Backend test for query "publicKey" to asure that "privatKey" is generated

Minor approofments.
2025-12-13 07:45:56 +00:00 · 2019-04-12 14:30:04 +02:00 · 2019-04-12 14:30:04 +02:00 · b007015eeb
commit b007015eeb
parent 95a0567e69
1 changed files with 41 additions and 18 deletions
--- a/backend/src/resolvers/user_management.spec.js
+++ b/backend/src/resolvers/user_management.spec.js
@ -312,19 +312,17 @@ describe('change password', () => {
 })

 describe('do not expose private RSA key', () => {
+  let headers
  let client
+  const queryUserPrivateKey = gql`
+    query($queriedUserSlug: String) {
+      User(slug: $queriedUserSlug) {
+        id
+        privateKey
+      }
+    }`

-  const queryUser = () => {
-    return gql`
-      query($queriedUserSlug: String) {
-        User(slug: $queriedUserSlug) {
-          id
-          privateKey
-        }
-      }`
-  }
-
-  const action = async () => {
+  const actionGenUserWithKeys = async () => {
    // Generate user with "privateKey" via 'CreateUser' mutation instead of using the factories "factory.create('User', {...})", see above.
    const variables = {
      id: 'bcb2d923-f3af-479e-9f00-61b12e864667',
@ -346,22 +344,47 @@ describe('do not expose private RSA key', () => {
    it('throws "Not Authorised!"', async () => {
      client = new GraphQLClient(host)

-      await action()
+      await actionGenUserWithKeys()
      await expect(
-        client.request(queryUser(), { queriedUserSlug: 'apfel-strudel' })
+        client.request(queryUserPrivateKey, { queriedUserSlug: 'apfel-strudel' })
      ).rejects.toThrow('Not Authorised')
    })
  })

+  // authenticate
+  beforeEach(async () => {
+    headers = await login({ email: 'test@example.org', password: '1234' })
+    client = new GraphQLClient(host, { headers })
+  })
+
  describe('authenticated query of "privateKey"', () => {
    it('throws "Not Authorised!"', async () => {
-      const headers = await login({ email: 'test@example.org', password: '1234' })
-      client = new GraphQLClient(host, { headers })
-
-      await action()
+      await actionGenUserWithKeys()
      await expect(
-        client.request(queryUser(), { queriedUserSlug: 'apfel-strudel' })
+        client.request(queryUserPrivateKey, { queriedUserSlug: 'apfel-strudel' })
      ).rejects.toThrow('Not Authorised')
    })
  })
+
+  describe('authenticated query of "publicKey". To asure generation of "privateKey" is garanteed', () => {
+    it('throws "Not Authorised!"', async () => {
+      const queryUserPuplicKey = gql`
+        query($queriedUserSlug: String) {
+          User(slug: $queriedUserSlug) {
+            id
+            publicKey
+          }
+        }`
+
+      await actionGenUserWithKeys()
+      await expect(
+        await client.request(queryUserPuplicKey, { queriedUserSlug: 'apfel-strudel' })
+      ).toEqual(expect.objectContaining({
+        User: [{
+          id: 'bcb2d923-f3af-479e-9f00-61b12e864667',
+          publicKey: expect.any(String)
+        }]
+      }))
+    })
+  })
 })