add changePassword mutation test

src/resolvers/user_management.spec.js

@@ -1,9 +1,9 @@
-import Factory from '../seed/factories'
+import Factory from "../seed/factories";
-import { GraphQLClient, request } from 'graphql-request'
+import { GraphQLClient, request } from "graphql-request";
-import jwt from 'jsonwebtoken'
+import jwt from "jsonwebtoken";
-import { host, login } from '../jest/helpers'
+import { host, login } from "../jest/helpers";
 
-const factory = Factory()
+const factory = Factory();
 
 // here is the decoded JWT token:
 // {
@@ -21,59 +21,71 @@ const factory = Factory()
 //   iss: 'http://localhost:4000',
 //   sub: 'u3'
 // }
-const jennyRostocksHeaders = { authorization: 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoidXNlciIsImxvY2F0aW9uTmFtZSI6bnVsbCwibmFtZSI6Ikplbm55IFJvc3RvY2siLCJhYm91dCI6bnVsbCwiYXZhdGFyIjoiaHR0cHM6Ly9zMy5hbWF6b25hd3MuY29tL3VpZmFjZXMvZmFjZXMvdHdpdHRlci9zYXNoYV9zaGVzdGFrb3YvMTI4LmpwZyIsImlkIjoidTMiLCJlbWFpbCI6InVzZXJAZXhhbXBsZS5vcmciLCJzbHVnIjoiamVubnktcm9zdG9jayIsImlhdCI6MTU1MDg0NjY4MCwiZXhwIjoxNjM3MjQ2NjgwLCJhdWQiOiJodHRwOi8vbG9jYWxob3N0OjMwMDAiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjQwMDAiLCJzdWIiOiJ1MyJ9.eZ_mVKas4Wzoc_JrQTEWXyRn7eY64cdIg4vqQ-F_7Jc' }
+const jennyRostocksHeaders = {
+  authorization:
+    "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoidXNlciIsImxvY2F0aW9uTmFtZSI6bnVsbCwibmFtZSI6Ikplbm55IFJvc3RvY2siLCJhYm91dCI6bnVsbCwiYXZhdGFyIjoiaHR0cHM6Ly9zMy5hbWF6b25hd3MuY29tL3VpZmFjZXMvZmFjZXMvdHdpdHRlci9zYXNoYV9zaGVzdGFrb3YvMTI4LmpwZyIsImlkIjoidTMiLCJlbWFpbCI6InVzZXJAZXhhbXBsZS5vcmciLCJzbHVnIjoiamVubnktcm9zdG9jayIsImlhdCI6MTU1MDg0NjY4MCwiZXhwIjoxNjM3MjQ2NjgwLCJhdWQiOiJodHRwOi8vbG9jYWxob3N0OjMwMDAiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjQwMDAiLCJzdWIiOiJ1MyJ9.eZ_mVKas4Wzoc_JrQTEWXyRn7eY64cdIg4vqQ-F_7Jc"
+};
 
 beforeEach(async () => {
-  await factory.create('User', {
+  await factory.create("User", {
-    avatar: 'https://s3.amazonaws.com/uifaces/faces/twitter/seyedhossein1/128.jpg',
+    avatar:
-    id: 'acb2d923-f3af-479e-9f00-61b12e864666',
+      "https://s3.amazonaws.com/uifaces/faces/twitter/seyedhossein1/128.jpg",
-    name: 'Matilde Hermiston',
+    id: "acb2d923-f3af-479e-9f00-61b12e864666",
-    slug: 'matilde-hermiston',
+    name: "Matilde Hermiston",
-    role: 'user',
+    slug: "matilde-hermiston",
-    email: 'test@example.org',
+    role: "user",
-    password: '1234'
+    email: "test@example.org",
-  })
+    password: "1234"
-})
+  });
+});
 
 afterEach(async () => {
-  await factory.cleanDatabase()
+  await factory.cleanDatabase();
-})
+});
 
-describe('isLoggedIn', () => {
+describe("isLoggedIn", () => {
-  const query = '{ isLoggedIn }'
+  const query = "{ isLoggedIn }";
-  describe('unauthenticated', () => {
+  describe("unauthenticated", () => {
-    it('returns false', async () => {
+    it("returns false", async () => {
-      await expect(request(host, query)).resolves.toEqual({ isLoggedIn: false })
+      await expect(request(host, query)).resolves.toEqual({
-    })
+        isLoggedIn: false
-  })
+      });
+    });
+  });
 
-  describe('with malformed JWT Bearer token', () => {
+  describe("with malformed JWT Bearer token", () => {
-    const headers = { authorization: 'blah' }
+    const headers = { authorization: "blah" };
-    const client = new GraphQLClient(host, { headers })
+    const client = new GraphQLClient(host, { headers });
 
-    it('returns false', async () => {
+    it("returns false", async () => {
-      await expect(client.request(query)).resolves.toEqual({ isLoggedIn: false })
+      await expect(client.request(query)).resolves.toEqual({
-    })
+        isLoggedIn: false
-  })
+      });
+    });
+  });
 
-  describe('with valid JWT Bearer token', () => {
+  describe("with valid JWT Bearer token", () => {
-    const client = new GraphQLClient(host, { headers: jennyRostocksHeaders })
+    const client = new GraphQLClient(host, { headers: jennyRostocksHeaders });
 
-    it('returns false', async () => {
+    it("returns false", async () => {
-      await expect(client.request(query)).resolves.toEqual({ isLoggedIn: false })
+      await expect(client.request(query)).resolves.toEqual({
-    })
+        isLoggedIn: false
+      });
+    });
 
-    describe('and a corresponding user in the database', () => {
+    describe("and a corresponding user in the database", () => {
-      it('returns true', async () => {
+      it("returns true", async () => {
         // see the decoded token above
-        await factory.create('User', { id: 'u3' })
+        await factory.create("User", { id: "u3" });
-        await expect(client.request(query)).resolves.toEqual({ isLoggedIn: true })
+        await expect(client.request(query)).resolves.toEqual({
-      })
+          isLoggedIn: true
-    })
+        });
-  })
+      });
-})
+    });
+  });
+});
 
-describe('currentUser', () => {
+describe("currentUser", () => {
   const query = `{
     currentUser {
       id
@@ -83,97 +95,165 @@ describe('currentUser', () => {
       email
       role
     }
-  }`
+  }`;
 
-  describe('unauthenticated', () => {
+  describe("unauthenticated", () => {
-    it('returns null', async () => {
+    it("returns null", async () => {
-      const expected = { currentUser: null }
+      const expected = { currentUser: null };
-      await expect(request(host, query)).resolves.toEqual(expected)
+      await expect(request(host, query)).resolves.toEqual(expected);
-    })
+    });
-  })
+  });
 
-  describe('with valid JWT Bearer Token', () => {
+  describe("with valid JWT Bearer Token", () => {
-    let client
+    let client;
-    let headers
+    let headers;
 
-    describe('but no corresponding user in the database', () => {
+    describe("but no corresponding user in the database", () => {
       beforeEach(async () => {
-        client = new GraphQLClient(host, { headers: jennyRostocksHeaders })
+        client = new GraphQLClient(host, { headers: jennyRostocksHeaders });
-      })
+      });
 
-      it('returns null', async () => {
+      it("returns null", async () => {
-        const expected = { currentUser: null }
+        const expected = { currentUser: null };
-        await expect(client.request(query)).resolves.toEqual(expected)
+        await expect(client.request(query)).resolves.toEqual(expected);
-      })
+      });
-    })
+    });
 
-    describe('and corresponding user in the database', () => {
+    describe("and corresponding user in the database", () => {
       beforeEach(async () => {
-        headers = await login({ email: 'test@example.org', password: '1234' })
+        headers = await login({ email: "test@example.org", password: "1234" });
-        client = new GraphQLClient(host, { headers })
+        client = new GraphQLClient(host, { headers });
-      })
+      });
 
-      it('returns the whole user object', async () => {
+      it("returns the whole user object", async () => {
         const expected = {
           currentUser: {
-            avatar: 'https://s3.amazonaws.com/uifaces/faces/twitter/seyedhossein1/128.jpg',
+            avatar:
-            email: 'test@example.org',
+              "https://s3.amazonaws.com/uifaces/faces/twitter/seyedhossein1/128.jpg",
-            id: 'acb2d923-f3af-479e-9f00-61b12e864666',
+            email: "test@example.org",
-            name: 'Matilde Hermiston',
+            id: "acb2d923-f3af-479e-9f00-61b12e864666",
-            slug: 'matilde-hermiston',
+            name: "Matilde Hermiston",
-            role: 'user'
+            slug: "matilde-hermiston",
+            role: "user"
           }
-        }
+        };
-        await expect(client.request(query)).resolves.toEqual(expected)
+        await expect(client.request(query)).resolves.toEqual(expected);
-      })
+      });
-    })
+    });
-  })
+  });
-})
+});
 
-describe('login', () => {
+describe("login", () => {
-  const mutation = (params) => {
+  const mutation = params => {
-    const { email, password } = params
+    const { email, password } = params;
     return `
       mutation {
         login(email:"${email}", password:"${password}")
-      }`
+      }`;
-  }
+  };
 
-  describe('ask for a `token`', () => {
+  describe("ask for a `token`", () => {
-    describe('with valid email/password combination', () => {
+    describe("with valid email/password combination", () => {
-      it('responds with a JWT token', async () => {
+      it("responds with a JWT token", async () => {
-        const data = await request(host, mutation({
+        const data = await request(
-          email: 'test@example.org',
+          host,
-          password: '1234'
+          mutation({
-        }))
+            email: "test@example.org",
-        const token = data.login
+            password: "1234"
+          })
+        );
+        const token = data.login;
         jwt.verify(token, process.env.JWT_SECRET, (err, data) => {
-          expect(data.email).toEqual('test@example.org')
+          expect(data.email).toEqual("test@example.org");
-          expect(err).toBeNull()
+          expect(err).toBeNull();
-        })
+        });
-      })
+      });
-    })
+    });
 
-    describe('with a valid email but incorrect password', () => {
+    describe("with a valid email but incorrect password", () => {
       it('responds with "Incorrect email address or password."', async () => {
         await expect(
-          request(host, mutation({
+          request(
-            email: 'test@example.org',
+            host,
-            password: 'wrong'
+            mutation({
-          }))
+              email: "test@example.org",
-        ).rejects.toThrow('Incorrect email address or password.')
+              password: "wrong"
-      })
+            })
-    })
+          )
+        ).rejects.toThrow("Incorrect email address or password.");
+      });
+    });
 
-    describe('with a non-existing email', () => {
+    describe("with a non-existing email", () => {
       it('responds with "Incorrect email address or password."', async () => {
         await expect(
-          request(host, mutation({
+          request(
-            email: 'non-existent@example.org',
+            host,
-            password: 'wrong'
+            mutation({
-          }))
+              email: "non-existent@example.org",
-        ).rejects.toThrow('Incorrect email address or password.')
+              password: "wrong"
-      })
+            })
-    })
+          )
-  })
+        ).rejects.toThrow("Incorrect email address or password.");
-})
+      });
+    });
+  });
+});
+
+describe("change password", () => {
+  let headers;
+  let client;
+
+  beforeEach(async () => {
+    headers = await login({ email: "test@example.org", password: "1234" });
+    client = new GraphQLClient(host, { headers });
+  });
+
+  const mutation = params => {
+    const { oldPassword, newPassword } = params;
+    return `
+      mutation {
+        changePassword(oldPassword:"${oldPassword}", newPassword:"${newPassword}")
+      }`;
+  };
+
+  describe("should be authenticated before changing password", () => {
+    it('should throw not "Not Authorised!', async () => {
+      await expect(
+        request(
+          host,
+          mutation({
+            oldPassword: "1234",
+            newPassword: "1234"
+          })
+        )
+      ).rejects.toThrow("Not Authorised!");
+    });
+  });
+
+  describe("old and new password should not match", () => {
+    it('responds with "Old password and New password should not be same"', async () => {
+      await expect(
+        client.request(
+          mutation({
+            oldPassword: "1234",
+            newPassword: "1234"
+          })
+        )
+      ).rejects.toThrow("Old password and New password should not be same");
+    });
+  });
+
+  describe("incorrect old password", () => {
+    it('responds with "Old password isn\'t valid"', async () => {
+      await expect(
+        client.request(
+          mutation({
+            oldPassword: "notOldPassword",
+            newPassword: "12345"
+          })
+        )
+      ).rejects.toThrow("Old password isn't valid");
+    });
+  });
+});