent: "/",
|
||||
parentList: ["/"]
|
||||
})
|
||||
|
||||
await folder.save();
|
||||
|
||||
const folderID = folder._id;
|
||||
|
||||
await appSession
|
||||
.patch(`/file-service/move`)
|
||||
.send({
|
||||
id: fileID,
|
||||
parent: folderID
|
||||
})
|
||||
.expect(404);
|
||||
|
||||
})
|
||||
|
||||
test("When giving a parentID that does not exist, should return 404 error", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData);
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
await appSession
|
||||
.patch(`/file-service/move`)
|
||||
.send({
|
||||
id: fileID,
|
||||
parent: "123456789012"
|
||||
})
|
||||
.expect(404);
|
||||
})
|
||||
|
||||
test("When giving fileID should remove file", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData);
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
await appSession
|
||||
.delete(`/file-service/remove`)
|
||||
.send({
|
||||
id: fileID,
|
||||
})
|
||||
.expect(200);
|
||||
})
|
||||
|
||||
test("When giving fileID that does not exist for remove file, should return 404 error", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData);
|
||||
|
||||
const fileID = "123456789012";
|
||||
|
||||
await appSession
|
||||
.delete(`/file-service/remove`)
|
||||
.send({
|
||||
id: fileID,
|
||||
})
|
||||
.expect(404);
|
||||
})
|
||||
|
||||
test("When not authorized should not remove file and return 401", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
await appSession
|
||||
.delete(`/file-service/remove`)
|
||||
.send({
|
||||
id: fileID,
|
||||
})
|
||||
.expect(401);
|
||||
})
|
||||
|
||||
test("When giving wrong authorization should not remove file and return 404", async() => {
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
await loginUser(appSession, userData2);
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
await appSession
|
||||
.delete(`/file-service/remove`)
|
||||
.send({
|
||||
id: fileID,
|
||||
})
|
||||
.expect(404);
|
||||
})
|
||||
@@ -1,576 +0,0 @@
|
||||
import User from "../../dist/models/user";
|
||||
import mongoose from "../../dist/db/mongoose";
|
||||
const conn = mongoose.connection;
|
||||
const createUser = require("../fixtures/createUser");
|
||||
const createUser2 = require("../fixtures/createUser2");
|
||||
const createFile = require("../fixtures/createFile");
|
||||
const crypto = require("crypto");
|
||||
const path = require("path");
|
||||
import env from "../../dist/enviroment/env";
|
||||
import createThumbnail from "../../dist/services/ChunkService/utils/createThumbnail";
|
||||
const request = require("supertest");
|
||||
const jwt = require("jsonwebtoken");
|
||||
const ObjectID = require('mongodb').ObjectID
|
||||
import servers from "../../dist/server/server";
|
||||
import Folder from "../../dist/models/folder";
|
||||
const temp = require("temp").track();
|
||||
const binaryPhraser = require("superagent-binary-parser");
|
||||
|
||||
const {server, serverHttps} = servers;
|
||||
|
||||
const app = server;
|
||||
|
||||
let user;
|
||||
let userToken;
|
||||
let user2;
|
||||
let userToken2;
|
||||
let file;
|
||||
|
||||
process.env.KEY = "1234";
|
||||
env.key = "1234";
|
||||
|
||||
|
||||
beforeEach(async(done) => {
|
||||
|
||||
if (conn.readyState === 0) {
|
||||
|
||||
conn.once("open", async() => {
|
||||
|
||||
|
||||
const initVect = crypto.randomBytes(16);
|
||||
|
||||
// user = await createUser();
|
||||
// userToken = user.tokens[0].token;
|
||||
const {user: gotUser, token: gotToken} = await createUser();
|
||||
user = gotUser;
|
||||
userToken = gotToken;
|
||||
|
||||
// user2 = await createUser2();
|
||||
// userToken2 = user2.tokens[0].token;
|
||||
const {user: gotUser2, token: gotToken2} = await createUser2();
|
||||
user2 = gotUser2;
|
||||
userToken2 = gotToken2;
|
||||
|
||||
const filename = "bunny.png";
|
||||
const filepath = path.join(__dirname, "../fixtures/media/check.svg")
|
||||
const metadata = {
|
||||
owner: user._id,
|
||||
parent: "/",
|
||||
parentList: "/",
|
||||
"IV": initVect
|
||||
}
|
||||
|
||||
file = await createFile(filename, filepath, metadata, user);
|
||||
|
||||
done();
|
||||
|
||||
})
|
||||
|
||||
} else {
|
||||
|
||||
const initVect = crypto.randomBytes(16);
|
||||
|
||||
// user = await createUser();
|
||||
// userToken = user.tokens[0].token;
|
||||
const {user: gotUser, token: gotToken} = await createUser();
|
||||
user = gotUser;
|
||||
userToken = gotToken;
|
||||
|
||||
// user2 = await createUser2();
|
||||
// userToken2 = user2.tokens[0].token;
|
||||
const {user: gotUser2, token: gotToken2} = await createUser2();
|
||||
user2 = gotUser2;
|
||||
userToken2 = gotToken2;
|
||||
|
||||
// user = await createUser();
|
||||
// userToken = user.tokens[0].token;
|
||||
|
||||
// user2 = await createUser2();
|
||||
// userToken2 = user2.tokens[0].token;
|
||||
|
||||
const filename = "bunny.png";
|
||||
const filepath = path.join(__dirname, "../fixtures/media/check.svg")
|
||||
const metadata = {
|
||||
owner: user._id,
|
||||
parent: "/",
|
||||
parentList: "/",
|
||||
"IV": initVect
|
||||
}
|
||||
|
||||
file = await createFile(filename, filepath, metadata, user);
|
||||
|
||||
done();
|
||||
}
|
||||
|
||||
})
|
||||
|
||||
afterEach(async(done) => {
|
||||
|
||||
console.log("After each")
|
||||
|
||||
//const gfs = Grid(conn.db, mongoose.mongo);
|
||||
let bucket = new mongoose.mongo.GridFSBucket(conn.db);
|
||||
|
||||
await User.deleteMany({});
|
||||
|
||||
const allFiles = await conn.db.collection("fs.files").find({}).toArray();
|
||||
|
||||
for (let i = 0; i < allFiles.length; i++) {
|
||||
|
||||
const currentFileID = allFiles[i]._id;
|
||||
await bucket.delete(ObjectID(currentFileID));
|
||||
}
|
||||
|
||||
done();
|
||||
})
|
||||
|
||||
// To-do maybe
|
||||
|
||||
// test("When giving user, should send transcoded video response", async() => {
|
||||
|
||||
// const response = await request(app)
|
||||
// .post(`/file-service/transcode-video`)
|
||||
// .set("Authorization", `Bearer ${userToken}`)
|
||||
// .send({file})
|
||||
// .expect(200);
|
||||
|
||||
// console.log("response", response.body);
|
||||
// })
|
||||
|
||||
// test("When giving wrong user for transcode video, should return 401 error", async() => {
|
||||
|
||||
// const user2 = await createUser2();
|
||||
// const userToken2 = user2.tokens[0].token;
|
||||
|
||||
// await request(app)
|
||||
// .get(`/file-service/transcode-video`)
|
||||
// .set("Authorization", `Bearer ${userToken2}`)
|
||||
// .send(user)
|
||||
// .expect(401);
|
||||
// })
|
||||
|
||||
test("When giving ID, should send thumbnail data", async() => {
|
||||
|
||||
const thumbnailFile = await createThumbnail(file, file.filename, user);
|
||||
const thumbnailID = thumbnailFile.metadata.thumbnailID;
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/thumbnail/${thumbnailID}`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send()
|
||||
.expect(200);
|
||||
|
||||
expect(response.body.length).not.toBe(0);
|
||||
})
|
||||
|
||||
test("When giving no authorization for thumbnail data, should return error", async() => {
|
||||
|
||||
const thumbnailFile = await createThumbnail(file, file.filename, user);
|
||||
const thumbnailID = thumbnailFile.metadata.thumbnailID;
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/thumbnail/${thumbnailID}`)
|
||||
.send()
|
||||
.expect(401);
|
||||
|
||||
expect(response.body).toEqual({
|
||||
"error": "Error Authenticating",
|
||||
});
|
||||
})
|
||||
|
||||
test("When giving wrong auth data for thumbnail, should return 401 error", async() => {
|
||||
|
||||
|
||||
const thumbnailFile = await createThumbnail(file, file.filename, user);
|
||||
const thumbnailID = thumbnailFile.metadata.thumbnailID;
|
||||
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/thumbnail/${thumbnailID}`)
|
||||
.set("Authorization", `Bearer ${userToken2}`)
|
||||
.send()
|
||||
.expect(401);
|
||||
|
||||
expect(response.body).toEqual({});
|
||||
})
|
||||
|
||||
|
||||
// Needs Work, cannot phrase binary data?
|
||||
|
||||
// test("When giving public ID, should return public file download", async() => {
|
||||
|
||||
// const userID = user._id;
|
||||
// const fileID = file._id.toString();
|
||||
// const token = jwt.sign({_id: userID.toString()}, env.password);
|
||||
// await conn.db.collection("fs.files")
|
||||
// .findOneAndUpdate({"_id": ObjectID(fileID),
|
||||
// "metadata.owner": userID},
|
||||
// {"$set": {"metadata.linkType": "public", "metadata.link": token}})
|
||||
|
||||
// const response = await request(app)
|
||||
// .get(`/file-service/public/download/${fileID}`)
|
||||
// .parse(binaryPhraser)
|
||||
// .buffer()
|
||||
// .end();
|
||||
|
||||
|
||||
// //expect(response.body._id).toEqual(fileID);
|
||||
|
||||
// // console.log("public", token.token);
|
||||
|
||||
// // const url = "/file-service/public/download/" + fileID;
|
||||
// // console.log("url", url);
|
||||
// // const response = await request(app).get(url)
|
||||
// // .set("Authorization", `Bearer ${userToken}`)
|
||||
// // .set('content-type', 'application/octet-stream')
|
||||
// // .send()
|
||||
// // .expect(203)
|
||||
|
||||
// // const writeStream = temp.createWriteStream();
|
||||
|
||||
// //response.pipe(writeStream);
|
||||
// })
|
||||
|
||||
test("When giving public id, should return public info", async() => {
|
||||
|
||||
const userID = user._id;
|
||||
const fileID = file._id.toString();
|
||||
const token = jwt.sign({_id: userID.toString()}, env.password).toString();
|
||||
await conn.db.collection("fs.files")
|
||||
.findOneAndUpdate({"_id": ObjectID(fileID),
|
||||
"metadata.owner": userID},
|
||||
{"$set": {"metadata.linkType": "public", "metadata.link": token}})
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/public/info/${fileID}/${token}`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send()
|
||||
.expect(200);
|
||||
|
||||
expect(response.body._id).toEqual(fileID);
|
||||
})
|
||||
|
||||
test("When giving ID for non public file, should return 404 error", async() => {
|
||||
|
||||
const userID = user._id;
|
||||
const fileID = file._id.toString();
|
||||
const token = jwt.sign({_id: userID.toString()}, env.password).toString();
|
||||
const response = await request(app)
|
||||
.get(`/file-service/public/info/${fileID}/${token}`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send()
|
||||
.expect(404);
|
||||
|
||||
expect(response.data).toBe(undefined);
|
||||
})
|
||||
|
||||
test("When giving fileID, should return file info", async() => {
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/info/${fileID}`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send()
|
||||
.expect(200);
|
||||
|
||||
expect(response.body._id).toEqual(fileID.toString());
|
||||
})
|
||||
|
||||
test("When not authorized for file info, should return 401 error", async() => {
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/info/${fileID}`)
|
||||
.send()
|
||||
.expect(401);
|
||||
|
||||
expect(response.body).toEqual({
|
||||
"error": "Error Authenticating",
|
||||
});
|
||||
})
|
||||
|
||||
test("When giving wrong auth token for file info, should return 404 error", async() => {
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/info/${fileID}`)
|
||||
.set("Authorization", `Bearer ${userToken2}`)
|
||||
.send()
|
||||
.expect(404);
|
||||
|
||||
expect(response.body).toEqual({});
|
||||
})
|
||||
|
||||
test("When giving the wrong tempToken for public file info, should return 404 error", async() => {
|
||||
|
||||
const userID = user._id;
|
||||
const fileID = file._id.toString();
|
||||
const token = jwt.sign({_id: userID.toString()}, env.password).toString();
|
||||
const wrongToken = "12345"
|
||||
await conn.db.collection("fs.files")
|
||||
.findOneAndUpdate({"_id": ObjectID(fileID),
|
||||
"metadata.owner": userID},
|
||||
{"$set": {"metadata.linkType": "public", "metadata.link": token}})
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/public/info/${fileID}/${wrongToken}`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send()
|
||||
.expect(404);
|
||||
|
||||
expect(response.body).toEqual({});
|
||||
})
|
||||
|
||||
test("When giving authorization, should get user quicklist", async() => {
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/quick-list`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send()
|
||||
.expect(200);
|
||||
|
||||
expect(response.body.length).toBe(1);
|
||||
})
|
||||
|
||||
test("When giving no authoization for quicklist, should return 401 error", async() => {
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/quick-list`)
|
||||
.send()
|
||||
.expect(401);
|
||||
|
||||
expect(response.body).toEqual({
|
||||
"error": "Error Authenticating",
|
||||
});
|
||||
})
|
||||
|
||||
test("When giving default query, should return file list", async() => {
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/list`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send({})
|
||||
.expect(200);
|
||||
|
||||
expect(response.body.length).toBe(1);
|
||||
})
|
||||
|
||||
test("When giving no authoization for file list, should return 401 error", async() => {
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/list`)
|
||||
.send({})
|
||||
.expect(401);
|
||||
|
||||
expect(response.body).toEqual({
|
||||
"error": "Error Authenticating",
|
||||
});
|
||||
})
|
||||
|
||||
test("When giving wrong auth for list, should return empty list", async() => {
|
||||
|
||||
const response = await request(app)
|
||||
.get(`/file-service/list`)
|
||||
.set("Authorization", `Bearer ${userToken2}`)
|
||||
.send({})
|
||||
.expect(200);
|
||||
|
||||
expect(response.body.length).toBe(0);
|
||||
})
|
||||
|
||||
test("When autheniticated should generate download token", async() => {
|
||||
|
||||
await request(app)
|
||||
.get(`/file-service/download/get-token`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send()
|
||||
.expect(200);
|
||||
})
|
||||
|
||||
test("When not authenticated, should not generate download token", async() => {
|
||||
|
||||
await request(app)
|
||||
.get(`/file-service/download/get-token`)
|
||||
.send()
|
||||
.expect(401);
|
||||
})
|
||||
|
||||
test("When authenticated and cookie should generate video token", async() => {
|
||||
|
||||
await request(app)
|
||||
.get(`/file-service/download/get-token-video`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.set("uuid", 1234)
|
||||
.send()
|
||||
.expect(200);
|
||||
})
|
||||
|
||||
test("When not authenticated, should not generate video token", async() => {
|
||||
|
||||
await request(app)
|
||||
.get(`/file-service/download/get-token-video`)
|
||||
.set("uuid", 1234)
|
||||
.send()
|
||||
.expect(401);
|
||||
})
|
||||
|
||||
test("When not giving a Cookie, should not generate video token", async() => {
|
||||
|
||||
await request(app)
|
||||
.get(`/file-service/download/get-token-video`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send()
|
||||
.expect(401);
|
||||
})
|
||||
|
||||
test("When giving tempToken, should remove temp token", async() => {
|
||||
|
||||
const token = await request(app)
|
||||
.get(`/file-service/download/get-token-video`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.set("uuid", 1234)
|
||||
.send()
|
||||
.expect(200);
|
||||
|
||||
const tempToken = token.body.tempToken;
|
||||
|
||||
await request(app)
|
||||
.delete(`/file-service/remove/token-video/${tempToken}/1234`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send()
|
||||
.expect(200);
|
||||
})
|
||||
|
||||
test("When not authorized, should not remove temp token", async() => {
|
||||
|
||||
const token = await request(app)
|
||||
.get(`/file-service/download/get-token-video`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.set("uuid", 1234)
|
||||
.send()
|
||||
.expect(200);
|
||||
|
||||
const tempToken = token.body.tempToken;
|
||||
|
||||
await request(app)
|
||||
.delete(`/file-service/remove/token-video/${tempToken}/1234`)
|
||||
.send()
|
||||
.expect(401);
|
||||
})
|
||||
|
||||
test("When authorized should return suggested list", async() => {
|
||||
|
||||
await request(app)
|
||||
.get(`/file-service/suggested-list`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send()
|
||||
.expect(200);
|
||||
})
|
||||
|
||||
test("When not authorized should not return suggested list", async() => {
|
||||
|
||||
const response =await request(app)
|
||||
.get(`/file-service/suggested-list`)
|
||||
.send()
|
||||
.expect(401);
|
||||
|
||||
expect(response.body).toEqual({
|
||||
"error": "Error Authenticating",
|
||||
});
|
||||
})
|
||||
|
||||
test("When giving fileID and title, should rename file", async() => {
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
await request(app)
|
||||
.patch(`/file-service/rename`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send({
|
||||
id: fileID,
|
||||
title: "new name"
|
||||
})
|
||||
.expect(200);
|
||||
})
|
||||
|
||||
test("When not authoized for rename file, should return 401 error", async() => {
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
await request(app)
|
||||
.patch(`/file-service/rename`)
|
||||
.send({
|
||||
id: fileID,
|
||||
title: "new name"
|
||||
})
|
||||
.expect(401);
|
||||
})
|
||||
|
||||
test("When giving fileID and parent, should move file", async() => {
|
||||
|
||||
const fileID = file._id;
|
||||
const userID = user._id;
|
||||
|
||||
const folder = new Folder({
|
||||
owner: userID,
|
||||
name: "folder",
|
||||
parent: "/",
|
||||
parentList: ["/"]
|
||||
})
|
||||
|
||||
await folder.save();
|
||||
|
||||
const folderID = folder._id;
|
||||
|
||||
await request(app)
|
||||
.patch(`/file-service/move`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send({
|
||||
id: fileID,
|
||||
parent: folderID
|
||||
})
|
||||
.expect(200);
|
||||
})
|
||||
|
||||
test("When giving a parentID that does not exist, should return 500 error", async() => {
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
await request(app)
|
||||
.patch(`/file-service/move`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send({
|
||||
id: fileID,
|
||||
parent: "123456789012"
|
||||
})
|
||||
.expect(404);
|
||||
})
|
||||
|
||||
test("When giving fileID should remove file", async() => {
|
||||
|
||||
const fileID = file._id;
|
||||
|
||||
await request(app)
|
||||
.delete(`/file-service/remove`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send({
|
||||
id: fileID,
|
||||
})
|
||||
.expect(200);
|
||||
})
|
||||
|
||||
test("When giving fileID that does not exist for remove file, should return 404 error", async() => {
|
||||
|
||||
const fileID = "123456789012";
|
||||
|
||||
await request(app)
|
||||
.delete(`/file-service/remove`)
|
||||
.set("Authorization", `Bearer ${userToken}`)
|
||||
.send({
|
||||
id: fileID,
|
||||
})
|
||||
.expect(404);
|
||||
})
|
||||
@@ -295,6 +295,45 @@ test("When not email verified should not change password", async() => {
|
||||
.expect(401);
|
||||
})
|
||||
|
||||
test("When not email verified, but email verification disabled, should change password", async() => {
|
||||
|
||||
env.disableEmailVerification = true;
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
const {userData: userData2} = await createUserNotEmailVerified();
|
||||
await loginUser(appSession, userData2);
|
||||
|
||||
const oldPassword = "12345678";
|
||||
const newPassword = "987654321";
|
||||
|
||||
await appSession
|
||||
.post(`/user-service/change-password`)
|
||||
.send({
|
||||
oldPassword,
|
||||
newPassword
|
||||
})
|
||||
.expect(200);
|
||||
|
||||
await request(app)
|
||||
.post(`/user-service/login`)
|
||||
.send({
|
||||
email: userData2.email,
|
||||
password: oldPassword
|
||||
})
|
||||
.expect(500);
|
||||
|
||||
await request(app)
|
||||
.post(`/user-service/login`)
|
||||
.send({
|
||||
email: userData2.email,
|
||||
password: newPassword
|
||||
})
|
||||
.expect(200);
|
||||
|
||||
env.disableEmailVerification = undefined;
|
||||
})
|
||||
|
||||
test("When not giving email, should not create user", async() => {
|
||||
|
||||
await request(app)
|
||||
@@ -398,6 +437,37 @@ test("When not email verified should not get detailed user", async() => {
|
||||
await request(app).get("/user-service/user-detailed").send().expect(401);
|
||||
})
|
||||
|
||||
test("When not email verified but email verification disabled should get detailed user", async() => {
|
||||
|
||||
env.disableEmailVerification = true;
|
||||
|
||||
const appSession = session(app);
|
||||
|
||||
const {userData: userData2} = await createUserNotEmailVerified();
|
||||
await loginUser(appSession, userData2);
|
||||
|
||||
const response = await appSession.get("/user-service/user-detailed").send().expect(200);
|
||||
|
||||
const responseData = response.body;
|
||||
const email = responseData.email;
|
||||
const username = responseData.username;
|
||||
const password = responseData.password;
|
||||
const emailVerified = responseData.emailVerified;
|
||||
const tokens = responseData.tokens;
|
||||
const publicKey = responseData.publicKey;
|
||||
const privateKey = responseData.privateKey;
|
||||
|
||||
expect(email).toEqual(userData2.email);
|
||||
expect(username).toEqual(userData2.username);
|
||||
expect(password).toEqual(undefined);
|
||||
expect(emailVerified).toEqual(false);
|
||||
expect(tokens).toEqual(undefined);
|
||||
expect(publicKey).toEqual(undefined);
|
||||
expect(privateKey).toEqual(undefined)
|
||||
|
||||
env.disableEmailVerification = undefined;
|
||||
})
|
||||
|
||||
test("When giving existing email should send password reset email", async() => {
|
||||
|
||||
await request(app).post("/user-service/send-password-reset").send({email: userData.email}).expect(200);
|
||||
|
||||
Vendored
+3
-2
@@ -15,7 +15,8 @@ const createUser2 = async() => {
|
||||
_id: userID,
|
||||
name: "Test User",
|
||||
email: "test3@test.com",
|
||||
password: "12345678",
|
||||
password: "123456789",
|
||||
emailVerified: true,
|
||||
}
|
||||
|
||||
let user = new User(userData);
|
||||
@@ -29,7 +30,7 @@ const createUser2 = async() => {
|
||||
|
||||
await user.save();
|
||||
|
||||
return {user, token};
|
||||
return {user, userData};
|
||||
}
|
||||
|
||||
module.exports = createUser2;
|
||||
@@ -2,7 +2,6 @@ import User from "../../../dist/models/user";
|
||||
import mongoose from "../../../dist/db/mongoose";
|
||||
const conn = mongoose.connection;
|
||||
const createUser = require("../../fixtures/createUser");
|
||||
|
||||
import UserService from "../../../dist/services/UserService";
|
||||
const userService = new UserService();
|
||||
|
||||
|
||||
Reference in New Issue
Block a user