Skip to content
This repository has been archived by the owner on Feb 5, 2024. It is now read-only.

Commit

Permalink
Merge branch 'api/test/route-region' of https://github.com/SELab-2/Dr…
Browse files Browse the repository at this point in the history 
…-Trottoir-1 into api/test/route-region
  • Loading branch information
@ludverst
ludverst committed May 10, 2023
2 parents b64529a + e6a05b7 commit f7351d1
Show file tree
Hide file tree
Showing 23 changed files with 1,907 additions and 150 deletions.
11 changes: 10 additions & 1 deletion api/__tests__/mock/address.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,16 @@ export async function initialiseAddress() {
longitude: 3.71847,
};

const address4 = {
street: "Krijgslaan",
number: 282,
city: "Ghent",
zip_code: 9000,
latitude: 51.02776,
longitude: 3.71847,
};

await prisma.address.createMany({
data: [address1, address2, address3],
data: [address1, address2, address3, address4],
});
}
235 changes: 233 additions & 2 deletions api/__tests__/routes/address.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,12 @@ import {
initialiseDatabase,
restoreTables,
} from "../mock/database";
import {
badRequestResponse,
forbiddenResponse,
methodNotAllowedResponse,
notFoundResponse,
} from "../utilities/constants";

describe("Address tests", () => {
let runner: Testrunner;
Expand Down Expand Up @@ -83,8 +89,233 @@ describe("Address tests", () => {
});
});

afterAll(() => {
app.close();
test("DELETE /address/:id", async () => {
await runner.delete({ url: "/address/4" });
//verify that the address is truly deleted (no getAll method)
await runner.get({
url: "/address/4",
expectedData: [notFoundResponse],
statusCode: 404,
});
});

test("PATCH /address/:id (Student own address)", async () => {
runner.authLevel(AuthenticationLevel.STUDENT);
const expected = {
street: "Wallaby Way",
number: 42,
city: "Gent",
zip_code: 2000,
latitude: -33.865143,
longitude: 151.2099,
id: 1,
};

await runner.patch({
url: "/address/1",
data: { city: "Gent" },
expectedResponse: expected,
});
});
});

describe("Unsuccesful requests", () => {
let runner: Testrunner;
beforeAll(async () => {
const server = request(app);
runner = new Testrunner(server);

await deleteDatabaseData();
await initialiseDatabase();
});

describe("Must be correctly authorized to use any path", () => {
const newAddress = {
street: "Krijgslaan",
number: 2,
city: "Ghent",
zip_code: 9000,
latitude: 51.02776,
longitude: 3.71847,
};

describe("Cannot reach any path without authorisation", () => {
beforeEach(() => {
runner.authLevel(AuthenticationLevel.UNAUTHORIZED);
});

test("Cannot reach GET /address", async () => {
await runner.get({
url: "/address",
expectedData: [forbiddenResponse],
statusCode: 403,
});
});

test("Cannot reach GET /address/:id", async () => {
await runner.get({
url: "/address/1",
expectedData: [forbiddenResponse],
statusCode: 403,
});
});

test("Cannot reach POST /address", async () => {
await runner.post({
url: "/address",
data: newAddress,
expectedResponse: forbiddenResponse,
statusCode: 403,
});
});

test("Cannot reach PATCH /address/:id", async () => {
await runner.patch({
url: "/address/1",
data: newAddress,
expectedResponse: forbiddenResponse,
statusCode: 403,
});
});

test("Cannot reach DELETE /address/:id", async () => {
await runner.delete({
url: "/address/1",
statusCode: 403,
});
});
});
describe("Cannot reach any path as a student", () => {
beforeEach(() => {
runner.authLevel(AuthenticationLevel.STUDENT);
});

test("Cannot reach GET /address", async () => {
await runner.get({
url: "/address",
expectedData: [forbiddenResponse],
statusCode: 403,
});
});

test("Cannot reach POST /address", async () => {
await runner.post({
url: "/address",
data: newAddress,
expectedResponse: forbiddenResponse,
statusCode: 403,
});
});

test("PATCH /address/:id (not own address)", async () => {
const expected = {
street: "Wallaby Way",
number: 42,
city: "Gent",
zip_code: 2000,
latitude: -33.865143,
longitude: 151.2099,
id: 1,
};

await runner.patch({
url: "/address/2",
data: { city: "Gent" },
expectedResponse: forbiddenResponse,
statusCode: 403,
});
});

test("Cannot reach DELETE /address/:id", async () => {
await runner.delete({
url: "/address/1",
statusCode: 403,
});
});
});
});
describe("The requested path must exist", () => {
beforeEach(() => {
runner.authLevel(AuthenticationLevel.ADMINISTRATOR);
});

test("Find a nonexistent address", async () => {
await runner.get({
url: "/address/1000",
expectedData: [notFoundResponse],
statusCode: 404,
});
});

test("Update a nonexistent address", async () => {
const newAddress = {
street: "Krijgslaan",
number: 2,
};
await runner.patch({
url: "/address/1000",
data: newAddress,
expectedResponse: notFoundResponse,
statusCode: 404,
});
});
test("Delete a nonexistent address", async () => {
await runner.delete({ url: "/address/1000", statusCode: 404 });
});
});
describe("The type of address id must be correct", () => {
beforeEach(() => {
runner.authLevel(AuthenticationLevel.ADMINISTRATOR);
});

test("GET request", async () => {
await runner.get({
url: "/address/wrongtype",
expectedData: [badRequestResponse],
statusCode: 400,
});
});

test("PATCH request", async () => {
const newAddress = {
street: "Krijgslaan",
number: 2,
city: "Ghent",
zip_code: 9000,
latitude: 51.02776,
longitude: 3.71847,
};

await runner.patch({
url: "/address/wrongtype",
data: newAddress,
expectedResponse: badRequestResponse,
statusCode: 400,
});
});

test("DELETE request", async () => {
await runner.delete({
url: "/address/wrongtype",
statusCode: 400,
});
});
});
describe("The type of address id must be correct", () => {
beforeEach(() => {
runner.authLevel(AuthenticationLevel.ADMINISTRATOR);
});
test("Cannot reach GET /address", async () => {
await runner.get({
url: "/address",
expectedData: [methodNotAllowedResponse],
statusCode: 405,
});
});
});
});

afterAll(() => {
app.close();
});
});
126 changes: 126 additions & 0 deletions api/__tests__/routes/auth.test.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,126 @@
import { describe, test } from "@jest/globals";
import { AuthenticationLevel, Testrunner } from "../utilities/Testrunner";
import request from "supertest";
import app from "../../src/main";
import {
deleteDatabaseData,
initialiseDatabase,
resetDatabase,
restoreTables,
} from "../mock/database";
import {
badRequestResponse,
forbiddenResponse,
notFoundResponse,
unauthorizedResponse,
} from "../utilities/constants";

describe("Auth tests", () => {
let runner: Testrunner;

beforeAll(async () => {
const server = request(app);
runner = new Testrunner(server);
return resetDatabase();
});

afterEach(async () => {
await restoreTables();
});

describe("Succesful requests", () => {
test("POST /login", async () => {
const newLogin = {
username: "[email protected]",
password: "student",
};

await runner.post({
url: "/auth/login",
data: newLogin,
expectedResponse: {},
statusCode: 302,
});
});

test("POST /logout", async () => {
runner.authLevel(AuthenticationLevel.SUPER_STUDENT);
await runner.post({
url: "/auth/logout",
data: {},
expectedResponse: {},
statusCode: 302,
});
});

test("GET / get current user", async () => {
runner.authLevel(AuthenticationLevel.SUPER_STUDENT);

const expected = {
address: {
city: "Ghent",
id: 2,
latitude: 51.04732,
longitude: 3.7282,
number: 25,
street: "Sint-Pietersnieuwstraat",
zip_code: 9000,
},
address_id: 2,
admin: false,
date_added: "2023-05-04T12:00:00.000Z",
email: "[email protected]",
first_name: "Toon",
id: 2,
last_login: "2023-05-04T12:00:00.000Z",
last_name: "De Superstudent",
phone: "9876543210",
student: false,
super_student: true,
syndicus: [],
};
await runner.get({
url: "/auth/",
expectedData: [expected],
statusCode: 200,
});
});
});

describe("Unsuccesful requests", () => {
let runner: Testrunner;
beforeAll(async () => {
const server = request(app);
runner = new Testrunner(server);

await deleteDatabaseData();
await initialiseDatabase();
});

test("POST /login wrong password", async () => {
const newLogin = {
username: "[email protected]",
password: "student22",
};

await runner.post({
url: "/auth/login",
data: newLogin,
expectedResponse: forbiddenResponse,
statusCode: 403,
});
});

test("GET / not logged in", async () => {
await runner.get({
url: "/auth/",
expectedData: [unauthorizedResponse],
statusCode: 401,
});
});
});

afterAll(() => {
app.close();
});
});
Loading

0 comments on commit f7351d1

Please sign in to comment.