ocelot-Social-Community/Ocelot-Social
1
0
Fork 0
mirror of https://github.com/Ocelot-Social-Community/Ocelot-Social.git synced 2025-12-13 07:46:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor the unauthenticated path test

Browse Source
This commit is contained in:
aonomike 2019-10-05 16:06:19 +03:00
parent 45a6016427
commit 14c44877b7
1 changed files with 54 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
backend/src/middleware/permissionsMiddleware.spec.js
View File

@ -1,22 +1,56 @@
import { GraphQLClient } from 'graphql-request' import { createTestClient } from 'apollo-server-testing'
import createServer from '../server'
import Factory from '../seed/factories' import Factory from '../seed/factories'
import { host, login } from '../jest/helpers' import { gql } from '../jest/helpers'
import { getDriver, neode as getNeode } from '../bootstrap/neo4j'
const factory = Factory() const factory = Factory()
const instance = getNeode()
const driver = getDriver()
let query, authenticatedUser, owner, someoneElse, adminExtraordinaire, variables
const userQuery = gql`
query($name: String) {
User(name: $name) {
email
}
}
`
describe('authorization', () => { describe('authorization', () => {
beforeAll(async()=>{
await factory.cleanDatabase()
const { server } = createServer({
context: () => ({
driver,
instance,
user: authenticatedUser,
}),
})
query = createTestClient(server).query
})
describe('given two existing users', () => { describe('given two existing users', () => {
beforeEach(async () => { beforeEach(async () => {
await factory.create('User', { [owner, someoneElse, adminExtraordinaire] = await Promise.all([
factory.create('User', {
email: 'owner@example.org', email: 'owner@example.org',
name: 'Owner', name: 'Owner',
password: 'iamtheowner', password: 'iamtheowner',
}) }),
await factory.create('User', { factory.create('User', {
email: 'someone@example.org', email: 'someone@example.org',
name: 'Someone else', name: 'Someone else',
password: 'else', password: 'else',
}) }),
factory.create('User', {
email: 'admin@example.org',
name: 'Admin extraordinaire',
password: 'admin',
}),
])
variables = {}
}) })
afterEach(async () => { afterEach(async () => {
@ -24,30 +58,16 @@ describe('authorization', () => {
}) })
describe('access email address', () => { describe('access email address', () => {
let headers = {}
let loginCredentials = null
const action = async () => {
if (loginCredentials) {
headers = await login(loginCredentials)
}
const graphQLClient = new GraphQLClient(host, { headers })
return graphQLClient.request('{User(name: "Owner") { email } }')
}
describe('not logged in', () => { describe('not logged in', () => {
it('rejects', async () => { beforeEach(()=>{
await expect(action()).rejects.toThrow('Not Authorised!') authenticatedUser = null
})
it("throws an error and does not expose the owner's email address", async () => {
const expected = await query({ query: userQuery, variables: { name: 'Owner' } })
await expect(query({ query: userQuery, variables: { name: 'Owner' } })).resolves.toMatchObject({
errors: [{ message: 'Not Authorised!'}],
data: { User: [null]}
}) })
it("does not expose the owner's email address", async () => {
let response = {}
try {
await action()
} catch (error) {
response = error.response.data
} finally {
expect(response).toEqual({ User: [null] })
}
}) })
}) })