From 72f73cde78b8c4bf0ce5a7bc8c894884475db712 Mon Sep 17 00:00:00 2001 From: kyle hoell Date: Fri, 4 Dec 2020 21:42:53 -0500 Subject: [PATCH] added some tests for file express route, also added objectID to thumbnail files --- .../ChunkService/FileSystemService.ts | 3 +- backend/services/ChunkService/MongoService.ts | 2 +- backend/services/ChunkService/S3Service.ts | 3 +- .../ChunkService/utils/createThumbnail.ts | 2 +- tests/express-routers/file.test.js | 663 ++++++++++++++++++ tests/express-routers/file.testtt.js | 576 --------------- tests/express-routers/user.test.js | 70 ++ tests/fixtures/createUser2.js | 5 +- tests/services/UserService/index.test.js | 1 - 9 files changed, 742 insertions(+), 583 deletions(-) create mode 100644 tests/express-routers/file.test.js delete mode 100644 tests/express-routers/file.testtt.js diff --git a/backend/services/ChunkService/FileSystemService.ts b/backend/services/ChunkService/FileSystemService.ts index 2231933..0a0893c 100644 --- a/backend/services/ChunkService/FileSystemService.ts +++ b/backend/services/ChunkService/FileSystemService.ts @@ -28,6 +28,7 @@ import Folder, { FolderInterface } from "../../models/folder"; import addToStoageSize from "./utils/addToStorageSize"; import subtractFromStorageSize from "./utils/subtractFromStorageSize"; import ForbiddenError from "../../utils/ForbiddenError"; +import { ObjectID } from "mongodb"; const StreamSkip = require("stream-skip"); const dbUtilsFile = new DbUtilFile(); @@ -209,7 +210,7 @@ class FileSystemService implements ChunkInterface { if (!password) throw new ForbiddenError("Invalid Encryption Key") - const thumbnail = await Thumbnail.findById(id) as ThumbnailInterface; + const thumbnail = await Thumbnail.findById(new ObjectID(id)) as ThumbnailInterface; if (thumbnail.owner !== user._id.toString()) { diff --git a/backend/services/ChunkService/MongoService.ts b/backend/services/ChunkService/MongoService.ts index 4e8bde0..b5d1f7a 100644 --- a/backend/services/ChunkService/MongoService.ts +++ b/backend/services/ChunkService/MongoService.ts @@ -189,7 +189,7 @@ class MongoService implements ChunkInterface { if (!password) throw new ForbiddenError("Invalid Encryption Key") - const thumbnail = await Thumbnail.findById(id) as ThumbnailInterface; + const thumbnail = await Thumbnail.findById(new ObjectID(id)) as ThumbnailInterface; if (thumbnail.owner !== user._id.toString()) { diff --git a/backend/services/ChunkService/S3Service.ts b/backend/services/ChunkService/S3Service.ts index 87f0ed5..b8df6dc 100644 --- a/backend/services/ChunkService/S3Service.ts +++ b/backend/services/ChunkService/S3Service.ts @@ -27,6 +27,7 @@ import s3Auth from "../../db/S3Personal"; import addToStoageSize from "./utils/addToStorageSize"; import subtractFromStorageSize from "./utils/subtractFromStorageSize"; import ForbiddenError from "../../utils/ForbiddenError"; +import { ObjectID } from "mongodb"; const dbUtilsFile = new DbUtilFile(); @@ -369,7 +370,7 @@ class S3Service implements ChunkInterface { if (!password) throw new ForbiddenError("Invalid Encryption Key") - const thumbnail = await Thumbnail.findById(id) as ThumbnailInterface; + const thumbnail = await Thumbnail.findById(new ObjectID(id)) as ThumbnailInterface; if (thumbnail.owner !== user._id.toString()) { diff --git a/backend/services/ChunkService/utils/createThumbnail.ts b/backend/services/ChunkService/utils/createThumbnail.ts index 165ebe4..d9878a3 100644 --- a/backend/services/ChunkService/utils/createThumbnail.ts +++ b/backend/services/ChunkService/utils/createThumbnail.ts @@ -50,7 +50,7 @@ const createThumbnail = (file: FileInterface, filename: string, user: UserInterf await thumbnailModel.save(); const getUpdatedFile = await conn.db.collection("fs.files") - .findOneAndUpdate({"_id": file._id}, {"$set": {"metadata.hasThumbnail": true, "metadata.thumbnailID": thumbnailModel._id}}) + .findOneAndUpdate({"_id": new ObjectID(file._id)}, {"$set": {"metadata.hasThumbnail": true, "metadata.thumbnailID": thumbnailModel._id}}) let updatedFile: FileInterface = getUpdatedFile.value; diff --git a/tests/express-routers/file.test.js b/tests/express-routers/file.test.js new file mode 100644 index 0000000..4c30901 --- /dev/null +++ b/tests/express-routers/file.test.js @@ -0,0 +1,663 @@ +import User from "../../dist/models/user"; +import mongoose from "../../dist/db/mongoose"; +const conn = mongoose.connection; +const createUser = require("../fixtures/createUser"); +const createUser2 = require("../fixtures/createUser2"); +const createFile = require("../fixtures/createFile"); +const crypto = require("crypto"); +const path = require("path"); +import env from "../../dist/enviroment/env"; +import createThumbnail from "../../dist/services/ChunkService/utils/createThumbailAny"; +const request = require("supertest"); +const jwt = require("jsonwebtoken"); +const ObjectID = require('mongodb').ObjectID +import servers from "../../dist/server/server"; +import Folder from "../../dist/models/folder"; +const temp = require("temp").track(); +const binaryPhraser = require("superagent-binary-parser"); +const session = require("supertest-session"); +const loginUser = require("../fixtures/loginUser"); +const createUserNotEmailVerified = require("../fixtures/createUserNotEmailVerified"); + +const {server, serverHttps} = servers; + +const app = server; + +let user; +let user2; +let userData; +let userData2; +let file; + +process.env.KEY = "1234"; +env.key = "1234"; + + +const waitForDatabase = () => { + + return new Promise((resolve, reject) => { + + if (conn.readyState !== 1) { + + conn.once("open", () => { + + resolve(); + + }) + + } else { + + resolve(); + } + + }) +} + +beforeEach(async(done) => { + + await waitForDatabase(); + + const initVect = crypto.randomBytes(16); + + const {user: gotUser, userData: gotUserData} = await createUser(); + user = gotUser; + userData = gotUserData; + + const {user: gotUser2, userData: gotUserData2} = await createUser2(); + user2 = gotUser2; + userData2 = gotUserData2; + + const filename = "bunny.png"; + const filepath = path.join(__dirname, "../fixtures/media/folder.png") + const metadata = { + owner: user._id, + parent: "/", + parentList: "/", + "IV": initVect, + // filePath: filepath + } + + file = await createFile(filename, filepath, metadata, user); + + done(); + +}) + +afterEach(async(done) => { + + console.log("After each") + + //const gfs = Grid(conn.db, mongoose.mongo); + let bucket = new mongoose.mongo.GridFSBucket(conn.db); + + await User.deleteMany({}); + + const allFiles = await conn.db.collection("fs.files").find({}).toArray(); + + for (let i = 0; i < allFiles.length; i++) { + + const currentFileID = allFiles[i]._id; + await bucket.delete(ObjectID(currentFileID)); + } + + done(); +}) + +test("When giving ID, should send thumbnail data", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData); + + const thumbnailFile = await createThumbnail(file, file.filename, user); + const thumbnailID = thumbnailFile.metadata.thumbnailID; + + const response = await appSession + .get(`/file-service/thumbnail/${thumbnailID}`) + .send() + .expect(200); + + expect(response.body.length).not.toBe(0); +}) + +test("When giving no authorization for thumbnail data, should return error", async() => { + + const thumbnailFile = await createThumbnail(file, file.filename, user); + const thumbnailID = thumbnailFile.metadata.thumbnailID; + + const response = await request(app) + .get(`/file-service/thumbnail/${thumbnailID}`) + .send() + .expect(401); + + expect(response.body).toEqual({}); +}) + +test("When giving wrong auth data for thumbnail, should return 403 error", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData); + + const thumbnailFile = await createThumbnail(file, file.filename, user); + const thumbnailID = thumbnailFile.metadata.thumbnailID; + + const appSession2 = session(app); + await loginUser(appSession2, userData2); + + const response = await appSession2 + .get(`/file-service/thumbnail/${thumbnailID}`) + .send() + .expect(403); + + expect(response.body).toEqual({}); +}) + +test("When not email verified should not get thumbnail data, and return 401", async() => { + + const appSession = session(app); + + const {userData: userData3, user: user3} = await createUserNotEmailVerified(); + await loginUser(appSession, userData3); + + const thumbnailFile = await createThumbnail(file, file.filename, user3); + const thumbnailID = thumbnailFile.metadata.thumbnailID; + + const response = await appSession + .get(`/file-service/thumbnail/${thumbnailID}`) + .send() + .expect(401); + + expect(response.body).toEqual({}); +}) + +test("When not email verified but email verification disabled should get thumbnail data", async() => { + + env.disableEmailVerification = true; + + const appSession = session(app); + + const {userData: userData3, user: user3} = await createUserNotEmailVerified(); + await loginUser(appSession, userData3); + + const initVect = crypto.randomBytes(16); + const filename = "bunny.png"; + const filepath = path.join(__dirname, "../fixtures/media/folder.png") + const metadata = { + owner: user3._id, + parent: "/", + parentList: "/", + "IV": initVect, + } + + const file2 = await createFile(filename, filepath, metadata, user3); + + const thumbnailFile = await createThumbnail(file2, file2.filename, user3); + const thumbnailID = thumbnailFile.metadata.thumbnailID; + + const response = await appSession + .get(`/file-service/thumbnail/${thumbnailID}`) + .send() + .expect(200); + + expect(response.body.length).not.toBe(0); + + env.disableEmailVerification = undefined; +}) + +test("When trying to create thumbnail from others users file should not return thumbnail", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData2); + + const thumbnailFile = await createThumbnail(file, file.filename, user2); + const thumbnailID = thumbnailFile.metadata.thumbnailID; + + expect(thumbnailID).toEqual(undefined) +}) +// // Needs Work, cannot phrase binary data? + +// // test("When giving public ID, should return public file download", async() => { + +// // const userID = user._id; +// // const fileID = file._id.toString(); +// // const token = jwt.sign({_id: userID.toString()}, env.password); +// // await conn.db.collection("fs.files") +// // .findOneAndUpdate({"_id": ObjectID(fileID), +// // "metadata.owner": userID}, +// // {"$set": {"metadata.linkType": "public", "metadata.link": token}}) + +// // const response = await request(app) +// // .get(`/file-service/public/download/${fileID}`) +// // .parse(binaryPhraser) +// // .buffer() +// // .end(); + + +// // //expect(response.body._id).toEqual(fileID); + +// // // console.log("public", token.token); + +// // // const url = "/file-service/public/download/" + fileID; +// // // console.log("url", url); +// // // const response = await request(app).get(url) +// // // .set("Authorization", `Bearer ${userToken}`) +// // // .set('content-type', 'application/octet-stream') +// // // .send() +// // // .expect(203) + +// // // const writeStream = temp.createWriteStream(); + +// // //response.pipe(writeStream); +// // }) + +test("When giving public id, should return public info", async() => { + + const userID = user._id; + const fileID = file._id.toString(); + const token = jwt.sign({_id: userID.toString()}, env.password).toString(); + await conn.db.collection("fs.files") + .findOneAndUpdate({"_id": ObjectID(fileID), + "metadata.owner": userID}, + {"$set": {"metadata.linkType": "public", "metadata.link": token}}) + + const response = await request(app) + .get(`/file-service/public/info/${fileID}/${token}`) + .send() + .expect(200); + + expect(response.body._id).toEqual(fileID); +}) + +test("When giving ID for non public file, should return 404 error", async() => { + + const userID = user._id; + const fileID = file._id.toString(); + const token = jwt.sign({_id: userID.toString()}, env.password).toString(); + const response = await request(app) + .get(`/file-service/public/info/${fileID}/${token}`) + .send() + .expect(404); + + expect(response.data).toBe(undefined); +}) + +test("When giving fileID, should return file info", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData); + + const fileID = file._id; + + const response = await appSession + .get(`/file-service/info/${fileID}`) + .send() + .expect(200); + + expect(response.body._id).toEqual(fileID.toString()); +}) + +test("When not authorized for file info, should return 401 error", async() => { + + const fileID = file._id; + + const response = await request(app) + .get(`/file-service/info/${fileID}`) + .send() + .expect(401); + + expect(response.body).toEqual({}); +}) + +test("When giving wrong auth token for file info, should return 404 error", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData2); + + const fileID = file._id; + + const response = await appSession + .get(`/file-service/info/${fileID}`) + .send() + .expect(404); + + expect(response.body).toEqual({}); +}) + +test("When giving the wrong tempToken for public file info, should return 404 error", async() => { + + const userID = user._id; + const fileID = file._id.toString(); + const token = jwt.sign({_id: userID.toString()}, env.password).toString(); + const wrongToken = "12345" + await conn.db.collection("fs.files") + .findOneAndUpdate({"_id": ObjectID(fileID), + "metadata.owner": userID}, + {"$set": {"metadata.linkType": "public", "metadata.link": token}}) + + const response = await request(app) + .get(`/file-service/public/info/${fileID}/${wrongToken}`) + .send() + .expect(404); + + expect(response.body).toEqual({}); +}) + +test("When giving authorization, should get user quicklist", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData); + + const response = await appSession + .get(`/file-service/quick-list`) + .send() + .expect(200); + + expect(response.body.length).toBe(1); +}) + +test("When giving no authoization for quicklist, should return 401 error", async() => { + + const response = await request(app) + .get(`/file-service/quick-list`) + .send() + .expect(401); + + expect(response.body).toEqual({}); +}) + +test("When giving default query, should return file list", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData); + + const response = await appSession + .get(`/file-service/list`) + .send({}) + .expect(200); + + expect(response.body.length).toBe(1); +}) + +test("When giving no authoization for file list, should return 401 error", async() => { + + const response = await request(app) + .get(`/file-service/list`) + .send({}) + .expect(401); + + expect(response.body).toEqual({}); +}) + +test("When giving wrong auth for list, should return empty list", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData2); + + const response = await appSession + .get(`/file-service/list`) + .send({}) + .expect(200); + + expect(response.body.length).toBe(0); +}) + +test("When authorized should get video cookie", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData); + + await appSession + .get(`/file-service/list`) + .send("/file-service/download/access-token-stream-video") + .expect(200); +}) + +test("When not authorized should not get video token and return 401 error", async() => { + + await request(app) + .get(`/file-service/list`) + .send("/file-service/download/access-token-stream-video") + .expect(401); +}) + +test("When authorized should return suggested list", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData); + + await appSession + .get(`/file-service/suggested-list`) + .send() + .expect(200); +}) + +test("When not authorized should not return suggested list", async() => { + + const response =await request(app) + .get(`/file-service/suggested-list`) + .send() + .expect(401); + + expect(response.body).toEqual({}); +}) + +test("When giving fileID and title, should rename file", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData); + + const fileID = file._id; + + await appSession + .patch(`/file-service/rename`) + .send({ + id: fileID, + title: "new name" + }) + .expect(200); +}) + +test("When not authoized for rename file, should return 401 error", async() => { + + const fileID = file._id; + + await request(app) + .patch(`/file-service/rename`) + .send({ + id: fileID, + title: "new name" + }) + .expect(401); +}) + +test("When giving wrong authorization token for rename file, should return 404 error", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData2); + + const fileID = file._id; + + await appSession + .patch(`/file-service/rename`) + .send({ + id: fileID, + title: "new name" + }) + .expect(404); +}) + +test("When giving fileID and parent, should move file", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData); + + const fileID = file._id; + const userID = user._id; + + const folder = new Folder({ + owner: userID, + name: "folder", + parent: "/", + parentList: ["/"] + }) + + await folder.save(); + + const folderID = folder._id; + + await appSession + .patch(`/file-service/move`) + .send({ + id: fileID, + parent: folderID + }) + .expect(200); +}) + +test("When not authorized should not move file and return 401", async() => { + + const appSession = session(app); + + const fileID = file._id; + const userID = user._id; + + const folder = new Folder({ + owner: userID, + name: "folder", + parent: "/", + parentList: ["/"] + }) + + await folder.save(); + + const folderID = folder._id; + + await appSession + .patch(`/file-service/move`) + .send({ + id: fileID, + parent: folderID + }) + .expect(401); +}) + +test("When giving wrong authorization should not move file and return 404", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData2); + + const fileID = file._id; + const userID = user._id; + + const folder = new Folder({ + owner: userID, + name: "folder", + parent: "/", + parentList: ["/"] + }) + + await folder.save(); + + const folderID = folder._id; + + await appSession + .patch(`/file-service/move`) + .send({ + id: fileID, + parent: folderID + }) + .expect(404); + +}) + +test("When giving a parentID that does not exist, should return 404 error", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData); + + const fileID = file._id; + + await appSession + .patch(`/file-service/move`) + .send({ + id: fileID, + parent: "123456789012" + }) + .expect(404); +}) + +test("When giving fileID should remove file", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData); + + const fileID = file._id; + + await appSession + .delete(`/file-service/remove`) + .send({ + id: fileID, + }) + .expect(200); +}) + +test("When giving fileID that does not exist for remove file, should return 404 error", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData); + + const fileID = "123456789012"; + + await appSession + .delete(`/file-service/remove`) + .send({ + id: fileID, + }) + .expect(404); +}) + +test("When not authorized should not remove file and return 401", async() => { + + const appSession = session(app); + + const fileID = file._id; + + await appSession + .delete(`/file-service/remove`) + .send({ + id: fileID, + }) + .expect(401); +}) + +test("When giving wrong authorization should not remove file and return 404", async() => { + + const appSession = session(app); + + await loginUser(appSession, userData2); + + const fileID = file._id; + + await appSession + .delete(`/file-service/remove`) + .send({ + id: fileID, + }) + .expect(404); +}) \ No newline at end of file diff --git a/tests/express-routers/file.testtt.js b/tests/express-routers/file.testtt.js deleted file mode 100644 index 9dc3e3e..0000000 --- a/tests/express-routers/file.testtt.js +++ /dev/null @@ -1,576 +0,0 @@ -import User from "../../dist/models/user"; -import mongoose from "../../dist/db/mongoose"; -const conn = mongoose.connection; -const createUser = require("../fixtures/createUser"); -const createUser2 = require("../fixtures/createUser2"); -const createFile = require("../fixtures/createFile"); -const crypto = require("crypto"); -const path = require("path"); -import env from "../../dist/enviroment/env"; -import createThumbnail from "../../dist/services/ChunkService/utils/createThumbnail"; -const request = require("supertest"); -const jwt = require("jsonwebtoken"); -const ObjectID = require('mongodb').ObjectID -import servers from "../../dist/server/server"; -import Folder from "../../dist/models/folder"; -const temp = require("temp").track(); -const binaryPhraser = require("superagent-binary-parser"); - -const {server, serverHttps} = servers; - -const app = server; - -let user; -let userToken; -let user2; -let userToken2; -let file; - -process.env.KEY = "1234"; -env.key = "1234"; - - -beforeEach(async(done) => { - - if (conn.readyState === 0) { - - conn.once("open", async() => { - - - const initVect = crypto.randomBytes(16); - - // user = await createUser(); - // userToken = user.tokens[0].token; - const {user: gotUser, token: gotToken} = await createUser(); - user = gotUser; - userToken = gotToken; - - // user2 = await createUser2(); - // userToken2 = user2.tokens[0].token; - const {user: gotUser2, token: gotToken2} = await createUser2(); - user2 = gotUser2; - userToken2 = gotToken2; - - const filename = "bunny.png"; - const filepath = path.join(__dirname, "../fixtures/media/check.svg") - const metadata = { - owner: user._id, - parent: "/", - parentList: "/", - "IV": initVect - } - - file = await createFile(filename, filepath, metadata, user); - - done(); - - }) - - } else { - - const initVect = crypto.randomBytes(16); - - // user = await createUser(); - // userToken = user.tokens[0].token; - const {user: gotUser, token: gotToken} = await createUser(); - user = gotUser; - userToken = gotToken; - - // user2 = await createUser2(); - // userToken2 = user2.tokens[0].token; - const {user: gotUser2, token: gotToken2} = await createUser2(); - user2 = gotUser2; - userToken2 = gotToken2; - - // user = await createUser(); - // userToken = user.tokens[0].token; - - // user2 = await createUser2(); - // userToken2 = user2.tokens[0].token; - - const filename = "bunny.png"; - const filepath = path.join(__dirname, "../fixtures/media/check.svg") - const metadata = { - owner: user._id, - parent: "/", - parentList: "/", - "IV": initVect - } - - file = await createFile(filename, filepath, metadata, user); - - done(); - } - -}) - -afterEach(async(done) => { - - console.log("After each") - - //const gfs = Grid(conn.db, mongoose.mongo); - let bucket = new mongoose.mongo.GridFSBucket(conn.db); - - await User.deleteMany({}); - - const allFiles = await conn.db.collection("fs.files").find({}).toArray(); - - for (let i = 0; i < allFiles.length; i++) { - - const currentFileID = allFiles[i]._id; - await bucket.delete(ObjectID(currentFileID)); - } - - done(); -}) - -// To-do maybe - -// test("When giving user, should send transcoded video response", async() => { - -// const response = await request(app) -// .post(`/file-service/transcode-video`) -// .set("Authorization", `Bearer ${userToken}`) -// .send({file}) -// .expect(200); - -// console.log("response", response.body); -// }) - -// test("When giving wrong user for transcode video, should return 401 error", async() => { - -// const user2 = await createUser2(); -// const userToken2 = user2.tokens[0].token; - -// await request(app) -// .get(`/file-service/transcode-video`) -// .set("Authorization", `Bearer ${userToken2}`) -// .send(user) -// .expect(401); -// }) - -test("When giving ID, should send thumbnail data", async() => { - - const thumbnailFile = await createThumbnail(file, file.filename, user); - const thumbnailID = thumbnailFile.metadata.thumbnailID; - - const response = await request(app) - .get(`/file-service/thumbnail/${thumbnailID}`) - .set("Authorization", `Bearer ${userToken}`) - .send() - .expect(200); - - expect(response.body.length).not.toBe(0); -}) - -test("When giving no authorization for thumbnail data, should return error", async() => { - - const thumbnailFile = await createThumbnail(file, file.filename, user); - const thumbnailID = thumbnailFile.metadata.thumbnailID; - - const response = await request(app) - .get(`/file-service/thumbnail/${thumbnailID}`) - .send() - .expect(401); - - expect(response.body).toEqual({ - "error": "Error Authenticating", - }); -}) - -test("When giving wrong auth data for thumbnail, should return 401 error", async() => { - - - const thumbnailFile = await createThumbnail(file, file.filename, user); - const thumbnailID = thumbnailFile.metadata.thumbnailID; - - - const response = await request(app) - .get(`/file-service/thumbnail/${thumbnailID}`) - .set("Authorization", `Bearer ${userToken2}`) - .send() - .expect(401); - - expect(response.body).toEqual({}); -}) - - -// Needs Work, cannot phrase binary data? - -// test("When giving public ID, should return public file download", async() => { - -// const userID = user._id; -// const fileID = file._id.toString(); -// const token = jwt.sign({_id: userID.toString()}, env.password); -// await conn.db.collection("fs.files") -// .findOneAndUpdate({"_id": ObjectID(fileID), -// "metadata.owner": userID}, -// {"$set": {"metadata.linkType": "public", "metadata.link": token}}) - -// const response = await request(app) -// .get(`/file-service/public/download/${fileID}`) -// .parse(binaryPhraser) -// .buffer() -// .end(); - - -// //expect(response.body._id).toEqual(fileID); - -// // console.log("public", token.token); - -// // const url = "/file-service/public/download/" + fileID; -// // console.log("url", url); -// // const response = await request(app).get(url) -// // .set("Authorization", `Bearer ${userToken}`) -// // .set('content-type', 'application/octet-stream') -// // .send() -// // .expect(203) - -// // const writeStream = temp.createWriteStream(); - -// //response.pipe(writeStream); -// }) - -test("When giving public id, should return public info", async() => { - - const userID = user._id; - const fileID = file._id.toString(); - const token = jwt.sign({_id: userID.toString()}, env.password).toString(); - await conn.db.collection("fs.files") - .findOneAndUpdate({"_id": ObjectID(fileID), - "metadata.owner": userID}, - {"$set": {"metadata.linkType": "public", "metadata.link": token}}) - - const response = await request(app) - .get(`/file-service/public/info/${fileID}/${token}`) - .set("Authorization", `Bearer ${userToken}`) - .send() - .expect(200); - - expect(response.body._id).toEqual(fileID); -}) - -test("When giving ID for non public file, should return 404 error", async() => { - - const userID = user._id; - const fileID = file._id.toString(); - const token = jwt.sign({_id: userID.toString()}, env.password).toString(); - const response = await request(app) - .get(`/file-service/public/info/${fileID}/${token}`) - .set("Authorization", `Bearer ${userToken}`) - .send() - .expect(404); - - expect(response.data).toBe(undefined); -}) - -test("When giving fileID, should return file info", async() => { - - const fileID = file._id; - - const response = await request(app) - .get(`/file-service/info/${fileID}`) - .set("Authorization", `Bearer ${userToken}`) - .send() - .expect(200); - - expect(response.body._id).toEqual(fileID.toString()); -}) - -test("When not authorized for file info, should return 401 error", async() => { - - const fileID = file._id; - - const response = await request(app) - .get(`/file-service/info/${fileID}`) - .send() - .expect(401); - - expect(response.body).toEqual({ - "error": "Error Authenticating", - }); -}) - -test("When giving wrong auth token for file info, should return 404 error", async() => { - - const fileID = file._id; - - const response = await request(app) - .get(`/file-service/info/${fileID}`) - .set("Authorization", `Bearer ${userToken2}`) - .send() - .expect(404); - - expect(response.body).toEqual({}); -}) - -test("When giving the wrong tempToken for public file info, should return 404 error", async() => { - - const userID = user._id; - const fileID = file._id.toString(); - const token = jwt.sign({_id: userID.toString()}, env.password).toString(); - const wrongToken = "12345" - await conn.db.collection("fs.files") - .findOneAndUpdate({"_id": ObjectID(fileID), - "metadata.owner": userID}, - {"$set": {"metadata.linkType": "public", "metadata.link": token}}) - - const response = await request(app) - .get(`/file-service/public/info/${fileID}/${wrongToken}`) - .set("Authorization", `Bearer ${userToken}`) - .send() - .expect(404); - - expect(response.body).toEqual({}); -}) - -test("When giving authorization, should get user quicklist", async() => { - - const response = await request(app) - .get(`/file-service/quick-list`) - .set("Authorization", `Bearer ${userToken}`) - .send() - .expect(200); - - expect(response.body.length).toBe(1); -}) - -test("When giving no authoization for quicklist, should return 401 error", async() => { - - const response = await request(app) - .get(`/file-service/quick-list`) - .send() - .expect(401); - - expect(response.body).toEqual({ - "error": "Error Authenticating", - }); -}) - -test("When giving default query, should return file list", async() => { - - const response = await request(app) - .get(`/file-service/list`) - .set("Authorization", `Bearer ${userToken}`) - .send({}) - .expect(200); - - expect(response.body.length).toBe(1); -}) - -test("When giving no authoization for file list, should return 401 error", async() => { - - const response = await request(app) - .get(`/file-service/list`) - .send({}) - .expect(401); - - expect(response.body).toEqual({ - "error": "Error Authenticating", - }); -}) - -test("When giving wrong auth for list, should return empty list", async() => { - - const response = await request(app) - .get(`/file-service/list`) - .set("Authorization", `Bearer ${userToken2}`) - .send({}) - .expect(200); - - expect(response.body.length).toBe(0); -}) - -test("When autheniticated should generate download token", async() => { - - await request(app) - .get(`/file-service/download/get-token`) - .set("Authorization", `Bearer ${userToken}`) - .send() - .expect(200); -}) - -test("When not authenticated, should not generate download token", async() => { - - await request(app) - .get(`/file-service/download/get-token`) - .send() - .expect(401); -}) - -test("When authenticated and cookie should generate video token", async() => { - - await request(app) - .get(`/file-service/download/get-token-video`) - .set("Authorization", `Bearer ${userToken}`) - .set("uuid", 1234) - .send() - .expect(200); -}) - -test("When not authenticated, should not generate video token", async() => { - - await request(app) - .get(`/file-service/download/get-token-video`) - .set("uuid", 1234) - .send() - .expect(401); -}) - -test("When not giving a Cookie, should not generate video token", async() => { - - await request(app) - .get(`/file-service/download/get-token-video`) - .set("Authorization", `Bearer ${userToken}`) - .send() - .expect(401); -}) - -test("When giving tempToken, should remove temp token", async() => { - - const token = await request(app) - .get(`/file-service/download/get-token-video`) - .set("Authorization", `Bearer ${userToken}`) - .set("uuid", 1234) - .send() - .expect(200); - - const tempToken = token.body.tempToken; - - await request(app) - .delete(`/file-service/remove/token-video/${tempToken}/1234`) - .set("Authorization", `Bearer ${userToken}`) - .send() - .expect(200); -}) - -test("When not authorized, should not remove temp token", async() => { - - const token = await request(app) - .get(`/file-service/download/get-token-video`) - .set("Authorization", `Bearer ${userToken}`) - .set("uuid", 1234) - .send() - .expect(200); - - const tempToken = token.body.tempToken; - - await request(app) - .delete(`/file-service/remove/token-video/${tempToken}/1234`) - .send() - .expect(401); -}) - -test("When authorized should return suggested list", async() => { - - await request(app) - .get(`/file-service/suggested-list`) - .set("Authorization", `Bearer ${userToken}`) - .send() - .expect(200); -}) - -test("When not authorized should not return suggested list", async() => { - - const response =await request(app) - .get(`/file-service/suggested-list`) - .send() - .expect(401); - - expect(response.body).toEqual({ - "error": "Error Authenticating", - }); -}) - -test("When giving fileID and title, should rename file", async() => { - - const fileID = file._id; - - await request(app) - .patch(`/file-service/rename`) - .set("Authorization", `Bearer ${userToken}`) - .send({ - id: fileID, - title: "new name" - }) - .expect(200); -}) - -test("When not authoized for rename file, should return 401 error", async() => { - - const fileID = file._id; - - await request(app) - .patch(`/file-service/rename`) - .send({ - id: fileID, - title: "new name" - }) - .expect(401); -}) - -test("When giving fileID and parent, should move file", async() => { - - const fileID = file._id; - const userID = user._id; - - const folder = new Folder({ - owner: userID, - name: "folder", - parent: "/", - parentList: ["/"] - }) - - await folder.save(); - - const folderID = folder._id; - - await request(app) - .patch(`/file-service/move`) - .set("Authorization", `Bearer ${userToken}`) - .send({ - id: fileID, - parent: folderID - }) - .expect(200); -}) - -test("When giving a parentID that does not exist, should return 500 error", async() => { - - const fileID = file._id; - - await request(app) - .patch(`/file-service/move`) - .set("Authorization", `Bearer ${userToken}`) - .send({ - id: fileID, - parent: "123456789012" - }) - .expect(404); -}) - -test("When giving fileID should remove file", async() => { - - const fileID = file._id; - - await request(app) - .delete(`/file-service/remove`) - .set("Authorization", `Bearer ${userToken}`) - .send({ - id: fileID, - }) - .expect(200); -}) - -test("When giving fileID that does not exist for remove file, should return 404 error", async() => { - - const fileID = "123456789012"; - - await request(app) - .delete(`/file-service/remove`) - .set("Authorization", `Bearer ${userToken}`) - .send({ - id: fileID, - }) - .expect(404); -}) \ No newline at end of file diff --git a/tests/express-routers/user.test.js b/tests/express-routers/user.test.js index c78c29a..fd103e5 100644 --- a/tests/express-routers/user.test.js +++ b/tests/express-routers/user.test.js @@ -295,6 +295,45 @@ test("When not email verified should not change password", async() => { .expect(401); }) +test("When not email verified, but email verification disabled, should change password", async() => { + + env.disableEmailVerification = true; + + const appSession = session(app); + + const {userData: userData2} = await createUserNotEmailVerified(); + await loginUser(appSession, userData2); + + const oldPassword = "12345678"; + const newPassword = "987654321"; + + await appSession + .post(`/user-service/change-password`) + .send({ + oldPassword, + newPassword + }) + .expect(200); + + await request(app) + .post(`/user-service/login`) + .send({ + email: userData2.email, + password: oldPassword + }) + .expect(500); + + await request(app) + .post(`/user-service/login`) + .send({ + email: userData2.email, + password: newPassword + }) + .expect(200); + + env.disableEmailVerification = undefined; +}) + test("When not giving email, should not create user", async() => { await request(app) @@ -398,6 +437,37 @@ test("When not email verified should not get detailed user", async() => { await request(app).get("/user-service/user-detailed").send().expect(401); }) +test("When not email verified but email verification disabled should get detailed user", async() => { + + env.disableEmailVerification = true; + + const appSession = session(app); + + const {userData: userData2} = await createUserNotEmailVerified(); + await loginUser(appSession, userData2); + + const response = await appSession.get("/user-service/user-detailed").send().expect(200); + + const responseData = response.body; + const email = responseData.email; + const username = responseData.username; + const password = responseData.password; + const emailVerified = responseData.emailVerified; + const tokens = responseData.tokens; + const publicKey = responseData.publicKey; + const privateKey = responseData.privateKey; + + expect(email).toEqual(userData2.email); + expect(username).toEqual(userData2.username); + expect(password).toEqual(undefined); + expect(emailVerified).toEqual(false); + expect(tokens).toEqual(undefined); + expect(publicKey).toEqual(undefined); + expect(privateKey).toEqual(undefined) + + env.disableEmailVerification = undefined; +}) + test("When giving existing email should send password reset email", async() => { await request(app).post("/user-service/send-password-reset").send({email: userData.email}).expect(200); diff --git a/tests/fixtures/createUser2.js b/tests/fixtures/createUser2.js index 90f8cdb..86f917c 100644 --- a/tests/fixtures/createUser2.js +++ b/tests/fixtures/createUser2.js @@ -15,7 +15,8 @@ const createUser2 = async() => { _id: userID, name: "Test User", email: "test3@test.com", - password: "12345678", + password: "123456789", + emailVerified: true, } let user = new User(userData); @@ -29,7 +30,7 @@ const createUser2 = async() => { await user.save(); - return {user, token}; + return {user, userData}; } module.exports = createUser2; \ No newline at end of file diff --git a/tests/services/UserService/index.test.js b/tests/services/UserService/index.test.js index d07e2d8..f6b44b3 100644 --- a/tests/services/UserService/index.test.js +++ b/tests/services/UserService/index.test.js @@ -2,7 +2,6 @@ import User from "../../../dist/models/user"; import mongoose from "../../../dist/db/mongoose"; const conn = mongoose.connection; const createUser = require("../../fixtures/createUser"); - import UserService from "../../../dist/services/UserService"; const userService = new UserService();