UNPKG

@teikei/api

Version:

Teikei API server. Teikei is the software that powers ernte-teilen.org, a website that maps out Community-supported Agriculture in Germany.

teikei/teikei

109 lines (98 loc) 3.48 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
import { MethodNotAllowed, BadRequest } from '@feathersjs/errors' import uuid from 'uuid/v4' import _ from 'lodash' import app from '../../app' import { truncateTestDatabase } from '../../../db/index' import { sendConfirmationEmail } from '../../hooks/email' jest.mock('../../hooks/email') //disable auth jest.mock('../../hooks/authorization') describe('users service', () => { const service = app.service('users') it('gets registered', async () => { expect(service).toBeTruthy() }) const params = { provider: 'rest', headers: {} } it('disallows find', async () => { await expect(service.find(params)).rejects.toThrow(MethodNotAllowed) }) it('disallows get', async () => { await expect(service.get(1, params)).rejects.toThrow(MethodNotAllowed) }) it('disallows update', async () => { await expect(service.update(1, {}, params)).rejects.toThrow( MethodNotAllowed ) }) it('disallows remove', async () => { await expect(service.remove(1, params)).rejects.toThrow(MethodNotAllowed) }) describe('creates users', () => { const data = () => ({ email: `${uuid()}@teikei.com`, name: 'Guest', phone: '1234', password: 'guest' }) it('stores the user', async () => { const user = data() const result = await service.create(user, params) expect(result).not.toBeNull() expect(result.email).toEqual(user.email) expect(result.name).toEqual(user.name) expect(result.phone).toEqual(user.phone) }) it('generates a hashed password', async () => { const user = data() const result = await service.create(user, params) const internal = await service.get(result.id) expect(internal.password).toBeTruthy() expect(internal.password).not.toEqual(user.password) }) it('triggers a confirmation email', async () => { const user = data() await service.create(user, params) expect(sendConfirmationEmail).toHaveBeenCalled() }) it('sets user origin and verification info', async () => { const user = data() const result = await service.create(user, { ...params, headers: { origin: 'teikei.com' } }) const internal = await service.get(result.id) expect(internal.origin).toEqual('teikei.com') expect(internal.isVerified).toEqual(false) expect(internal.verifyExpires).not.toBeNull() expect(internal.verifyToken).not.toBeNull() expect(internal.verifyShortToken).not.toBeNull() expect(internal.verifyChanges).not.toBeNull() }) it('sets a createdAt timestamp', async () => { const user = data() const result = await service.create(user, params) expect(result.createdAt).not.toBeNull() }) it('disallows creating users with existing email', async () => { const user = data() await service.create(user, params) await expect(service.create(user, params)).rejects.toThrow(BadRequest) }) it("doesn't expose the password and internal fields", async () => { const user = data() const result = await service.create(user, params) const protectedFields = [ 'password', 'origin', 'baseurl', 'verifyExpires', 'verifyToken', 'verifyShortToken' ] protectedFields.forEach(p => expect(_.keys(result)).not.toContain(p)) }) }) describe('patches users', () => { }) afterAll(() => truncateTestDatabase()) })