mirror of
https://github.com/IT4Change/Ocelot-Social.git
synced 2026-04-05 17:15:33 +00:00
367 lines
13 KiB
TypeScript
367 lines
13 KiB
TypeScript
/* eslint-disable @typescript-eslint/await-thenable */
|
|
/* eslint-disable @typescript-eslint/require-await */
|
|
/* eslint-disable @typescript-eslint/no-unsafe-call */
|
|
/* eslint-disable @typescript-eslint/no-unsafe-member-access */
|
|
/* eslint-disable @typescript-eslint/no-unsafe-assignment */
|
|
/* eslint-disable @typescript-eslint/no-confusing-void-expression */
|
|
import { createTestClient } from 'apollo-server-testing'
|
|
|
|
import Factory, { cleanDatabase } from '@db/factories'
|
|
import { getDriver, getNeode } from '@db/neo4j'
|
|
import { AddEmailAddress } from '@graphql/queries/AddEmailAddress'
|
|
import { VerifyEmailAddress } from '@graphql/queries/VerifyEmailAddress'
|
|
import { VerifyNonce } from '@graphql/queries/VerifyNonce'
|
|
import createServer from '@src/server'
|
|
|
|
const neode = getNeode()
|
|
|
|
let mutate, query
|
|
let authenticatedUser
|
|
let user
|
|
let variables
|
|
const driver = getDriver()
|
|
|
|
beforeAll(async () => {
|
|
await cleanDatabase()
|
|
|
|
const { server } = createServer({
|
|
context: () => {
|
|
return {
|
|
driver,
|
|
neode,
|
|
user: authenticatedUser,
|
|
}
|
|
},
|
|
})
|
|
mutate = createTestClient(server).mutate
|
|
query = createTestClient(server).query
|
|
})
|
|
|
|
afterAll(async () => {
|
|
await cleanDatabase()
|
|
await driver.close()
|
|
})
|
|
|
|
beforeEach(async () => {
|
|
variables = {}
|
|
})
|
|
|
|
// TODO: avoid database clean after each test in the future if possible for performance and flakyness reasons by filling the database step by step, see issue https://github.com/Ocelot-Social-Community/Ocelot-Social/issues/4543
|
|
afterEach(async () => {
|
|
await cleanDatabase()
|
|
})
|
|
|
|
describe('AddEmailAddress', () => {
|
|
beforeEach(() => {
|
|
variables = { ...variables, email: 'new-email@example.org' }
|
|
})
|
|
|
|
describe('unauthenticated', () => {
|
|
beforeEach(() => {
|
|
authenticatedUser = null
|
|
})
|
|
|
|
it('throws AuthorizationError', async () => {
|
|
await expect(mutate({ mutation: AddEmailAddress, variables })).resolves.toMatchObject({
|
|
data: { AddEmailAddress: null },
|
|
errors: [{ message: 'Not Authorized!' }],
|
|
})
|
|
})
|
|
})
|
|
|
|
describe('authenticated', () => {
|
|
beforeEach(async () => {
|
|
user = await Factory.build('user', { id: '567' }, { email: 'user@example.org' })
|
|
authenticatedUser = await user.toJson()
|
|
})
|
|
|
|
describe('email attribute is not a valid email', () => {
|
|
beforeEach(() => {
|
|
variables = { ...variables, email: 'foobar' }
|
|
})
|
|
|
|
it('throws UserInputError', async () => {
|
|
await expect(mutate({ mutation: AddEmailAddress, variables })).resolves.toMatchObject({
|
|
data: { AddEmailAddress: null },
|
|
errors: [{ message: 'must be a valid email' }],
|
|
})
|
|
})
|
|
})
|
|
|
|
describe('email attribute is a valid email', () => {
|
|
it('creates a new unverified `EmailAddress` node', async () => {
|
|
await expect(mutate({ mutation: AddEmailAddress, variables })).resolves.toMatchObject({
|
|
data: {
|
|
AddEmailAddress: {
|
|
email: 'new-email@example.org',
|
|
verifiedAt: null,
|
|
createdAt: expect.any(String),
|
|
},
|
|
},
|
|
errors: undefined,
|
|
})
|
|
})
|
|
|
|
it('connects `UnverifiedEmailAddress` to the authenticated user', async () => {
|
|
await mutate({ mutation: AddEmailAddress, variables })
|
|
const result = await neode.cypher(
|
|
`
|
|
MATCH(u:User)-[:PRIMARY_EMAIL]->(:EmailAddress {email: "user@example.org"})
|
|
MATCH(u:User)<-[:BELONGS_TO]-(e:UnverifiedEmailAddress {email: "new-email@example.org"})
|
|
RETURN e
|
|
`,
|
|
{},
|
|
)
|
|
const email = neode.hydrateFirst(result, 'e', neode.model('UnverifiedEmailAddress'))
|
|
await expect(email.toJson()).resolves.toMatchObject({
|
|
email: 'new-email@example.org',
|
|
nonce: expect.any(String),
|
|
})
|
|
})
|
|
|
|
describe('if another `UnverifiedEmailAddress` node already exists with that email', () => {
|
|
it('throws no unique constraint violation error', async () => {
|
|
await Factory.build('unverifiedEmailAddress', {
|
|
createdAt: '2019-09-24T14:00:01.565Z',
|
|
email: 'new-email@example.org',
|
|
})
|
|
await expect(mutate({ mutation: AddEmailAddress, variables })).resolves.toMatchObject({
|
|
data: {
|
|
AddEmailAddress: {
|
|
email: 'new-email@example.org',
|
|
verifiedAt: null,
|
|
},
|
|
},
|
|
errors: undefined,
|
|
})
|
|
})
|
|
})
|
|
|
|
describe('but if another user owns an `EmailAddress` already with that email', () => {
|
|
it('does not throw UserInputError', async () => {
|
|
await Factory.build('user', {}, { email: 'new-email@example.org' })
|
|
await expect(mutate({ mutation: AddEmailAddress, variables })).resolves.toMatchObject({
|
|
data: {
|
|
AddEmailAddress: {
|
|
createdAt: expect.any(String),
|
|
verifiedAt: null,
|
|
email: 'new-email@example.org',
|
|
},
|
|
},
|
|
errors: undefined,
|
|
})
|
|
})
|
|
})
|
|
})
|
|
})
|
|
})
|
|
|
|
describe('VerifyEmailAddress', () => {
|
|
beforeEach(() => {
|
|
variables = { ...variables, email: 'to-be-verified@example.org', nonce: '12345' }
|
|
})
|
|
|
|
describe('unauthenticated', () => {
|
|
beforeEach(() => {
|
|
authenticatedUser = null
|
|
})
|
|
|
|
it('throws AuthorizationError', async () => {
|
|
await expect(mutate({ mutation: VerifyEmailAddress, variables })).resolves.toMatchObject({
|
|
data: { VerifyEmailAddress: null },
|
|
errors: [{ message: 'Not Authorized!' }],
|
|
})
|
|
})
|
|
})
|
|
|
|
describe('authenticated', () => {
|
|
beforeEach(async () => {
|
|
user = await Factory.build('user', { id: '567' }, { email: 'user@example.org' })
|
|
authenticatedUser = await user.toJson()
|
|
})
|
|
|
|
describe('if no unverified `EmailAddress` node exists', () => {
|
|
it('throws UserInputError', async () => {
|
|
await expect(mutate({ mutation: VerifyEmailAddress, variables })).resolves.toMatchObject({
|
|
data: { VerifyEmailAddress: null },
|
|
errors: [{ message: 'Invalid nonce or no email address found.' }],
|
|
})
|
|
})
|
|
})
|
|
|
|
describe('given a `UnverifiedEmailAddress`', () => {
|
|
let emailAddress
|
|
beforeEach(async () => {
|
|
emailAddress = await Factory.build('unverifiedEmailAddress', {
|
|
nonce: '12345',
|
|
verifiedAt: null,
|
|
createdAt: new Date().toISOString(),
|
|
email: 'to-be-verified@example.org',
|
|
})
|
|
})
|
|
|
|
describe('given invalid nonce', () => {
|
|
it('throws UserInputError', async () => {
|
|
variables.nonce = 'asdfgh'
|
|
await expect(mutate({ mutation: VerifyEmailAddress, variables })).resolves.toMatchObject({
|
|
data: { VerifyEmailAddress: null },
|
|
errors: [{ message: 'Invalid nonce or no email address found.' }],
|
|
})
|
|
})
|
|
})
|
|
|
|
describe('given valid nonce for `UnverifiedEmailAddress` node', () => {
|
|
beforeEach(() => {
|
|
variables = { ...variables, nonce: '12345' }
|
|
})
|
|
|
|
describe('but the address does not belong to the authenticated user', () => {
|
|
it('throws UserInputError', async () => {
|
|
await expect(
|
|
mutate({ mutation: VerifyEmailAddress, variables }),
|
|
).resolves.toMatchObject({
|
|
data: { VerifyEmailAddress: null },
|
|
errors: [{ message: 'Invalid nonce or no email address found.' }],
|
|
})
|
|
})
|
|
})
|
|
|
|
describe('and the `UnverifiedEmailAddress` belongs to the authenticated user', () => {
|
|
beforeEach(async () => {
|
|
await emailAddress.relateTo(user, 'belongsTo')
|
|
})
|
|
|
|
it('adds `verifiedAt`', async () => {
|
|
await expect(
|
|
mutate({ mutation: VerifyEmailAddress, variables }),
|
|
).resolves.toMatchObject({
|
|
data: {
|
|
VerifyEmailAddress: {
|
|
email: 'to-be-verified@example.org',
|
|
verifiedAt: expect.any(String),
|
|
createdAt: expect.any(String),
|
|
},
|
|
},
|
|
errors: undefined,
|
|
})
|
|
})
|
|
|
|
it('connects the new `EmailAddress` as PRIMARY', async () => {
|
|
await mutate({ mutation: VerifyEmailAddress, variables })
|
|
const result = await neode.cypher(
|
|
`
|
|
MATCH(u:User {id: "567"})-[:PRIMARY_EMAIL]->(e:EmailAddress {email: "to-be-verified@example.org"})
|
|
RETURN e
|
|
`,
|
|
{},
|
|
)
|
|
const email = neode.hydrateFirst(result, 'e', neode.model('EmailAddress'))
|
|
await expect(email.toJson()).resolves.toMatchObject({
|
|
email: 'to-be-verified@example.org',
|
|
})
|
|
})
|
|
|
|
it('removes previous PRIMARY relationship', async () => {
|
|
const cypherStatement = `
|
|
MATCH(u:User {id: "567"})-[:PRIMARY_EMAIL]->(e:EmailAddress {email: "user@example.org"})
|
|
RETURN e
|
|
`
|
|
let result = await neode.cypher(cypherStatement, {})
|
|
let email = neode.hydrateFirst(result, 'e', neode.model('EmailAddress'))
|
|
await expect(email.toJson()).resolves.toMatchObject({
|
|
email: 'user@example.org',
|
|
})
|
|
await mutate({ mutation: VerifyEmailAddress, variables })
|
|
result = await neode.cypher(cypherStatement, {})
|
|
email = neode.hydrateFirst(result, 'e', neode.model('EmailAddress'))
|
|
await expect(email).toBe(false)
|
|
})
|
|
|
|
it('removes previous `EmailAddress` node', async () => {
|
|
const cypherStatement = `
|
|
MATCH(u:User {id: "567"})<-[:BELONGS_TO]-(e:EmailAddress {email: "user@example.org"})
|
|
RETURN e
|
|
`
|
|
let result = await neode.cypher(cypherStatement, {})
|
|
let email = neode.hydrateFirst(result, 'e', neode.model('EmailAddress'))
|
|
await expect(email.toJson()).resolves.toMatchObject({
|
|
email: 'user@example.org',
|
|
})
|
|
await mutate({ mutation: VerifyEmailAddress, variables })
|
|
result = await neode.cypher(cypherStatement, {})
|
|
email = neode.hydrateFirst(result, 'e', neode.model('EmailAddress'))
|
|
await expect(email).toBe(false)
|
|
})
|
|
|
|
describe('Edge case: In the meantime someone created an `EmailAddress` node with the given email belonging to a user', () => {
|
|
beforeEach(async () => {
|
|
await Factory.build('user', { id: '568' }, { email: 'to-be-verified@example.org' })
|
|
})
|
|
|
|
it('throws UserInputError because of unique constraints', async () => {
|
|
await expect(
|
|
mutate({ mutation: VerifyEmailAddress, variables }),
|
|
).resolves.toMatchObject({
|
|
data: { VerifyEmailAddress: null },
|
|
errors: [{ message: 'A user account with this email already exists.' }],
|
|
})
|
|
})
|
|
})
|
|
|
|
describe('Edge case: We have an abandoned `EmailAddress` node with the given email', () => {
|
|
beforeEach(async () => {
|
|
await Factory.build('emailAddress', { email: 'to-be-verified@example.org' })
|
|
})
|
|
|
|
it('connects the new `EmailAddress` as PRIMARY', async () => {
|
|
await mutate({ mutation: VerifyEmailAddress, variables })
|
|
const result = await neode.cypher(
|
|
`
|
|
MATCH(u:User {id: "567"})-[:PRIMARY_EMAIL]->(e:EmailAddress {email: "to-be-verified@example.org"})
|
|
RETURN e
|
|
`,
|
|
{},
|
|
)
|
|
const email = neode.hydrateFirst(result, 'e', neode.model('EmailAddress'))
|
|
await expect(email.toJson()).resolves.toMatchObject({
|
|
email: 'to-be-verified@example.org',
|
|
})
|
|
})
|
|
})
|
|
})
|
|
})
|
|
})
|
|
})
|
|
})
|
|
|
|
describe('VerifyNonce', () => {
|
|
beforeEach(async () => {
|
|
await Factory.build('emailAddress', {
|
|
nonce: '12345',
|
|
verifiedAt: null,
|
|
createdAt: new Date().toISOString(),
|
|
email: 'to-be-verified@example.org',
|
|
})
|
|
})
|
|
|
|
it('returns true when nonce and email match', async () => {
|
|
variables = {
|
|
email: 'to-be-verified@example.org',
|
|
nonce: '12345',
|
|
}
|
|
await expect(query({ query: VerifyNonce, variables })).resolves.toMatchObject({
|
|
data: { VerifyNonce: true },
|
|
})
|
|
})
|
|
|
|
it('returns false when nonce and email do not match', async () => {
|
|
variables = {
|
|
email: 'to-be-verified@example.org',
|
|
nonce: '---',
|
|
}
|
|
await expect(query({ query: VerifyNonce, variables })).resolves.toMatchObject({
|
|
data: { VerifyNonce: false },
|
|
})
|
|
})
|
|
})
|