1
0
mirror of https://github.com/node-red/node-red.git synced 2023-10-10 13:36:53 +02:00
node-red/test/red/api/admin/index_spec.js
2017-08-22 22:26:29 +01:00

300 lines
11 KiB
JavaScript

/**
* Copyright JS Foundation and other contributors, http://js.foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
var should = require("should");
var sinon = require("sinon");
var request = require("supertest");
var express = require("express");
var adminApi = require("../../../../red/api/admin");
var auth = require("../../../../red/api/auth");
var nodes = require("../../../../red/api/admin/nodes");
var flows = require("../../../../red/api/admin/flows");
var flow = require("../../../../red/api/admin/flow");
var info = require("../../../../red/api/admin/info");
/**
* Ensure all API routes are correctly mounted, with the expected permissions checks
*/
describe("api/admin/index", function() {
describe("Ensure all API routes are correctly mounted, with the expected permissions checks", function() {
var app;
var mockList = [
flows,flow,info,nodes
]
var permissionChecks = {};
var lastRequest;
var stubApp = function(req,res,next) {
lastRequest = req;
res.status(200).end();
};
before(function() {
mockList.forEach(function(m) {
sinon.stub(m,"init",function(){});
});
sinon.stub(auth,"needsPermission", function(permission) {
return function(req,res,next) {
permissionChecks[permission] = (permissionChecks[permission]||0)+1;
next();
}
});
sinon.stub(flows,"get",stubApp);
sinon.stub(flows,"post",stubApp);
sinon.stub(flow,"get",stubApp);
sinon.stub(flow,"post",stubApp);
sinon.stub(flow,"delete",stubApp);
sinon.stub(flow,"put",stubApp);
sinon.stub(nodes,"getAll",stubApp);
sinon.stub(nodes,"post",stubApp);
sinon.stub(nodes,"getModule",stubApp);
sinon.stub(nodes,"putModule",stubApp);
sinon.stub(nodes,"delete",stubApp);
sinon.stub(nodes,"getSet",stubApp);
sinon.stub(nodes,"putSet",stubApp);
sinon.stub(info,"settings",stubApp);
});
after(function() {
mockList.forEach(function(m) {
m.init.restore();
});
auth.needsPermission.restore();
flows.get.restore();
flows.post.restore();
flow.get.restore();
flow.post.restore();
flow.delete.restore();
flow.put.restore();
nodes.getAll.restore();
nodes.post.restore();
nodes.getModule.restore();
nodes.putModule.restore();
nodes.delete.restore();
nodes.getSet.restore();
nodes.putSet.restore();
info.settings.restore();
});
before(function() {
app = adminApi.init({});
});
beforeEach(function() {
permissionChecks = {};
})
it('GET /flows', function(done) {
request(app).get("/flows").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('flows.read',1);
done();
})
});
it('POST /flows', function(done) {
request(app).post("/flows").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('flows.write',1);
done();
})
});
it('GET /flow/1234', function(done) {
request(app).get("/flow/1234").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('flows.read',1);
lastRequest.params.should.have.property('id','1234')
done();
})
});
it('POST /flow', function(done) {
request(app).post("/flow").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('flows.write',1);
done();
})
});
it('DELETE /flow/1234', function(done) {
request(app).del("/flow/1234").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('flows.write',1);
lastRequest.params.should.have.property('id','1234')
done();
})
});
it('PUT /flow/1234', function(done) {
request(app).put("/flow/1234").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('flows.write',1);
lastRequest.params.should.have.property('id','1234')
done();
})
});
it('GET /nodes', function(done) {
request(app).get("/nodes").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.read',1);
done();
})
});
it('POST /nodes', function(done) {
request(app).post("/nodes").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
done();
})
});
it('GET /nodes/module', function(done) {
request(app).get("/nodes/module").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.read',1);
lastRequest.params.should.have.property(0,'module')
done();
})
});
it('GET /nodes/@scope/module', function(done) {
request(app).get("/nodes/@scope/module").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.read',1);
lastRequest.params.should.have.property(0,'@scope/module')
done();
})
});
it('PUT /nodes/module', function(done) {
request(app).put("/nodes/module").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
lastRequest.params.should.have.property(0,'module')
done();
})
});
it('PUT /nodes/@scope/module', function(done) {
request(app).put("/nodes/@scope/module").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
lastRequest.params.should.have.property(0,'@scope/module')
done();
})
});
it('DELETE /nodes/module', function(done) {
request(app).del("/nodes/module").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
lastRequest.params.should.have.property(0,'module')
done();
})
});
it('DELETE /nodes/@scope/module', function(done) {
request(app).del("/nodes/@scope/module").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
lastRequest.params.should.have.property(0,'@scope/module')
done();
})
});
it('GET /nodes/module/set', function(done) {
request(app).get("/nodes/module/set").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.read',1);
lastRequest.params.should.have.property(0,'module')
lastRequest.params.should.have.property(2,'set')
done();
})
});
it('GET /nodes/@scope/module/set', function(done) {
request(app).get("/nodes/@scope/module/set").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.read',1);
lastRequest.params.should.have.property(0,'@scope/module')
lastRequest.params.should.have.property(2,'set')
done();
})
});
it('PUT /nodes/module/set', function(done) {
request(app).put("/nodes/module/set").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
lastRequest.params.should.have.property(0,'module')
lastRequest.params.should.have.property(2,'set')
done();
})
});
it('PUT /nodes/@scope/module/set', function(done) {
request(app).put("/nodes/@scope/module/set").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('nodes.write',1);
lastRequest.params.should.have.property(0,'@scope/module')
lastRequest.params.should.have.property(2,'set')
done();
})
});
it('GET /settings', function(done) {
request(app).get("/settings").expect(200).end(function(err,res) {
if (err) {
return done(err);
}
permissionChecks.should.have.property('settings.read',1);
done();
})
});
});
});