Created
March 28, 2016 00:04
-
-
Save s-leroux/0e3500b3a9573829b14d to your computer and use it in GitHub Desktop.
"Introduction to Server-side Development" course by Jogesh Muppala on Coursera -- test file for assignment 3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* test/fixtures/fixtures_promotions.js */ | |
module.exports = [ | |
{ | |
"_id" : "000000000000000000001100", | |
"updatedAt" : "2016-03-21T23:18:37.283Z", | |
"createdAt" : "2016-03-21T23:14:53.548Z", | |
"name" : "Grand buffet", | |
"image" : "images/buffet.png", | |
"label" : "", | |
"price" : 1050, | |
"description" : "A buffet which is Mucho Grande !", | |
"__v" : 5 | |
}, | |
{ | |
"_id" : "000000000000000000001200", | |
"updatedAt" : "2016-03-21T23:14:53.548Z", | |
"createdAt" : "2016-03-21T23:14:53.548Z", | |
"name" : "Small buffet", | |
"image" : "images/minbuffet.png", | |
"label" : "", | |
"price" : 550, | |
"description" : "A buffet which is Tout Rikiki !", | |
"__v" : 0 | |
}, | |
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* test/fixtures/fixtures_users.js */ | |
module.exports = [ | |
// all passwords are "password" (without quotes) | |
{ | |
"_id" : "56f856c56ef091173981d865", | |
"salt" : "0e04452c75686290462316c89e12611ab6fe333aa1fdd3d5375465249e9dc872", | |
"hash" : "6df27ea6ad2af461e9af50caf5ee9b932b3872a2614824aad57b281c551452122b2010f6a37ba72ec8efa39a3494ac42d3350d4d18d1e8bf0d1a6583e43a6599cfea0aa56b44273009ad6dfa8e85cc2e07679d144ddbf9ab83f6d6036f66678f1aebc4df8adf0b0d57187f23d7449c1872851ae31017e75c803969dcf414c4fddfd39933f66c265f4cbcac2800a54e3e7f7c78b3da3747de391d6290500da9de661c86b1053fc240f9444e413943636899920b3b88a383ef57d5c9bffacf934f3e91e0bff3ba59f9fb5e8071067daf39fcf83df45a7a6ccc50dfcfe8d43ed8b0c0a537055c06d0996bb0a0861fb9862f00e97393cf296f4f5e83527f00f73d0bd7355b1430436a33cd2b0e94bd42e3bf20b0f306d0d20a5b90f4808c8d7fdbcd01ba06c03203497fff081384483ef1c0925297168b3b66f44347a858321356467e34d015bd96c88157dd3a577df452feb3fab0990fd943b1828e1aaf23fb1601c32edb72e393532698c9502b66e49790dd63811d2bb32f3f132ac12c499bb5594e5bb97da2e3a05387605b1ad4c3ee63581128e957271eaa52cfea28f17b1883426ef74d8f7e141070465f453e61df953f30a3650a634139ea17203a9bb5c59c21bb51580d3f1951db17454ee190d70067e8d057c6aeb03ef10fd09edc049571ec3af8c36cfd367625257bfad082b920454c5e29ee478cd18728528993fb1f40", | |
"username" : "sylvain", | |
"admin" : false, | |
"__v" : 0 | |
}, | |
{ | |
"_id" : "56f856cf6ef091173981d866", | |
"salt" : "50fdd913d264feaebcb8401fb4ded80ad0fc4a650dbcc611a2d4ca23bb06ff10", | |
"hash" : "0daf5b1bd80933a688ee59d0005f752e05ebebf0ee05d05f375cf4f49f1f6af1d0b86fcc21e043857e3755bb53fea25f99c53724807c17eff7c3a79473c76b0eaddfbb2c895aa5b9643d4ba60b3711779c75984fe9cac173c82bfcf17793ccfc6bb2c4c9da8689306b58b976e174f230f2849d88f9c24a75106eec0f04c515897fdf70c01dad871dfa13106c07ebf35a7b5695054ddece4987d584e568f0863a046f143c1aaaccf915f8b150783d38558d42671a645a04b0278e47917dffa34bc0a687038edfb403187b67b87e5c355b7deabe546c8b627c3effad0e47d7c397471cab48cfcaa49e4a586ee8a6124f0cee661c02ea14312f551056a8ddf6995fa28ad4d9b7145aa0900507b63f4e27528eb153e7a47df43e5baf2c2cbe6cfeef2af174a79dd013fb8bce77160a0b4f8f0638ef2e238c720486aeded860ed2f3fc86d55cf371ac828981736a2a70953a12187e6047516ec553cb1a1cbb817621aa30057157933d544dea2c4ee4ce1b0830947fd630431a640806e904d32a6b490411933f3049d44722bcec39dc3335b58412b4da7bb437ac190f1bc052f24dd1ff270533e4fed194fd546dc04edbf0dec932a82b6b3270993c2c49000791e24d970c945a986c3858aa3d2f07cebd290ff582932454dfed8ab11878e632f15933d6d3062ef78ac244db38b17d4e17671d130f3c5eefbd9338a767231f29fd6ac44", | |
"username" : "admin", | |
"admin" : true, | |
"__v" : 0 | |
} | |
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* test/test_assignment3.js | |
run me by typing in a terminal from the project root: | |
./node_modules/.bin/mocha test/test_assignment3.js | |
*/ | |
var request = require('supertest'); | |
var assert = require('assert'); | |
var mongoose = require('mongoose'); | |
var app = require('../app'); | |
var Promotions = require('../models/promotions'); | |
var User = require('../models/user'); | |
var STRICT_REST = true; // change that to false depending on https://www.coursera.org/learn/server-side-development/lecture/bKtMl/exercise-video-rest-api-with-express-mongodb-and-mongoose/discussions/x1AZIu9SEeWB0QpuSDkq-Q | |
var HTTP_OK = 200; | |
var HTTP_CREATED = (STRICT_REST) ? 201 : HTTP_OK; | |
var HTTP_FORBIDDEN = 403; | |
var HTTP_UNAUTHORIZED = (STRICT_REST) ? 401 : HTTP_FORBIDDEN; // See http://stackoverflow.com/questions/3297048/403-forbidden-vs-401-unauthorized-http-responses | |
var HTTP_NOT_FOUND = 404; | |
/* | |
* Data | |
*/ | |
var promotions_fixture = require('./fixtures/fixtures_promotions'); | |
var users_fixture = require('./fixtures/fixtures_users'); | |
var new_promotion = { | |
"name" : "St Valentin Special", | |
"image" : "images/pink.png", | |
"label" : "Hot", | |
"price" : 1490, | |
"description" : "All pink dishes !", | |
}; | |
/* | |
* Utility | |
*/ | |
function login(username, password, callback) { | |
request(app) | |
.post('/users/login') | |
.send({username: username, password: password}) | |
.end(function(err, res) { | |
if (err) throw err; | |
callback(res); | |
}); | |
} | |
/* | |
* Tests | |
*/ | |
describe('Verify permission', function(){ | |
before(function(done) { | |
User.remove({}, function(err, res) { // don't use drop() as this will occasionnnaly raise a background operation error | |
User.insertMany(users_fixture, done); | |
}); | |
}); | |
beforeEach(function(done){ | |
Promotions.remove({}, function(err, res) { // don't use drop() as this will occasionnnaly raise a background operation error | |
Promotions.insertMany(promotions_fixture, done); | |
}); | |
}); | |
describe('GET /users', function(){ | |
it('returns all users when authenticated as admin', function(done){ | |
login("admin", "password", function(auth_res) { | |
var token = auth_res.body.token; | |
request(app) | |
.get('/users') | |
.set('x-access-token', token) | |
//.expect(console.log) | |
.expect('Content-Type', /json/) | |
.expect(HTTP_OK) | |
.expect(function(res) { | |
// hash & salt are hidden in the result set | |
var expected = users_fixture.map(function (item) { | |
return {__v: item.__v, _id:item._id, admin: item.admin, username: item.username}; | |
}); | |
assert.deepEqual(res.body, expected); | |
}) | |
.end(done); | |
}); | |
}); | |
it('is forbidden when authenticated as normal user', function(done){ | |
login("sylvain", "password", function(auth_res) { | |
var token = auth_res.body.token; | |
request(app) | |
.get('/users') | |
.set('x-access-token', token) | |
.expect(HTTP_FORBIDDEN) | |
.expect(/You are not authorized to perform this operation!/) // required by assignment 3 task 3 | |
.expect(function(res) { | |
assert.deepEqual(res.body, {}); | |
}) | |
.end(done); | |
}); | |
}); | |
it('returns "unauthorized" when not properly authenticated', function(done){ | |
request(app) | |
.get('/promotions') | |
.expect(HTTP_UNAUTHORIZED) | |
.expect(function(res) { | |
assert.deepEqual(res.body, {}); | |
}) | |
.end(done); | |
}); | |
}); | |
describe('GET /promotions', function(){ | |
it('returns all promotions when authenticated', function(done){ | |
login("sylvain", "password", function(auth_res) { | |
var token = auth_res.body.token; | |
request(app) | |
.get('/promotions') | |
.set('x-access-token', token) | |
.expect('Content-Type', /json/) | |
.expect(HTTP_OK) | |
.expect(function(res) { | |
assert.deepEqual(res.body, promotions_fixture); | |
}) | |
.end(done); | |
}); | |
}); | |
it('returns "unauthorized" when not properly authenticated', function(done){ | |
request(app) | |
.get('/promotions') | |
.expect(HTTP_UNAUTHORIZED) | |
.end(done); | |
}); | |
}); | |
describe('POST /promotions', function(){ | |
it('post a dish when authenticated as admin', function(done){ | |
login("admin", "password", function(auth_res) { | |
var token = auth_res.body.token; | |
request(app) | |
.post('/promotions') | |
.set('x-access-token', token) | |
.send(new_promotion) | |
//.expect(console.log) | |
.expect('Content-Type', /json/) | |
.expect(HTTP_CREATED) | |
.expect(function(res) { | |
assert.ok(res.body._id); | |
assert.equal(res.body.name, new_promotion.name); | |
assert.equal(res.body.image, new_promotion.image); | |
assert.equal(res.body.label, new_promotion.label); | |
assert.equal(res.body.price, new_promotion.price); | |
assert.equal(res.body.description, new_promotion.description); | |
}) | |
.end(done); | |
}); | |
}); | |
it('is forbidden when authenticated as normal user', function(done){ | |
login("sylvain", "password", function(auth_res) { | |
var token = auth_res.body.token; | |
request(app) | |
.post('/promotions') | |
.set('x-access-token', token) | |
.expect(HTTP_FORBIDDEN) | |
.expect(function(res) { | |
assert.deepEqual(res.body, {}); | |
}) | |
.end(done); | |
}); | |
}); | |
it('returns "unauthorized" when not properly authenticated', function(done){ | |
request(app) | |
.post('/promotions') | |
.expect(HTTP_UNAUTHORIZED) | |
.expect(function(res) { | |
assert.deepEqual(res.body, {}); | |
}) | |
.end(done); | |
}); | |
}); | |
describe('DELETE /promotions', function(){ | |
it('delete all dishes when authenticated as admin', function(done){ | |
login("admin", "password", function(auth_res) { | |
var token = auth_res.body.token; | |
request(app) | |
.delete('/promotions') | |
.set('x-access-token', token) | |
.send(new_promotion) | |
//.expect(console.log) | |
.expect(function(res) { | |
assert.deepEqual(res.body, { ok: 1, n: promotions_fixture.length }); | |
}) | |
.end(done); | |
}); | |
}); | |
it('is forbidden when authenticated as normal user', function(done){ | |
login("sylvain", "password", function(auth_res) { | |
var token = auth_res.body.token; | |
request(app) | |
.delete('/promotions') | |
.set('x-access-token', token) | |
.expect(HTTP_FORBIDDEN) | |
.end(done); | |
}); | |
}); | |
it('returns "unauthorized" when not properly authenticated', function(done){ | |
request(app) | |
.delete('/promotions') | |
.expect(HTTP_UNAUTHORIZED) | |
.end(done); | |
}); | |
}); | |
describe('GET /promotions/:id', function(){ | |
it('returns a promotions when authenticated', function(done){ | |
login("sylvain", "password", function(auth_res) { | |
var token = auth_res.body.token; | |
request(app) | |
.get('/promotions/' + promotions_fixture[0]._id) | |
.set('x-access-token', token) | |
.expect('Content-Type', /json/) | |
.expect(HTTP_OK) | |
.expect(function(res) { | |
assert.deepEqual(res.body, promotions_fixture[0]); | |
}) | |
.end(done); | |
}); | |
}); | |
it('returns "unauthorized" when not properly authenticated', function(done){ | |
request(app) | |
.get('/promotions/' + promotions_fixture[0]._id) | |
.expect(HTTP_UNAUTHORIZED) | |
.end(done); | |
}); | |
}); | |
describe('PUT /promotions/:id', function(){ | |
it('change a promotions when authenticated as admin', function(done){ | |
login("admin", "password", function(auth_res) { | |
var token = auth_res.body.token; | |
request(app) | |
.put('/promotions/' + promotions_fixture[0]._id) | |
.send(new_promotion) | |
.set('x-access-token', token) | |
.expect('Content-Type', /json/) | |
.expect(HTTP_OK) | |
.expect(function(res) { | |
assert.equal(res.body._id, promotions_fixture[0]._id); | |
assert.equal(res.body.name, new_promotion.name); | |
assert.equal(res.body.image, new_promotion.image); | |
assert.equal(res.body.label, new_promotion.label); | |
assert.equal(res.body.price, new_promotion.price); | |
assert.equal(res.body.description, new_promotion.description); | |
}) | |
.end(done); | |
}); | |
}); | |
it('is forbidden when authenticated as normal user', function(done){ | |
login("sylvain", "password", function(auth_res) { | |
var token = auth_res.body.token; | |
request(app) | |
.put('/promotions/' + promotions_fixture[0]._id) | |
.send(new_promotion) | |
.set('x-access-token', token) | |
.expect(HTTP_FORBIDDEN) | |
.end(done); | |
}); | |
}); | |
it('returns "unauthorized" when not properly authenticated', function(done){ | |
request(app) | |
.put('/promotions/' + promotions_fixture[0]._id) | |
.expect(HTTP_UNAUTHORIZED) | |
.end(done); | |
}); | |
}); | |
describe('DELETE /promotions/:id', function(){ | |
it('remove a promotions when authenticated as admin', function(done){ | |
login("admin", "password", function(auth_res) { | |
var token = auth_res.body.token; | |
request(app) | |
.delete('/promotions/' + promotions_fixture[0]._id) | |
.set('x-access-token', token) | |
.expect('Content-Type', /json/) | |
.expect(HTTP_OK) | |
.expect(function(res) { | |
assert.equal(res.body._id, promotions_fixture[0]._id); | |
assert.equal(res.body.name, promotions_fixture[0].name); | |
assert.equal(res.body.image, promotions_fixture[0].image); | |
assert.equal(res.body.label, promotions_fixture[0].label); | |
assert.equal(res.body.price, promotions_fixture[0].price); | |
assert.equal(res.body.description, promotions_fixture[0].description); | |
}) | |
.end(done); | |
}); | |
}); | |
it('returns 403 when authenticated as normal user', function(done){ | |
login("sylvain", "password", function(auth_res) { | |
var token = auth_res.body.token; | |
request(app) | |
.delete('/promotions/' + promotions_fixture[0]._id) | |
.set('x-access-token', token) | |
.expect(HTTP_FORBIDDEN) | |
.end(done); | |
}); | |
}); | |
it('returns "unauthorized" when not properly authenticated', function(done){ | |
request(app) | |
.delete('/promotions/' + promotions_fixture[0]._id) | |
.expect(HTTP_UNAUTHORIZED) | |
.end(done); | |
}); | |
}); | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment