diff --git a/.travis.yml b/.travis.yml index bc30782..18e896b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -31,6 +31,8 @@ before_install: before_script: - telepat configure elasticsearch - bash .travis/start.sh + - 'echo "script.disable_dynamic: false" | sudo tee -a /etc/elasticsearch/elasticsearch.yml' + - 'echo "script.groovy.sandbox.enable: true" | sudo tee -a /etc/elasticsearch/elasticsearch.yml' after_script: - codeclimate-test-reporter < coverage/lcov.info node_js: diff --git a/CHANGELOG.md b/CHANGELOG.md index 905a20f..03bd51b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,14 @@ +# 0.2.5 + +* Fixed `/user/update` when updating password +* Further improved the tests, now each test has an ID displayed for easy lookup. Tests should run faster. +* Variable checks for message queue client and main database +* Added pagination support for subscribe requests +* Removed `tokenValidation` in object routes because `objectACL` was already doing that +* `/object/count` should now work +* Applications loaded on boot up are saved in Application object from telepat-models +* Fixed some minor bugs + # 0.2.4 * Implemented /admin/authorize and /admin/deauthorize to add/remove admins to an application @@ -12,7 +23,7 @@ * Implemented mocha tests, added istanbul code coverage and integrated with travis CI * Lots of bug fixes * All update endpoints require patches -* Admin routes are sepparated in more than 1 file +* Admin routes are separated in more than 1 file * Passwords are stored using bcrypt * There's only one configuration file in the root folder. The example provided should be used. The original config file was added to .gitignore @@ -21,7 +32,7 @@ was added to .gitignore * Fixed lots of bugs and server crashes * User info is returned on login calls (user & admin) -* Sepparated user login and user register endpoints +* Separated user login and user register endpoints * Admin endpoint for deleting users sends messages to aggregator to delete objects (1 message per object removed) * Standardized /admin endpoints responses * Each patch from /object/update is sent in 1 message to the aggregator @@ -45,7 +56,7 @@ was added to .gitignore * Application ID is verified if it exists in all requests that require it * Standardized response of get context and get all contexts -* The npm package now requires the corect telepat-models module from the npm registry +* The npm package now requires the correct telepat-models module from the npm registry # 0.1.4 diff --git a/app.js b/app.js index 0eb6694..a6e7856 100644 --- a/app.js +++ b/app.js @@ -80,6 +80,11 @@ if (validEnvVariables) { messagingClient = mainConfiguration.message_queue; } +if (!Models[mainDatabase]) { + console.log('Unable to load'.red+' "'+mainDatabase+'" main database: not found.\nAborting...'); + process.exit(-1); +} + Models.Application.datasource = new Models.Datasource(); Models.Application.datasource.setMainDatabase(new Models[mainDatabase](mainConfiguration[mainDatabase])); @@ -89,8 +94,6 @@ if(mainConfiguration.passwordSalt === undefined || mainConfiguration.passwordSal } app.set('password_salt', mainConfiguration.passwordSalt); -app.applications = {}; - app.use(function(req, res, next) { if (dbConnected) return next(); @@ -98,21 +101,18 @@ app.use(function(req, res, next) { next(new Models.TelepatError(Models.TelepatError.errors.ServerNotAvailable)); }); -var loadApplications = function() { - Models.Application.getAll(function(err, results) { +var loadApplications = function(callback) { + Models.Application.loadAllApplications(function(err) { if (err) { console.log('Fatal error: '.red+' in retrieving all aplications', err); process.exit(-1); } - async.each(results, function(item, c){ - app.applications[item.id] = item; - c(); - }); + callback(); }); }; -var linkMiddlewaresAndRoutes = function() { +var linkMiddlewaresAndRoutes = function(callback) { app.use(security.corsValidation); app.use(security.contentTypeValidation); app.use(logger('dev')); @@ -123,9 +123,10 @@ var linkMiddlewaresAndRoutes = function() { app.use('/user', userRoute); app.use('/context', contextRoute); app.use('/device', deviceRoute); + callback(); }; -var linkErrorHandlingMiddlewares = function() { +var linkErrorHandlingMiddlewares = function(callback) { // error handlers // catch 404 and forward to error handler app.use(function(req, res, next) { @@ -149,30 +150,35 @@ var linkErrorHandlingMiddlewares = function() { res.json(responseBody).end(); }); + callback(); }; -var monitorUsrSignals = function() { +var monitorUsrSignals = function(callback) { //signal sent by nodemon when restarting the server process.on('SIGUSR2', function() { app.kafkaClient.close(); }); + callback(); }; var OnServicesConnect = function() { - dbConnected = true; - loadApplications(); - linkMiddlewaresAndRoutes(); - linkErrorHandlingMiddlewares(); - monitorUsrSignals(); + async.series([ + loadApplications, + linkMiddlewaresAndRoutes, + linkErrorHandlingMiddlewares, + monitorUsrSignals + ], function() { + dbConnected = true; + }); }; async.waterfall([ - function DataBucket(callback) { + function(callback) { Models.Application.datasource.dataStorage.onReady(function() { callback(); }); }, - function RedisClient(callback) { + function(callback) { if (Models.Application.redisClient) Models.Application.redisClient = null; @@ -186,33 +192,22 @@ async.waterfall([ callback(); }); }, - function Kafka(callback) { + function(callback) { console.log('Waiting for Messaging Client connection...'); - var kafkaConfiguration = mainConfiguration[messagingClient]; + var clientConfiguration = mainConfiguration[messagingClient]; - app.messagingClient = new Models[messagingClient](kafkaConfiguration, 'telepat-api'); - app.messagingClient.on('ready', function() { - console.log(('Connected to Messaging Client '+messagingClient).green); - callback(); - }); - app.messagingClient.on('error', function(err) { - console.log('Messaging client not available.'.red+' Trying to reconnect.'+err); - }); - - /*app.kafkaClient = new kafka.Client(app.kafkaConfig.host+':'+app.kafkaConfig.port+'/', - app.kafkaConfig.clientName); - app.kafkaClient.on('ready', function() { - console.log('Client connected to Zookeeper.'.green); - - app.kafkaProducer = new kafka.HighLevelProducer(app.kafkaClient); - app.kafkaProducer.on('error', function() {}); + if (!Models[messagingClient]) { + console.log('Unable to load'.red+' "'+messagingClient+'" messaging queue: not found. Aborting...'); + process.exit(-1); + } - callback(); - }); - app.kafkaClient.on('error', function() { - console.log('Kafka broker not available.'.red+' Trying to reconnect.'); - });*/ + clientConfiguration = clientConfiguration || {broadcast: false}; + /** + * @type {MessagingClient} + */ + app.messagingClient = new Models[messagingClient](clientConfiguration, 'telepat-api'); + app.messagingClient.onReady(callback); } ], OnServicesConnect); diff --git a/config.example.json b/config.example.json index 34c99b7..595f8d3 100644 --- a/config.example.json +++ b/config.example.json @@ -1,6 +1,6 @@ { "main_database": "ElasticSearch", - "message_queue": "Kafka", + "message_queue": "kafka", "ElasticSearch": { "host": "hostname", "port": 9200, @@ -10,9 +10,14 @@ "host": "10.0.0.1", "port": 6379 }, - "Kafka": { + "kafka": { "host": "10.0.0.2", "port": 2181 }, + "amqp": { + "host": "10.0.0.4", + "user": "telepat", + "password": "password" + }, "password_salt": "$2a$10$N9qo8uLOickgx2ZMRZoMye" } diff --git a/controllers/admin.js b/controllers/admin.js index 202fcba..e3431f0 100644 --- a/controllers/admin.js +++ b/controllers/admin.js @@ -12,21 +12,21 @@ var userRoute = require('./admin/user'); var security = require('./security'); var Models = require('telepat-models'); -var unless = function(paths, middleware) { - return function(req, res, next) { - var excluded = false; - for (var i=0; iBearer $TOKEN * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * + * @apiExample {json} Client Request + * + * { + * "page": 1 + * } + * * @apiSuccessExample {json} Success Response * { * "status": 200, @@ -31,13 +37,14 @@ router.use('/all', * ] * } * - * @apiError 404 [011]ApplicationNotFound If the Application doesn't exist + * @apiError 404 [011]ApplicationNotFound If the application doesn't exist */ -router.get('/all', function(req, res, next) { +router.post('/all', function(req, res, next) { var appId = req._telepat.applicationId; + var page = req.body.page ? req.body.page : 1; - Models.User.getAll(appId, function(err, results) { + Models.User.getAll(appId, page, function(err, results) { if (err) return next(err); results.forEach(function(item, index, originalArray) { @@ -54,7 +61,7 @@ router.use('/update', security.adminAppValidation); /** * @api {post} /admin/user/update UserUpdate - * @apiDescription Updates an user from an app + * @apiDescription Updates an user from an application * @apiName AdminUpdateUser * @apiGroup Admin * @apiVersion 0.2.3 @@ -84,7 +91,7 @@ router.use('/update', * "content" : "User has been updated" * } * - * @apiError 404 [023]UserNotFound If the User doesn't exist. + * @apiError 404 [023]UserNotFound If the user doesn't exist. * */ router.post('/update', function(req, res, next) { @@ -143,7 +150,7 @@ router.use('/delete', security.adminAppValidation); /** * @api {post} /admin/user/delete UserDelete - * @apiDescription Deletes an user from an app + * @apiDescription Deletes an user from an application * @apiName AdminDeleteUser * @apiGroup Admin * @apiVersion 0.2.3 @@ -154,7 +161,7 @@ router.use('/delete', Should have the format: Bearer $TOKEN * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * - * @apiParam {String} email The email address of an user from an app + * @apiParam {String} email The email address of an user from an application * * @apiExample {json} Client Request * { @@ -167,7 +174,7 @@ router.use('/delete', * "content" : "User deleted" * } * - * @apiError 404 [023]UserNotFound If the User doesn't exist. + * @apiError 404 [023]UserNotFound If the user doesn't exist. */ router.post('/delete', function(req, res, next) { if (!req.body.email) { @@ -176,6 +183,7 @@ router.post('/delete', function(req, res, next) { var appId = req._telepat.applicationId; var userEmail = req.body.email; + var objectsToBeDeleted = null; async.waterfall([ function(callback) { @@ -185,30 +193,41 @@ router.post('/delete', function(req, res, next) { if (user.application_id != appId) { return callback(new Models.TelepatError(Models.TelepatError.errors.UserNotFound)); } else { - Models.User.delete(userEmail, appId, callback); + Models.User.delete(userEmail, appId, function(err, results) { + if (err) return callback(err); + objectsToBeDeleted = results; + callback(); + }); } } - ], function(error, results) { + ], function(error) { if (error && error.status == 404) return next(new Models.TelepatError(Models.TelepatError.errors.UserNotFound)); else if (error) return next(error); - if (results) { - async.each(results, function(item, c) { + if (objectsToBeDeleted) { + var brokerMessages = []; + + async.each(objectsToBeDeleted, function(item, c) { var context = item.context_id; - var mdl = item.value.type; - var id = item.value.id; + var mdl = item.type; + var id = item.id; - app.messagingClient.send([JSON.stringify({ + brokerMessages.push(JSON.stringify({ op: 'delete', object: {path: mdl+'/'+id}, context: context, applicationId: appId - })], 'aggregation', c); + })); + c(); + }, function() { + app.messagingClient.send(brokerMessages, 'aggregation', function(err){ + if (err) return next(err); + + res.status(200).json({status: 200, content: 'User deleted'}).end(); + }); }); } - - res.status(200).json({status: 200, content: 'User deleted'}).end(); }); }); diff --git a/controllers/context.js b/controllers/context.js index f79d38e..11f8347 100644 --- a/controllers/context.js +++ b/controllers/context.js @@ -7,6 +7,7 @@ var security = require('./security'); router.use(security.applicationIdValidation); router.use(security.apiKeyValidation); router.use(security.deviceIdValidation); +router.use(security.tokenValidation); /** * @api {get} /context/all GetContexts @@ -20,7 +21,7 @@ router.use(security.deviceIdValidation); * Should have the format: Bearer $TOKEN * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * * @apiSuccessExample {json} Success Response * { @@ -61,7 +62,7 @@ router.get('/all', function (req, res, next) { * @apiHeader {String} Authorization The authorization token obtained in the login endpoint. Should have the format: Bearer $TOKEN * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * * @apiParam {Number} id ID of the context to get * @@ -100,7 +101,7 @@ router.post('/', function (req, res, next) { } Models.Context(req.body.id, function (err, res1) { - if (err && err.status === 404){ + if (err && err.status == 404){ return next(new Models.TelepatError(Models.TelepatError.errors.ContextNotFound)); } else if (err) next(err); diff --git a/controllers/device.js b/controllers/device.js index 3847a3e..21089f8 100644 --- a/controllers/device.js +++ b/controllers/device.js @@ -8,8 +8,8 @@ router.use(security.deviceIdValidation); /** * @api {post} /device/register Register - * @apiDescription Registers a new device or updates an already existing one. If device udid is supplied in info it will try - * to search for a device with this udid and return the device id. + * @apiDescription Registers a new device or updates an already existing one. If device UDID is supplied in info it will try + * to search for a device with this UDID and return the device ID. * @apiName DeviceRegister * @apiGroup Device * @apiVersion 0.2.3 @@ -70,6 +70,11 @@ router.use(security.deviceIdValidation); */ router.post('/register', function(req, res, next) { if (req._telepat.device_id == 'TP_EMPTY_UDID' || req._telepat.device_id == '') { + + if (Object.getOwnPropertyNames(req.body).length === 0){ + return next(new Models.TelepatError(Models.TelepatError.errors.RequestBodyEmpty)); + } + if (!req.body.info) { return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['info'])); } @@ -105,10 +110,12 @@ router.post('/register', function(req, res, next) { }); } } else { - req.body.id = req._telepat.device_id; - if (Object.getOwnPropertyNames(req.body).length === 0) + if (Object.getOwnPropertyNames(req.body).length === 0){ return next(new Models.TelepatError(Models.TelepatError.errors.RequestBodyEmpty)); + } + + req.body.id = req._telepat.device_id; Models.Subscription.updateDevice(req._telepat.device_id, req.body, function(err, result) { if (err && err.status == 404) { diff --git a/controllers/object.js b/controllers/object.js index 8606d0f..9cea1dd 100644 --- a/controllers/object.js +++ b/controllers/object.js @@ -9,33 +9,13 @@ router.use(security.applicationIdValidation); router.use(security.apiKeyValidation); router.use(security.deviceIdValidation); -router.use(security.tokenValidation); - -/** - * Middleware used to load application model schema - */ -router.use(function(req, res, next) { - //roughly 67M - it self cleares so it doesn't get too big - if (sizeof(Models.Application.loadedAppModels) > (1 << 26)) { - delete Models.Application.loadedAppModels; - Models.Application.loadedAppModels = {}; - } - - if (!Models.Application.loadedAppModels[req._telepat.applicationId]) { - Models.Application.loadAppModels(req._telepat.applicationId, next); - } else - next(); -}); - router.use(['/subscribe', '/unsubscribe'], security.objectACL('read_acl')); router.use(['/create', '/update', '/delete'], security.objectACL('write_acl')); router.use(['/count'], security.objectACL('meta_read_acl')); var validateContext = function(appId, context, callback) { Models.Application.hasContext(appId, context, function(err, result) { - if (err && err.status == 404) { - callback(new Models.TelepatError(Models.TelepatError.errors.ApplicationNotFound)); - } else if (err) + if (err) return callback(err); else if (result === false) { callback(new Models.TelepatError(Models.TelepatError.errors.InvalidContext, [context, appId])); @@ -58,7 +38,7 @@ var validateContext = function(appId, context, callback) { Should have the format: Bearer $TOKEN * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * * @apiParam {Object} channel Object representing the channel * @apiParam {Object} filters Object representing channel filters @@ -123,16 +103,9 @@ var validateContext = function(appId, context, callback) { * */ router.post('/subscribe', function(req, res, next) { - if (Object.getOwnPropertyNames(req.body).length === 0) { - return next(new Models.TelepatError(Models.TelepatError.errors.RequestBodyEmpty)); - } - + var page = req.body.page ? req.body.page : 1; var channel = req.body.channel; - if (!channel) { - return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['channel'])); - } - var id = channel.id, context = channel.context, mdl = channel.model, @@ -145,12 +118,6 @@ router.post('/subscribe', function(req, res, next) { if (!context) return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['channel.context'])); - if (!mdl) - return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['channel.model'])); - - if (!Models.Application.loadedAppModels[appId][mdl]) - return next(new Models.TelepatError(Models.TelepatError.errors.ApplicationSchemaModelNotFound, [appId, mdl])); - var channelObject = new Models.Channel(appId); if (id) { @@ -175,22 +142,17 @@ router.post('/subscribe', function(req, res, next) { return next(new Models.TelepatError(Models.TelepatError.errors.InvalidChannel)); } - async.waterfall([ + var objects = []; + + async.series([ //verify if context belongs to app function(callback) { validateContext(appId, context, callback); }, - //see if device exists - function(callback) { - Models.Subscription.getDevice(deviceId, function(err) { - if (err) { - callback(err); - } - - callback(); - }); - }, function(callback) { + //only add subscription on initial /subscribe + if (page && page > 1) + return callback(); Models.Subscription.add(deviceId, channelObject, function(err) { if (err && err.status === 409) return callback(); @@ -203,12 +165,22 @@ router.post('/subscribe', function(req, res, next) { Models.Model(mdl, appId, context, id, function(err, results) { if (err) return callback(err); - callback(null, results); + objects.push(results); + + callback(); }); } else { - Models.Model.search(channelObject, callback); + Models.Model.search(channelObject, page, function(err, results) { + if (err) return callback(err); + + if (Array.isArray(results)) + objects = objects.concat(results); + + callback(); + }); } - }/*, + } + /*, function(results, callback) { app.kafkaProducer.send([{ topic: 'track', @@ -224,11 +196,11 @@ router.post('/subscribe', function(req, res, next) { callback(err, results); }); }*/ - ], function(err, result) { + ], function(err) { if (err) return next(err); - res.status(200).json({status: 200, content: result}).end(); + res.status(200).json({status: 200, content: objects}).end(); }); }); @@ -245,7 +217,7 @@ router.post('/subscribe', function(req, res, next) { Should have the format: Bearer $TOKEN * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * * @apiParam {Object} channel Object representing the channel * @apiParam {Object} filters Object representing the filters for the channel @@ -264,16 +236,8 @@ router.post('/subscribe', function(req, res, next) { * @apiError 400 [027]InvalidChannel When trying to subscribe to an invalid channel */ router.post('/unsubscribe', function(req, res, next) { - if (Object.getOwnPropertyNames(req.body).length === 0) { - return next(new Models.TelepatError(Models.TelepatError.errors.RequestBodyEmpty)); - } - var channel = req.body.channel; - if (!channel) { - return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['channel'])); - } - var id = channel.id, context = channel.context, mdl = channel.model, @@ -286,12 +250,6 @@ router.post('/unsubscribe', function(req, res, next) { if (!context) return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['channel.context'])); - if (!mdl) - return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['channel.model'])); - - if (!Models.Application.loadedAppModels[appId][mdl]) - return next(new Models.TelepatError(Models.TelepatError.errors.ApplicationSchemaModelNotFound, [appId, mdl])); - var channelObject = new Models.Channel(appId); if (id) { @@ -316,18 +274,13 @@ router.post('/unsubscribe', function(req, res, next) { return next(new Models.TelepatError(Models.TelepatError.errors.InvalidChannel)); } - async.waterfall([ + async.series([ //verify if context belongs to app function(callback) { validateContext(appId, context, callback); }, function(callback) { - Models.Subscription.remove(deviceId, channelObject, function(err, results) { - if (err) - callback(err, null); - else - callback(null, {status: 200, content: 'Subscription removed'}); - }); + Models.Subscription.remove(deviceId, channelObject, callback); }/*, function(result, callback) { app.kafkaProducer.send([{ @@ -345,10 +298,12 @@ router.post('/unsubscribe', function(req, res, next) { callback(err, result); }); }*/ - ], function(err, results) { - if (err) return next(err); - - res.status(200).json(results).end(); + ], function(err) { + if (err) { + return next(err); + } else { + res.status(200).json({status: 200, content: 'Subscription removed'}).end(); + } }); }); @@ -365,7 +320,7 @@ router.post('/unsubscribe', function(req, res, next) { Should have the format: Bearer $TOKEN * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * * @apiParam {String} model The type of object to subscribe to * @apiParam {Object} content Content of the object @@ -387,10 +342,6 @@ router.post('/unsubscribe', function(req, res, next) { * */ router.post('/create', function(req, res, next) { - if (Object.getOwnPropertyNames(req.body).length === 0) { - return next(new Models.TelepatError(Models.TelepatError.errors.RequestBodyEmpty)); - } - var content = req.body.content; var mdl = req.body.model; var context = req.body.context; @@ -400,46 +351,25 @@ router.post('/create', function(req, res, next) { if (!context) return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['channel.context'])); - if (!mdl) - return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['channel.model'])); - - if (!Models.Application.loadedAppModels[appId][mdl]) - return next(new Models.TelepatError(Models.TelepatError.errors.ApplicationSchemaModelNotFound, [appId, mdl])); - content.type = mdl; content.context_id = context; content.application_id = appId; - if (Models.Application.loadedAppModels[appId][mdl].belongsTo && - Models.Application.loadedAppModels[appId][mdl].belongsTo.length) { - var parentModel = Models.Application.loadedAppModels[appId][mdl].belongsTo[0].parentModel; + if (Models.Application.loadedAppModels[appId].schema[mdl].belongsTo && + Models.Application.loadedAppModels[appId].schema[mdl].belongsTo.length) { + var parentModel = Models.Application.loadedAppModels[appId].schema[mdl].belongsTo[0].parentModel; if (!content[parentModel+'_id']) { return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, [parentModel+'_id'])); - } else if (Models.Application.loadedAppModels[appId][mdl].belongsTo[0].relationType == 'hasSome' && - content[Models.Application.loadedAppModels[appId][parentModel].hasSome_property+'_index'] === undefined) { + } else if (Models.Application.loadedAppModels[appId].schema[mdl].belongsTo[0].relationType == 'hasSome' && + content[Models.Application.loadedAppModels[appId].schema[parentModel].hasSome_property+'_index'] === undefined) { return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, - [Models.Application.loadedAppModels[appId][parentModel].hasSome_property+'_index'])); + [Models.Application.loadedAppModels[appId].schema[parentModel].hasSome_property+'_index'])); } } async.series([ - function(callback) { - if (isAdmin) { - Models.Admin(req.user.email, function(err, result) { - if (err) return callback(err); - content.user_id = result.id; - isAdmin = true; - callback(); - }); - } else { - Models.User(req.user.email, appId, function(err, result) { - if (err) return callback(err); - content.user_id = result.id; - callback(); - }); - } - }, function(aggCallback) { + content.user_id = req.user.id; app.messagingClient.send([JSON.stringify({ op: 'add', object: content, @@ -492,7 +422,7 @@ router.post('/create', function(req, res, next) { Should have the format: Bearer $TOKEN * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * * @apiParam {Number} id ID of the object (optional) * @apiParam {Number} context Context of the object @@ -504,7 +434,7 @@ router.post('/create', function(req, res, next) { * "model": "comment", * "id": 1, * "context": 1, - * "patch": [ + * "patches": [ * { * "op": "replace", * "path": "comment/1/text", @@ -521,10 +451,6 @@ router.post('/create', function(req, res, next) { * } */ router.post('/update', function(req, res, next) { - if (Object.getOwnPropertyNames(req.body).length === 0) { - return next(new Models.TelepatError(Models.TelepatError.errors.RequestBodyEmpty)); - } - var modifiedMicrotime = microtime.now(); var context = req.body.context; var patch = req.body.patches; @@ -538,12 +464,6 @@ router.post('/update', function(req, res, next) { if (!context) return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['context'])); - if (!mdl) - return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['model'])); - - if (!Models.Application.loadedAppModels[appId][mdl]) - return next(new Models.TelepatError(Models.TelepatError.errors.ApplicationSchemaModelNotFound, [appId, mdl])); - if (!Array.isArray(req.body.patches)) { return next(new Models.TelepatError(Models.TelepatError.errors.InvalidFieldValue, ['"patches" is not an array'])); @@ -589,7 +509,7 @@ router.post('/update', function(req, res, next) { track_callback(err); }); }*/ - ], function(err, results) { + ], function(err) { if (err) { console.log(req.originalUrl+': '+err.message.red); return next(err); @@ -612,7 +532,7 @@ router.post('/update', function(req, res, next) { Should have the format: Bearer $TOKEN * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * * @apiParam {Number} id ID of the object (optional) * @apiParam {Number} context Context of the object @@ -633,10 +553,6 @@ router.post('/update', function(req, res, next) { * */ router.post('/delete', function(req, res, next) { - if (Object.getOwnPropertyNames(req.body).length === 0) { - return next(new Models.TelepatError(Models.TelepatError.errors.RequestBodyEmpty)); - } - var id = req.body.id; var context = req.body.context; var mdl = req.body.model; @@ -648,12 +564,6 @@ router.post('/delete', function(req, res, next) { if (!context) return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['context'])); - if (!mdl) - return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['model'])); - - if (!Models.Application.loadedAppModels[appId][mdl]) - return next(new Models.TelepatError(Models.TelepatError.errors.ApplicationSchemaModelNotFound, [appId, mdl])); - async.series([ function(aggCallback) { app.messagingClient.send([JSON.stringify({ @@ -694,17 +604,13 @@ router.post('/delete', function(req, res, next) { Should have the format: Bearer $TOKEN * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * - * @apiParam {Object} channel The object reperesenting a channel + * @apiParam {Object} channel The object representing a channel * @apiParam {Object} filters Additional filters to the subscription channel * */ router.post('/count', function(req, res, next) { - if (Object.getOwnPropertyNames(req.body).length === 0) { - return next(new Models.TelepatError(Models.TelepatError.errors.RequestBodyEmpty)); - } - var appId = req._telepat.applicationId, channel = req.body.channel; @@ -729,7 +635,7 @@ router.post('/count', function(req, res, next) { return next(new Models.TelepatError(Models.TelepatError.errors.InvalidChannel)); } - Models.Model.count(channel.model, appId, function(err, result) { + Models.Model.modelCountByChannel(channelObject, function(err, result) { if (err) return next(err); res.status(200).json({status: 200, content: result}).end(); diff --git a/controllers/security.js b/controllers/security.js index 3907000..40e85d8 100644 --- a/controllers/security.js +++ b/controllers/security.js @@ -20,16 +20,6 @@ security.encryptPassword = function(password, callback) { bcrypt.hash(password, app.get('password_salt'), callback); }; -security.deviceIDExists = function(req, res, next) { - var deviceId = req._telepat.device_id; - - if (!deviceId) { - return next(new Models.TelepatError(Models.TelepatError.errors.DeviceIdMissing)); - } - - next(); -}; - security.contentTypeValidation = function(req, res, next) { if (req.get('Content-Type') && req.get('Content-Type').substring(0, 16) !== 'application/json') return next(new Models.TelepatError(Models.TelepatError.errors.InvalidContentType)); @@ -42,7 +32,7 @@ security.apiKeyValidation = function(req, res, next) { else { var clientHash = req.get('X-BLGREQ-SIGN').toLowerCase(); var serverHash = null; - var apiKeys = app.applications[req.get('X-BLGREQ-APPID')].keys; + var apiKeys = Models.Application.loadedAppModels[req.get('X-BLGREQ-APPID')].keys; async.detect(apiKeys, function(item ,cb) { if (item) @@ -74,7 +64,7 @@ security.applicationIdValidation = function(req, res, next) { if (!req.get('X-BLGREQ-APPID')) return next(new Models.TelepatError(Models.TelepatError.errors.ApplicationIdMissing)); else { - if (!app.applications[req.get('X-BLGREQ-APPID')]) { + if (!Models.Application.loadedAppModels[req.get('X-BLGREQ-APPID')]) { return next(new Models.TelepatError(Models.TelepatError.errors.ApplicationNotFound, [req.get('X-BLGREQ-APPID')])); } @@ -104,20 +94,21 @@ security.tokenValidation = function(req, res, next) { if (!req.headers.authorization) return next(new Models.TelepatError(Models.TelepatError.errors.AuthorizationMissing)); - return (expressJwt({secret: security.authSecret}))(req, res, next); + return (expressJwt({secret: security.authSecret}))(req, res, function(err) { + if (err && err.message == 'invalid signature') { + return next(new Models.TelepatError(Models.TelepatError.errors.MalformedAuthorizationToken)) + } else + return next(err); + }); }; security.adminAppValidation = function (req, res, next) { var appId = req._telepat.applicationId; - if (!app.applications[appId]) { - return next(new Models.TelepatError(Models.TelepatError.errors.ApplicationNotFound, [appId])); - } - if (!req.user) return next(); - if (app.applications[appId].admins.indexOf(req.user.id) === -1) { + if (Models.Application.loadedAppModels[appId].admins.indexOf(req.user.id) === -1) { return next(new Models.TelepatError(Models.TelepatError.errors.ApplicationForbidden)); } @@ -126,23 +117,26 @@ security.adminAppValidation = function (req, res, next) { security.objectACL = function (accessControl) { return function(req, res, next) { - if (!Object.getOwnPropertyNames(req.body).length) { - next(); + if (!req.headers.authorization) + return next(new Models.TelepatError(Models.TelepatError.errors.AuthorizationMissing)); + if (!req.body || !Object.getOwnPropertyNames(req.body).length) { + return next(new Models.TelepatError(Models.TelepatError.errors.RequestBodyEmpty)); } else if (req.body.model || (req.body.channel && req.body.channel.model)) { var mdl = req.body.model || req.body.channel.model; if (['user', 'context', 'application'].indexOf(mdl) !== -1) return next(); - if (!Models.Application.loadedAppModels[req._telepat.applicationId][mdl]) { + if (!Models.Application.loadedAppModels[req._telepat.applicationId].schema) { + return next(new Models.TelepatError(Models.TelepatError.errors.ApplicationHasNoSchema)); + } + + if (!Models.Application.loadedAppModels[req._telepat.applicationId].schema[mdl]) { return next(new Models.TelepatError(Models.TelepatError.errors.ApplicationSchemaModelNotFound, [req._telepat.applicationId, mdl])); } - var acl = Models.Application.loadedAppModels[req._telepat.applicationId][mdl][accessControl]; - - if (!req.headers.authorization) - return next(new Models.TelepatError(Models.TelepatError.errors.AuthorizationMissing)); + var acl = Models.Application.loadedAppModels[req._telepat.applicationId].schema[mdl][accessControl]; if (acl & ACL_AUTHENTICATED || acl & ACL_ADMIN) { var authHeaderParts = req.headers.authorization.split(' '); @@ -151,7 +145,7 @@ security.objectACL = function (accessControl) { if (authToken) { jwt.verify(authToken, security.authSecret, function (err, decoded) { if (err) - return next(new Models.TelepatError(Models.TelepatError.errors.InvalidAuthorization, [err.message])); + return next(new Models.TelepatError(Models.TelepatError.errors.MalformedAuthorizationToken, [err.message])); if ((!(acl & ACL_UNAUTHENTICATED)) && (!(acl & ACL_AUTHENTICATED)) && (acl & ACL_ADMIN) && (!decoded.isAdmin) ) return next(new Models.TelepatError(Models.TelepatError.errors.OperationNotAllowed)); @@ -171,7 +165,7 @@ security.objectACL = function (accessControl) { return next(new Models.TelepatError(Models.TelepatError.errors.OperationNotAllowed)); } } else { - next(); + next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['model or channel.model'])); } } }; diff --git a/controllers/user.js b/controllers/user.js index 84b5aa7..87f35c1 100644 --- a/controllers/user.js +++ b/controllers/user.js @@ -5,7 +5,6 @@ var async = require('async'); var Models = require('telepat-models'); var security = require('./security'); var jwt = require('jsonwebtoken'); -var crypto = require('crypto'); var microtime = require('microtime-nodejs'); var options = { @@ -19,11 +18,11 @@ router.use(security.deviceIdValidation); router.use(security.applicationIdValidation); router.use(security.apiKeyValidation); -router.use(['/logout', '/me', '/update', '/delete'], security.tokenValidation); +router.use(['/logout', '/me', '/update', '/update_immediate', '/delete'], security.tokenValidation); /** * @api {post} /user/login Login - * @apiDescription Log in the user through facebook User is not created immediately. + * @apiDescription Log in the user through Facebook. * @apiName UserLogin * @apiGroup User * @apiVersion 0.2.3 @@ -31,7 +30,7 @@ router.use(['/logout', '/me', '/update', '/delete'], security.tokenValidation); * @apiHeader {String} Content-type application/json * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * * @apiParam {String} access_token Facebook access token. * @@ -61,11 +60,15 @@ router.use(['/logout', '/me', '/update', '/delete'], security.tokenValidation); * } * * @apiError 400 [028]InsufficientFacebookPermissions User email is not publicly available - * (insufficient facebook permissions) + * (insufficient Facebook permissions) * @apiError 404 [023]UserNotFound User not found * */ router.post('/login', function(req, res, next) { + + if (Object.getOwnPropertyNames(req.body).length === 0) + return next(new Models.TelepatError(Models.TelepatError.errors.RequestBodyEmpty)); + if (!req.body.access_token) return next(new Models.TelepatError(Models.TelepatError.errors.MissingRequiredField, ['access_token'])); @@ -152,7 +155,7 @@ router.post('/login', function(req, res, next) { /** * @api {post} /user/register Register - * @apiDescription Registers a new user using a fb token or directly with an email and password. User is not created + * @apiDescription Registers a new user using a Facebook token or directly with an email and password. User is not created * immediately. * @apiName UserRegister * @apiGroup User @@ -161,7 +164,7 @@ router.post('/login', function(req, res, next) { * @apiHeader {String} Content-type application/json * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * * @apiParam {String} access_token Facebook access token. * @@ -287,7 +290,7 @@ router.post('/register', function(req, res, next) { })], 'aggregation', callback); }, //add this user to his/her friends array - function(result, callback) { + function(callback) { if (fbFriends.length) { app.messagingClient.send([JSON.stringify({fid: userProfile.id, friends: fbFriends})], 'update_friends', callback); @@ -313,7 +316,7 @@ router.post('/register', function(req, res, next) { * Should have the format: Bearer $TOKEN * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * * @apiParam {String} password The password * @apiParam {String} email The email @@ -356,7 +359,7 @@ router.get('/me', function(req, res, next) { * @apiHeader {String} Content-type application/json * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * * @apiParam {String} password The password * @apiParam {String} email The email @@ -419,6 +422,20 @@ router.post('/login_password', function(req, res, next) { } }); }, + function(callback) { + var patches = []; + patches.push(Models.Delta.formPatch(userProfile, 'append', {devices: deviceId})); + + if (userProfile.devices) { + var idx = userProfile.devices.indexOf(deviceId); + if (idx === -1) { + Models.User.update(userProfile.email, appId, patches, callback); + } else + callback(); + } else { + Models.User.update(userProfile.email, appId, patches, callback); + } + }, function(callback) { security.encryptPassword(req.body.password, function(err, hash) { if (err) @@ -454,7 +471,7 @@ router.post('/login_password', function(req, res, next) { * @apiHeader {String} Content-type application/json * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * * @apiSuccessExample {json} Success Response * { @@ -498,8 +515,8 @@ router.get('/logout', function(req, res, next) { /** * @api {get} /user/refresh_token Refresh Token - * @apiDescription Sends a new authentification token to the user. The old token must be provide (and it may or not - * may not be aleady expired). + * @apiDescription Sends a new authentication token to the user. The old token must be provide (and it may or not + * may not be already expired). * @apiName RefreshToken * @apiGroup User * @apiVersion 0.2.3 @@ -509,7 +526,7 @@ router.get('/logout', function(req, res, next) { * Should have the format: Bearer $TOKEN * @apiHeader {String} X-BLGREQ-APPID Custom header which contains the application ID * @apiHeader {String} X-BLGREQ-SIGN Custom header containing the SHA256-ed API key of the application - * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from devie/register) + * @apiHeader {String} X-BLGREQ-UDID Custom header containing the device ID (obtained from device/register) * * @apiSuccessExample {json} Success Response * { @@ -522,7 +539,7 @@ router.get('/logout', function(req, res, next) { * * @apiError 400 [013]AuthorizationMissing If authorization header is missing * @apiError 400 [039]ClientBadRequest Error decoding auth token - * @apiError 400 [040]MalformedAuthorizationToken Auth token is malformed + * @apiError 400 [040]MalformedAuthorizationToken Authorization token is malformed * @apiError 400 [014]InvalidAuthorization Authorization header is invalid */ router.get('/refresh_token', function(req, res, next) { @@ -602,8 +619,8 @@ router.post('/update', function(req, res, next) { if (patches[i].path.split('/')[2] == 'password') { - security.encryptPassword(patches[p].value, function(err, hash) { - patches[p].value = hash; + security.encryptPassword(patches[i].value, function(err, hash) { + patches[i].value = hash; i++; c(); }); @@ -638,27 +655,37 @@ router.post('/update', function(req, res, next) { router.post('/update_immediate', function(req, res, next) { var user = req.body; + var appId = req._telepat.applicationId; - if (user.password) { - var passwordSalt = req.app.get('password_salt'); - var md5password = crypto.createHash('md5').update(user.password).digest('hex'); - user.password = crypto.createHash('sha256').update(passwordSalt[0]+md5password+passwordSalt[1]).digest('hex'); - } + req.user.type = 'user'; async.waterfall([ function(callback) { - security.encryptPassword(user.password, callback); + if (user.password) + security.encryptPassword(user.password, callback); + else + callback(null, false); }, function(hash, callback) { - user.password = hash; + if (hash) + user.password = hash; - Models.User.update(user.email, user, function(err, result) { - if (err) return next(err); + var patches = []; - res.status(200).json({status: 200, content: "User updated"}).end(); + async.each(Object.keys(user), function(prop, c) { + var property = {}; + property[prop] = user[prop]; + patches.push(Models.Delta.formPatch(req.user, 'replace', property)); + c(); + }, function() { + Models.User.update(req.user.email, appId, patches, callback); }); } - ]); + ], function(err) { + if (err) return next(err); + + res.status(200).json({status: 200, content: "User updated"}).end(); + }); }); /** diff --git a/package.json b/package.json index 6215977..7b8097d 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "telepat-api", - "version": "0.2.4", + "version": "0.2.5", "scripts": { "start": "./bin/www", "test": "istanbul cover _mocha -- test/api.js -R spec" @@ -10,7 +10,6 @@ "bcrypt": "^0.8.5", "body-parser": "1.12.0", "colors": "1.1.0", - "cookie-parser": "1.3.4", "debug": "2.1.1", "express": "4.12.4", "express-jwt": "3.0.1", @@ -21,8 +20,7 @@ "morgan": "1.5.1", "object-sizeof": "1.0.6", "redis": "0.12.1", - "serve-favicon": "2.2.0", - "telepat-models": "telepat-io/telepat-models#develop", + "telepat-models": "0.2.5", "uuid": "2.0.1" }, "bugs": { diff --git a/test/admin/admin.js b/test/admin/admin.js index 1812337..fc3eb95 100644 --- a/test/admin/admin.js +++ b/test/admin/admin.js @@ -1,13 +1,12 @@ var common = require('../common'); var request = common.request; var should = common.should; -var assert = common.assert; -var crypto = common.crypto; var url = common.url; var DELAY = common.DELAY; var authValue; var appID; +var appID2; var appIDsha256 = common.appIDsha256; var appKey = common.appKey; @@ -15,6 +14,8 @@ var adminEmail = 'admin'+Math.round(Math.random()*1000000)+'@example.com'; var adminPassword = '5f4dcc3b5aa765d61d8327deb882cf99'; var adminEmail2 = 'admin'+Math.round(Math.random()*1000000)+'@example.com'; +var adminEmail3 = 'admin'+Math.round(Math.random()*1000000)+'@example.com'; + var admin = { email: adminEmail, password: adminPassword @@ -23,99 +24,157 @@ var admin = { var admin2 = { email: adminEmail2, password: adminPassword -} +}; + +var admin3 = { + email: adminEmail3, + password: adminPassword +}; var token2; var authValue2; -var deletedcontextID; +var authValue3; var userEmail = 'user'+Math.round(Math.random()*1000000)+'@example.com'; -describe('Admin', function() { +describe('1.1.Admin', function() { + + it('1.1.1 should return a 200 code to indicate success when creating a new admin', function(done) { - it('should return a 200 code to indicate success when creating a new admin', function(done) { - this.timeout(10000); + this.timeout(100*DELAY); request(url) .post('/admin/add') .send(admin) .end(function(err, res) { + if (err) { throw err; done(err); } + res.statusCode.should.be.equal(200); - setTimeout(done, 4*DELAY); + done(); }); }); - it('should return a 409 code to indicate failure when admin already exists', function(done) { + it('1.1.2 should return an error (409) response to indicate failure when admin already exists', function(done) { + + this.timeout(100*DELAY); request(url) .post('/admin/add') .send(admin) .end(function(err, res) { + + res.body.code.should.be.equal('030'); res.statusCode.should.be.equal(409); done(); }); }); - it('should return a 4xx code to indicate failure when admin email is missing', function(done) { + it('1.1.3 should return an error response indicate failure when admin email is missing', function(done) { + + this.timeout(100*DELAY); + var admin = { password: adminPassword }; + request(url) .post('/admin/add') .send(admin) .end(function(err, res) { - res.statusCode.should.be.within(400,499); + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); done(); }); }); - it('should return a 4xx code to indicate failure when admin email is empty', function(done) { + it('1.1.4 should return an error response to indicate failure when admin email is empty', function(done) { + + this.timeout(100*DELAY); + var admin = { email: "", password: adminPassword }; + request(url) .post('/admin/add') .send(admin) .end(function(err, res) { - res.statusCode.should.be.within(400,499); + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); done(); }); }); - it('should return a 4xx code to indicate failure when admin password is empty', function(done) { + it('1.1.5 should return an error response to indicate failure when admin password is empty', function(done) { + + this.timeout(100*DELAY); + var admin = { email: adminEmail, password: "" }; + request(url) .post('/admin/add') .send(admin) .end(function(err, res) { - res.statusCode.should.be.within(400,499); + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); done(); }); }); - it('should return a 4xx code to indicate failure when admin password is missing', function(done) { + it('1.1.6 should return an error response to indicate failure when admin password is missing', function(done) { + + this.timeout(100*DELAY); + var admin = { email: adminEmail }; + request(url) .post('/admin/add') .send(admin) .end(function(err, res) { - res.statusCode.should.be.within(400,499); + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.1.7 should return an error for logging in with wrong password', function(done) { + + this.timeout(100*DELAY); + + var admin = { + email: adminEmail, + password: adminPassword + '66' + }; + request(url) + .post('/admin/login') + .send(admin) + .end(function(err, res) { + + res.body.code.should.be.equal('016'); + res.statusCode.should.be.equal(401); done(); }); }); - it('should return an error for logging in with wrong user or password', function(done) { + it('1.1.8 should return an error for logging in with wrong user', function(done) { + + this.timeout(100*DELAY); + var randEmail = 'adminx@example.com'; var admin = { email: randEmail, @@ -125,31 +184,78 @@ describe('Admin', function() { .post('/admin/login') .send(admin) .end(function(err, res) { + + res.body.code.should.be.equal('016'); res.statusCode.should.be.equal(401); done(); }); }); - it('should return a valid authorization token', function(done) { + it('1.1.9 should return an error for logging in missing password', function(done) { + + this.timeout(100*DELAY); + + var randEmail = 'adminx@example.com'; + var admin = { + email: randEmail + }; + + request(url) + .post('/admin/login') + .send(admin) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.1.10 should return an error for logging in missing email & password', function(done) { + + this.timeout(100*DELAY); + + var admin = {}; + + request(url) + .post('/admin/login') + .send(admin) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.1.11 should return a valid authorization token', function(done) { + + this.timeout(100*DELAY); + request(url) .post('/admin/login') .send(admin) .end(function(err, res) { + authValue = 'Bearer ' + res.body.content.token; - adminAuth = authValue; + var adminAuth = authValue; admin = res.body.content.user; res.statusCode.should.be.equal(200); done(); }); }); - it('should return information about the logged admin', function(done) { + it('1.1.12 should return information about the logged admin', function(done) { + + this.timeout(100*DELAY); + request(url) .get('/admin/me') .set('Content-type','application/json') .set('Authorization', authValue ) .send() .end(function(err, res) { + res.statusCode.should.be.equal(200); res.body.content.email.should.be.equal(admin.email); res.body.content.isAdmin.should.be.equal(true); @@ -157,27 +263,63 @@ describe('Admin', function() { }); }); - it('should return a succes response indicating the admin account has been updated', function(done) { + it('1.1.13 should return an success response indicating the admin account has been updated', function(done) { + + this.timeout(100*DELAY); + + var requestBody = { + patches: [ + { + op: 'replace', + path: 'admin/'+admin.id+'/name', + value: 'Admin Name v2' + } + ] + }; + request(url) .post('/admin/update') .set('Content-type','application/json') .set('Authorization', authValue ) - .send({ - patches: [ - { - op: 'replace', - path: 'admin/'+admin.id+'/name', - value: 'Admin Name v2' - } - ] - }) + .send(requestBody) .end(function(err, res) { + res.statusCode.should.be.equal(200); done(); }); }); - it('should return an error response indicating the admin account has NOT been updated because of invalid admin id', function(done) { + it('1.1.14 should return an error response indicating the admin account has NOT been updated because of invalid admin id', function(done) { + + this.timeout(100*DELAY); + + var admin = { + patches: [ + { + op: 'replace', + path: 'admin/garbage/name', + value: 'Admin Name v2' + } + ] + }; + + request(url) + .post('/admin/update') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .send(admin) + .end(function(err, res) { + + res.body.code.should.be.equal('041'); + res.statusCode.should.be.equal(401); + done(); + }); + }); + + it('1.1.15 should return an error response indicating the admin account has NOT been updated because of missing authorization header', function(done) { + + this.timeout(100*DELAY); + var admin = { patches: [ { @@ -187,112 +329,203 @@ describe('Admin', function() { } ] }; + request(url) .post('/admin/update') .set('Content-type','application/json') .send(admin) .end(function(err, res) { + + res.body.code.should.be.equal('013'); res.statusCode.should.be.equal(401); done(); }); }); - it('should return an error response indicating the admin account has NOT been updated because of missing request body', function(done) { + it('1.1.16 should return an error response indicating the admin account has NOT been updated because of missing request body', function(done) { + + this.timeout(100*DELAY); + request(url) .post('/admin/update') .set('Content-type','application/json') .set('Authorization', authValue ) .send() .end(function(err, res) { + + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + + it('1.1.17 should return an error response indicating the admin account has NOT been updated because patches is not an array', function(done) { + + this.timeout(100*DELAY); + + var admin = { + patches: {} + }; + + request(url) + .post('/admin/update') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .send(admin) + .end(function(err, res) { + + res.body.code.should.be.equal('038'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.1.18 should return an error response indicating the admin account has NOT been updated because patches is empty', function(done) { + + this.timeout(100*DELAY); + + var admin = { + patches: [] + }; + + request(url) + .post('/admin/update') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .send(admin) + .end(function(err, res) { + + res.body.code.should.be.equal('038'); res.statusCode.should.be.equal(400); done(); }); }); - it('should return an error response indicating the admin account has NOT been deleted because of missing credentials', function(done) { + it('1.1.19 should return an error response indicating the admin account has NOT been deleted because of missing credentials', function(done) { + + this.timeout(100*DELAY); + request(url) .post('/admin/delete') .set('Content-type','application/json') .send() .end(function(err, res) { + res.statusCode.should.be.equal(401); done(); }); }); - it('should return a succes response indicating the admin account has been deleted', function(done) { - this.timeout(20*DELAY); + it('1.1.20 should return an success response indicating the admin account has been deleted', function(done) { + + this.timeout(100*DELAY); + request(url) .post('/admin/delete') .set('Content-type','application/json') .set('Authorization', authValue) .send() .end(function(err, res) { + res.statusCode.should.be.equal(200); - setTimeout(function() { - request(url) - .post('/admin/add') - .send(admin) - .end(function(err, res) { - res.statusCode.should.be.equal(200); - setTimeout(function () { - request(url) - .post('/admin/login') - .send(admin) - .end(function(err, res) { - authValue = 'Bearer ' + res.body.content.token; - adminAuth = authValue; - res.statusCode.should.be.equal(200); - done(); - }); - }, 8*DELAY); - }); - }, 8*DELAY); + + request(url) + .post('/admin/add') + .send(admin) + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + + request(url) + .post('/admin/login') + .send(admin) + .end(function(err, res) { + + authValue = 'Bearer ' + res.body.content.token; + adminAuth = authValue; + res.statusCode.should.be.equal(200); + done(); + }); + }); }); }); - }); -describe('App', function() { +describe('1.2.App', function() { before(function(done){ - this.timeout(20*DELAY); - + + this.timeout(100*DELAY); + var clientrequest = { "name": "test-app", "keys": [ appKey ] }; + request(url) - .post('/admin/app/add') - .set('Content-type','application/json') - .set('Authorization', authValue) - .send(clientrequest) - .end(function(err, res) { - appID = res.body.content.id; - request(url) - .post('/admin/add') - .send(admin2) - .end(function(err, res) { - setTimeout(function () { + .post('/admin/app/add') + .set('Content-type','application/json') + .set('Authorization', authValue) + .send(clientrequest) + .end(function(err, res) { + + appID = res.body.content.id; + + request(url) + .post('/admin/app/add') + .set('Content-type', 'application/json') + .set('Authorization', authValue) + .send(clientrequest) + .end(function (err, res) { + + appID2 = res.body.content.id; + request(url) - .post('/admin/login') - .set('Content-type','application/json') + .post('/admin/add') .send(admin2) - .end(function(err, res) { - token2 = res.body.content.token; - authValue2 = 'Bearer ' + token2; - done(); + .end(function (err, res) { + + request(url) + .post('/admin/login') + .set('Content-type', 'application/json') + .send(admin2) + .end(function (err, res) { + + token2 = res.body.content.token; + authValue2 = 'Bearer ' + token2; + + request(url) + .post('/admin/add') + .send(admin3) + .end(function (err, res) { + + request(url) + .post('/admin/login') + .set('Content-type', 'application/json') + .send(admin3) + .end(function (err, res) { + + token3 = res.body.content.token; + authValue3 = 'Bearer ' + token3; + done(); + }); + }); + }); }); - }, 3*DELAY); - }); - }); + }); + }); }); - it('should return a success response to indicate app succesfully created', function(done) { + it('1.2.1 should return a success response to indicate app successfully created', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "name": "test-app", "keys": [ appKey ] }; + var successResponse = { "1": { "admin_id": adminEmail, @@ -300,13 +533,15 @@ describe('App', function() { "type": "application", "keys": [ appKey ] } - } + }; + request(url) .post('/admin/app/add') .set('Content-type','application/json') .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { + var objectKey = Object.keys(res.body.content)[0]; appID = res.body.content.id; (res.body.content[objectKey] == successResponse[1]).should.be.ok; @@ -314,67 +549,82 @@ describe('App', function() { }); }); - it('should return an error response to indicate app was not created because of missing app name', function(done) { + it('1.2.2 should return an error response to indicate app was not created because of missing app name', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "keys": ["3406870085495689e34d878f09faf52c"] }; + request(url) .post('/admin/app/add') .set('Content-type','application/json') .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('004'); res.statusCode.should.be.equal(400); done(); }); }); - it('should return a list of applications for the current admin', function(done) { + it('1.2.3 should return a list of applications for the current admin', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "name": "test-app", "keys": [ appKey ] }; + request(url) .post('/admin/app/add') .set('Content-type','application/json') .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { + request(url) .post('/admin/app/add') .set('Content-type','application/json') .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { - setTimeout(function () { - request(url) - .get('/admin/apps') - .set('Content-type','application/json') - .set('Authorization', authValue ) - .send() - .end(function(err, res) { - res.statusCode.should.be.equal(200); - res.body.status.should.be.equal(200); - (Object.keys(res.body.content).length >= 3).should.be.ok; - done(); - }); - }, 1000); + + request(url) + .get('/admin/apps') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .send() + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + res.body.status.should.be.equal(200); + (Object.keys(res.body.content).length >= 3).should.be.ok; + done(); + }); }); }); }); - it('should return a success response for updating an app', function(done) { + it('1.2.4 should return a success response for updating an app', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "name": "test-app", "keys": [ appKey ] }; + request(url) .post('/admin/app/add') .set('Content-type','application/json') .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { - var objectKey = Object.keys(res.body.content)[0]; + var appID = res.body.content.id; var clientrequest2 = { patches: [ @@ -385,23 +635,86 @@ describe('App', function() { } ] }; - setTimeout(function () { - request(url) - .post('/admin/app/update') - .set('Content-type','application/json') - .set('Authorization', authValue ) - .set('X-BLGREQ-APPID', appID ) - .send(clientrequest2) - .end(function(err, res) { - res.statusCode.should.be.equal(200); - done(); - }); - }, 2*DELAY); + + request(url) + .post('/admin/app/update') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID ) + .send(clientrequest2) + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + done(); + }); }); }); - - it('should return an error response for NOT updating an app because of missing appID', function(done) { + it('1.2.5 should return an error response for NOT updating an app because patches is not an array', function(done) { + + this.timeout(100*DELAY); + + var clientrequest2 = { + patches: {} + }; + + request(url) + .post('/admin/app/update') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID ) + .send(clientrequest2) + .end(function(err, res) { + + res.body.code.should.be.equal('038'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.2.6 should return an error response for NOT updating an app because patches is an empty array', function(done) { + + this.timeout(100*DELAY); + + var clientrequest2 = { + patches: [] + }; + + request(url) + .post('/admin/app/update') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID ) + .send(clientrequest2) + .end(function(err, res) { + + res.body.code.should.be.equal('038'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.2.7 should return an error response for NOT updating an app because of missing request body', function(done) { + + this.timeout(100*DELAY); + + request(url) + .post('/admin/app/update') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.2.8 should return an error response for NOT updating an app because of missing appID', function(done) { + + this.timeout(100*DELAY); var clientrequest2 = { patches: [ @@ -414,48 +727,56 @@ describe('App', function() { }; request(url) - .post('/admin/app/update') - .set('Content-type','application/json') - .set('Authorization', authValue ) - .set('X-BLGREQ-APPID', appID + '66' ) - .send(clientrequest2) - .end(function(err, res) { - res.statusCode.should.be.equal(404); - done(); - }); + .post('/admin/app/update') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID + '66' ) + .send(clientrequest2) + .end(function(err, res) { + + res.body.code.should.be.equal('011'); + res.statusCode.should.be.equal(404); + done(); + }); }); + it('1.2.9 should return a success response for removing an app', function(done) { + + this.timeout(100*DELAY); - it('should return a success response for removing an app', function(done) { var clientrequest = { "name": "test-app", "keys": [ appKey ] }; + request(url) .post('/admin/app/add') .set('Content-type','application/json') .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { - var objectKey = Object.keys(res.body.content)[0]; + var appID = res.body.content.id; - setTimeout(function() { - request(url) - .post('/admin/app/remove') - .set('Content-type','application/json') - .set('Authorization', authValue ) - .set('X-BLGREQ-APPID', appID ) - .send() - .end(function(err, res) { - res.statusCode.should.be.equal(200); - res.body.content.should.be.equal('App removed'); - done(); - }); - }, 2*DELAY); + + request(url) + .post('/admin/app/remove') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID ) + .send() + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + res.body.content.should.be.equal('App removed'); + done(); + }); }); }); - it('should return an error response for trying to remove an app that does NOT exist', function(done) { + it('1.2.10 should return an error response for trying to remove an app that does NOT exist', function(done) { + + this.timeout(100*DELAY); + request(url) .post('/admin/app/remove') .set('Content-type','application/json') @@ -463,59 +784,90 @@ describe('App', function() { .set('X-BLGREQ-APPID', Math.round(Math.random()*1000000)+1000 ) .send() .end(function(err, res) { + + res.body.code.should.be.equal('011'); res.statusCode.should.be.equal(404); done(); }); }); - - it('should return an succes to indicate an admin has been authorized to an application', function(done) { - + + it('1.2.11 should return an success to indicate an admin has been authorized to an application', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "email": adminEmail2 }; - - request(url) - .post('/admin/app/authorize') - .set('Content-type','application/json') - .set('X-BLGREQ-APPID', appID) - .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') - .set('Authorization', authValue ) - .send(clientrequest) - .end(function(err, res) { - //console.log(res.body); - if(res) - res.statusCode.should.be.equal(200); - done(); - }); - }); - - it('should return an error response to indicate admin has NOT been authorized because of the email field is missing', function(done) { - - var clientrequest = {}; - - request(url) - .post('/admin/app/authorize') - .set('Content-type','application/json') - .set('X-BLGREQ-APPID', appID) - .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') - .set('Authorization', authValue ) - .send(clientrequest) - .end(function(err, res) { - //console.log(res.body); - if(res) - res.statusCode.should.be.equal(400); - done(); - }); + + request(url) + .post('/admin/app/authorize') + .set('Content-type','application/json') + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue ) + .send(clientrequest) + .end(function(err, res) { + + if(res) + res.statusCode.should.be.equal(200); + done(); + }); }); - - it('should return an error response to indicate admin with email address already authorized for application', function(done) { - this.timeout(10*DELAY); - + + + it('1.2.12 should return an error response to indicate admin has NOT been authorized because of missing email from body', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + "something": adminEmail2 + }; + + request(url) + .post('/admin/app/authorize') + .set('Content-type','application/json') + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue ) + .send(clientrequest) + .end(function(err, res) { + + if(res) + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.2.13 should return an error response to indicate admin has NOT been authorized because request body', function(done) { + + this.timeout(100*DELAY); + + request(url) + .post('/admin/app/authorize') + .set('Content-type','application/json') + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue ) + .send() + .end(function(err, res) { + + if(res) + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.2.14 should return an error response to indicate admin with email address already authorized for application', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + "email": adminEmail2 + }; + setTimeout(function () { - var clientrequest = { - "email": adminEmail2 - }; - request(url) .post('/admin/app/authorize') .set('Content-type','application/json') @@ -524,124 +876,215 @@ describe('App', function() { .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { - //console.log(appID); - //console.log(res.body); + if(res) + res.body.code.should.be.equal('017'); res.statusCode.should.be.equal(409); done(); }); }, 6*DELAY); }); - - it('should return an error response to indicate admin has NOT been authenticated because application with that ID doesn\'t exist', function(done) { - + + it('1.2.15 should return an error response to indicate admin has NOT been authenticated because application with that ID doesn\'t exist', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "email": adminEmail2 }; - - request(url) - .post('/admin/app/authorize') - .set('Content-type','application/json') - .set('X-BLGREQ-APPID', appID + '66') - .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') - .set('Authorization', authValue ) - .send(clientrequest) - .end(function(err, res) { - if(res) - res.statusCode.should.be.equal(404); - done(); - }); + + request(url) + .post('/admin/app/authorize') + .set('Content-type','application/json') + .set('X-BLGREQ-APPID', appID + '66') + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue ) + .send(clientrequest) + .end(function(err, res) { + + if(res) + res.body.code.should.be.equal('011'); + res.statusCode.should.be.equal(404); + done(); + }); }); - - it('should return an succes to indicate an admin has been deauthorized to an application', function(done) { - + + it('1.2.16 should return an success to indicate an admin has been deauthorized to an application', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "email": adminEmail2 }; - - request(url) - .post('/admin/app/deauthorize') - .set('Content-type','application/json') - .set('X-BLGREQ-APPID', appID) - .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') - .set('Authorization', authValue ) - .send(clientrequest) - .end(function(err, res) { - if(res) - res.statusCode.should.be.equal(200); - done(); - }); - }); - - it('should return an error response to indicate admin has NOT been deauthorized because of the email field is missing', function(done) { - - var clientrequest = {}; - - request(url) - .post('/admin/app/deauthorize') - .set('Content-type','application/json') - .set('X-BLGREQ-APPID', appID) - .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') - .set('Authorization', authValue ) - .send(clientrequest) - .end(function(err, res) { - //console.log(res.body); - if(res) - res.statusCode.should.be.equal(400); - done(); - }); + + request(url) + .post('/admin/app/deauthorize') + .set('Content-type','application/json') + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue ) + .send(clientrequest) + .end(function(err, res) { + + if(res) + res.statusCode.should.be.equal(200); + done(); + }); + }); + + /*it('1.2.17 should return an error to indicate an admin has NOT been deauthorized to an application, admin not authorized', function(done) { + + var clientrequest = { + "email": adminEmail3 + }; + + request(url) + .post('/admin/app/deauthorize') + .set('Content-type','application/json') + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue ) + .send(clientrequest) + .end(function(err, res) { + + if(res){ + res.body.code.should.be.equal('012'); + res.statusCode.should.be.equal(401); + } + done(); + }); + });*/ + + + it('1.2.18 should return an error response to indicate admin has NOT been deauthorized because of empty request body', function(done) { + + this.timeout(100*DELAY); + + request(url) + .post('/admin/app/deauthorize') + .set('Content-type','application/json') + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue ) + .send() + .end(function(err, res) { + + if(res) + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + + it('1.2.19 should return an error response to indicate admin has NOT been deauthorized because of the email field is missing', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + "something": adminEmail2 + }; + + request(url) + .post('/admin/app/deauthorize') + .set('Content-type','application/json') + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue ) + .send(clientrequest) + .end(function(err, res) { + + if(res) + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.2.20 should return an error response to indicate admin has NOT been deauthorized because admin was not found in application', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + "email": adminEmail2 + }; + + request(url) + .post('/admin/app/deauthorize') + .set('Content-type','application/json') + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue2 ) + .send(clientrequest) + .end(function(err, res) { + + if(res) + res.body.code.should.be.equal('012'); + res.statusCode.should.be.equal(401); + done(); + }); }); - - it('should return an error response to indicate admin with email address is the last admin of the application', function(done) { - + + it('1.2.21 should return an error response to indicate admin with email address is the last admin of the application', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "email": adminEmail }; - - request(url) - .post('/admin/app/deauthorize') - .set('Content-type','application/json') - .set('X-BLGREQ-APPID', appID) - .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') - .set('Authorization', authValue ) - .send(clientrequest) - .end(function(err, res) { - //console.log(appID); - //console.log(res.body); - if(res) - res.statusCode.should.be.equal(409); - done(); - }); + + request(url) + .post('/admin/app/deauthorize') + .set('Content-type','application/json') + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue ) + .send(clientrequest) + .end(function(err, res) { + + if(res) + res.body.code.should.be.equal('018'); + res.statusCode.should.be.equal(409); + done(); + }); }); - - it('should return an error response to indicate admin has NOT been deauthenticated because application with that ID doesn\'t exist', function(done) { - + + it('1.2.22 should return an error response to indicate admin has NOT been deauthenticated because application with that ID doesn\'t exist', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "email": adminEmail2 }; - - request(url) - .post('/admin/app/deauthorize') - .set('Content-type','application/json') - .set('X-BLGREQ-APPID', appID + '66') - .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') - .set('Authorization', authValue ) - .send(clientrequest) - .end(function(err, res) { - if(res) - res.statusCode.should.be.equal(404); - done(); - }); + + request(url) + .post('/admin/app/deauthorize') + .set('Content-type','application/json') + .set('X-BLGREQ-APPID', appID + '66') + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue ) + .send(clientrequest) + .end(function(err, res) { + + if(res) + res.body.code.should.be.equal('011'); + res.statusCode.should.be.equal(404); + done(); + }); }); }); -describe('Context', function() { +describe('1.3.Context', function() { + + it('1.3.1 should return a success response to indicate context successfully created', function(done) { + + this.timeout(100*DELAY); - it('should return a success response to indicate context succesfully created', function(done) { var clientrequest = { - "name": "context", - "meta": {"info": "some meta info"}, - } + name: "context", + meta: {info: "some meta info"} + }; + request(url) .post('/admin/context/add') .set('Content-type','application/json') @@ -649,6 +1092,7 @@ describe('Context', function() { .set('X-BLGREQ-APPID', appID ) .send(clientrequest) .end(function(err, res) { + var objectKey = Object.keys(res.body.content)[0]; contextID = res.body.content.id; (res.body.content[objectKey].name == clientrequest.name).should.be.ok; @@ -657,10 +1101,30 @@ describe('Context', function() { }); }); - it('should return the requested context', function(done) { + it('1.3.2 should return an error response to indicate context was NOT successfully created because of empty request body', function(done) { + + request(url) + .post('/admin/context/add') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.3.3 should return the requested context', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "id": contextID - } + }; + request(url) .post('/admin/context') .set('Content-type','application/json') @@ -668,67 +1132,112 @@ describe('Context', function() { .set('X-BLGREQ-APPID', appID ) .send(clientrequest) .end(function(err, res) { + res.statusCode.should.be.equal(200); done(); }); }); - it('should NOT return the requested context, requested context ID is missing', function(done) { - var clientrequest = { - } + it('1.3.4 should NOT return the requested context, requested context ID is missing', function(done) { + + this.timeout(100*DELAY); + request(url) .post('/admin/context') .set('Content-type','application/json') .set('Authorization', authValue) .set('X-BLGREQ-APPID', appID) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.3.5 should return an error response to indicate context NOT successfully created because of bad client headers', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + name: "context", + meta: {info: "some meta info"} + }; + + request(url) + .post('/admin/context/add') + .set('Content-type','application/json') + .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('010'); res.statusCode.should.be.equal(400); done(); }); }); - it('should return an error response to indicate context NOT succesfully created because of bad client headers', function(done) { - var clientrequest = { - "name": "context", - "meta": {"info": "some meta info"} - }; + it('1.3.6 should return an error response to indicate context NOT successfully created because request body is empty', function(done) { + + this.timeout(100*DELAY); + request(url) .post('/admin/context/add') .set('Content-type','application/json') .set('Authorization', authValue ) - .send(clientrequest) + .send() .end(function(err, res) { + + res.body.code.should.be.equal('010'); res.statusCode.should.be.equal(400); done(); }); }); - it('should return an error response to indicate context NOT succesfully created because request body is empty', function(done) { - var clientrequest = {}; - + it('1.3.7 should return a success response to indicate context was updated', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + "id": contextID, + "patches": [ + { + "op": "replace", + "path": "context/"+contextID+"/name", + "value": "New name" + } + ] + }; + request(url) - .post('/admin/context/add') + .post('/admin/context/update') .set('Content-type','application/json') + .set('X-BLGREQ-APPID', appID ) .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(400); + + res.statusCode.should.be.equal(200); done(); }); }); - it('should return a success response to indicate context was updated', function(done) { + it('1.3.8 should return an error response to indicate context was NOT updated because context was not found', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "id": contextID, + "id": contextID + '66', "patches": [ { "op": "replace", - "path": "context/"+contextID+"/name", + "path": "context/"+contextID + '66' +"/name", "value": "New name" } ] - } + }; + request(url) .post('/admin/context/update') .set('Content-type','application/json') @@ -736,16 +1245,22 @@ describe('Context', function() { .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(200); + + res.body.code.should.be.equal('020'); + res.statusCode.should.be.equal(404); done(); }); }); - it('should return an error response to indicate context was NOT updated because patches are missing', function(done) { + it('1.3.9 should return an error response to indicate context was NOT updated because patches are missing', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "id": Math.round(Math.random()*1000000)+100, "name": "new name" - } + }; + request(url) .post('/admin/context/update') .set('Content-type','application/json') @@ -753,20 +1268,40 @@ describe('Context', function() { .set('X-BLGREQ-APPID', appID ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('038'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.3.10 should return an error response to indicate context was NOT updated because of missing request body', function(done) { + + this.timeout(100*DELAY); + + request(url) + .post('/admin/context/update') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('005'); res.statusCode.should.be.equal(400); done(); }); }); - it('should return an error response to indicate context was NOT updated because context does not exist', function(done) { + it('1.3.11 should return an error response to indicate context was NOT updated because patches is empty', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "id": Math.round(Math.random()*1000000)+100, - "patches": [{ - op: "replace", - path: "context/0/name", - value: "new value" - }] + "patches": [] }; + request(url) .post('/admin/context/update') .set('Content-type','application/json') @@ -774,15 +1309,28 @@ describe('Context', function() { .set('X-BLGREQ-APPID', appID ) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(404); + + res.body.code.should.be.equal('038'); + res.statusCode.should.be.equal(400); done(); }); }); - it('should return an error response to indicate context was NOT updated because of missing context id', function(done) { + it('1.3.12 should return an error response to indicate context was NOT updated because of missing context id', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "name": "new name" - } + "name": "new name", + "patches": [ + { + "op": "replace", + "path": "context/"+contextID+"/name", + "value": "New name" + } + ] + }; + request(url) .post('/admin/context/update') .set('Content-type','application/json') @@ -790,12 +1338,17 @@ describe('Context', function() { .set('X-BLGREQ-APPID', appID ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('004'); res.statusCode.should.be.equal(400); done(); }); }); - it('should return an error response to indicate context was NOT updated by another admin', function(done) { + it('1.3.13 should return an error response to indicate context was NOT updated by another admin', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "id": contextID, "patches": [ @@ -805,7 +1358,7 @@ describe('Context', function() { "value": "New name" } ] - } + }; request(url) .post('/admin/context/update') @@ -814,15 +1367,21 @@ describe('Context', function() { .set('X-BLGREQ-APPID', appID) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('012'); res.statusCode.should.be.equal(401); done(); }); }); - it('should return an error response to indicate context was NOT removed because of invalid context id', function(done) { + it('1.3.14 should return an error response to indicate context was NOT removed because of invalid context id', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "id": 1 - } + }; + request(url) .post('/admin/context/remove') .set('Content-type','application/json') @@ -830,15 +1389,21 @@ describe('Context', function() { .set('X-BLGREQ-APPID', appID) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('020'); res.statusCode.should.be.equal(404); done(); }); }); - it('should return an error indicating the requested context does NOT exist', function(done) { + it('1.3.15 should return an error indicating the requested context does NOT exist', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "id": Math.round(Math.random()*1000000)+100 - } + }; + request(url) .post('/admin/context') .set('Content-type','application/json') @@ -846,50 +1411,94 @@ describe('Context', function() { .set('X-BLGREQ-APPID', appID ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('020'); res.statusCode.should.be.equal(404); res.body.message.should.be.equal("Context not found"); done(); }); }); - it('should return all contexts using the old API', function(done) { - this.timeout(9*DELAY); - setTimeout(function () { - request(url) - .get('/admin/contexts') - .set('Content-type','application/json') - .set('Authorization', authValue) - .set('X-BLGREQ-APPID', appID) - .send() - .end(function(err, res) { - res.statusCode.should.be.equal(200); - res.body.content.should.have.length(1); - done(); - }); - }, 6*DELAY); + it('1.3.16 should return an error response to indicate context was NOT removed because of missing id from request body', function(done) { + + this.timeout(100*DELAY); + + request(url) + .post('/admin/context/remove') + .set('Content-type','application/json') + .set('Authorization', authValue) + .set('X-BLGREQ-APPID', appID) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); }); - it('should return all contexts using the new API', function(done) { - this.timeout(9*DELAY); - setTimeout(function () { - request(url) - .get('/admin/context/all') - .set('Content-type','application/json') - .set('Authorization', authValue) - .set('X-BLGREQ-APPID', appID) - .send() - .end(function(err, res) { - res.statusCode.should.be.equal(200); - res.body.content.should.have.length(1); - done(); - }); - }, 6*DELAY); + it('1.3.17 should return all contexts using the old API', function(done) { + + this.timeout(100*DELAY); + + request(url) + .get('/admin/contexts') + .set('Content-type','application/json') + .set('Authorization', authValue) + .set('X-BLGREQ-APPID', appID) + .send() + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + res.body.content.should.have.length(1); + done(); + }); + }); + + it('1.3.18 should return all contexts using the new API', function(done) { + + this.timeout(100*DELAY); + + request(url) + .get('/admin/context/all') + .set('Content-type','application/json') + .set('Authorization', authValue) + .set('X-BLGREQ-APPID', appID) + .send() + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + res.body.content.should.have.length(1); + done(); + }); + }); + + it('1.3.19 should NOT return all contexts using the old API because of invalid appID', function(done) { + + this.timeout(100*DELAY); + + request(url) + .get('/admin/contexts') + .set('Content-type','application/json') + .set('Authorization', authValue) + .set('X-BLGREQ-APPID', appID + '66') + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('011'); + res.statusCode.should.be.equal(404); + done(); + }); }); - it('should return a success response to indicate context was removed', function(done) { + it('1.3.20 should return a success response to indicate context was removed', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "id": contextID - } + id: contextID + }; + request(url) .post('/admin/context/remove') .set('Content-type','application/json') @@ -897,6 +1506,7 @@ describe('Context', function() { .set('X-BLGREQ-APPID', appID) .send(clientrequest) .end(function(err, res) { + res.statusCode.should.be.equal(200); res.body.content.should.be.equal('Context removed'); done(); @@ -904,8 +1514,12 @@ describe('Context', function() { }); }); -describe('Schema', function() { - it('should return a success response to indicate schema succesfully updated', function(done) { +describe('1.4.Schema', function() { + + it('1.4.1 should return a success response to indicate schema successfully updated', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "appId": appID, "schema": { @@ -979,12 +1593,16 @@ describe('Schema', function() { .set('X-BLGREQ-APPID', appID ) .send(clientrequest) .end(function(err, res) { + res.statusCode.should.be.equal(200); done(); }); }); - it('should return an error response to indicate schema was NOT succesfully updated because of appID', function(done) { + it('1.4.2 should return an error response to indicate schema was NOT successfully updated because of appID', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { "appId": "1", "schema": { @@ -1032,172 +1650,299 @@ describe('Schema', function() { }; request(url) - .post('/admin/schema/update') + .post('/admin/schema/update') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', Math.round(Math.random()*1000000)+1000 ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('011'); + res.statusCode.should.be.equal(404); + done(); + }); + }); + + it('1.4.3 should return an error response to indicate schema was NOT successfully updated because of missing schema object', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + appId: "1" + }; + + request(url) + .post('/admin/schema/update') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); + }); + + it('1.4.4 should return a success response to indicate schema was retrieved successfully using the old API', function(done) { + + this.timeout(100*DELAY); + + request(url) + .get('/admin/schemas') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID ) + .send() + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + done(); + }); + }); + + it('1.4.5 should return a success response to indicate schema was retrieved successfully using the new API', function(done) { + + this.timeout(100*DELAY); + + request(url) + .get('/admin/schema/all') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID ) + .send() + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + done(); + }); + }); + + it('1.4.6 should return a success response to indicate a model was removed from the application', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model_name: "things" + }; + + request(url) + .post('/admin/schema/remove_model') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID ) + .send(clientrequest) + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + done(); + }); + }); + + it('1.4.7 should return a error response to indicate a model was NOT removed from the application because of wrong appID', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model_name: "things" + }; + + request(url) + .post('/admin/schema/remove_model') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID + '66' ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('011'); + res.statusCode.should.be.equal(404); + done(); + }); + }); + + it('1.4.8 should return a error response to indicate a model was NOT removed from the application because model name does NOT exist', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model_name: "others" + }; + + request(url) + .post('/admin/schema/remove_model') .set('Content-type','application/json') .set('Authorization', authValue ) - .set('X-BLGREQ-APPID', Math.round(Math.random()*1000000)+1000 ) + .set('X-BLGREQ-APPID', appID ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('022'); res.statusCode.should.be.equal(404); done(); }); }); - it('should return an error response to indicate schema was NOT succesfully updated because of missing schema object', function(done) { + it('1.4.9 should return a error response to indicate a model was NOT removed from the application because model was missing from the request', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "appId": "1" + something: "others" }; + request(url) - .post('/admin/schema/update') + .post('/admin/schema/remove_model') .set('Content-type','application/json') .set('Authorization', authValue ) - .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-APPID', appID) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('004'); res.statusCode.should.be.equal(400); done(); }); }); - it('should return a success response to indicate schema was retrived succesfully using the old API', function(done) { + it('1.4.10 should return a error response to indicate a model was NOT removed from the application because of bad route', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + something: "others" + }; + request(url) - .get('/admin/schemas') + .post('/admin/schema/remove_mode') .set('Content-type','application/json') .set('Authorization', authValue ) - .set('X-BLGREQ-APPID', appID ) - .send() + .set('X-BLGREQ-APPID', appID) + .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(200); + + res.body.code.should.be.equal('003'); + res.statusCode.should.be.equal(404); done(); }); }); +}); + +describe('1.5.User', function() { + + var clientrequest = { + email: userEmail, + password: "secure_password1337", + name: "John Smith" + }; + + before(function(done){ + + this.timeout(100*DELAY); - it('should return a success response to indicate schema was retrived succesfully using the new API', function(done) { request(url) - .get('/admin/schema/all') + .post('/user/register') .set('Content-type','application/json') - .set('Authorization', authValue ) + .set('X-BLGREQ-SIGN', appIDsha256 ) .set('X-BLGREQ-APPID', appID ) - .send() + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(200); - done(); + + setTimeout(done, 20*DELAY); }); }); - - // it('should return a success response to indicate a model was removed from the application', function(done) { - - // var clientrequest = { - // "model_name": "things" - // }; - - // request(url) - // .post('/admin/schema/remove_model') - // .set('Content-type','application/json') - // .set('Authorization', authValue ) - // .set('X-BLGREQ-APPID', appID ) - // .send(clientrequest) - // .end(function(err, res) { - // console.log(res.body); - // res.statusCode.should.be.equal(200); - // done(); - // }); - // }); - - it('should return a error response to indicate a model was NOT removed from the application because of wrong appID', function(done) { - + + it('1.5.1 should return a success response to indicate that an user name was updated', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "model_name": "things" + email : userEmail, + patches: [ + { + op: "replace", + path: "user/"+userEmail+"/name", + value: "new value" + } + ] }; - + request(url) - .post('/admin/schema/remove_model') + .post('/admin/user/update') .set('Content-type','application/json') - .set('Authorization', authValue ) - .set('X-BLGREQ-APPID', appID + '66' ) + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(404); + + res.statusCode.should.be.equal(200); done(); }); }); - - it('should return a error response to indicate a model was NOT removed from the application because model name does NOT exist', function(done) { - + + it('1.5.2 should return a success response to indicate that an user password was updated', function(done) { + this.timeout(100*DELAY); + var clientrequest = { - "model_name": "others" + "email" : userEmail, + "patches": [ + { + "op": "replace", + "path": "user/"+userEmail+"/password", + "value": "new value" + } + ] }; - + request(url) - .post('/admin/schema/remove_model') + .post('/admin/user/update') .set('Content-type','application/json') - .set('Authorization', authValue ) - .set('X-BLGREQ-APPID', appID + '66' ) + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(404); + + res.statusCode.should.be.equal(200); done(); }); }); + it('1.5.3 should return an error response to indicate that an user was NOT updated, user was missing from the request', function(done) { -}); - -describe('User', function() { - - var clientrequest = { - "email": userEmail, - "password": "secure_password1337", - "name": "John Smith" - }; + this.timeout(100*DELAY); - before(function(done){ - this.timeout(11*DELAY); request(url) - .post('/user/register') - .set('Content-type','application/json') - .set('X-BLGREQ-SIGN', appIDsha256 ) - .set('X-BLGREQ-APPID', appID ) - .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) - .send(clientrequest) - .end(function(err, res) { - //console.log(res.body); - setTimeout(done, 7*DELAY); - }); + .post('/admin/user/update') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .set('Authorization', authValue ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); + done(); + }); }); - it('should return a success response to indicate that an user was updated', function(done) { - this.timeout(12*DELAY); + it('1.5.4 should return an error response to indicate that an user was NOT updated, user email address was missing from the request', function(done) { + + this.timeout(100*DELAY); var clientrequest = { - "email" : userEmail, - "patches": [ - { - "op": "replace", - "path": "user/"+userEmail+"/name", - "value": "new value" - } - ] - }; - - request(url) - .post('/admin/user/update') - .set('Content-type','application/json') - .set('X-BLGREQ-SIGN', appIDsha256) - .set('X-BLGREQ-APPID', appID) - .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') - .set('Authorization', authValue) - .send(clientrequest) - .end(function(err, res) { - //console.log(res.body); - res.statusCode.should.be.equal(200); - setTimeout(done, 8*DELAY); - }); - }); - - it('should return a success response to indicate that an user was NOT updated, user was missing from the request', function(done) { - var clientrequest = { + "user": { + "name": "New Name" + } }; + request(url) .post('/admin/user/update') .set('Content-type','application/json') @@ -1207,17 +1952,22 @@ describe('User', function() { .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('038'); res.statusCode.should.be.equal(400); done(); }); }); - it('should return a success response to indicate that an user was NOT updated, user email address was missing from the request', function(done) { + it('1.5.5 should return an error response to indicate that an user was NOT updated because patches is empty', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "user": { - "name": "New Name" - } + "email" : userEmail, + "patches": [] }; + request(url) .post('/admin/user/update') .set('Content-type','application/json') @@ -1227,13 +1977,16 @@ describe('User', function() { .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('038'); res.statusCode.should.be.equal(400); done(); }); }); - it('should return a success response indicating that a user has been deleted', function(done) { - this.timeout(25000); + it('1.5.6 should return a success response indicating that a user has been deleted', function(done) { + + this.timeout(100*DELAY); request(url) .post('/user/register') @@ -1243,7 +1996,9 @@ describe('User', function() { .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .send(clientrequest) .end(function(err, res) { + setTimeout(function() { + request(url) .post('/admin/user/delete') .set('Content-type','application/json') @@ -1253,58 +2008,70 @@ describe('User', function() { .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .send(clientrequest) .end(function(err, res) { + res.statusCode.should.be.equal(200); done(); }); - }, 2*DELAY); - }); - - }); - - // it('should return a success response indicating that a user has NOT been deleted, user does not belong to application', function(done) { - // this.timeout(25000); - // var userEmail = "user3@example.com"; - // var clientrequest = { - // "email": userEmail, - // "password": "secure_password1337", - // "name": "John Smith" - // }; - // request(url) - // .post('/user/register') - // .set('Content-type','application/json') - // .set('X-BLGREQ-SIGN', appIDsha256 ) - // .set('X-BLGREQ-APPID', appID ) - // .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) - // .send(clientrequest) - // .end(function(err, res) { - // var userEmail = "user2@example.com"; - // var clientrequest = { - // "email": userEmail, - // "password": "secure_password1337", - // "name": "John Smith" - // }; - // setTimeout(function() { - // request(url) - // .post('/admin/user/delete') - // .set('Content-type','application/json') - // .set('X-BLGREQ-SIGN', appIDsha256 ) - // .set('X-BLGREQ-APPID', appID ) - // .set('Authorization', authValue ) - // .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) - // .send(clientrequest) - // .end(function(err, res) { - // res.statusCode.should.be.equal(500); - // done(); - // }); - // }, DELAY); - // }); - // }); - - it('should return a error response indicating that a user has NOT been deleted because of missing email address', function(done) { + }, 20*DELAY); + }); + }); + + it('1.5.7 should return a success response indicating that a user has NOT been deleted, user does not belong to application', function(done) { + + this.timeout(100*DELAY); + + var userEmail = "user3@example.com"; + var clientrequest = { + email: userEmail, + password: "secure_password1337", + name: "John Smith" + }; + + request(url) + .post('/user/register') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .send(clientrequest) + .end(function(err, res) { + + var userEmail = "user2@example.com"; + var clientrequest = { + "email": userEmail, + "password": "secure_password1337", + "name": "John Smith" + }; + + setTimeout(function() { + + request(url) + .post('/admin/user/delete') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('Authorization', authValue ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('023'); + res.statusCode.should.be.equal(404); + done(); + }); + }, 20*DELAY); + }); + }); + + it('1.5.8 should return a error response indicating that a user has NOT been deleted because of missing email address', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "password": "secure_password1337", - "name": "John Smith" + password: "secure_password1337", + name: "John Smith" }; + request(url) .post('/admin/user/delete') .set('Content-type','application/json') @@ -1314,44 +2081,55 @@ describe('User', function() { .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('004'); res.statusCode.should.be.equal(400); done(); }); }); - it('should return an error response indicating that a user has NOT been deleted because of appID not found', function(done) { - this.timeout(25000); + it('1.5.9 should return an error response indicating that a user has NOT been deleted because of appID not found', function(done) { + + this.timeout(100*DELAY); + var userEmail = "user3@example.com"; var clientrequest = { - "email": userEmail, - "password": "secure_password1337", - "name": "John Smith" + email: userEmail, + password: "secure_password1337", + name: "John Smith" }; + request(url) .post('/admin/user/delete') .set('Content-type','application/json') .set('X-BLGREQ-SIGN', appIDsha256 ) - .set('X-BLGREQ-APPID', Math.round(Math.random()*1000000)+1000 ) + .set('X-BLGREQ-APPID', Math.round(Math.random()*1000000)+1000 ) .set('Authorization', authValue ) .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('011'); res.statusCode.should.be.equal(404); done(); }); }); - it('should return an error response to indicate that an user was NOT found when trying to update', function(done) { + it('1.5.10 should return an error response to indicate that an user was NOT found when trying to update', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "email" : "wrong@example.com", - "patches": [ + email : "wrong@example.com", + patches: [ { - "op": "replace", - "path": "user/"+userEmail+"/name", - "value": "new value" + op: "replace", + path: "user/"+userEmail+"/name", + value: "new value" } ] }; + request(url) .post('/admin/user/update') .set('Content-type','application/json') @@ -1361,21 +2139,27 @@ describe('User', function() { .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('023'); res.statusCode.should.be.equal(404); done(); }); }); - it('should return an error response to indicate that the user email is missing', function(done) { + it('1.5.11 should return an error response to indicate that the user email is missing', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "patches": [ + patches: [ { - "op": "replace", - "path": "user/"+userEmail+"/name", - "value": "new value" + op: "replace", + path: "user/"+userEmail+"/name", + value: "new value" } ] }; + request(url) .post('/admin/user/update') .set('Content-type','application/json') @@ -1385,14 +2169,19 @@ describe('User', function() { .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('004'); res.statusCode.should.be.equal(400); done(); }); }); - it('should return a success response to indicate that an admin list was retrived', function(done) { + it('1.5.12 should return a success response to indicate that an admin list was retrieved', function(done) { + + this.timeout(100*DELAY); + request(url) - .get('/admin/users') + .post('/admin/users') .set('Content-type','application/json') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-APPID', appID) @@ -1400,16 +2189,41 @@ describe('User', function() { .set('Authorization', authValue ) .send() .end(function(err, res) { - if(res) { - res.statusCode.should.be.equal(200); - } + + res.statusCode.should.be.equal(200); + done(); + }); + }); + + it('1.5.13 should return a success response to indicate that an admin list was retrieved with pagination', function(done) { + + this.timeout(100*DELAY); + + var clientRequest = { + page: 2 + }; + + request(url) + .post('/admin/users') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue ) + .send(clientRequest) + .end(function(err, res) { + + res.statusCode.should.be.equal(200); done(); }); }); - it('should return an error response to indicate that an admin list was NOT retrived for a bad app id', function(done) { + it('1.5.14 should return an error response to indicate that an admin list was NOT retrieved for a bad app id', function(done) { + + this.timeout(100*DELAY); + request(url) - .get('/admin/users') + .post('/admin/users') .set('Content-type','application/json') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-APPID', Math.round(Math.random()*1000000)+1000) @@ -1417,15 +2231,22 @@ describe('User', function() { .set('Authorization', authValue ) .send() .end(function(err, res) { - if(res) + + if(res) { + res.body.code.should.be.equal('011'); res.statusCode.should.be.equal(404); + } + done(); }); }); - it('should return a success response to indicate that an users list was retrived', function(done) { + it('1.5.15 should return a success response to indicate that an users list was retrieved', function(done) { + + this.timeout(100*DELAY); + request(url) - .get('/admin/user/all') + .post('/admin/user/all') .set('Content-type','application/json') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-APPID', appID) @@ -1433,8 +2254,34 @@ describe('User', function() { .set('Authorization', authValue ) .send() .end(function(err, res) { + + if(res) { + res.body.content.should.not.be.empty; + res.statusCode.should.be.equal(200); + } + done(); + }); + }); + + it('1.5.16 should return a success response to indicate that an users list was retrieved with pagination', function(done) { + + this.timeout(100*DELAY); + + var clientRequest = { + page: 2 + }; + + request(url) + .post('/admin/user/all') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28') + .set('Authorization', authValue ) + .send(clientRequest) + .end(function(err, res) { + if(res) { - //console.log(res.body); res.body.content.should.not.be.empty; res.statusCode.should.be.equal(200); } @@ -1442,9 +2289,12 @@ describe('User', function() { }); }); - it('should return an error response to indicate that an users list was NOT retrived for a bad app id', function(done) { + it('1.5.17 should return an error response to indicate that an users list was NOT retrieved for a bad app id', function(done) { + + this.timeout(100*DELAY); + request(url) - .get('/admin/user/all') + .post('/admin/user/all') .set('Content-type','application/json') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-APPID', Math.round(Math.random()*1000000)+1000) @@ -1452,8 +2302,11 @@ describe('User', function() { .set('Authorization', authValue ) .send() .end(function(err, res) { - if(res) + + if(res) { + res.body.code.should.be.equal('011'); res.statusCode.should.be.equal(404); + } done(); }); }); diff --git a/test/api.js b/test/api.js index 463a6c5..1c34d19 100644 --- a/test/api.js +++ b/test/api.js @@ -4,17 +4,18 @@ function importTest(name, path) { }); } -describe('API', function () { - function normalizePort(val) { - var port = parseInt(val, 10); - if (isNaN(port)) { - return val; - } - if (port >= 0) { - return port; - } - return false; +function normalizePort(val) { + var port = parseInt(val, 10); + if (isNaN(port)) { + return val; + } + if (port >= 0) { + return port; } + return false; +}; + +describe('API', function () { before(function (done) { this.timeout(15000); @@ -26,6 +27,7 @@ describe('API', function () { server.listen(port); server.on('listening', function() { setTimeout(done, 3000); + //done(); }); }); @@ -34,9 +36,9 @@ describe('API', function () { done(); }); - importTest("Admin", './admin/admin'); - importTest("Context", './context/context'); - importTest("Device", './device/device'); - importTest("Object", './object/object'); - importTest("User", './user/user'); + importTest("1.Admin", './admin/admin'); + importTest("2.Context", './context/context'); + importTest("3.Device", './device/device'); + importTest("4.Object", './object/object'); + importTest("5.User", './user/user'); }); diff --git a/test/common.js b/test/common.js index b011608..3d89fb6 100644 --- a/test/common.js +++ b/test/common.js @@ -8,7 +8,7 @@ var logLevel = process.env.TP_TST_LOG || 1; exports.url = 'http://localhost:3000'; exports.appKey = appKey; exports.appIDsha256 = crypto.SHA256(appKey).toString(crypto.enc.Hex); -exports.DELAY = 400; +exports.DELAY = 100; exports.logLevel = logLevel; function highjackEnd(request) { diff --git a/test/context/context.js b/test/context/context.js index 9f5efb2..93b10bb 100644 --- a/test/context/context.js +++ b/test/context/context.js @@ -1,8 +1,6 @@ var common = require('../common'); var request = common.request; var should = common.should; -var assert = common.assert; -var crypto = common.crypto; var url = common.url; var DELAY = common.DELAY; @@ -13,9 +11,9 @@ var appID; var token; var clientrequest = { - 'email': 'user'+Math.round(Math.random()*1000000)+'@example.com', - 'password': 'secure_password1337', - 'name': 'John Smith' + email: 'user'+Math.round(Math.random()*1000000)+'@example.com', + password: 'secure_password1337', + name: 'John Smith' }; var adminEmail = 'admin'+Math.round(Math.random()*1000000)+'@example.com'; @@ -27,43 +25,50 @@ var admin = { }; before(function(done){ - this.timeout(10000); + + this.timeout(100*DELAY); + var clientrequest = { - "name": "test-app", - "keys": [ common.appKey ] + name: "test-app", + keys: [ common.appKey ] }; + request(url) .post('/admin/add') .send(admin) .end(function(err, res) { - setTimeout(function () { - request(url) - .post('/admin/login') - .set('Content-type','application/json') - .send(admin) - .end(function(err, res) { - var token = res.body.content.token; - authValue = 'Bearer ' + token; - request(url) - .post('/admin/app/add') - .set('Content-type','application/json') - .set('Authorization', authValue) - .send(clientrequest) - .end(function(err, res) { - appID = res.body.content.id; - done(); - }); - }); - }, 3*DELAY); + + request(url) + .post('/admin/login') + .set('Content-type','application/json') + .send(admin) + .end(function(err, res) { + + var token = res.body.content.token; + authValue = 'Bearer ' + token; + + request(url) + .post('/admin/app/add') + .set('Content-type','application/json') + .set('Authorization', authValue) + .send(clientrequest) + .end(function(err, res) { + appID = res.body.content.id; + done(); + }); + }); }); }); before(function(done){ - this.timeout(10*DELAY); + + this.timeout(100*DELAY); + var clientrequest = { - "name": "context", - "meta": {"info": "some meta info"}, - } + name: "context", + meta: {info: "some meta info"}, + }; + request(url) .post('/admin/context/add') .set('Content-type','application/json') @@ -71,15 +76,20 @@ before(function(done){ .set('X-BLGREQ-APPID', appID ) .send(clientrequest) .end(function(err, res) { + contextID = res.body.content.id; done(); }); }); -it('should return a success response to indicate context succesfully retrived', function(done) { +it('2.1 should return a success response to indicate context successfully retrieved', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "id": contextID - } + id: contextID + }; + request(url) .post('/context') .set('Content-type','application/json') @@ -89,13 +99,16 @@ it('should return a success response to indicate context succesfully retrived', .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { + res.statusCode.should.be.equal(200); done(); }); }); -it('should return an error response to indicate context wa NOT succesfully retrived because of missing context ID', function(done) { - var clientrequest = {} +it('2.2 should return an error response to indicate context was NOT successfully retrieved because of missing context ID', function(done) { + + this.timeout(100*DELAY); + request(url) .post('/context') .set('Content-type','application/json') @@ -103,31 +116,87 @@ it('should return an error response to indicate context wa NOT succesfully retri .set('X-BLGREQ-APPID', appID ) .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .set('Authorization', authValue ) - .send(clientrequest) + .send() .end(function(err, res) { + + res.body.code.should.be.equal('004'); res.statusCode.should.be.equal(400); done(); }); }); -it('should return an error response to indicate context NOT succesfully retrived', function(done) { +it('2.3 should return an error response to indicate context NOT successfully retrieved because of bad context ID', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { id: Math.round(Math.random()*1000000)+1000 }; + request(url) - .get('/context') + .post('/context') .set('X-BLGREQ-SIGN', appIDsha256 ) .set('X-BLGREQ-APPID', appID ) .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('020'); res.statusCode.should.be.equal(404); done(); }); }); -it('should return a success response to indicate all contexts succesfully retrived', function(done) { +it('2.4 should return an error response to indicate context NOT successfully retrieved because of missing authorization', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + id: contextID + }; + + request(url) + .post('/context') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('013'); + res.statusCode.should.be.equal(401); + done(); + }); +}); + +it('2.5 should return an error response to indicate context NOT successfully retrieved because of bad authorization', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + id: contextID + }; + + request(url) + .post('/context') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .set('Authorization', authValue + '66') + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('040'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('2.6 should return a success response to indicate all contexts successfully retrieved', function(done) { + + this.timeout(100*DELAY); + request(url) .get('/context/all') .set('Content-type','application/json') @@ -137,6 +206,7 @@ it('should return a success response to indicate all contexts succesfully retriv .set('Authorization', authValue ) .send() .end(function(err, res) { + res.statusCode.should.be.equal(200); done(); }); diff --git a/test/device/device.js b/test/device/device.js index a3fac25..6dc69d0 100644 --- a/test/device/device.js +++ b/test/device/device.js @@ -1,8 +1,6 @@ var common = require('../common'); var request = common.request; var should = common.should; -var assert = common.assert; -var crypto = common.crypto; var url = common.url; var DELAY = common.DELAY; @@ -10,7 +8,7 @@ var appID; var authValue; var appIDsha256 = common.appIDsha256; -var adminEmail = 'admin'+Math.round(Math.random()*1000000)+'@example.com'; +var adminEmail = 'admin' + Math.round(Math.random() * 1000000) + '@example.com'; var adminPassword = '5f4dcc3b5aa765d61d8327deb882cf99'; var admin = { @@ -19,177 +17,261 @@ var admin = { }; var invalidUDID = 'invalid'; +var deviceIdentifier; before(function(done){ - this.timeout(10000); + + this.timeout(100*DELAY); + var clientrequest = { - "name": "test-app", - "keys": [ common.appKey ] + name: "test-app", + keys: [ common.appKey ] }; + request(url) .post('/admin/add') .send(admin) .end(function(err, res) { - setTimeout(function () { - request(url) - .post('/admin/login') - .set('Content-type','application/json') - .send(admin) - .end(function(err, res) { - var token = res.body.content.token; - authValue = 'Bearer ' + token; - request(url) - .post('/admin/app/add') - .set('Content-type','application/json') - .set('Authorization', authValue) - .send(clientrequest) - .end(function(err, res) { - appID = res.body.content.id; - done(); - }); - }); - }, 3*DELAY); + + request(url) + .post('/admin/login') + .set('Content-type','application/json') + .send(admin) + .end(function(err, res) { + + var token = res.body.content.token; + authValue = 'Bearer ' + token; + + request(url) + .post('/admin/app/add') + .set('Content-type','application/json') + .set('Authorization', authValue) + .send(clientrequest) + .end(function(err, res) { + + appID = res.body.content.id; + done(); + }); + }); }); }); -it('should return a success response to indicate device succesfully registered', function(done) { - var clientrequest = { - "info": { - "os": "Android", - "version": "4.4.3", - "sdk_level": 19, - "manufacturer": "HTC", - "model": "HTC One_M8", - "udid": invalidUDID +it('3.1 should return a success response to indicate device successfully registered', function(done) { + + this.timeout(100*DELAY); + + var clientRequest = { + info: { + os: "Android", + version: "4.4.3", + sdk_level: 19, + manufacturer: "HTC", + model: "HTC One_M8", + udid: invalidUDID }, - "persistent": { - "type": "android", - "token": "android pn token" + persistent: { + type: "android", + token: "android pn token" } - } + }; + request(url) .post('/device/register') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', '') .set('X-BLGREQ-APPID', appID) - .send(clientrequest) + .send(clientRequest) .end(function(err, res) { + res.statusCode.should.be.equal(200); res.body.content.identifier; done(); }); }); -it('should return a success response to indicate device succesfully registered with random udid', function(done) { - var clientrequest = { - "info": { - "os": "Android", - "version": "4.4.3", - "sdk_level": 19, - "manufacturer": "HTC", - "model": "HTC One_M8", - "udid": Math.round(Math.random()*1000000)+1000 +it('3.2 should return a success response to indicate device successfully registered with random UDID', function(done) { + + this.timeout(100*DELAY); + + var clientRequest = { + info: { + os: "Android", + version: "4.4.3", + sdk_level: 19, + manufacturer: "HTC", + model: "HTC One_M8", + udid: Math.round(Math.random()*1000000)+1000 }, - "persistent": { - "type": "android", - "token": "android pn token" + persistent: { + type: "android", + token: "android pn token" } - } + }; + request(url) .post('/device/register') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', '') .set('X-BLGREQ-APPID',1) - .send(clientrequest) + .send(clientRequest) .end(function(err, res) { + res.statusCode.should.be.equal(200); - res.body.content.identifier; + deviceIdentifier = res.body.content.identifier; done(); }); }); -it('should return an error response to indicate device succesfully registered, uuid missing from request', function(done) { - var clientrequest = { - "info": { - "os": "Android", - "version": "4.4.3", - "sdk_level": 19, - "manufacturer": "HTC", - "model": "HTC One_M8", +it('3.3 should return a success response to indicate device successfully updated', function(done) { + this.timeout(100*DELAY); + + var clientRequest = { + info: { + os: "Android", + version: "4.4.3", + sdk_level: 19, + manufacturer: "HTC", + model: "HTC One_M8", }, - "persistent": { - "type": "android", - "token": "android pn token" + persistent: { + type: "android", + token: "android pn token" } - } + }; + + request(url) + .post('/device/register') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentifier) + .set('X-BLGREQ-APPID',1) + .send(clientRequest) + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + done(); + }); +}); + +it('3.4 should return an error response to indicate device successfully registered, uuid missing from request', function(done) { + + this.timeout(100*DELAY); + + var clientRequest = { + info: { + os: "Android", + version: "4.4.3", + sdk_level: 19, + manufacturer: "HTC", + model: "HTC One_M8", + }, + persistent: { + type: "android", + token: "android pn token" + } + }; + request(url) .post('/device/register') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', '') .set('X-BLGREQ-APPID',1) - .send(clientrequest) + .send(clientRequest) .end(function(err, res) { + res.statusCode.should.be.equal(200); done(); }); }); -it('should return an error response to indicate device NOT succesfully registered because of missing info', function(done) { - var clientrequest = { - "persistent": { - "type": "android", - "token": "android pn token" +it('3.5 should return an error response to indicate device NOT successfully registered because of missing info', function(done) { + + this.timeout(100*DELAY); + + var clientRequest = { + persistent: { + type: "android", + token: "android pn token" } - } + }; + request(url) .post('/device/register') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', '') .set('X-BLGREQ-APPID',1) - .send(clientrequest) + .send(clientRequest) .end(function(err, res) { + + res.body.code.should.be.equal('004'); res.statusCode.should.be.equal(400); done(); }); }); -it('should return an error response to indicate device NOT succesfully registered because of missing body', function(done) { - var clientrequest = {} +it('3.6 should return an error response to indicate device NOT successfully registered because of missing body', function(done) { + + this.timeout(100*DELAY); + request(url) .post('/device/register') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', '') .set('X-BLGREQ-APPID',1) - .send(clientrequest) + .send() .end(function(err, res) { + + res.body.code.should.be.equal('005'); res.statusCode.should.be.equal(400); done(); }); }); -it('should return an error response to indicate device NOT succesfully registered because of invalid UDID', function(done) { - var clientrequest = { - "info": { - "os": "Android", - "version": "4.4.3", - "sdk_level": 19, - "manufacturer": "HTC", - "model": "HTC One_M8", +it('3.7 should return an error response to indicate device NOT successfully registered because of missing body and invalidUDID', function(done) { + this.timeout(100*DELAY); + + request(url) + .post('/device/register') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', 'invalidUDID') + .set('X-BLGREQ-APPID',1) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('3.8 should return an error response to indicate device NOT successfully registered because of invalid UDID', function(done) { + + this.timeout(100*DELAY); + + var clientRequest = { + info: { + os: "Android", + version: "4.4.3", + sdk_level: 19, + manufacturer: "HTC", + model: "HTC One_M8", }, - "persistent": { - "type": "android", - "token": "android pn token" + persistent: { + type: "android", + token: "android pn token" } - } + }; + request(url) .post('/device/register') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', invalidUDID) .set('X-BLGREQ-APPID',appID) - .send(clientrequest) + .send(clientRequest) .end(function(err, res) { + + res.body.code.should.be.equal('025'); res.statusCode.should.be.equal(404); done(); }); diff --git a/test/object/object.js b/test/object/object.js index a36d1ff..5170cb3 100644 --- a/test/object/object.js +++ b/test/object/object.js @@ -1,8 +1,6 @@ var common = require('../common'); var request = common.request; var should = common.should; -var assert = common.assert; -var crypto = common.crypto; var url = common.url; var DELAY = common.DELAY; @@ -12,45 +10,47 @@ var appIDsha256 = common.appIDsha256; var token; var appID; var authValue; +var userAuthValue; var contextID; +var appKey = common.appKey; var subclientrequest = { - "channel": { - "id": 1, - "context": 1, - "model": "comments", - "parent": { - "id": 1, - "model": "events" + channel: { + id: 1, + context: 1, + model: "comments", + parent: { + id: 1, + model: "events" }, - "user": 2 + user: 2 }, - "filters": { - "or": [ + filters: { + or: [ { - "and": [ + and: [ { - "is": { - "gender": "male", - "age": 23 + is: { + gender: "male", + age: 23 } }, { - "range": { - "experience": { - "gte": 1, - "lte": 6 + range: { + experience: { + gte: 1, + lte: 6 } } } ] }, { - "and": [ + and: [ { - "like": { - "image_url": "png", - "website": "png" + like: { + image_url: "png", + website: "png" } } ] @@ -59,7 +59,7 @@ var subclientrequest = { } }; -var adminEmail = 'admin'+Math.round(Math.random()*1000000)+'@example.com'; +var adminEmail = 'admin' + Math.round(Math.random()*1000000) + '@example.com'; var adminPassword = '5f4dcc3b5aa765d61d8327deb882cf99'; var admin = { @@ -67,95 +67,221 @@ var admin = { password: adminPassword }; -var invalidUDID = 'invalid'; +var contextID2; before(function(done){ - this.timeout(10000); - var clientrequest = { - "name": "test-app", - "keys": [ common.appKey ] + + this.timeout(100*DELAY); + + var clientRequest = { + name: "test-app", + keys: [ common.appKey ] }; + request(url) .post('/admin/add') .send(admin) .end(function(err, res) { - setTimeout(function () { - request(url) - .post('/admin/login') - .set('Content-type','application/json') - .send(admin) - .end(function(err, res) { - var token = res.body.content.token; - authValue = 'Bearer ' + token; - request(url) - .post('/admin/app/add') - .set('Content-type','application/json') - .set('Authorization', authValue) - .send(clientrequest) - .end(function(err, res) { - appID = res.body.content.id; - var clientrequest = { - "appId": appID, - "schema": { - "comments": { - "namespace": "comments", - "type": "comments", - "properties": { - "text": { - "type": "string" - } + + request(url) + .post('/admin/login') + .set('Content-type','application/json') + .send(admin) + .end(function(err, res) { + + var token = res.body.content.token; + authValue = 'Bearer ' + token; + + request(url) + .post('/admin/app/add') + .set('Content-type','application/json') + .set('Authorization', authValue) + .send(clientRequest) + .end(function(err, res) { + + appID = res.body.content.id; + var clientrequest = { + appId: appID, + schema: { + answers: { + namespace: "answers", + type: "answers", + properties: {}, + belongsTo: [ + { + parentModel: "events", + relationType: "hasSome" + } + ], + read_acl: 6, + write_acl: 6, + meta_read_acl: 6 + }, + comments: { + namespace: "comments", + type: "comments", + properties: { + text: { + type: "string" + } + }, + belongsTo: [ + { + parentModel: "events", + relationType: "hasMany" + } + ], + read_acl: 6, + write_acl: 6, + meta_read_acl: 6 + }, + events: { + namespace: "events", + type: "events", + properties: { + text: { + type: "string" }, - "read_acl": 6, - "write_acl": 6, - "meta_read_acl": 6 - } + image: { + type: "string" + }, + options: { + type: "object" + } + }, + hasMany: [ + "comments" + ], + hasSome: [ + "answers" + ], + read_acl: 7, + write_acl: 7, + meta_read_acl: 4, + icon: "fa-image", + hasSome_property: "options" + }, + things: { + namespace: "events", + type: "events", + properties: { + text: { + type: "string" + }, + image: { + type: "string" + }, + options: { + "type": "object" + } + }, + hasMany: [ + "comments" + ], + read_acl: 0, + write_acl: 0, + meta_read_acl: 0 + }, + others: { + namespace: "events", + type: "events", + properties: { + text: { + type: "string" + }, + image: { + type: "string" + }, + options: { + type: "object" + } + }, + hasMany: [ + "comments" + ], + read_acl: 4, + write_acl: 4, + meta_read_acl: 4 } - }; - request(url) - .post('/admin/schema/update') - .set('Content-type','application/json') - .set('Authorization', authValue ) - .set('X-BLGREQ-APPID', appID ) - .send(clientrequest) - .end(function(err, res) { - var clientrequest = { - "name": "context" - } - request(url) - .post('/admin/context/add') - .set('Content-type','application/json') - .set('Authorization', authValue ) - .set('X-BLGREQ-APPID', appID ) - .send(clientrequest) - .end(function(err, res) { - var objectKey = Object.keys(res.body.content)[0]; - contextID = res.body.content.id; - done(); - }); - }); - }); - }); - }, 3*DELAY); + } + }; + + request(url) + .post('/admin/schema/update') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID ) + .send(clientrequest) + .end(function(err, res) { + + var clientrequest = { + name: "context" + }; + + request(url) + .post('/admin/context/add') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID ) + .send(clientrequest) + .end(function(err, res) { + + var objectKey = Object.keys(res.body.content)[0]; + contextID = res.body.content.id; + + var clientrequest = { + name: "test-app2", + keys: [ common.appKey ] + }; + + request(url) + .post('/admin/app/add') + .set('Content-type','application/json') + .set('Authorization', authValue) + .send(clientrequest) + .end(function(err, res) { + + appID2 = res.body.content.id; + + request(url) + .post('/admin/context/add') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID2 ) + .send(clientrequest) + .end(function(err, res) { + + + contextID2 = res.body.content.id; + done(); + }); + }); + }); + }); + }); + }); }); }); before(function(done){ - this.timeout(13*DELAY); - - var clientrequest = { - "info": { - "os": "Android", - "version": "4.4.3", - "sdk_level": 19, - "manufacturer": "HTC", - "model": "HTC One_M8", - "udid": invalidUDID + + this.timeout(100*DELAY); + + var clientrequest = { + info: { + os: "Android", + version: "4.4.3", + sdk_level: 19, + manufacturer: "HTC", + model: "HTC One_M8", + udid: invalidUDID }, - "persistent": { - "type": "android", - "token": "android pn token" + persistent: { + type: "android", + token: "android pn token" } - } + }; + request(url) .post('/device/register') .set('X-BLGREQ-SIGN', appIDsha256) @@ -163,12 +289,14 @@ before(function(done){ .set('X-BLGREQ-APPID',appID) .send(clientrequest) .end(function(err, res) { + deviceIdentification = res.body.content.identifier; var clientrequest = { - "email": 'admin'+Math.round(Math.random()*1000000)+'@example.com', - "password": "secure_password1337", - "name": "John Smith" + email: 'user'+Math.round(Math.random()*1000000)+'@example.com', + password: "secure_password1337", + name: "John Smith" }; + request(url) .post('/user/register') .set('Content-type','application/json') @@ -177,7 +305,9 @@ before(function(done){ .set('X-BLGREQ-UDID', deviceIdentification ) .send(clientrequest) .end(function(err, res) { + setTimeout(function () { + request(url) .post('/user/login_password') .set('Content-type','application/json') @@ -186,39 +316,46 @@ before(function(done){ .set('X-BLGREQ-UDID', deviceIdentification ) .send(clientrequest) .end(function(err, res) { + token = res.body.content.token; - authValue = 'Bearer ' + token; + userAuthValue = 'Bearer ' + token; done(); }); - }, 7*DELAY); + }, 20*DELAY); }); }); }); -it('should return an error (400) response to indicate that the client made a bad request', function(done) { - this.timeout(10*DELAY); - var clientrequest = {}; +it('4.1 should return an error (400) response to indicate that request body is empty', function(done) { + + this.timeout(100*DELAY); + request(url) .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification ) .set('X-BLGREQ-APPID',appID) - .set('Authorization', authValue ) - .send(clientrequest) + .set('Authorization', userAuthValue ) + .send() .end(function(err, res) { + + res.body.code.should.be.equal('005'); res.statusCode.should.be.equal(400); done(); }); }); -it('should return an error (401) response to indicate that only authenticated users may access this endpoint', function(done) { +it('4.2 should return an error (401) response to indicate that only authenticated users may access this endpoint', function(done) { + + this.timeout(100*DELAY); var clientrequest = { - "model": "something", - "context": contextID, - "content": { + model: "something", + context: contextID, + content: { } }; + request(url) .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) @@ -226,80 +363,108 @@ it('should return an error (401) response to indicate that only authenticated us .set('X-BLGREQ-APPID',appID) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('013'); res.statusCode.should.be.equal(401); done(); }); }); -it('should return a success response to indicate that object has been created', function(done) { - var clientrequest = { - "model": "comments", - "context": contextID, - "content": { - "events_id" :1 +it('4.3 should return a error response to indicate that a object has NOT been created', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + context: contextID, + model: "answers", + content: { + events_id: -1 } }; + request(url) .post('/object/create') + .set('Content-type','application/json') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) - .set('Authorization', authValue ) - .send(clientrequest) + .set('Authorization', userAuthValue ) + .send(subclientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(202); - res.body.content.should.be.equal("Created"); + + res.body.code.should.be.equal('004'); + res.body.status.should.be.equal(400); + res.statusCode.should.be.equal(400); done(); }); }); -it('should return an error response to indicate that object has NOT been created because of missing authentication', function(done) { +it('4.4 should return a success response to indicate that object has been created', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "model": "comments", - "context": contextID, - "content": { - "events_id" :1, + model: "comments", + context: contextID, + content: { + events_id :1 } }; + request(url) .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(401); + + res.statusCode.should.be.equal(202); + res.body.content.should.be.equal("Created"); done(); }); }); -it('should return an error response to indicate that object has NOT been created because of missing model', function(done) { +it('4.5 should return a success response to indicate that object has NOT been created because of ACL', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "context": contextID, - "content": { - "events_id" :1, + model: "others", + context: contextID, + content: { + events_id :1 } }; + request(url) .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) - .set('Authorization', authValue ) + .set('Authorization', userAuthValue ) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(400); + + res.body.code.should.be.equal('015'); + res.statusCode.should.be.equal(403); done(); }); }); -it('should return an error response to indicate that object has NOT been created because of missing context', function(done) { +it('4.6 should return a success response to indicate that object has NOT been created because of ACL', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "model": "comments", - "content": { - "events_id" :1, + model: "things", + context: contextID, + content: { + events_id: 1 } }; + request(url) .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) @@ -308,386 +473,1575 @@ it('should return an error response to indicate that object has NOT been created .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(400); + + res.body.code.should.be.equal('015'); + res.statusCode.should.be.equal(403); done(); }); }); -it('should return a success response to indicate the count of a certain filter/subscription', function(done) { +it('4.7 should return a success response to indicate that object has been created by an admin', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "channel": { - "context": contextID, - "model": "comments" + model: "comments", + context: contextID, + content: { + events_id: 1 } }; + request(url) - .post('/object/count') + .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(200); + + res.statusCode.should.be.equal(202); + res.body.content.should.be.equal("Created"); done(); }); }); +it('4.8 should return an error response to indicate that object has NOT been created because of missing authentication', function(done) { + + this.timeout(100*DELAY); -it('should return a success response to indicate that a object has been updated', function(done) { var clientrequest = { - "model": "comments", - "id": 1, - "context": contextID, - "patches": [ - { - "op": "replace", - "path": "comments/1/text", - "value": "some edited text" - } - ] + model: "comments", + context: contextID, + content: { + events_id: 1 + } }; + request(url) - .post('/object/update') + .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) - .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(202); + + res.body.code.should.be.equal('013'); + res.statusCode.should.be.equal(401); done(); }); }); -// it('should return a success response to indicate that a object has NOT been updated bacause user not authenticated', function(done) { - // var clientrequest = { - // "model": "comments", - // "id": 1, - // "context": contextID, - // "patches": [ - // { - // "op": "replace", - // "path": "comments/1/text", - // "value": "some edited text" - // } - // ] - // }; - // request(url) - // .post('/object/update') - // .set('X-BLGREQ-SIGN', appIDsha256) - // .set('X-BLGREQ-UDID', deviceIdentification) - // .set('X-BLGREQ-APPID',appID) - // .set('Authorization', authValue + '66' ) - // .send(clientrequest) - // .end(function(err, res) { - // res.statusCode.should.be.equal(401); - // done(); - // }); -// }); - - -it('should return a success response to indicate that a object has NOT been updated because of missing authorization ', function(done) { - var clientrequest = { - "model": "comments", - "id": 1, - "context": contextID, - "patch": [ - { - "op": "replace", - "path": "comments/1/text", - "value": "some edited text" - }, - ] - } +it('4.9 should return an error response to indicate that object has NOT been created because of missing model in request body', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + context: contextID, + content: { + events_id :1 + } + }; + request(url) - .post('/object/update') + .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(401); + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); done(); }); }); -it('should return a success response to indicate that a object has NOT been updated because of missing id', function(done) { +it('4.10 should return an error response to indicate that object has NOT been created because content is missing', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "model": "comments", - "context": contextID, - "patch": [ - { - "op": "replace", - "path": "comments/1/text", - "value": "some edited text" - }, - ], - } + context: contextID, + model: "comments" + }; + request(url) - .post('/object/update') + .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) - .set('Authorization', authValue ) + .set('Authorization', userAuthValue ) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(400); + + res.body.code.should.be.equal('002'); + res.statusCode.should.be.equal(500); done(); }); }); -it('should return a success response to indicate that a object has NOT been updated because of missing context ', function(done) { +it('4.11 should return an error response to indicate that object has NOT been created because content is empty', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "model": "comments", - "id": 1, - "patch": [ - { - "op": "replace", - "path": "comments/1/text", - "value": "some edited text" - }, - ], - } + context: contextID, + model: "comments", + content: {} + }; + request(url) - .post('/object/update') + .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) - .set('Authorization', authValue ) + .set('Authorization', userAuthValue ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('004'); res.statusCode.should.be.equal(400); done(); }); }); -it('should return a success response to indicate that a object has been subscribed', function(done) { - var subclientrequest = { - "channel": { - "context": contextID, - "model": "comments" +it('4.12 should return an error response to indicate that object has NOT been created because of invalid parent', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + context: contextID, + model: "comments", + content: { + event_id: 1 } }; - request(url) - .post('/object/subscribe') - .set('Content-type','application/json') - .set('X-BLGREQ-SIGN', appIDsha256) - .set('X-BLGREQ-UDID', deviceIdentification) - .set('X-BLGREQ-APPID',appID) - .set('Authorization', authValue ) - .send(subclientrequest) - .end(function(err, res) { - res.statusCode.should.be.equal(200); - done(); - }); -}); -it('should return an error response to indicate that a object has NOT been subscribed because of empty body', function(done) { - var subclientrequest = {}; request(url) - .post('/object/subscribe') - .set('Content-type','application/json') + .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) - .set('Authorization', authValue ) - .send() + .set('Authorization', userAuthValue ) + .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('004'); res.statusCode.should.be.equal(400); done(); }); }); -it('should return an error response to indicate that a object has NOT been subscribed because of missing channel', function(done) { - var subclientrequest = { - "filters": { - "or": [ - { - "and": [ - { - "is": { - "gender": "male", - "age": 23 - } - }, - { - "range": { - "experience": { - "gte": 1, - "lte": 6 - } - } - } - ] - }, - { - "and": [ - { - "like": { - "image_url": "png", - "website": "png" - } - } - ] - } - ] +it('4.13 should return an error response to indicate that object has NOT been created because of model does not exist', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + context: contextID, + model: "something", + content: { + events_id: 1 } }; request(url) - .post('/object/subscribe') - .set('Content-type','application/json') + .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) - .set('Authorization', authValue ) - .send() + .set('Authorization', userAuthValue ) + .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(400); + + res.body.code.should.be.equal('022'); + res.statusCode.should.be.equal(404); done(); }); }); -it('should return a success response to indicate that a object has been unsubscribed', function(done) { - var subclientrequest = { - "channel": { - "context": contextID, - "model": "comments" +it('4.14 should return an error response to indicate that object has NOT been created because of missing context', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model: "comments", + content: { + events_id: 1 } }; + request(url) - .post('/object/unsubscribe') + .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) - .set('Authorization', authValue) - .send(subclientrequest) + .set('Authorization', userAuthValue ) + .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(200); + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); done(); }); -}) +}); + +it('4.15 should return an error response to indicate that object has NOT been created because of invalid appID', function(done) { + + this.timeout(100*DELAY); -it('should return a success response to indicate that a object has been deleted', function(done) { var clientrequest = { - "model": "comments", - "context": contextID, - "id" : 1, + model: "comments", + content: { + events_id: 1 + } }; + request(url) - .post('/object/delete') + .post('/object/create') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) - .set('X-BLGREQ-APPID',appID) - .set('Authorization', authValue ) + .set('X-BLGREQ-APPID',appID + '66') + .set('Authorization', userAuthValue ) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(202); + + res.body.code.should.be.equal('011'); + res.statusCode.should.be.equal(404); done(); }); }); -// it('should return an error response to indicate that a object was NOT deleted', function(done) { -// this.timeout(10000); -// setTimeout(function() { -// var clientrequest = { -// "model": "comments", -// "context": 1, -// "id" : 1, -// }; - -// request(url) -// .post('/object/delete') -// .set('X-BLGREQ-SIGN', appIDsha256) -// .set('X-BLGREQ-UDID', deviceIdentification) -// .set('X-BLGREQ-APPID',1) -// .set('Authorization', authValue ) -// .send(clientrequest) -// .end(function(err, res) { -// res.statusCode.should.be.equal(404); -// done(); -// }); -// }, 5500); +it('4.16 should return a success response to indicate the count of a certain filter/subscription', function(done) { -// }); + this.timeout(100*DELAY); -it('should return an error response to indicate that the object id was missing', function(done) { var clientrequest = { - "model": "comments", - "context": contextID, - "content": { + channel: { + context: contextID, + model: "comments" } - } + }; request(url) - .post('/object/delete') + .post('/object/count') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) - .set('Authorization', authValue ) + .set('Authorization', userAuthValue ) .send(clientrequest) .end(function(err, res) { - res.statusCode.should.be.equal(400); + + res.statusCode.should.be.equal(200); done(); }); }); -it('should return an error response to indicate that the object model was missing', function(done) { +it('4.17 should return an error response because of invalid channel request', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "context": contextID, - "id" : 1, - "content": { - } - } + channel: { + context: contextID, + model: "comments", + parent: "parent", + user: "user" + }, + filters: {} + }; + request(url) - .post('/object/delete') + .post('/object/count') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) - .set('Authorization', authValue ) + .set('Authorization', userAuthValue ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('027'); res.statusCode.should.be.equal(400); done(); }); }); -it('should return an error response to indicate that the object was not deleted because of missing authentication', function(done) { - var clientrequest = { - "model": "comments", - "context": contextID, - "id" : 1, - "content": { - } - }; +it('4.18 should return an error response to indicate the count was not returned because of empty request', function(done) { + + this.timeout(100*DELAY); + request(url) - .post('/object/delete') + .post('/object/count') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) - .send(clientrequest) + .set('Authorization', userAuthValue ) + .send() .end(function(err, res) { - res.statusCode.should.be.equal(401); + + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); done(); }); }); -it('should return an error response to indicate that the object was not deleted because of missing context', function(done) { - var clientrequest = { - "model": "comments", - "id" : 1, - "content": { + + +it('4.19 should return a success response to indicate that a object has been updated', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model: "comments", + id: 1, + context: contextID, + patches: [ + { + op: "replace", + path: "comments/1/text", + value: "some edited text" + } + ] + }; + + request(url) + .post('/object/update') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(clientrequest) + .end(function(err, res) { + + res.statusCode.should.be.equal(202); + done(); + }); +}); + +it('4.20 should return a success response to indicate that a object has NOT been updated because of bad authentication', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model: "comments", + id: 1, + context: contextID, + patches: [ + { + op: "replace", + path: "comments/1/text", + value: "some edited text" + } + ] + }; + + request(url) + .post('/object/update') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', authValue + '66' ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('040'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.21 should return a success response to indicate that a object has NOT been updated because of missing authorization', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model: "comments", + id: 1, + context: contextID, + patches: [ + { + op: "replace", + path: "comments/1/text", + value: "some edited text" + } + ] + }; + + request(url) + .post('/object/update') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('013'); + res.statusCode.should.be.equal(401); + done(); + }); +}); + +it('4.22 should return an error response to indicate that a object has NOT been updated because of missing id', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model: "comments", + context: contextID, + patches: [ + { + op: "replace", + path: "comments/1/text", + value: "some edited text" + } + ], + }; + + request(url) + .post('/object/update') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.23 should return a success response to indicate that a object has NOT been updated because of missing context ', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model: "comments", + id: 1, + patches: [ + { + op: "replace", + path: "comments/1/text", + value: "some edited text" + } + ] + }; + + request(url) + .post('/object/update') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.24 should return an error response to indicate that a object has NOT been updated because of model not found ', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model: "thingy", + id: 1, + patches: [ + { + op: "replace", + path: "thingy/1/text", + value: "some edited text" + } + ] + }; + + request(url) + .post('/object/update') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('022'); + res.statusCode.should.be.equal(404); + done(); + }); +}); + +it('4.25 should return a success response to indicate that a object has NOT been updated because of missing model ', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + context: contextID, + id: 1, + patches: [ + { + op: "replace", + path: "comments/1/text", + value: "some edited text" + } + ] + }; + + request(url) + .post('/object/update') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.26 should return a success response to indicate that a object has NOT been updated because patches is not an array ', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + context: contextID, + model: "comments", + id: 1, + patches: {} + }; + + request(url) + .post('/object/update') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('038'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.27 should return a success response to indicate that a object has NOT been updated because patches is an empty array', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + context: contextID, + model: "comments", + id: 1, + patches: [] + }; + + request(url) + .post('/object/update') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('038'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.28 should return a success response to indicate that a object has NOT been updated because of empty request ', function(done) { + + this.timeout(100*DELAY); + + request(url) + .post('/object/update') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + + +it('4.29 should return a success response to indicate that a object has been subscribed', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: contextID, + model: "comments" + } + }; + + request(url) + .post('/object/subscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + done(); + }); +}); + +it('4.30 should return a success response to indicate that a object has been subscribed with pagination', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + page: 2, + channel: { + context: contextID, + model: "comments" + } + }; + + request(url) + .post('/object/subscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + done(); + }); +}); + +it('4.31 should return a success response to indicate that a object has NOT been subscribed because context does not belong to application', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: contextID2, + model: "comments" + } + }; + + request(url) + .post('/object/subscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('026'); + res.statusCode.should.be.equal(403); + done(); + }); +}); + +it('4.32 should return an error response to indicate that a object has NOT been subscribed because of invalid authorization', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: contextID, + model: "comments" + } + }; + var userAuthValue = 'Bearer '; + request(url) + .post('/object/subscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('014'); + res.statusCode.should.be.equal(401); + done(); + }); +}); + +it('4.33 should return an error response to indicate that a object has been NOT subscribed because of filters', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: contextID, + model: "events" + }, + filters: { + or: [ + { + and: [ + { + is: { + gender: "male", + age: 23 + } + }, + { + range: { + experience: { + gte: 1, + lte: 6 + } + } + } + ] + }, + { + and: [ + { + like: { + image_url: "png", + website: "png" + } + } + ] + } + ] + } + }; + + request(url) + .post('/object/subscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('002'); + res.statusCode.should.be.equal(500); + done(); + }); +}); + +it('4.34 should return an error response to indicate that a object has NOT been subscribed because of invalid context', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: Math.round(Math.random()*1000000), + model: "comments" + } + }; + + request(url) + .post('/object/subscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('002'); + res.statusCode.should.be.equal(500); + done(); + }); +}); + +it('4.35 should return an error response to indicate that a object has NOT been subscribed because no schema is defined', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + name: "test-app", + keys: [ appKey ] + }; + + request(url) + .post('/admin/app/add') + .set('Content-type','application/json') + .set('Authorization', authValue) + .send(clientrequest) + .end(function(err, res) { + + var appID2 = res.body.content.id; + + var subclientrequest = { + channel: { + context: contextID, + model: "comments" + } + }; + + request(url) + .post('/object/subscribe') + .set('Content-type', 'application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID', appID2) + .set('Authorization', userAuthValue) + .send(subclientrequest) + .end(function (err, res) { + + res.body.code.should.be.equal('043'); + res.statusCode.should.be.equal(501); + done(); + }); + }); +}); + +it('4.36 should return an error response to indicate that a object has NOT been subscribed because context does not belong to app', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + name: "test-app", + keys: [ appKey ] + }; + + request(url) + .post('/admin/app/add') + .set('Content-type','application/json') + .set('Authorization', authValue) + .send(clientrequest) + .end(function(err, res) { + + var appID2 = res.body.content.id; + + var clientrequest = { + appId: appID, + schema: { + comments: { + namespace: "comments", + type: "comments", + properties: { + text: { + type: "string" + } + }, + belongsTo: [ + { + parentModel: "events", + relationType: "hasMany" + } + ], + read_acl: 6, + write_acl: 6, + meta_read_acl: 6 + }, + events: { + namespace: "events", + type: "events", + properties: { + text: { + type: "string" + }, + image: { + type: "string" + }, + options: { + type: "object" + } + }, + hasMany: [ + "comments" + ], + read_acl: 7, + write_acl: 7, + meta_read_acl: 4 + }, + things: { + namespace: "events", + type: "events", + properties: { + text: { + type: "string" + }, + image: { + type: "string" + }, + options: { + type: "object" + } + }, + hasMany: [ + "comments" + ], + read_acl: 7, + write_acl: 7, + meta_read_acl: 4 + } + } + }; + + request(url) + .post('/admin/schema/update') + .set('Content-type','application/json') + .set('Authorization', authValue ) + .set('X-BLGREQ-APPID', appID2 ) + .send(clientrequest) + .end(function(err, res) { + + var subclientrequest = { + channel: { + context: contextID, + model: "comments" + } + }; + + request(url) + .post('/object/subscribe') + .set('Content-type', 'application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID', appID2) + .set('Authorization', userAuthValue) + .send(subclientrequest) + .end(function (err, res) { + + res.body.code.should.be.equal('026'); + res.statusCode.should.be.equal(403); + done(); + }); + }); + }); +}); + + +it('4.37 should return a success response to indicate that a object has NOT been subscribed because of invalid channel', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: contextID, + model: "comments", + parent: "parent", + user: "user" + } + }; + + request(url) + .post('/object/subscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('027'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.38 should return an error response to indicate that a object has NOT been subscribed because object was not found', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: contextID, + model: "comments", + id : "66" + } + }; + + request(url) + .post('/object/subscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('034'); + res.statusCode.should.be.equal(404); + done(); + }); +}); + +it('4.39 should return an error response to indicate that a object has NOT been subscribed because of empty body', function(done) { + + this.timeout(100*DELAY); + + request(url) + .post('/object/subscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.40 should return a success response to indicate that a object has NOT been subscribed because of missing context', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + model: "comments" + } + }; + + request(url) + .post('/object/subscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.41 should return a success response to indicate that a object has NOT been subscribed because of missing model', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: contextID + } + }; + + request(url) + .post('/object/subscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.42 should return a success response to indicate that a object has NOT been subscribed because of model not found', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: contextID, + model: "somethings" + } + }; + + request(url) + .post('/object/subscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('022'); + res.statusCode.should.be.equal(404); + done(); + }); +}); + +it('4.43 should return an error response to indicate that a object has NOT been subscribed because of missing channel', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + filters: { + or: [ + { + and: [ + { + is: { + gender: "male", + age: 23 + } + }, + { + range: { + experience: { + gte: 1, + lte: 6 + } + } + } + ] + }, + { + and: [ + { + like: { + image_url: "png", + website: "png" + } + } + ] + } + ] + } + }; + + request(url) + .post('/object/subscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.44 should return an success response to indicate that a object has been unsubscribed', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: contextID, + model: "comments" + } + }; + + request(url) + .post('/object/unsubscribe') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue) + .send(subclientrequest) + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + done(); + }); +}); + +it('4.45 should return an error response to indicate that a object has NOT been unsubscribed because of empty body', function(done) { + + this.timeout(100*DELAY); + + request(url) + .post('/object/unsubscribe') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.46 should return a error response (400) to indicate that a object has NOT been unsubscribed', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: contextID, + model: "comments", + parent: "parent", + user: "user" } - } + }; + + request(url) + .post('/object/unsubscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('027'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.47 should return a error response (404) to indicate that a object has NOT been unsubscribed', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: contextID, + model: "comments", + id : '66654654646546546546546546546546546546546' + } + }; + + request(url) + .post('/object/unsubscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.statusCode.should.be.equal(404); + res.body.code.should.be.equal('037'); + done(); + }); +}); + +it('4.48 should return a error response (404) to indicate that a object has NOT been unsubscribed, using filters', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: contextID, + model: "comments" + }, + filters: { + or: [ + { + and: [ + { + is: { + gender: "male", + age: 23 + } + }, + { + range: { + experience: { + gte: 1, + lte: 6 + } + } + } + ] + }, + { + and: [ + { + like: { + image_url: "png", + website: "png" + } + } + ] + } + ] + } + }; + + request(url) + .post('/object/unsubscribe') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('037'); + res.statusCode.should.be.equal(404); + done(); + }); +}); + + +it('4.49 should return a success response to indicate that a object has NOT been unsubscribed because of missing channel', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + something: {} + }; + + request(url) + .post('/object/unsubscribe') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.50 should return a success response to indicate that a object has NOT been unsubscribed because of missing context', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + model: "comments", + id : "66" + } + }; + + request(url) + .post('/object/unsubscribe') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.51 should return a success response to indicate that a object has NOT been unsubscribed because of missing model', function(done) { + + this.timeout(100*DELAY); + + var subclientrequest = { + channel: { + context: contextID + } + }; + + request(url) + .post('/object/unsubscribe') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue) + .send(subclientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.52 should return a success response to indicate that a object has been deleted', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model: "comments", + context: contextID, + id : 1 + }; + request(url) .post('/object/delete') .set('X-BLGREQ-SIGN', appIDsha256) .set('X-BLGREQ-UDID', deviceIdentification) .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(clientrequest) + .end(function(err, res) { + + res.statusCode.should.be.equal(202); + done(); + }); +}); + +it('4.53 should return an error response to indicate that a object was NOT deleted', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model: "comments", + context: 1, + id : 1 + }; + + request(url) + .post('/object/delete') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',1) .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('011'); + res.statusCode.should.be.equal(404); + done(); + }); + +}); + +it('4.54 should return an error response to indicate that the object id was missing', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model: "comments", + context: contextID, + content: {} + }; + + request(url) + .post('/object/delete') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.55 should return an error response to indicate that the object model was missing', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + context: contextID, + id : 1, + content: {} + }; + + request(url) + .post('/object/delete') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.56 should return an error response to indicate that the object was not deleted because of missing authentication', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model: "comments", + context: contextID, + id : 1, + content: {} + }; + + request(url) + .post('/object/delete') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('013'); + res.statusCode.should.be.equal(401); + done(); + }); +}); + +it('4.57 should return an error response to indicate that the object was not deleted because of missing context', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + model: "comments", + id: 1, + content: {} + }; + + request(url) + .post('/object/delete') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('4.58 should return an error response to indicate that the object was not deleted because of empty request', function(done) { + + this.timeout(100*DELAY); + + request(url) + .post('/object/delete') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', userAuthValue ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('005'); res.statusCode.should.be.equal(400); done(); }); diff --git a/test/user/user.js b/test/user/user.js index 4a3d71f..174255d 100644 --- a/test/user/user.js +++ b/test/user/user.js @@ -1,8 +1,6 @@ var common = require('../common'); var request = common.request; var should = common.should; -var assert = common.assert; -var crypto = common.crypto; var url = common.url; var DELAY = common.DELAY; @@ -10,7 +8,6 @@ var appIDsha256 = common.appIDsha256; var deviceIdentification; var invalidUDID = 'invalid'; -var appIDsha256 = common.appIDsha256; var authValue; var adminAuthValue; var token; @@ -28,100 +25,143 @@ var admin = { }; before(function(done){ - var clientrequest = { - "info": { - "os": "Android", - "version": "4.4.3", - "sdk_level": 19, - "manufacturer": "HTC", - "model": "HTC One_M8", - "udid": invalidUDID + + this.timeout(100*DELAY); + + var deviceRegisterRequest = { + info: { + os: "Android", + version: "4.4.3", + sdk_level: 19, + manufacturer: "HTC", + model: "HTC One_M8", + udid: invalidUDID }, - "persistent": { - "type": "android", - "token": "android pn token" + persistent: { + type: "android", + token: "android pn token" } - } - - this.timeout(10000); - var clientrequest = { - "name": "test-app", - "keys": [ common.appKey ] }; + + + var appRequest = { + name: "test-app", + keys: [ common.appKey ] + }; + request(url) .post('/admin/add') .send(admin) .end(function(err, res) { - setTimeout(function () { - request(url) - .post('/admin/login') - .set('Content-type','application/json') - .send(admin) - .end(function(err, res) { - var token = res.body.content.token; - adminAuthValue = 'Bearer ' + token; - request(url) - .post('/admin/app/add') - .set('Content-type','application/json') - .set('Authorization', adminAuthValue) - .send(clientrequest) - .end(function(err, res) { - appID = res.body.content.id; - var clientrequest = { - "info": { - "os": "Android", - "version": "4.4.3", - "sdk_level": 19, - "manufacturer": "HTC", - "model": "HTC One_M8", - "udid": invalidUDID - }, - "persistent": { - "type": "android", - "token": "android pn token" - } - } - request(url) - .post('/device/register') - .set('X-BLGREQ-SIGN', appIDsha256) - .set('X-BLGREQ-UDID', '') - .set('X-BLGREQ-APPID',appID) - .send(clientrequest) - .end(function(err, res) { - deviceIdentification = res.body.content.identifier; - done(); - }); - }); - }); - }, 4*DELAY); + request(url) + .post('/admin/login') + .set('Content-type','application/json') + .send(admin) + .end(function(err, res) { + + var token = res.body.content.token; + adminAuthValue = 'Bearer ' + token; + + request(url) + .post('/admin/app/add') + .set('Content-type','application/json') + .set('Authorization', adminAuthValue) + .send(appRequest) + .end(function(err, res) { + + appID = res.body.content.id; + + request(url) + .post('/device/register') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', '') + .set('X-BLGREQ-APPID',appID) + .send(deviceRegisterRequest) + .end(function(err, res) { + + deviceIdentification = res.body.content.identifier; + done(); + }); + }); + }); + }); +}); + +it('5.1 should return an error response to indicate that the user has NOT logged via Facebook because request body is empty', function(done) { + + this.timeout(100*DELAY); + + request(url) + .post('/user/login') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('5.2 should return an error response to indicate that the user has NOT logged via Facebook because of missing access token', function(done) { + + this.timeout(100*DELAY); + + var clientRequest = { + something_else: "invalidToken" + }; + + request(url) + .post('/user/login') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .send(clientRequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); }); }); -it('should return an error response to indicate that the user has NOT logged via Facebook because of missing access token', function(done) { +it('5.3 should return an error response to indicate that the user has NOT logged via Facebook because of invalid token', function(done) { - var clientrequest = {}; + this.timeout(100*DELAY); + + var clientrequest = { + access_token: "invalidToken" + }; request(url) - .post('/user/login') - .set('Content-type','application/json') - .set('X-BLGREQ-SIGN', appIDsha256 ) - .set('X-BLGREQ-APPID', appID ) - .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) - .send(clientrequest) - .end(function(err, res) { - //console.log(res.body); - res.statusCode.should.be.equal(400); - done(); - }); -}); - -it('should return a success response to indicate that the user has logged in via user & password', function(done) { - this.timeout(10*DELAY); + .post('/user/login') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('002'); + res.statusCode.should.be.equal(500); + done(); + }); +}); + +it('5.4 should return a success response to indicate that the user has logged in via user & password', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "email": userEmail, - "password": "secure_password1337", - "name": "John Smith" + email: userEmail, + password: "secure_password1337", + name: "John Smith" }; + request(url) .post('/user/register') .set('Content-type','application/json') @@ -139,30 +179,37 @@ it('should return a success response to indicate that the user has logged in via .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .send(clientrequest) .end(function(err, res) { + token = res.body.content.token; userID = res.body.content.user.id; authValue = 'Bearer ' + token; + res.statusCode.should.be.equal(200); done(); }); - }, 7*DELAY); + }, 20*DELAY); }); }); -it('should return a success response to indicate that the user has logged in via Facebook', function(done) { - this.timeout(15*DELAY); +it('5.5 should return a success response to indicate that the user has logged in via Facebook', function(done) { + + this.timeout(100*DELAY); + request('https://graph.facebook.com') .get('/oauth/access_token?client_id=1086083914753251&client_secret=40f626ca66e4472e0d11c22f048e9ea8&grant_type=client_credentials') .send() .end(function(err, res) { + request('https://graph.facebook.com') .get('/v1.0/1086083914753251/accounts/test-users?access_token='+res.text.replace('access_token=', '')) .send() .end(function(err, res) { + var data = JSON.parse(res.text); var clientrequest = { - "access_token": data.data[0].access_token + access_token: data.data[0].access_token }; + request(url) .post('/user/register') .set('Content-type','application/json') @@ -171,7 +218,9 @@ it('should return a success response to indicate that the user has logged in via .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .send(clientrequest) .end(function(err, res) { + setTimeout(function() { + request(url) .post('/user/login') .set('Content-type','application/json') @@ -180,19 +229,20 @@ it('should return a success response to indicate that the user has logged in via .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .send(clientrequest) .end(function(err, res) { - //token = res.body.content.token; - //userID = res.body.content.user.id; - //authValue = 'Bearer ' + token; + res.statusCode.should.be.equal(200); done(); }); - }, 4*DELAY); + }, 20*DELAY); }); }); }); }); -it('should return a success response to indicate that the user info was retrived', function(done) { +it('5.6 should return a success response to indicate that the user info was retrieved', function(done) { + + this.timeout(100*DELAY); + request(url) .get('/user/me') .set('Content-type','application/json') @@ -202,17 +252,90 @@ it('should return a success response to indicate that the user info was retrived .set('Authorization', authValue ) .send() .end(function(err, res) { + res.statusCode.should.be.equal(200); done(); }); }); -it('should return an error response to indicate that the user has NOT logged in via user & password because of Invalid Credentials', function(done) { +it('5.7 should return an error response to indicate that the user info was NOT retrieved because user was not found', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + email: "exampleUser@appscend.com", + password: "secure_password1337", + name: "John Smith" + }; + + request(url) + .post('/user/register') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .send(clientrequest) + .end(function(err, res) { + setTimeout(function() { + request(url) + .post('/user/login_password') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .send(clientrequest) + .end(function(err, res) { + + var token3 = res.body.content.token; + var userID3 = res.body.content.user.id; + var authValue3 = 'Bearer ' + token3; + var subclientrequest = { + id : userID3, + email : "exampleUser@appscend.com" + }; + + request(url) + .post('/user/delete') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', authValue3) + .send(subclientrequest) + .end(function(err, res) { + + setTimeout(function(){ + + request(url) + .get('/user/me') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .set('Authorization', authValue3 ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('023'); + res.statusCode.should.be.equal(404); + done(); + }); + }, 20*DELAY); + }); + }); + }, 20*DELAY); + }); +}); + +it('5.8 should return an error response to indicate that the user has NOT logged in via user & password because of invalid credentials', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "email": userEmail, - "password": "secure_password", - "name": "John Smith" + email: userEmail, + password: "secure_password", + name: "John Smith" }; + request(url) .post('/user/login_password') .set('Content-type','application/json') @@ -221,17 +344,23 @@ it('should return an error response to indicate that the user has NOT logged in .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('031'); res.statusCode.should.be.equal(401); done(); }); }); -it('should return an error response to indicate that the user has NOT logged in via user & password because user not found', function(done) { +it('5.9 should return an error response to indicate that the user has NOT logged in via user & password because user not found', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "email": 'user'+Math.round(Math.random()*1000000)+'@example.com', - "password": "secure_password", - "name": "John Smith" + email: 'user'+Math.round(Math.random()*1000000)+'@example.com', + password: "secure_password", + name: "John Smith" }; + request(url) .post('/user/login_password') .set('Content-type','application/json') @@ -240,21 +369,75 @@ it('should return an error response to indicate that the user has NOT logged in .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('023'); res.statusCode.should.be.equal(404); done(); }); }); -it('should return a success response to indicate that the user was updated', function(done) { +it('5.10 should return an error response to indicate that the user has NOT logged in via user & password because email was missing for request', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + password: "secure_password", + name: "John Smith" + }; + + request(url) + .post('/user/login_password') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('5.11 should return an error response to indicate that the user has NOT logged in via user & password because password was missing for request', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + email: 'user'+Math.round(Math.random()*1000000)+'@example.com', + name: "John Smith" + }; + + request(url) + .post('/user/login_password') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('004'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('5.12 should return a success response to indicate that the user was updated', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "patches" : [ + patches : [ { - "op": "replace", - "path": "user/"+userID+"/name", - "value": "new value" + op: "replace", + path: "user/"+userID+"/name", + value: "new value" } ] }; + request(url) .post('/user/update') .set('Content-type','application/json') @@ -264,12 +447,167 @@ it('should return a success response to indicate that the user was updated', fun .set('Authorization', authValue ) .send(clientrequest) .end(function(err, res) { + res.statusCode.should.be.equal(202); done(); }); }); -it('should return a success response to indicate that the token was updated', function(done) { +it('5.13 should return a success response to indicate that the user password was updated', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + patches : [ + { + op: "replace", + path: "user/"+userID+"/password", + value: "new value" + } + ] + }; + + request(url) + .post('/user/update') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .set('Authorization', authValue ) + .send(clientrequest) + .end(function(err, res) { + + res.statusCode.should.be.equal(202); + done(); + }); +}); + +it('5.14 should return an error response to indicate that the userID is not valid', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + patches : [ + { + op: "replace", + path: "user/" + userID + "66" +"/password", + value: "new value" + } + ] + }; + + request(url) + .post('/user/update') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .set('Authorization', authValue ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('042'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('5.15 should return a success response to indicate that the user password was NOT updated because of empty request body', function(done) { + + this.timeout(100*DELAY); + + request(url) + .post('/user/update') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .set('Authorization', authValue ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('5.16 should return a success response to indicate that the user password was NOT updated because patches is not an array', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + patches : {} + }; + + request(url) + .post('/user/update') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .set('Authorization', authValue ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('038'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('5.17 should return a success response to indicate that the user password was NOT updated because patches is an empty array', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + patches : [] + }; + + request(url) + .post('/user/update') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .set('Authorization', authValue ) + .send(clientrequest) + .end(function(err, res) { + + res.body.code.should.be.equal('038'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('5.18 should return a success response to indicate that the user was updated immediate', function(done) { + + this.timeout(100*DELAY); + + var clientrequest = { + name: "new name", + password: "new pass" + }; + + request(url) + .post('/user/update_immediate') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID ) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .set('Authorization', authValue ) + .send(clientrequest) + .end(function(err, res) { + + res.statusCode.should.be.equal(200); + done(); + }); +}); + +it('5.19 should return a success response to indicate that the token was updated', function(done) { + + this.timeout(100*DELAY); + request(url) .get('/user/refresh_token') .set('Content-type','application/json') @@ -279,15 +617,21 @@ it('should return a success response to indicate that the token was updated', fu .set('Authorization', authValue ) .send() .end(function(err, res) { + token = res.body.content.token; authValue = 'Bearer ' + token; + res.statusCode.should.be.equal(200); done(); }); }); -it('should return an error response to indicate that the token was NOT updated because of bad Authorization', function(done) { +it('5.20 should return an error response to indicate that the token was NOT updated because of bad authorization', function(done) { + + this.timeout(100*DELAY); + var authValue = "something"; + request(url) .get('/user/refresh_token') .set('Content-type','application/json') @@ -297,13 +641,19 @@ it('should return an error response to indicate that the token was NOT updated b .set('Authorization', authValue ) .send() .end(function(err, res) { + + res.body.code.should.be.equal('014'); res.statusCode.should.be.equal(401); done(); }); }); -it('should return an error response to indicate that the token was NOT updated because of bad token', function(done) { +it('5.21 should return an error response to indicate that the token was NOT updated because of bad token', function(done) { + + this.timeout(100*DELAY); + var authValue = 'Bearer something'; + request(url) .get('/user/refresh_token') .set('Content-type','application/json') @@ -313,13 +663,115 @@ it('should return an error response to indicate that the token was NOT updated b .set('Authorization', authValue ) .send() .end(function(err, res) { + + res.body.code.should.be.equal('040'); res.statusCode.should.be.equal(400); res.body.message.should.be.equal("Malformed authorization token"); done(); }); }); -it('should return a success response to indicate that the user logged out', function(done) { +it('5.22 should return an error response to indicate that the token was NOT updated because authorization is missing', function(done) { + + this.timeout(100*DELAY); + + request(url) + .get('/user/refresh_token') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('013'); + res.statusCode.should.be.equal(401); + done(); + }); +}); + +it('5.23 should return an error response to indicate that the token was NOT updated because X-BLGREQ-SIGN is missing', function(done) { + + this.timeout(100*DELAY); + + request(url) + .get('/user/refresh_token') + .set('Content-type','application/json') + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', authValue ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('007'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('5.24 should return an error response to indicate that the token was NOT updated because Content-type is not application/json', function(done) { + + this.timeout(100*DELAY); + + request(url) + .get('/user/refresh_token') + .set('Content-type','application/other') + .set('X-BLGREQ-SIGN', appIDsha256) + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', authValue ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('006'); + res.statusCode.should.be.equal(415); + done(); + }); +}); + +it('5.25 should return an error response to indicate that the token was NOT updated because of invalid API key', function(done) { + + this.timeout(100*DELAY); + + request(url) + .get('/user/refresh_token') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 + '66') + .set('X-BLGREQ-UDID', deviceIdentification) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', authValue ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('008'); + res.statusCode.should.be.equal(401); + done(); + }); +}); + +it('5.26 should return an error response to indicate that the token was NOT updated because of missing UDID', function(done) { + + this.timeout(100*DELAY); + + request(url) + .get('/user/refresh_token') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID',appID) + .set('Authorization', authValue ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('009'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('5.27 should return a success response to indicate that the user logged out', function(done) { + + this.timeout(100*DELAY); + request(url) .get('/user/logout') .set('Content-type','application/json') @@ -329,17 +781,24 @@ it('should return a success response to indicate that the user logged out', func .set('Authorization', authValue) .send() .end(function(err, res) { + res.statusCode.should.be.equal(200); done(); }); }); -it('should return a success response to indicate that the user has registered', function(done) { +it('5.28 should return a success response to indicate that the user has registered', function(done) { + + this.timeout(100*DELAY); + + this.timeout(20*DELAY); + var clientrequest = { - "email": userEmail2, - "password": "secure_password1337", - "name": "John Smith" + email: userEmail2, + password: "secure_password1337", + name: "John Smith" }; + request(url) .post('/user/register') .set('Content-type','application/json') @@ -348,17 +807,20 @@ it('should return a success response to indicate that the user has registered', .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .send(clientrequest) .end(function(err, res) { + res.statusCode.should.be.equal(202); - done(); + setTimeout(done, 14*DELAY); }); }); -it('should return a success response to indicate that the user has NOT registered', function(done) { +it('5.29 should return a success response to indicate that the user has NOT registered because user is already registered', function(done) { + var clientrequest = { - "email": userEmail, - "password": "secure_password1337", - "name": "John Smith" + email: userEmail, + password: "secure_password1337", + name: "John Smith" }; + request(url) .post('/user/register') .set('Content-type','application/json') @@ -367,17 +829,42 @@ it('should return a success response to indicate that the user has NOT registere .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .send(clientrequest) .end(function(err, res) { + + res.body.code.should.be.equal('029'); res.statusCode.should.be.equal(409); done(); }); }); -it('should return a success response to indicate that the user was deleted', function(done) { +it('5.30 should return a success response to indicate that the user has NOT registered because of empty body', function(done) { + + this.timeout(100*DELAY); + + request(url) + .post('/user/register') + .set('Content-type','application/json') + .set('X-BLGREQ-SIGN', appIDsha256 ) + .set('X-BLGREQ-APPID', appID) + .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) + .send() + .end(function(err, res) { + + res.body.code.should.be.equal('005'); + res.statusCode.should.be.equal(400); + done(); + }); +}); + +it('5.31 should return a success response to indicate that the user was deleted', function(done) { + + this.timeout(100*DELAY); + var clientrequest = { - "email": userEmail, - "password": "secure_password1337", - "name": "John Smith" + email: userEmail2, + password: "secure_password1337", + name: "John Smith" }; + request(url) .post('/user/login_password') .set('Content-type','application/json') @@ -386,13 +873,15 @@ it('should return a success response to indicate that the user was deleted', fun .set('X-BLGREQ-UDID', 'd244854a-ce93-4ba3-a1ef-c4041801ce28' ) .send(clientrequest) .end(function(err, res) { + token = res.body.content.token; userID = res.body.content.user.id; authValue = 'Bearer ' + token; var subclientrequest = { - "id" : userID, - "email" : userEmail + id : userID, + email : userEmail }; + request(url) .post('/user/delete') .set('X-BLGREQ-SIGN', appIDsha256) @@ -401,6 +890,7 @@ it('should return a success response to indicate that the user was deleted', fun .set('Authorization', authValue) .send(subclientrequest) .end(function(err, res) { + res.statusCode.should.be.equal(202); done(); });