ocelot-Social-Community/Ocelot-Social
1
0
Fork 0
mirror of https://github.com/Ocelot-Social-Community/Ocelot-Social.git synced 2025-12-13 07:46:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
Ocelot-Social/backend/src/middleware/userMiddleware.spec.js

318 lines
11 KiB
JavaScript
Raw Blame History

import { GraphQLClient } from 'graphql-request'
import { host, login } from '../jest/helpers'
import Factory from '../seed/factories'
const factory = Factory()
let client
afterAll(async () => {
await factory.cleanDatabase()
})
describe('userMiddleware', () => {
describe('create User', () => {
const mutation = `
mutation($id: ID, $password: String!) {
CreateUser(id: $id, password: $password) {
id
}
}
`
client = new GraphQLClient(host)
it('with password only', async () => {
const variables = {
password: '123'
}
const expected = {
CreateUser: {
id: expect.any(String)
}
}
await expect(client.request(mutation, variables))
.resolves.toEqual(expected)
})
it('with ID and password', async () => {
const variables = {
password: '123',
id: 'u1'
}
const expected = {
CreateUser: {
id: 'u1'
}
}
await expect(client.request(mutation, variables))
.resolves.toEqual(expected)
})
})
})
/*
let query
let action
beforeAll(async () => {
// For performance reasons we do this only once
await Promise.all([
factory.create('User', { id: 'u1', role: 'user', email: 'user@example.org', password: '1234' }),
factory.create('User', { id: 'm1', role: 'moderator', email: 'moderator@example.org', password: '1234' }),
factory.create('User', { id: 'u2', role: 'user', name: 'Offensive Name', avatar: '/some/offensive/avatar.jpg', about: 'This self description is very offensive', email: 'troll@example.org', password: '1234' })
])
await factory.authenticateAs({ email: 'user@example.org', password: '1234' })
await Promise.all([
factory.follow({ id: 'u2', type: 'User' }),
factory.create('Post', { id: 'p1', title: 'Deleted post', deleted: true }),
factory.create('Post', { id: 'p3', title: 'Publicly visible post', deleted: false })
])
await Promise.all([
factory.create('Comment', { id: 'c2', content: 'Enabled comment on public post' })
])
await Promise.all([
factory.relate('Comment', 'Author', { from: 'u1', to: 'c2' }),
factory.relate('Comment', 'Post', { from: 'c2', to: 'p3' })
])
const asTroll = Factory()
await asTroll.authenticateAs({ email: 'troll@example.org', password: '1234' })
await asTroll.create('Post', { id: 'p2', title: 'Disabled post', content: 'This is an offensive post content', image: '/some/offensive/image.jpg', deleted: false })
await asTroll.create('Comment', { id: 'c1', content: 'Disabled comment' })
await Promise.all([
asTroll.relate('Comment', 'Author', { from: 'u2', to: 'c1' }),
asTroll.relate('Comment', 'Post', { from: 'c1', to: 'p3' })
])
const asModerator = Factory()
await asModerator.authenticateAs({ email: 'moderator@example.org', password: '1234' })
await asModerator.mutate('mutation { disable( id: "p2") }')
await asModerator.mutate('mutation { disable( id: "c1") }')
await asModerator.mutate('mutation { disable( id: "u2") }')
})
afterAll(async () => {
await factory.cleanDatabase()
})
describe('softDeleteMiddleware', () => {
describe('read disabled content', () => {
let user
let post
let comment
const beforeComment = async () => {
query = '{ User(id: "u1") { following { comments { content contentExcerpt } } } }'
const response = await action()
comment = response.User[0].following[0].comments[0]
}
const beforeUser = async () => {
query = '{ User(id: "u1") { following { name about avatar } } }'
const response = await action()
user = response.User[0].following[0]
}
const beforePost = async () => {
query = '{ User(id: "u1") { following { contributions { title image content contentExcerpt } } } }'
const response = await action()
post = response.User[0].following[0].contributions[0]
}
action = () => {
return client.request(query)
}
describe('as moderator', () => {
beforeEach(async () => {
const headers = await login({ email: 'moderator@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
describe('User', () => {
beforeEach(beforeUser)
it('displays name', () => expect(user.name).toEqual('Offensive Name'))
it('displays about', () => expect(user.about).toEqual('This self description is very offensive'))
it('displays avatar', () => expect(user.avatar).toEqual('/some/offensive/avatar.jpg'))
})
describe('Post', () => {
beforeEach(beforePost)
it('displays title', () => expect(post.title).toEqual('Disabled post'))
it('displays content', () => expect(post.content).toEqual('This is an offensive post content'))
it('displays contentExcerpt', () => expect(post.contentExcerpt).toEqual('This is an offensive post content'))
it('displays image', () => expect(post.image).toEqual('/some/offensive/image.jpg'))
})
describe('Comment', () => {
beforeEach(beforeComment)
it('displays content', () => expect(comment.content).toEqual('Disabled comment'))
it('displays contentExcerpt', () => expect(comment.contentExcerpt).toEqual('Disabled comment'))
})
})
describe('as user', () => {
beforeEach(async () => {
const headers = await login({ email: 'user@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
describe('User', () => {
beforeEach(beforeUser)
it('displays name', () => expect(user.name).toEqual('UNAVAILABLE'))
it('obfuscates about', () => expect(user.about).toEqual('UNAVAILABLE'))
it('obfuscates avatar', () => expect(user.avatar).toEqual('UNAVAILABLE'))
})
describe('Post', () => {
beforeEach(beforePost)
it('obfuscates title', () => expect(post.title).toEqual('UNAVAILABLE'))
it('obfuscates content', () => expect(post.content).toEqual('UNAVAILABLE'))
it('obfuscates contentExcerpt', () => expect(post.contentExcerpt).toEqual('UNAVAILABLE'))
it('obfuscates image', () => expect(post.image).toEqual('UNAVAILABLE'))
})
describe('Comment', () => {
beforeEach(beforeComment)
it('obfuscates content', () => expect(comment.content).toEqual('UNAVAILABLE'))
it('obfuscates contentExcerpt', () => expect(comment.contentExcerpt).toEqual('UNAVAILABLE'))
})
})
})
describe('Query', () => {
describe('Post', () => {
beforeEach(async () => {
query = '{ Post { title } }'
})
describe('as user', () => {
beforeEach(async () => {
const headers = await login({ email: 'user@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('hides deleted or disabled posts', async () => {
const expected = { Post: [{ title: 'Publicly visible post' }] }
await expect(action()).resolves.toEqual(expected)
})
})
describe('as moderator', () => {
beforeEach(async () => {
const headers = await login({ email: 'moderator@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('shows disabled but hides deleted posts', async () => {
const expected = [
{ title: 'Disabled post' },
{ title: 'Publicly visible post' }
]
const { Post } = await action()
await expect(Post).toEqual(expect.arrayContaining(expected))
})
})
describe('.comments', () => {
beforeEach(async () => {
query = '{ Post(id: "p3") { title comments { content } } }'
})
describe('as user', () => {
beforeEach(async () => {
const headers = await login({ email: 'user@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('conceals disabled comments', async () => {
const expected = [
{ content: 'Enabled comment on public post' },
{ content: 'UNAVAILABLE' }
]
const { Post: [{ comments }] } = await action()
await expect(comments).toEqual(expect.arrayContaining(expected))
})
})
describe('as moderator', () => {
beforeEach(async () => {
const headers = await login({ email: 'moderator@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('shows disabled comments', async () => {
const expected = [
{ content: 'Enabled comment on public post' },
{ content: 'Disabled comment' }
]
const { Post: [{ comments }] } = await action()
await expect(comments).toEqual(expect.arrayContaining(expected))
})
})
})
describe('filter (deleted: true)', () => {
beforeEach(() => {
query = '{ Post(deleted: true) { title } }'
})
describe('as user', () => {
beforeEach(async () => {
const headers = await login({ email: 'user@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('throws authorisation error', async () => {
await expect(action()).rejects.toThrow('Not Authorised!')
})
})
describe('as moderator', () => {
beforeEach(async () => {
const headers = await login({ email: 'moderator@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('shows deleted posts', async () => {
const expected = { Post: [{ title: 'Deleted post' }] }
await expect(action()).resolves.toEqual(expected)
})
})
})
describe('filter (disabled: true)', () => {
beforeEach(() => {
query = '{ Post(disabled: true) { title } }'
})
describe('as user', () => {
beforeEach(async () => {
const headers = await login({ email: 'user@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('throws authorisation error', async () => {
await expect(action()).rejects.toThrow('Not Authorised!')
})
})
describe('as moderator', () => {
beforeEach(async () => {
const headers = await login({ email: 'moderator@example.org', password: '1234' })
client = new GraphQLClient(host, { headers })
})
it('shows disabled posts', async () => {
const expected = { Post: [{ title: 'Disabled post' }] }
await expect(action()).resolves.toEqual(expected)
})
})
})
})
})
})
*/
Reference in New Issue View Git Blame Copy Permalink