Skip to content

Commit

Permalink
#1258 all tests passing
Browse files Browse the repository at this point in the history
  • Loading branch information
jack-flores committed Jul 29, 2024
1 parent a85cbb9 commit f967daa
Show file tree
Hide file tree
Showing 3 changed files with 52 additions and 9 deletions.
2 changes: 0 additions & 2 deletions src/controller/org.controller/org.controller.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -322,7 +322,6 @@ async function createOrg (req, res, next) {
* Called by PUT /api/org/{shortname}
**/
async function updateOrg (req, res, next) {
console.log("in controller") // todo: delete
try {
const shortName = req.ctx.params.shortname
const newOrg = new Org()
Expand Down Expand Up @@ -431,7 +430,6 @@ async function updateOrg (req, res, next) {
logger.info(JSON.stringify(payload))
return res.status(200).json(responseMessage)
} catch (err) {
console.log("err in congtroller: " + err) // todo: delete
next(err)
}
}
Expand Down
2 changes: 0 additions & 2 deletions src/middleware/middleware.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,6 @@ async function validateUser (req, res, next) {
logger.info({ uuid: req.ctx.uuid, message: 'Authenticating user: ' + user }) // userUUID may be null if user does not exist
const orgUUID = await orgRepo.getOrgUUID(org)
if (!orgUUID) {
console.log("401 1: " + org + " is was not in db ") // todo: delete
logger.info({ uuid: req.ctx.uuid, message: org + ' organization does not exist. User authentication FAILED for ' + user })
return res.status(401).json(error.unauthorized())
}
Expand Down Expand Up @@ -148,7 +147,6 @@ async function validateOrg (req, res, next) {
const isSec = await orgRepo.isSecretariat(org)
if (!isSec) {
if (!(org == reqOrg)) {
console.log(org + " is not a sec and is not equal to " + reqOrg) // todo: delete
logger.info({ uuid: req.ctx.uuid, message: org + ' is not a ' + CONSTANTS.AUTH_ROLE_ENUM.SECRETARIAT + ' or the same as ' + reqOrg + ' and is not allowed to make these changes.' })
return res.status(401).json(error.unauthorized())
}
Expand Down
57 changes: 52 additions & 5 deletions test/integration-tests/org/putOrgTest.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,40 +5,77 @@ const expect = chai.expect
const constants = require('../constants.js')
const app = require('../../../src/index.js')

const params = {new_short_name: 'test_org', name: 'Test Organization', id_quota: 100000}
const params = { name: 'Test Organization', id_quota: 100 }
const secretariat_params = { name: 'MITRE Corporation', id_quota: 100000 }
const cna_params = { name: 'Adams, Nielsen and Hensley', id_quota: 1309 }

describe('Testing org put endpoint', () => {
context('Positive Tests', () => {
it('Allows update made by a secretariat to itself', async () => {
await chai.request(app)
.put('/api/org/mitre')
.set({ ...constants.headers })
.query({id_quota: '100000'})
.query(params)
.send()
.then((res, err) => {
console.log(res.text)
expect(res).to.have.status(200)
expect(res.body.updated.name).to.equal(params.name)
expect(res.body.updated.policies.id_quota).to.equal(params.id_quota)
expect(err).to.be.undefined
})
await chai.request(app)
.put(`/api/org/mitre`)
.set({ ...constants.headers })
.query(secretariat_params)
.send()
.then((res, err) => {
expect(res).to.have.status(200)
expect(res.body.updated.name).to.equal(secretariat_params.name)
expect(res.body.updated.policies.id_quota).to.equal(secretariat_params.id_quota)
expect(err).to.be.undefined
})
})
it('Allows update made by a secretariat to another org', async () => {
await chai.request(app)
.put('/api/org/cause_8')
.put('/api/org/win_5')
.set({ ...constants.headers })
.query(params)
.send()
.then((res, err) => {
expect(res).to.have.status(200)
expect(res.body.updated.name).to.equal(params.name)
expect(res.body.updated.policies.id_quota).to.equal(params.id_quota)
expect(err).to.be.undefined
})
await chai.request(app)
.put('/api/org/win_5')
.set({ ...constants.headers })
.query(cna_params)
.send()
.then((res, err) => {
expect(res).to.have.status(200)
expect(res.body.updated.name).to.equal(cna_params.name)
expect(res.body.updated.policies.id_quota).to.equal(cna_params.id_quota)
expect(err).to.be.undefined
})
})
it('Allows update made by non secretariat org to itself', async () => {
it('Update made by non secretariat org to itself ONLY updates last_active field', async () => {
let now = Date.now()
await chai.request(app)
.put('/api/org/win_5')
.set({ ...constants.nonSecretariatUserHeaders })
.query(params)
.send()
.then((res, err) => {
// Assert that that the last_active field was updated under 2 seconds ago
let last_active = Date.parse(res.body.updated.last_active)
let diff = Math.abs(now - last_active)
let within_two_seconds = diff < 2000
expect(within_two_seconds).to.be.true
// Assert no other fields were changed
expect(res).to.have.status(200)
expect(res.body.updated.name).to.equal(cna_params.name)
expect(res.body.updated.policies.id_quota).to.equal(cna_params.id_quota)
expect(err).to.be.undefined
})
})
Expand All @@ -54,5 +91,15 @@ describe('Testing org put endpoint', () => {
expect(err).to.be.undefined
})
})
it('Fails update made by a non-secretariat org to a secretariat', async () => {
await chai.request(app)
.put('/api/org/mitre')
.set({ ...constants.nonSecretariatUserHeaders })
.send()
.then((res, err) => {
expect(res).to.have.status(401)
expect(err).to.be.undefined
})
})
})
})

0 comments on commit f967daa

Please sign in to comment.